nalewki.eu Open in urlscan Pro
162.215.117.254 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://nalewki.eu/
Submission: On April 12 via api (April 12th 2023, 5:23:11 am UTC) from US — Scanned from DE

Summary HTTP 153 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 21 domains to perform 153 HTTP transactions. The main IP is 162.215.117.254, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is nalewki.eu.

This is the only time nalewki.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	162.215.117.254 162.215.117.254	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
5	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 3	91.204.88.131 91.204.88.131	41930 (INITZERO-AS) (INITZERO-AS)
1	109.95.157.49 109.95.157.49	48896 (DHOSTING-...) (DHOSTING-AS Warsaw)
7	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	178.255.41.10 178.255.41.10	197155 (ARTNET) (ARTNET)
1	185.208.164.102 185.208.164.102	41079 (CF-GDA) (CF-GDA)
1	212.77.100.137 212.77.100.137	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
35	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 44	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
5 8	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
153	20

15 162.215.117.254 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-215-117-254.unifiedlayer.com

nalewki.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.204.88.131 (Poland) 1 redirects

ASN41930 (INITZERO-AS, PL)
PTR: 91.204.88.131.ip.areda.pl

zpierwszegotloczenia.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.95.157.49 (Poland)

ASN48896 (DHOSTING-AS Warsaw, Poland, PL)
PTR: web01-v765.ewh.eu1.dhosting.com

www.polskatradycja.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.255.41.10 (Poland)

ASN197155 (ARTNET, PL)
PTR: da03.vipower.pl

straga.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.208.164.102 (Poland)

ASN41079 (CF-GDA, PL)
PTR: s2.cyber-folks.pl

candycompany.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.77.100.137 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: i.wpimg.pl

i.wpimg.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	732 KB
30	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 228	262 KB
15	nalewki.eu nalewki.eu	132 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	181 KB
11	google.com 5 redirects adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	2 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	389 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	4 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7832	818 B
3	zpierwszegotloczenia.pl 1 redirects zpierwszegotloczenia.pl	66 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 820 s.tribalfusion.com — Cisco Umbrella Rank: 2028	1 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 828	339 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1512	587 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 691	98 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1912	173 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 507	875 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	601 B
1	wpimg.pl i.wpimg.pl — Cisco Umbrella Rank: 131635	63 KB
1	candycompany.pl candycompany.pl	108 KB
1	straga.pl straga.pl	825 KB
1	polskatradycja.pl www.polskatradycja.pl	55 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
153	21

	Domain	Requested by
44	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
26	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
18	pagead2.googlesyndication.com	nalewki.eu pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
15	nalewki.eu	nalewki.eu
8	www.google.com	5 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
8	www.googletagservices.com	googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	nalewki.eu googleads.g.doubleclick.net
4	cm.g.doubleclick.net	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	zpierwszegotloczenia.pl	1 redirects nalewki.eu
1	onetag-sys.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	sync.mathtag.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	i.wpimg.pl	nalewki.eu
1	candycompany.pl	nalewki.eu
1	straga.pl	nalewki.eu
1	www.polskatradycja.pl	nalewki.eu
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
153	26

This site contains links to these domains. Also see Links.

Domain
nadziany.pl
www.aptron.pl
seosklep24.pl

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.zpierwszegotloczenia.pl Certum Domain Validation CA SHA2	`2023-01-05` - `2024-01-05`	a year	crt.sh
polskatradycja.pl R3	`2023-03-02` - `2023-05-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.wpimg.pl RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-01-05` - `2024-01-09`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh

This page contains 27 frames:

Primary Page: http://nalewki.eu/
Frame ID: C35924C352092489E10A07C9C65169F0
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/zrt_lookup.html
Frame ID: DCA9B4FD9BE3F32500C9C584ACC4C29E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&adk=1812271804&adf=3025194257&lmt=1681276984&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=http%3A%2F%2Fnalewki.eu%2F&ea=0&pra=5&wgl=1&dt=1681276983818&bpp=8&bdt=1269&idt=253&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7510274885530&frm=20&pv=2&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=288
Frame ID: 56833948A476B8EFAF6547D835D71D89
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=280&slotname=9015196035&adk=411769763&adf=2512878590&pi=t.ma~as.9015196035&w=592&fwrn=4&fwrnh=100&lmt=1681276984&rafmt=1&format=592x280&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681276983826&bpp=3&bdt=1277&idt=284&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=448&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KuK9MDep70&p=http%3A//nalewki.eu&dtd=289
Frame ID: 111EDAA5614EA7323664984356F2B318
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=280&slotname=9015196035&adk=2798731368&adf=4155645342&pi=t.ma~as.9015196035&w=592&fwrn=4&fwrnh=100&lmt=1681276984&rafmt=1&format=592x280&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681276983829&bpp=4&bdt=1280&idt=312&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C592x280&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=448&ady=1854&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Dy7p4V9uw1&p=http%3A//nalewki.eu&dtd=315
Frame ID: 39A8D09FA76997ED696F0D4A42219AA0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=90&slotname=7738626049&adk=1516376469&adf=745599300&pi=t.ma~as.7738626049&w=728&lmt=1681276984&format=728x90&url=http%3A%2F%2Fnalewki.eu%2F&wgl=1&dt=1681276983833&bpp=1&bdt=1284&idt=315&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C592x280%2C592x280&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=440&ady=1092&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=vjdL8W85BD&p=http%3A//nalewki.eu&dtd=318
Frame ID: F9AF7F83C81104CD7A2360A647B5993A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E3A72FCC9E85BFDD577F5F31D219EB16
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F1502160FE63ED5672B6B5F54B170696
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CFF28D58CBD0E280F7F457ED4C1C40B7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js
Frame ID: 35C67CAD8D0488E5D5C88F59FD1660F9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js
Frame ID: 799BE829410132EA994482F7C3A92086
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js
Frame ID: 39A84185B149388522AE49930A0B3FD6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=2477553375&pi=t.aa~a.2833031217~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=1&bdt=2969&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90&nras=2&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8jCot8BRTF&p=http%3A//nalewki.eu&dtd=13
Frame ID: CF7958B848918EC24B8F562D3BE90480
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3680164179&pi=t.aa~a.2825923036~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=2&bdt=2970&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600&nras=3&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=2499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yHmdGtFpy3&p=http%3A//nalewki.eu&dtd=23
Frame ID: FFF1FB7AEA4E793947F33FEEDEC5282D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3311913476&pi=t.aa~a.1391894186~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=1&bdt=2970&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600%2C300x600&nras=4&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=4443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=EFoZ2rc8Wh&p=http%3A//nalewki.eu&dtd=27
Frame ID: 511475372071B0E7994B58CEDE884EDA
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9DCCB77379B799DC73D0804031C7019A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8E39115FA56F8EAC9644C10A2AD9703F
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CF0DE587E3C548EB89F0F871B88539B4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4C595D3BC3B75814892E6B2A271EDED0
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 77BFD467CF0174FE5A4AD390D4566FDB
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 914B705CB2449EF5DC1231C1D7D536F3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 966B83150C094272A7A9D2F024520C2B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js
Frame ID: D22E8F6D5EAA08E0EEF910795C59986D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7402C4BB0D81EA50F05E7C21BE1C667E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js
Frame ID: 0F92929F52773DEE462B43C3159FCDB4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8036683555939549184/index.html
Frame ID: 5D5F1C580EECB41DCB425F37C813A9EF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8036683555939549184/index.html
Frame ID: 68E67548829A7B3BD5E633313540BF46
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nalewki Wina – Przepisy na nalewki i wina

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

153
Requests

84 %
HTTPS

45 %
IPv6

21
Domains

26
Subdomains

20
IPs

4
Countries

2836 kB
Transfer

6721 kB
Size

11
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://nadziany.pl/
Title: Nadziany.pl

Search URL Search Domain Scan URL

URL: http://www.aptron.pl/
Title: http://www.aptron.pl/

Search URL Search Domain Scan URL

URL: https://seosklep24.pl/87-pozycjonowanie-lokalne
Title: nap

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

http://zpierwszegotloczenia.pl/obrazek/412668.jpeg HTTP 301
https://zpierwszegotloczenia.pl/obrazek/412668.jpeg

Request Chain 64

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 65

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 69

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 121

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 130

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKewPwVjr9RYzQVrIdUbSk4&google_cver=1&google_push=Aer7DvL5gtQUvvBUsMrI70iyNRyD_Y5b9OiYbSZRed-xne85Z3VOKtfc4JuRU-3Q6sMoOOHAfbZ3nKPLIOmjYPvrZRym_PJRai6V-Cw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvL5gtQUvvBUsMrI70iyNRyD_Y5b9OiYbSZRed-xne85Z3VOKtfc4JuRU-3Q6sMoOOHAfbZ3nKPLIOmjYPvrZRym_PJRai6V-Cw

Request Chain 131

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGNAafBnpHAfO9zfNQIEc54&google_cver=1&google_push=Aer7DvI6ri91HNdFJTSWZ6uwQHRa2Y0hlnotNlK2EgrIdg5nV8B4vEA5bP6I8Qg6vULMAPRprGEp53ebC3hb2N03yIHo5ZGIq8pg7_g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvI6ri91HNdFJTSWZ6uwQHRa2Y0hlnotNlK2EgrIdg5nV8B4vEA5bP6I8Qg6vULMAPRprGEp53ebC3hb2N03yIHo5ZGIq8pg7_g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGNAafBnpHAfO9zfNQIEc54&google_cver=1&google_push=Aer7DvI6ri91HNdFJTSWZ6uwQHRa2Y0hlnotNlK2EgrIdg5nV8B4vEA5bP6I8Qg6vULMAPRprGEp53ebC3hb2N03yIHo5ZGIq8pg7_g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvI6ri91HNdFJTSWZ6uwQHRa2Y0hlnotNlK2EgrIdg5nV8B4vEA5bP6I8Qg6vULMAPRprGEp53ebC3hb2N03yIHo5ZGIq8pg7_g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 134

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGTEzV5BadNL9ZCYAYkGd10&google_cver=1&google_push=Aer7DvL4poXucySlaSlTFDwd73DsIp8sm4i4pJU1jMBOiGPjY6f_N6Ev3mWYMDIc_nEi8JJcxUOFCzgTYU1KTZDPDbaANCpMruuFILM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMTAyOTY3MDM5OTExMzM2NA%3D%3D&google_push=Aer7DvL4poXucySlaSlTFDwd73DsIp8sm4i4pJU1jMBOiGPjY6f_N6Ev3mWYMDIc_nEi8JJcxUOFCzgTYU1KTZDPDbaANCpMruuFILM

Request Chain 135

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPZvdDVQr6cAVdDNxjOzXfI&google_cver=1&google_push=Aer7DvIEuLiKR5rk2CqIp6UY9wnWjtPIIX3VBitqElXo4YLfIIm8N1GUV-oGGSpooWJgVGyCGdGgniWgur_StT-8RigqzprlNeRtzUs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIEuLiKR5rk2CqIp6UY9wnWjtPIIX3VBitqElXo4YLfIIm8N1GUV-oGGSpooWJgVGyCGdGgniWgur_StT-8RigqzprlNeRtzUs

153 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
nalewki.eu/ 69 KB
21 KB 1305ms
633ms Document
text/html 162.215.117.254
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://nalewki.eu/
Protocol: HTTP/1.1
Server: 162.215.117.254 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-215-117-254.unifiedlayer.com
Software: Apache /
Resource Hash: a43307ad6c71083c0fbe967a6c9b4ef2c485bc0ec79f3a49b26add4b3ed1a792

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 12 Apr 2023 05:23:01 GMT
Keep-Alive: timeout=5, max=75
Link: <http://nalewki.eu/wp-json/>; rel="https://api.w.org/"
Server: Apache
Transfer-Encoding: chunked
Upgrade: h2,h2c
Vary: Accept-Encoding

GET
H/1.1 200
OK style.min.css
nalewki.eu/wp-includes/css/dist/block-library/ 81 KB
16 KB 301ms
176ms Stylesheet
text/css 162.215.117.254
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://nalewki.eu/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: HTTP/1.1
Server: 162.215.117.254 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-215-117-254.unifiedlayer.com
Software: Apache /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 05:23:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Apr 2022 20:52:16 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 16047

GET
H/1.1 200
OK blocks.style.build.css
nalewki.eu/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/ 184 B
468 B 376ms
204ms Stylesheet
text/css 162.215.117.254
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://nalewki.eu/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css?ver=2.0.49
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: HTTP/1.1
Server: 162.215.117.254 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-215-117-254.unifiedlayer.com
Software: Apache /
Resource Hash: 36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 05:23:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Apr 2022 09:54:51 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 155

GET
H/1.1 200
OK widget-options.css
nalewki.eu/wp-content/plugins/widget-options/assets/css/ 1 KB
594 B 380ms
205ms Stylesheet
text/css 162.215.117.254
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://nalewki.eu/wp-content/plugins/widget-options/assets/css/widget-options.css
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: HTTP/1.1
Server: 162.215.117.254 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-215-117-254.unifiedlayer.com
Software: Apache /
Resource Hash: d4f24797ac4621646a35e5e688a697b8595cdcb186317372d3bc70c490bd6c73

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 05:23:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Mar 2022 16:57:10 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 281

GET
H/1.1 200
OK wpp.css
nalewki.eu/wp-content/plugins/wordpress-popular-posts/assets/css/ 2 KB
880 B 382ms
208ms Stylesheet
text/css 162.215.117.254
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://nalewki.eu/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.5.1
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: HTTP/1.1
Server: 162.215.117.254 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-215-117-254.unifiedlayer.com
Software: Apache /
Resource Hash: 291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 05:23:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Feb 2022 15:30:09 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 567

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 142ms
47ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CInconsolata%3A400&subset=latin%2Clatin-ext

Requested by

Host: nalewki.eu
URL: http://nalewki.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

524c897d31f945c845781dd35052fcefb14582fff4e2d7873d329de9a420b631

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 05:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 05:02:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 05:23:02 GMT

GET
H/1.1 200
OK genericons.css
nalewki.eu/wp-content/themes/twentysixteen/genericons/ 28 KB
16 KB 381ms
204ms Stylesheet
text/css 162.215.117.254
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://nalewki.eu/wp-content/themes/twentysixteen/genericons/genericons.css?ver=3.4.1
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: HTTP/1.1
Server: 162.215.117.254 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-215-117-254.unifiedlayer.com
Software: Apache /
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 05:23:02 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Jun 2019 08:52:50 GMT
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Upgrade: h2,h2c
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75

GET
H/1.1 200
OK style.css
nalewki.eu/wp-content/themes/twentysixteen/ 69 KB
21 KB 383ms
202ms Stylesheet
text/css 162.215.117.254
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://nalewki.eu/wp-content/themes/twentysixteen/style.css?ver=5.9.5
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: HTTP/1.1
Server: 162.215.117.254 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-215-117-254.unifiedlayer.com
Software: Apache /
Resource Hash: 646adce0f2cb809447eedf1eb3e3170d823c334ec411388d9bca306c87cdeacd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 05:23:02 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Jun 2019 08:52:50 GMT
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Upgrade: h2,h2c
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75

GET
H/1.1 200
OK blocks.css
nalewki.eu/wp-content/themes/twentysixteen/css/ 8 KB
3 KB 473ms
172ms Stylesheet
text/css 162.215.117.254
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://nalewki.eu/wp-content/themes/twentysixteen/css/blocks.css?ver=20181230
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: HTTP/1.1
Server: 162.215.117.254 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-215-117-254.unifiedlayer.com
Software: Apache /
Resource Hash: 2b682eafdbb1105c7e0292965160ed0e2a446a30ac0d49049297f29e8c48a278

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 05:23:02 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Jun 2019 08:52:50 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 2334

GET
H/1.1 200
OK jquery.min.js Show response
nalewki.eu/wp-includes/js/jquery/ 87 KB
38 KB 580ms
177ms Script
application/javascript 162.215.117.254
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://nalewki.eu/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: HTTP/1.1
Server: 162.215.117.254 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-215-117-254.unifiedlayer.com
Software: Apache /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 05:23:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Aug 2021 11:43:11 GMT
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74

GET
H/1.1 200
OK jquery-migrate.min.js Show response
nalewki.eu/wp-includes/js/jquery/ 11 KB
5 KB 572ms
170ms Script
application/javascript 162.215.117.254
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://nalewki.eu/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: HTTP/1.1
Server: 162.215.117.254 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-215-117-254.unifiedlayer.com
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 05:23:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 May 2021 12:10:26 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 4618

GET
H/1.1 200
OK wpp.min.js Show response
nalewki.eu/wp-content/plugins/wordpress-popular-posts/assets/js/ 3 KB
2 KB 584ms
182ms Script
application/javascript 162.215.117.254
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://nalewki.eu/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.5.1
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: HTTP/1.1
Server: 162.215.117.254 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-215-117-254.unifiedlayer.com
Software: Apache /
Resource Hash: 9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 05:23:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Feb 2022 15:30:09 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 1468

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
47 KB 246ms
139ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: nalewki.eu
URL: http://nalewki.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f138daa11c7730eb760f89ea9f7fb18f00e5147415c721f89399b338f4ff7fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48079
x-xss-protection: 0
server: cafe
etag: 12196481547190100616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 05:23:03 GMT

GET
H2 200 361078.jpeg
zpierwszegotloczenia.pl/obrazek/ 30 KB
30 KB 346ms
96ms Image
image/jpeg 91.204.88.131
INITZERO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zpierwszegotloczenia.pl/obrazek/361078.jpeg
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.204.88.131 , Poland, ASN41930 (INITZERO-AS, PL),
Reverse DNS: 91.204.88.131.ip.areda.pl
Software: nginx /
Resource Hash: 3da15f9f77843b1f21e0ba5b65f16907c9ea1ddc3f0ceab304b4a0d5851a04b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:03 GMT
last-modified: Mon, 30 May 2016 06:56:33 GMT
server: nginx
etag: "574be421-7667"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 30311
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dereniowka.jpg
www.polskatradycja.pl/images/polska-tradycja/kuchnia-polska/kuchnia-kresowa/ 55 KB
55 KB 180ms
24ms Image
image/jpeg 109.95.157.49
DHOSTING-AS Warsaw

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.polskatradycja.pl/images/polska-tradycja/kuchnia-polska/kuchnia-kresowa/dereniowka.jpg
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.95.157.49 , Poland, ASN48896 (DHOSTING-AS Warsaw, Poland, PL),
Reverse DNS: web01-v765.ewh.eu1.dhosting.com
Software: LiteSpeed /
Resource Hash: e478a8c3284326662e5ffaea97e28f7625699b5f4c88f7b50d41ae74f2cf95b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:02 GMT
last-modified: Fri, 05 Oct 2018 20:22:44 GMT
server: LiteSpeed
etag: "dc65-5bb7c814-d38adfbf6a25f4d3;;;"
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 56421
expires: Fri, 12 May 2023 05:23:02 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
nalewki.eu/wp-includes/js/ 18 KB
5 KB 176ms
175ms Script
application/javascript 162.215.117.254
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://nalewki.eu/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: HTTP/1.1
Server: 162.215.117.254 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-215-117-254.unifiedlayer.com
Software: Apache /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 05:23:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Aug 2021 11:43:11 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 5243

GET
H/1.1 200
OK skip-link-focus-fix.js Show response
nalewki.eu/wp-content/themes/twentysixteen/js/ 1 KB
888 B 171ms
170ms Script
application/javascript 162.215.117.254
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://nalewki.eu/wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20160816
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: HTTP/1.1
Server: 162.215.117.254 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-215-117-254.unifiedlayer.com
Software: Apache /
Resource Hash: 6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 05:23:03 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Jun 2019 08:52:50 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 587

GET
H/1.1 200
OK functions.js Show response
nalewki.eu/wp-content/themes/twentysixteen/js/ 7 KB
3 KB 170ms
170ms Script
application/javascript 162.215.117.254
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://nalewki.eu/wp-content/themes/twentysixteen/js/functions.js?ver=20181230
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: HTTP/1.1
Server: 162.215.117.254 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-215-117-254.unifiedlayer.com
Software: Apache /
Resource Hash: 8780a1296b2198218955f78f1121bf0577804e60dc207a2ba75d6400d4f836a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 05:23:03 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Jun 2019 08:52:50 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 2430

GET
H/1.1 200
OK ads.js Show response
nalewki.eu/wp-content/plugins/quick-adsense-reloaded/assets/js/ 78 B
366 B 171ms
170ms Script
application/javascript 162.215.117.254
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://nalewki.eu/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.49
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: HTTP/1.1
Server: 162.215.117.254 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-215-117-254.unifiedlayer.com
Software: Apache /
Resource Hash: 2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 05:23:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Apr 2022 09:54:51 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 66

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 125ms
37ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CInconsolata%3A400&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nalewki.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:34:29 GMT
x-content-type-options: nosniff
age: 67714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:34:29 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 158ms
72ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CInconsolata%3A400&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nalewki.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:12:49 GMT
x-content-type-options: nosniff
age: 65414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19816
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:08:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 11:12:49 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 170ms
84ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CInconsolata%3A400&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nalewki.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:33:34 GMT
x-content-type-options: nosniff
age: 67769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:33:34 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52_wFZVsf6lvg.woff2
fonts.gstatic.com/s/merriweather/v30/ 18 KB
18 KB 173ms
113ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZVsf6lvg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CInconsolata%3A400&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8e31be0e8fda52da29511c7339ae94fb93215ddb386c02168e73ac1ef5d889f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nalewki.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 12:52:36 GMT
x-content-type-options: nosniff
age: 59427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18332
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 12:52:36 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2
fonts.gstatic.com/s/merriweather/v30/ 18 KB
19 KB 148ms
97ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CInconsolata%3A400&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e26ab5064dab4ccd659362ecb893cd010d78264a4ae5b540766820d1026815d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nalewki.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:49:11 GMT
x-content-type-options: nosniff
age: 66832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18836
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:44:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:49:11 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer: http://nalewki.eu/
Origin: http://nalewki.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2
fonts.gstatic.com/s/merriweather/v30/ 18 KB
18 KB 123ms
106ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CInconsolata%3A400&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c885b71cffb1153ba213e090165c17fdda244b4807b622c1cee91025b536dd53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nalewki.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:38:14 GMT
x-content-type-options: nosniff
age: 63889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18416
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 11:38:14 GMT

GET
H/1.1 200
OK DSC_0244.jpg
straga.pl/wp-content/uploads/2015/12/ 824 KB
825 KB 206ms
60ms Image
image/jpeg 178.255.41.10
ARTNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://straga.pl/wp-content/uploads/2015/12/DSC_0244.jpg
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: HTTP/1.1
Server: 178.255.41.10 , Poland, ASN197155 (ARTNET, PL),
Reverse DNS: da03.vipower.pl
Software: Apache/2 /
Resource Hash: 39084e3c9263de0748a8217c81ed2ec03c9c2e3851cb011dd262bdddeeb36899

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 05:22:11 GMT
Last-Modified: Wed, 09 Dec 2015 17:04:20 GMT
Server: Apache/2
ETag: "ce1fd-5267a14c6ed00"
Upgrade: h2,h2c
Content-Type: image/jpeg
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 844285

GET
H2

200

412668.jpeg
zpierwszegotloczenia.pl/obrazek/
Redirect Chain

http://zpierwszegotloczenia.pl/obrazek/412668.jpeg
https://zpierwszegotloczenia.pl/obrazek/412668.jpeg

35 KB
36 KB

120ms
120ms

Image
image/jpeg

91.204.88.131
INITZERO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zpierwszegotloczenia.pl/obrazek/412668.jpeg
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: H2
Server: 91.204.88.131 , Poland, ASN41930 (INITZERO-AS, PL),
Reverse DNS: 91.204.88.131.ip.areda.pl
Software: nginx /
Resource Hash: 5322e9332534ef029a65e59150183fac8e55518f79d32c1997a5646100de9c65

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:03 GMT
last-modified: Fri, 15 Jun 2018 10:38:17 GMT
server: nginx
etag: "5b239719-8dd8"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 36312
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://zpierwszegotloczenia.pl/obrazek/412668.jpeg
content-length: 0

GET
H/1.1 200
OK sloe-gin-web-7.jpg
candycompany.pl/wp-content/uploads/2015/11/ 108 KB
108 KB 181ms
35ms Image
image/jpeg 185.208.164.102
CF-GDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://candycompany.pl/wp-content/uploads/2015/11/sloe-gin-web-7.jpg
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: HTTP/1.1
Server: 185.208.164.102 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s2.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 2124b71ae5581800b6cb5648b6e28171dd33c8afd35cba5dcb75284abc40507f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:03 GMT
last-modified: Mon, 30 Nov 2015 11:17:22 GMT
server: LiteSpeed
etag: "1af73-565c3042-7044cc9eaf42257;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 110451
expires: Wed, 19 Apr 2023 05:23:03 GMT

GET
H2 200 nalewka.jpg
i.wpimg.pl/O/644x526/d.wpimg.pl/614548340--874784614/ 63 KB
63 KB 170ms
63ms Image
image/webp 212.77.100.137
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.wpimg.pl/O/644x526/d.wpimg.pl/614548340--874784614/nalewka.jpg
Requested by: Host: nalewki.eu
URL: http://nalewki.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.100.137 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: i.wpimg.pl
Software: nginx /
Resource Hash: d5bb49f9dcd30943371a9c24270e19a1cccb7da1a4dbea3f21ec44d6f197ea4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:03 GMT
server: nginx
etag: "fd-5f2aed2b0ab82c02"
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 64682

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 347 KB
116 KB 108ms
102ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9311403533131030&plah=nalewki.eu

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb7b852e74c07fce6d901f1cc61855a7d857949644b66e475af187d87cb1df7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118931
x-xss-protection: 0
server: cafe
etag: 6003154840996319324
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 05:23:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/ Frame DCA9 10 KB
5 KB 126ms
38ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nalewki.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 16:43:50 GMT
etag: 2378337311435320485
expires: Tue, 25 Apr 2023 16:43:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 130ms
51ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=nalewki.eu&callback=_gfp_s_&client=ca-pub-9311403533131030

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9311403533131030&plah=nalewki.eu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0c87ce733802d97c8e5e459190c87af410a55fef15e5e624c6b6ff075d20247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 136ms
46ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nalewki.eu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 136ms
47ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nalewki.eu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=Desktop-Sticky&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: nalewki.eu
URL: http://nalewki.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 05:23:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5683 277 KB
62 KB 1332ms
1330ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&adk=1812271804&adf=3025194257&lmt=1681276984&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=http%3A%2F%2Fnalewki.eu%2F&ea=0&pra=5&wgl=1&dt=1681276983818&bpp=8&bdt=1269&idt=253&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7510274885530&frm=20&pv=2&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=288

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

893787f88c2d79377be1153f4bd8dc61f6012bea5e59e55a79fcadacebf9061e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nalewki.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 63090
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:23:05 GMT
expires: Wed, 12 Apr 2023 05:23:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 111E 75 KB
30 KB 692ms
690ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=280&slotname=9015196035&adk=411769763&adf=2512878590&pi=t.ma~as.9015196035&w=592&fwrn=4&fwrnh=100&lmt=1681276984&rafmt=1&format=592x280&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681276983826&bpp=3&bdt=1277&idt=284&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=448&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KuK9MDep70&p=http%3A//nalewki.eu&dtd=289

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a60a81518617402ed6803f5bf5e08176389efd60e0904b6f90011303a0660f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nalewki.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30316
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:23:04 GMT
expires: Wed, 12 Apr 2023 05:23:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 39A8 101 KB
33 KB 363ms
362ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=280&slotname=9015196035&adk=2798731368&adf=4155645342&pi=t.ma~as.9015196035&w=592&fwrn=4&fwrnh=100&lmt=1681276984&rafmt=1&format=592x280&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681276983829&bpp=4&bdt=1280&idt=312&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C592x280&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=448&ady=1854&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Dy7p4V9uw1&p=http%3A//nalewki.eu&dtd=315

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

facece9eae2e01ec85a929f94527cc0a496d0b1201bd701f4eaa54da307d0ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nalewki.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33641
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:23:04 GMT
expires: Wed, 12 Apr 2023 05:23:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F9AF 75 KB
30 KB 439ms
438ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=90&slotname=7738626049&adk=1516376469&adf=745599300&pi=t.ma~as.7738626049&w=728&lmt=1681276984&format=728x90&url=http%3A%2F%2Fnalewki.eu%2F&wgl=1&dt=1681276983833&bpp=1&bdt=1284&idt=315&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C592x280%2C592x280&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=440&ady=1092&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=vjdL8W85BD&p=http%3A//nalewki.eu&dtd=318

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e8bc223f1fa1af23cc14a3053715b44b8f982693e5250e2a49e9ba5272232fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nalewki.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30522
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:23:04 GMT
expires: Wed, 12 Apr 2023 05:23:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 39A8 0
0 107ms
106ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEH-nOEA2ZNOxCpGE3wPXmr8YjZXv82-Ho6rMihGfi9G4lQ4QASDXpb1wYO0EoAGhlfLtAsgBA6kCVB61uhVRsj6oAwHIA8kEqgTXAU_QtwzrAOaZa72O2mVh--5_PpUcOjflEUM0fzXRd5zJ17VpAhKaZg23zJFZW2k2LHRY-7foKchcNiySW6AJjIk6rfeb6VnT8SkQiP_ubURBLJPf-xkOjPGfIb0Un4Px-Mf5RyexBVA39FDbkiKkh4pQVb1qSsiuvBlKbkLup3a_qFBnkryNk53R_m3sJxdW9ToRmTnXT7unTKCTeI9JhbFwoBV2uJNaUgNr4GmxILL4WlsvFEmcXpXVgbIAqso6PQLVUxBt_SwKxll9XKxO3pdPViOP5Vi0wASu0MyIqASSBQQIBBgBkgUECAUYBKAGA4AHx-qNkgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDOiAbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAZgWAYAXAbIXHAoaCAASFHB1Yi05MzExNDAzNTMzMTMxMDMwGAA&sigh=yEHGGE8zaU0&uach_m=[UACH]&cid=CAQSGwDUE5ymXfO4TUd2kE2tkio5poCdkswjzU3dThgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=280&slotname=9015196035&adk=2798731368&adf=4155645342&pi=t.ma~as.9015196035&w=592&fwrn=4&fwrnh=100&lmt=1681276984&rafmt=1&format=592x280&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681276983829&bpp=4&bdt=1280&idt=312&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C592x280&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=448&ady=1854&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Dy7p4V9uw1&p=http%3A//nalewki.eu&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=280&slotname=9015196035&adk=2798731368&adf=4155645342&pi=t.ma~as.9015196035&w=592&fwrn=4&fwrnh=100&lmt=1681276984&rafmt=1&format=592x280&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681276983829&bpp=4&bdt=1280&idt=312&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C592x280&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=448&ady=1854&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Dy7p4V9uw1&p=http%3A//nalewki.eu&dtd=315
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 05:23:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 12 Apr 2023 05:23:04 GMT

GET
H2 200 13123593892140066804
tpc.googlesyndication.com/simgad/ Frame 39A8 54 KB
54 KB 206ms
88ms Image
image/gif 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13123593892140066804

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3d824a6163d9cc40301df830cc284b8d7e3f17434646b519e9a364f8491bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 13:23:32 GMT
x-content-type-options: nosniff
age: 230372
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55127
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 15:21:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 Apr 2024 13:23:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/ Frame 39A8 22 KB
9 KB 137ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56850
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:35:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 39A8 3 KB
1 KB 188ms
86ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 18:46:24 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 39A8 67 B
188 B 240ms
139ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
server: cafe
age: 40672
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Wed, 12 Apr 2023 18:05:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 39A8 20 KB
8 KB 149ms
47ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:37:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 39A8 159 KB
49 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 05:23:04 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 39A8 33 KB
13 KB 228ms
127ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94f229715266533168e8bde4c66fc0b249d45e022cb9cc333495f4a68a702017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 14:39:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13518
x-xss-protection: 0
server: cafe
etag: 3101116608242260287
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 14:39:41 GMT

GET
H2 200 12158977619071990426
tpc.googlesyndication.com/simgad/ Frame F9AF 4 KB
4 KB 138ms
112ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12158977619071990426?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlVTLhVGFeCl_qVAz1Rdk1ZaC2w3g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=90&slotname=7738626049&adk=1516376469&adf=745599300&pi=t.ma~as.7738626049&w=728&lmt=1681276984&format=728x90&url=http%3A%2F%2Fnalewki.eu%2F&wgl=1&dt=1681276983833&bpp=1&bdt=1284&idt=315&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C592x280%2C592x280&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=440&ady=1092&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=vjdL8W85BD&p=http%3A//nalewki.eu&dtd=318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091789edec86828e77bf8f10d610e3f982d2de199fa926644c2834dbcff0bd3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:18:07 GMT
x-content-type-options: nosniff
age: 385497
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3826
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 08:51:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Apr 2024 18:18:07 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/ Frame F9AF 22 KB
9 KB 70ms
43ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56850
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:35:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame F9AF 3 KB
1 KB 111ms
87ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 18:46:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame F9AF 20 KB
8 KB 105ms
79ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:37:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F9AF 159 KB
49 KB 74ms
53ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 05:23:04 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame F9AF 33 KB
13 KB 157ms
133ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94f229715266533168e8bde4c66fc0b249d45e022cb9cc333495f4a68a702017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 14:39:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13518
x-xss-protection: 0
server: cafe
etag: 3101116608242260287
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 14:39:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F9AF 0
0 104ms
85ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmPOyOEA2ZI7nCpaSrASzs46gB6n9yu5uvcqIptsQ3-6kuNo5EAEg16W9cGC7BqABpN2aiwPIAQKoAwHIA8kEqgTjAU_QZzwsaUJUpxEK7diE3-wn8KMEBgwAHJ8t8LD7t30azuSlJy8Zcm8OE1AVmxUxZFS2lWtoRWZQVdLDh4fbDU5vzsDhnKdp0A3eRvZhOqX9ylhtW4Lq9RmWyXrDtwma7eTlBAg-rcBCMEa5Q6ZfmQHkR6Z3zkvAygKZlm5Mx3BpZZCh5buWqVoIFVwZr9447-2PaU2iMI1mm-fOL7vyhKbBSf_AbidXVDFO8e16cwrFGRq0llCN4cwtDFBnlX9HoUS34JW-hIULKpqjADNZKAEHz6wHbQ0vtLa0IiM4TVlbh5jMwATT3pS-pASSBQQIBBgBkgUECAUYBKAGAoAHxKLldKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMKpAtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTkzMTE0MDM1MzMxMzEwMzAYAA&sigh=3oOtxCVzHvQ&uach_m=[UACH]&cid=CAQSGwDUE5ymSkfx3hes3OJtos-mDRR_NqqRkiMcQxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=90&slotname=7738626049&adk=1516376469&adf=745599300&pi=t.ma~as.7738626049&w=728&lmt=1681276984&format=728x90&url=http%3A%2F%2Fnalewki.eu%2F&wgl=1&dt=1681276983833&bpp=1&bdt=1284&idt=315&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C592x280%2C592x280&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=440&ady=1092&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=vjdL8W85BD&p=http%3A//nalewki.eu&dtd=318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 05:23:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 12 Apr 2023 05:23:04 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E3A7 143 B
166 B 44ms
38ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=280&slotname=9015196035&adk=2798731368&adf=4155645342&pi=t.ma~as.9015196035&w=592&fwrn=4&fwrnh=100&lmt=1681276984&rafmt=1&format=592x280&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681276983829&bpp=4&bdt=1280&idt=312&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C592x280&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=448&ady=1854&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Dy7p4V9uw1&p=http%3A//nalewki.eu&dtd=315
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 04:33:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F150 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=90&slotname=7738626049&adk=1516376469&adf=745599300&pi=t.ma~as.7738626049&w=728&lmt=1681276984&format=728x90&url=http%3A%2F%2Fnalewki.eu%2F&wgl=1&dt=1681276983833&bpp=1&bdt=1284&idt=315&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C592x280%2C592x280&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=440&ady=1092&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=vjdL8W85BD&p=http%3A//nalewki.eu&dtd=318
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 04:33:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 39A8 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45bb172dab0e9ea68aa44c52fc81c80310cfa131a53ea0be027f0a8fe928f694

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F9AF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4408ee3d4bd95013d9c25d7096f95f1dd04b0abb7b4123427bdc366e9c25a8c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 16598828759071247272
tpc.googlesyndication.com/daca_images/simgad/ Frame 111E 44 KB
44 KB 41ms
39ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16598828759071247272

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=280&slotname=9015196035&adk=411769763&adf=2512878590&pi=t.ma~as.9015196035&w=592&fwrn=4&fwrnh=100&lmt=1681276984&rafmt=1&format=592x280&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681276983826&bpp=3&bdt=1277&idt=284&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=448&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KuK9MDep70&p=http%3A//nalewki.eu&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a78db705cbf3071e66a1731e970fb56bfa1e1b4db1f644af65647d0b0c87c180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:58:57 GMT
x-content-type-options: nosniff
age: 48247
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44899
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 22:55:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Apr 2024 15:58:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/ Frame 111E 22 KB
9 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=280&slotname=9015196035&adk=411769763&adf=2512878590&pi=t.ma~as.9015196035&w=592&fwrn=4&fwrnh=100&lmt=1681276984&rafmt=1&format=592x280&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681276983826&bpp=3&bdt=1277&idt=284&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=448&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KuK9MDep70&p=http%3A//nalewki.eu&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56850
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:35:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 111E 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=280&slotname=9015196035&adk=411769763&adf=2512878590&pi=t.ma~as.9015196035&w=592&fwrn=4&fwrnh=100&lmt=1681276984&rafmt=1&format=592x280&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681276983826&bpp=3&bdt=1277&idt=284&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=448&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KuK9MDep70&p=http%3A//nalewki.eu&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 18:46:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 111E 20 KB
8 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=280&slotname=9015196035&adk=411769763&adf=2512878590&pi=t.ma~as.9015196035&w=592&fwrn=4&fwrnh=100&lmt=1681276984&rafmt=1&format=592x280&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681276983826&bpp=3&bdt=1277&idt=284&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=448&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KuK9MDep70&p=http%3A//nalewki.eu&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:37:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 111E 159 KB
49 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=280&slotname=9015196035&adk=411769763&adf=2512878590&pi=t.ma~as.9015196035&w=592&fwrn=4&fwrnh=100&lmt=1681276984&rafmt=1&format=592x280&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681276983826&bpp=3&bdt=1277&idt=284&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=448&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KuK9MDep70&p=http%3A//nalewki.eu&dtd=289

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 05:23:04 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 111E 33 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=280&slotname=9015196035&adk=411769763&adf=2512878590&pi=t.ma~as.9015196035&w=592&fwrn=4&fwrnh=100&lmt=1681276984&rafmt=1&format=592x280&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681276983826&bpp=3&bdt=1277&idt=284&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=448&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KuK9MDep70&p=http%3A//nalewki.eu&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94f229715266533168e8bde4c66fc0b249d45e022cb9cc333495f4a68a702017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 14:39:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13518
x-xss-protection: 0
server: cafe
etag: 3101116608242260287
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 14:39:41 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E3A7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

46ms
46ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:23:05 GMT
expires: Wed, 12 Apr 2023 05:23:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:23:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F150
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
53ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:23:05 GMT
expires: Wed, 12 Apr 2023 05:23:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:23:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 111E 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C41rpOEA2ZJrOCZfe3wPpsLbABKn9yu5ukMSR0McQ3-6kuNo5EAEg16W9cGC7BqABpN2aiwPIAQKoAwHIA8kEqgTkAU_QYGTW4esPzh80j0A2M1mEclcqOAZQ0an_JyR-BnmSTYwuzTgmw7TMN6bmLqvVLa0bUiHsZ8rN7Z_7KJY5iQdixyC-BY8Hg0cZFXxtjf_QKnyN6eCHl92uGpFjRLgQI2-rF2h-mmUmTCeTBIB83n2XHZRMOcVwiF9Djnwf-y0Acn1DaePNMU-0-xkReb0yCUrQ9UH6VBFouoones3Wh5iuo6QJloNV-__8uo2pg6rmWcXgQu0sqqTTbytXDqRGHGimFqrZmh9YHN2iQVH6M_j_A6eQkOkeF8HQcQqZn5djUU-2DMAE096UvqQEkgUECAQYAZIFBAgFGASgBgKAB8Si5XSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDL0QPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi05MzExNDAzNTMzMTMxMDMwGAA&sigh=GwMCIEnpzw0&uach_m=[UACH]&cid=CAQSGwDUE5ymWqjSIJgD82f-U-hZSPCMp82ftUHVfhgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=280&slotname=9015196035&adk=411769763&adf=2512878590&pi=t.ma~as.9015196035&w=592&fwrn=4&fwrnh=100&lmt=1681276984&rafmt=1&format=592x280&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681276983826&bpp=3&bdt=1277&idt=284&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=448&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KuK9MDep70&p=http%3A//nalewki.eu&dtd=289

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=280&slotname=9015196035&adk=411769763&adf=2512878590&pi=t.ma~as.9015196035&w=592&fwrn=4&fwrnh=100&lmt=1681276984&rafmt=1&format=592x280&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681276983826&bpp=3&bdt=1277&idt=284&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=448&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KuK9MDep70&p=http%3A//nalewki.eu&dtd=289
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 05:23:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CFF2 143 B
166 B 43ms
41ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=280&slotname=9015196035&adk=411769763&adf=2512878590&pi=t.ma~as.9015196035&w=592&fwrn=4&fwrnh=100&lmt=1681276984&rafmt=1&format=592x280&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681276983826&bpp=3&bdt=1277&idt=284&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=448&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KuK9MDep70&p=http%3A//nalewki.eu&dtd=289

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=280&slotname=9015196035&adk=411769763&adf=2512878590&pi=t.ma~as.9015196035&w=592&fwrn=4&fwrnh=100&lmt=1681276984&rafmt=1&format=592x280&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681276983826&bpp=3&bdt=1277&idt=284&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=448&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KuK9MDep70&p=http%3A//nalewki.eu&dtd=289
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 04:33:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 111E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85390f8aade42d3056905e655ba88f109d14911db2dd4fa55ecf90589a0c73c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CFF2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

46ms
45ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=280&slotname=9015196035&adk=411769763&adf=2512878590&pi=t.ma~as.9015196035&w=592&fwrn=4&fwrnh=100&lmt=1681276984&rafmt=1&format=592x280&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681276983826&bpp=3&bdt=1277&idt=284&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=448&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KuK9MDep70&p=http%3A//nalewki.eu&dtd=289

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:23:05 GMT
expires: Wed, 12 Apr 2023 05:23:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:23:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js Show response
pagead2.googlesyndication.com/bg/ Frame 35C6 36 KB
14 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6a0ccee31f397086765dfacf790871ff937c6bc8db532880b8b3612ceed4a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 14:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 224612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14260
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 14:59:33 GMT

GET
H3 200 1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js Show response
pagead2.googlesyndication.com/bg/ Frame 799B 36 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=280&slotname=9015196035&adk=411769763&adf=2512878590&pi=t.ma~as.9015196035&w=592&fwrn=4&fwrnh=100&lmt=1681276984&rafmt=1&format=592x280&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1681276983826&bpp=3&bdt=1277&idt=284&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=448&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KuK9MDep70&p=http%3A//nalewki.eu&dtd=289

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6a0ccee31f397086765dfacf790871ff937c6bc8db532880b8b3612ceed4a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 14:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 224612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14260
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 14:59:33 GMT

GET
H3 200 1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js Show response
pagead2.googlesyndication.com/bg/ Frame 39A8 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6a0ccee31f397086765dfacf790871ff937c6bc8db532880b8b3612ceed4a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 14:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 224612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14260
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 14:59:33 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 157ms
84ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230410&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ef795deb555a848071d31cb6a21b4fa31084122137873bf54857309414bc9cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11301
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 150 KB
51 KB 122ms
122ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5679a2e3213fa141d9711b09c42c2052bb574819116a4e80b55e44f9f951904c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52070
x-xss-protection: 0
server: cafe
etag: 18199369960196161038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 05:23:05 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 48ms
46ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nalewki.eu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 48ms
47ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nalewki.eu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CF79 108 KB
35 KB 741ms
736ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=2477553375&pi=t.aa~a.2833031217~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=1&bdt=2969&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90&nras=2&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8jCot8BRTF&p=http%3A//nalewki.eu&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75af173316b01eda579bbbf1fc566326ec29160dda7c5c16a5b03acfe4802eb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nalewki.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 35444
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:23:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FFF1 83 KB
28 KB 1129ms
1129ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3680164179&pi=t.aa~a.2825923036~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=2&bdt=2970&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600&nras=3&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=2499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yHmdGtFpy3&p=http%3A//nalewki.eu&dtd=23

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30880fa0006dd15a4289e8cb2e0b6d3ddfc8c33cf98582dcd91446e8b38a9405

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8036683555939549184/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8036683555939549184/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMHg-evMo_4CFQKFgwcdgSsGEg&gqi=OUA2ZMmDIoyA7_UPsuSbQA&layout=/sadbundle/%24csp%253Der3%24/8036683555939549184/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nalewki.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 29051
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8036683555939549184/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8036683555939549184/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMHg-evMo_4CFQKFgwcdgSsGEg&gqi=OUA2ZMmDIoyA7_UPsuSbQA&layout=/sadbundle/%24csp%253Der3%24/8036683555939549184/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:23:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5114 83 KB
28 KB 1019ms
1018ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3311913476&pi=t.aa~a.1391894186~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=1&bdt=2970&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600%2C300x600&nras=4&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=4443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=EFoZ2rc8Wh&p=http%3A//nalewki.eu&dtd=27

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3273dca32b2b690696bd45184fbc05905f7c3b41e79c447abe68f68e8a06f0c

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8036683555939549184/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8036683555939549184/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJft-evMo_4CFUf2dwodLRwBiw&gqi=OUA2ZL6dIuSZlQf8oIfwBQ&layout=/sadbundle/%24csp%253Der3%24/8036683555939549184/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nalewki.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 29121
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8036683555939549184/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8036683555939549184/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJft-evMo_4CFUf2dwodLRwBiw&gqi=OUA2ZL6dIuSZlQf8oIfwBQ&layout=/sadbundle/%24csp%253Der3%24/8036683555939549184/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:23:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 46ms
46ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nalewki.eu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 47ms
47ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nalewki.eu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/ Frame 9DCC 10 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nalewki.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:34:15 GMT
etag: 2378337311435320485
expires: Tue, 25 Apr 2023 22:34:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/ Frame 8E39 10 KB
4 KB 38ms
38ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nalewki.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:34:15 GMT
etag: 2378337311435320485
expires: Tue, 25 Apr 2023 22:34:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Apr 2023 05:23:05 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 9DCC 4 KB
728 B 50ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 05:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 04:43:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 05:23:05 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9DCC 205 B
519 B 131ms
40ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:16:53 GMT
x-content-type-options: nosniff
age: 50772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 10 Apr 2024 15:16:53 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9DCC 604 B
695 B 131ms
41ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 00:45:23 GMT
x-content-type-options: nosniff
age: 16662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 11 Apr 2024 00:45:23 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/elements/html/ Frame 9DCC 19 KB
8 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:49:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8171
x-xss-protection: 0
server: cafe
etag: 2240023182167719722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:49:31 GMT

GET
H2 200 0b76a40db5a0e4006fbd6687403ecdcc.js Show response
www.gstatic.com/mysidia/ Frame 8E39 9 KB
4 KB 119ms
39ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0b76a40db5a0e4006fbd6687403ecdcc.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1c09e80f13f58fa8735352042ae3ee483c8d801c705881cc076b3f39cff3375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 12:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4047
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 12:08:23 GMT

GET
H2 200 74ec634574f05197de646cb87f0af1bd.js Show response
www.gstatic.com/mysidia/ Frame 8E39 10 KB
4 KB 163ms
83ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/74ec634574f05197de646cb87f0af1bd.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31b4e5121cdc6135c30476d258909c0e815737033f335812ab770213f967b7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 23:36:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4444
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 10 Jul 2023 23:36:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8E39 8 KB
966 B 49ms
47ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 05:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 04:39:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 05:23:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 8E39 2 KB
765 B 40ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56690
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:38:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/ Frame 8E39 22 KB
9 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56851
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:35:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 8E39 3 KB
1 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 18:46:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 8E39 20 KB
8 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:37:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E39 159 KB
49 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 05:23:05 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 8E39 33 KB
14 KB 119ms
42ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 20:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 10 Jul 2023 20:42:22 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CF0D 13 KB
5 KB 44ms
41ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nalewki.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 38203
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 18:46:22 GMT
expires: Wed, 10 Apr 2024 18:46:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4C59 783 B
968 B 53ms
50ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2323385882defa6e7f77925d559601bb92d662dabbaf01a016880b220798808a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-y9hFpQz-e8gzZydsujYdHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nalewki.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-y9hFpQz-e8gzZydsujYdHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:23:05 GMT
expires: Wed, 12 Apr 2023 05:23:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ Frame 77BF 8 KB
893 B 56ms
47ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 05:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 04:23:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 05:23:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 77BF 2 KB
765 B 42ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56690
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:38:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/ Frame 77BF 22 KB
9 KB 42ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56851
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:35:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 77BF 3 KB
1 KB 42ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 18:46:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 77BF 20 KB
8 KB 43ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:37:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 77BF 159 KB
49 KB 53ms
47ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 05:23:05 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 77BF 33 KB
14 KB 82ms
73ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 20:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 10 Jul 2023 20:42:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4C59 0
0 71ms
70ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230410&jk=1460213915247265&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js Show response
pagead2.googlesyndication.com/bg/ Frame CF0D 36 KB
14 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6a0ccee31f397086765dfacf790871ff937c6bc8db532880b8b3612ceed4a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 14:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 224612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14260
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 14:59:33 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 914B 143 B
166 B 43ms
38ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2947
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 04:33:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F9AF 42 B
64 B 72ms
71ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsLJUwNeBNqMcXfp5h49efvRt-IWkI80yyvTiG783FRYFv1U0BrzneKnkdhGu7BDjDKDfE_nVPpZJBhET-_fck92KYXpqeC_06hxMDChY6kyoTCimjgMSrQaBzLhNQZvNpFZ6aWA&sai=AMfl-YRpQMvIarovbgbVoE57ofnPqJKG1zehGLG7T8pQkrl5OmXO4ssN_gPsniAtMojfZhz-jiRlIx_oWeWI&sig=Cg0ArKJSzG6DldUX7pm5EAE&cid=CAQSGwDUE5ymSkfx3hes3OJtos-mDRR_NqqRkiMcQxgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230410&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1516376469&rs=2&la=0&cr=0&vs=4&r=v&rst=1681276984152&rpt=673&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 05:23:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 966B 143 B
166 B 41ms
38ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 04:33:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 914B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
50ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:23:06 GMT
expires: Wed, 12 Apr 2023 05:23:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:23:06 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js Show response
pagead2.googlesyndication.com/bg/ Frame D22E 36 KB
14 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js

Requested by

Host: nalewki.eu
URL: http://nalewki.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6a0ccee31f397086765dfacf790871ff937c6bc8db532880b8b3612ceed4a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 14:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 224612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14260
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 14:59:33 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 111E 42 B
64 B 71ms
70ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFb9s1EvChxBx7aGZvRRsZpJkMfu0uoLMGQIO5-Mq1_8aqX2-tuOuPl3wFSuhY87CvrvJwS6JQxsUED3fMijGu1a2ex0Xyc2Q2fFUFVq2QjVGRx2hNdytglTns4lz2xSL-8v-0wA&sai=AMfl-YRfgkSDTP3TDUzIMOQPD_7Bo-s3IVH-fXljvCTe4kMWihTQGl2-2FzIDSkCL39ydQJpW4u5Ny2oChZY&sig=Cg0ArKJSzHqRYozD3NJ_EAE&cid=CAQSGwDUE5ymWqjSIJgD82f-U-hZSPCMp82ftUHVfhgB&id=lidar2&mcvt=1000&p=0,86,280,506&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230410&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=411769763&rs=2&la=0&cr=0&vs=4&r=v&rst=1681276984116&rpt=852&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 05:23:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CF0D 0
10 B 35ms
35ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fovu1Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 966B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
49ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:23:06 GMT
expires: Wed, 12 Apr 2023 05:23:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:23:06 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame CF79 4 KB
618 B 47ms
46ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=2477553375&pi=t.aa~a.2833031217~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=1&bdt=2969&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90&nras=2&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8jCot8BRTF&p=http%3A//nalewki.eu&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35fd59b97a8e0d867188a88d4ec485d4daa94c2ac3ae46790435ee7b59f229c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 05:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 04:42:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 05:23:06 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame CF79 2 KB
765 B 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:38:15 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CF79 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0noaOUA2ZM-qItnm3wP0trKYDu-DxKFuv8ivrL8OzMeapv0IEAEg16W9cGCV4pCCoAegAbC6odcDyAEJqQJUHrW6FVGyPqgDAcgDywSqBOIBT9CzjwBjxbaRBhKw71O17Ln79ixoeaAAQSaLXPTrNIlFYhzSMtNnXxgKCp6-WKZ0qYuSmzG6ovDlYOfZDhxHCKznsMSsPQSwPLfC7-j0pUuz8lL8JNfr9mRvIGbJGSkrVawqAn-VSB7eCgn0BWgxXeHWtx_hqkw86Ui0HlG8uSr4Hmsa7Y3NpgbD7wNS0yDzi4dALlZasaakibf3KSMe0s9Xay_eIb4JIahpJ3zk7AB8fSNl2CvGSl3EFXs4rWB5NTkVIyzihIWigTrlYg48qYuK3GqK1G5gZ6_5cIyNPLVGNMAEyZipquADkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8X3rT6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQqq0C0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItOTMxMTQwMzUzMzEzMTAzMBgA&sigh=owvLUiZtPYs&uach_m=[UACH]&cid=CAQSPABygQiDS-FujGNPzV4r5LJ0BHLtBCZg25Umbp6IRTbScjlGno_ATlDTIibsa-L5JsEdH7l9Km3NBlaiNRgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=2477553375&pi=t.aa~a.2833031217~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=1&bdt=2969&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90&nras=2&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8jCot8BRTF&p=http%3A//nalewki.eu&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 05:23:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CF79 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame CF79
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

36ms
36ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 386274
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Apr 2024 18:05:12 GMT

Redirect headers

date: Wed, 12 Apr 2023 04:40:51 GMT
x-content-type-options: nosniff
server: cafe
age: 2535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 May 2023 04:40:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/ Frame CF79 22 KB
9 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:35:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame CF79 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 18:46:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame CF79 20 KB
8 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:37:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CF79 0
0 46ms
45ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPnQTM8sZ6qEbrzjD1JISR8uqfGlch5K5_zhMD2haxbhEYHLpowUmm1Eg_koIx7Ba7swqf5Yg4bsc_4uFeQDUbdakZfQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=2477553375&pi=t.aa~a.2833031217~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=1&bdt=2969&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90&nras=2&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8jCot8BRTF&p=http%3A//nalewki.eu&dtd=13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF79 159 KB
49 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 05:23:06 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame CF79 33 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 20:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 10 Jul 2023 20:42:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7402 1 KB
643 B 38ms
37ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 626
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:12:40 GMT
etag: 48472445140208031
expires: Thu, 13 Apr 2023 05:12:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CF79 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbe0c737af7d3434c8ba18e66b1e47fd089e1a493f0f06fe5f4712b579fad283

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7402
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKewPwVjr9RYzQVrIdUbSk4&google_cver=1&google_push=Aer7DvL5gtQUvvBUsMrI70iyNRyD_Y5b9OiYbSZRed-xne85Z3VOKtfc4JuRU-3Q6sMoOOHAfbZ3nKPLIOmjYPvr...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvL5gtQUvvBUsMrI70iyNRyD_Y5b9OiYbSZRed-xne85Z3VOKtfc4JuRU-3Q6sMoOOHAfbZ3nKPLIOmjYPvrZRym_PJRai6V-Cw

170 B
232 B

45ms
44ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvL5gtQUvvBUsMrI70iyNRyD_Y5b9OiYbSZRed-xne85Z3VOKtfc4JuRU-3Q6sMoOOHAfbZ3nKPLIOmjYPvrZRym_PJRai6V-Cw

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 05:23:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 12 Apr 2023 05:23:06 GMT
Server: MT3 776 936c8db master cdg-pixel-x9 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvL5gtQUvvBUsMrI70iyNRyD_Y5b9OiYbSZRed-xne85Z3VOKtfc4JuRU-3Q6sMoOOHAfbZ3nKPLIOmjYPvrZRym_PJRai6V-Cw
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 12 Apr 2023 05:23:05 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 7402
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGNAafBnpHAfO9zfNQIEc54&google_cver=1&google_push=Aer7DvI6ri91HNdFJTSWZ6uwQHRa2Y0hlnotNlK2EgrIdg5nV8B4vEA5bP6I8Qg6vULMAPRprGEp53ebC3hb2N03yIHo5ZGIq8pg7...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGNAafBnpHAfO9zfNQIEc54&google_cver=1&google_push=Aer7DvI6ri91HNdFJTSWZ6uwQHRa2Y0hlnotNlK2EgrIdg5nV8B4vEA5bP6I8Qg6vULMAPRprGEp53ebC3hb2N03yIHo5ZGIq8p...

43 B
416 B

212ms
195ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGNAafBnpHAfO9zfNQIEc54&google_cver=1&google_push=Aer7DvI6ri91HNdFJTSWZ6uwQHRa2Y0hlnotNlK2EgrIdg5nV8B4vEA5bP6I8Qg6vULMAPRprGEp53ebC3hb2N03yIHo5ZGIq8pg7_g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvI6ri91HNdFJTSWZ6uwQHRa2Y0hlnotNlK2EgrIdg5nV8B4vEA5bP6I8Qg6vULMAPRprGEp53ebC3hb2N03yIHo5ZGIq8pg7_g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 05:23:06 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b69090ecfd5382b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Apr 2023 05:23:06 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 329
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGNAafBnpHAfO9zfNQIEc54&google_cver=1&google_push=Aer7DvI6ri91HNdFJTSWZ6uwQHRa2Y0hlnotNlK2EgrIdg5nV8B4vEA5bP6I8Qg6vULMAPRprGEp53ebC3hb2N03yIHo5ZGIq8pg7_g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvI6ri91HNdFJTSWZ6uwQHRa2Y0hlnotNlK2EgrIdg5nV8B4vEA5bP6I8Qg6vULMAPRprGEp53ebC3hb2N03yIHo5ZGIq8pg7_g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b69090d6e68382b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 7402 0
173 B 69ms
20ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELXtIc0u3Orwe9IB4Cr8Q9c&google_cver=1&google_push=Aer7DvL1Vmu8_9cLwtZDvneUZppdY7-JGD5YG3F4UOqDXlgoWK7V2qY2qPG6x-SI1whDLO-mhZG8_91vNn9aK6Rb9vqYqnZbjuIqZUs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=2477553375&pi=t.aa~a.2833031217~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=1&bdt=2969&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90&nras=2&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8jCot8BRTF&p=http%3A//nalewki.eu&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 7402 0
98 B 70ms
20ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAer7DvK2yk2tHyGQYK3pNXkTCYEgK3TRBJ2xWgnRPoJVXgiSckgqZHyxZvmjoVf_fisxGL7AgsTLkq7Pxt4RsbSAdWRF6aPznR3G&google_gid=CAESEGF_CxI_xRuoD_EsPsmzSIo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=2477553375&pi=t.aa~a.2833031217~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=1&bdt=2969&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90&nras=2&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8jCot8BRTF&p=http%3A//nalewki.eu&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7402
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGTEzV5BadNL9ZCYAYkGd10&google_cver=1&google_push=Aer7DvL4poXucySlaSlTFDwd73DsIp8sm4i4pJU1jMBOiGPjY6f_N6Ev3mWYMDIc_nEi8JJcxUOFCzgTYU1KTZ...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMTAyOTY3MDM5OTExMzM2NA%3D%3D&google_push=Aer7DvL4poXucySlaSlTFDwd73DsIp8sm4i4pJU1jMBOiGPjY6f_N6Ev3mWYMDIc_nEi8JJcxUOFCzgTYU1KTZDPDb...

170 B
329 B

94ms
46ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMTAyOTY3MDM5OTExMzM2NA%3D%3D&google_push=Aer7DvL4poXucySlaSlTFDwd73DsIp8sm4i4pJU1jMBOiGPjY6f_N6Ev3mWYMDIc_nEi8JJcxUOFCzgTYU1KTZDPDbaANCpMruuFILM

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 05:23:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMTAyOTY3MDM5OTExMzM2NA%3D%3D&google_push=Aer7DvL4poXucySlaSlTFDwd73DsIp8sm4i4pJU1jMBOiGPjY6f_N6Ev3mWYMDIc_nEi8JJcxUOFCzgTYU1KTZDPDbaANCpMruuFILM
Date: Wed, 12 Apr 2023 05:23:06 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7402
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPZvdDVQr6cAVdDNxjOzXfI&google_cver=1&google_push=Aer7DvIEuLiKR5rk2CqIp6UY9wnWjtPIIX3VBitqElXo4YLfIIm8N1GUV-oGGSpooWJgVGyCGdGgniWgur_S...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIEuLiKR5rk2CqIp6UY9wnWjtPIIX3VBitqElXo4YLfIIm8N1GUV-oGGSpooWJgVGyCGdGgniWgur_StT-8RigqzprlNeRtzUs

170 B
232 B

45ms
45ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIEuLiKR5rk2CqIp6UY9wnWjtPIIX3VBitqElXo4YLfIIm8N1GUV-oGGSpooWJgVGyCGdGgniWgur_StT-8RigqzprlNeRtzUs

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 05:23:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIEuLiKR5rk2CqIp6UY9wnWjtPIIX3VBitqElXo4YLfIIm8N1GUV-oGGSpooWJgVGyCGdGgniWgur_StT-8RigqzprlNeRtzUs
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET googleredir
googlecm.hit.gemius.pl/ Frame 7402 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7402 0
130 B 149ms
42ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IRGwzLxf8wIZH_9PDOGCa6w-SawcbGj_YkdLeyfFGeN7waUAA_qeBmnMEh5jei9b3jqBDEsQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CF79 16 KB
16 KB 38ms
36ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 67915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:11 GMT

GET
H3 200 1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F92 36 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6a0ccee31f397086765dfacf790871ff937c6bc8db532880b8b3612ceed4a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 14:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 224613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14260
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 14:59:33 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8036683555939549184/ Frame 5D5F 636 KB
42 KB 42ms
42ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8036683555939549184/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3311913476&pi=t.aa~a.1391894186~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=1&bdt=2970&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600%2C300x600&nras=4&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=4443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=EFoZ2rc8Wh&p=http%3A//nalewki.eu&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a89d4d00133451c238015f85b1ac5bd7fb2d3b5fd6364b0a4af375c1c18e321

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 139051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 43376
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 14:45:35 GMT
expires: Tue, 09 Apr 2024 14:45:35 GMT
last-modified: Mon, 27 Mar 2023 13:21:46 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5114 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIjPVOUA2ZNfsIsfs3wOtuITYCPbz195v1eiSl48Rjcut-4Y6EAEg16W9cGCV4pCCoAegAcb1tcgDyAEJqQJUHrW6FVGyPqgDAcgDAqoE9AFP0OOuR8SxKHCH7NbqPwhYoWQ9WvqTr-hEh9Nw4ymUYQMMzO13ZIOVFJ2IrFEQwibRa2DLWgfQPscC9kMww6d0lZYYuAvZl4ArLFQValVHnuKab5dgPXMQdOTLaDf4es5LsxHlLK_NkEoloxoVYJZEOKkWypLxwI1vvvX-PSY6Fk8vOLFVrrm4xheaF4G8qJtUgic4GIvruO-F6vM-WqnO7DuX5sfg7sHVo3JABLF-FJ750OMH_NziE4MSeSxwwAM4zAa6dxMd_dx4IdWnuo973Dm2Wsmr-XAE4j87UiXgAfgJeo8rfcLD3Bs02zfpCBm1r9E3wASsi_DSuASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGXYAHoorKN6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMKlBtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMKiBQB0BUBgBcBshccChoIABIUcHViLTkzMTE0MDM1MzMxMzEwMzAYAA&sigh=YMuOyW8M_1g&uach_m=[UACH]&cid=CAQSPADUE5ymYUUxl1VizpQtqWETP7Tdu6lI6gmlaLYM0Hzd1bgL_IopGXnFjHx_OqDd09SGMLec_QIbhz03IxgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3311913476&pi=t.aa~a.1391894186~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=1&bdt=2970&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600%2C300x600&nras=4&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=4443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=EFoZ2rc8Wh&p=http%3A//nalewki.eu&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3311913476&pi=t.aa~a.1391894186~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=1&bdt=2970&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600%2C300x600&nras=4&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=4443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=EFoZ2rc8Wh&p=http%3A//nalewki.eu&dtd=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 05:23:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 5114 3 KB
1 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3311913476&pi=t.aa~a.1391894186~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=1&bdt=2970&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600%2C300x600&nras=4&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=4443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=EFoZ2rc8Wh&p=http%3A//nalewki.eu&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 18:46:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 5114 20 KB
8 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3311913476&pi=t.aa~a.1391894186~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=1&bdt=2970&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600%2C300x600&nras=4&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=4443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=EFoZ2rc8Wh&p=http%3A//nalewki.eu&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:37:44 GMT

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 5114 0
20 B 71ms
71ms Other
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJft-evMo_4CFUf2dwodLRwBiw&gqi=OUA2ZL6dIuSZlQf8oIfwBQ&layout=/sadbundle/%24csp%253Der3%24/8036683555939549184/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3311913476&pi=t.aa~a.1391894186~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=1&bdt=2970&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600%2C300x600&nras=4&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=4443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=EFoZ2rc8Wh&p=http%3A//nalewki.eu&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 05:23:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
75ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230410&jk=1460213915247265&bg=!qaqlqv7NAAYIJb0jKCU7ADkAdvg8WteXHFGlm84n2LtmwdoNLPGxdR5gsZTu5Xg-dStzr95RV4iL7wQqXRY6fUL8GtP3-gBd0lQCAAAA0VIAAAADaAEHCgBPeMf7zscaVEWLNu-Mds3f4Gc4wt1xTrNl_X-ITV2MvrDkbqU622H014JQ0pohAWIAJ_SW-XeQrxlXXRp-s0LzjKgaylKzgdJwZ7oLrlyFcZkCkCvu5lEDxPRxAJF2FilQJ0fNPo9J0H6m0wySstIKeBIezYGKcB50RQBudoTGVBfcFD-TDzrTTT48O7wzsegeqZOzD7PWMY4lNcdjhBiOVeJPwK3Pl31ky2pOawH9CQXxJIHvP4vtSUuUIntfuFvmSgOlW5no-lDyc9cJa6mwewF-OFLjhpHzJSY6PiV2CGE0LolIskdCjpgoTSerIdCKsMYD9VDGG6r2iV-qw1I3juszIT7SoDfD9WOVfrS_8avKt61W9mIIovqymlEVtzEOnZ9Iwm9NOq4fOQAMyAjKsk2T6GtDNRWDZAFJsBPgUm_EpQQvfvf1fwKoH4cH4GiXszHGL5ZoKSOqGv3wHEUZVcN64vcrulv7w_nQFJ2AUkGinEy2s9nLi41gsWS7Bh1N8rS7b8jFybEAL5z29NbrMrDxpZDoYO__LAg4J9uq1jRyrEDltQpYkHENk0hgCrfj8DOxabd4qeJA4GSm4ewB0vDuxIhxmZUxUAHrD_E97CuepuyRa_ttVkXB8nU1gSEwPo4cfGsIbus9rNSFPJ1pobkfqUiK1mezd49nwZynCWuHTGxyNNJl8olPJipBLquKH1D_2wejzzdyzyjPWg4TD_6Zm0k9xfAjCWOhImZkvqhyar-6H0jQpKJZH6vz9YshYgq_1Z-2XyniyaPiShtxC3aUpTMh_VphaD3myfALS4uNkvkgsShBOfq60TLrVcc9DQO5DvTdcJLbbILzB38BwJNCQZRKInzd7KwMv6L_QmIC48-uNWWR1XCKvmSHSuMG-_4sNOiI2dZVsTFeULSJjqU7kgUC1ji2oHIc47LkB51320EEvGQQrUIPB5LBWmlqyL6E8mVLTSHDGGAbyPM-wpsv
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nalewki.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5D5F 16 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8036683555939549184/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 01:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 13 Apr 2023 01:42:08 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5D5F 34 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8036683555939549184/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 01:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 13 Apr 2023 01:42:08 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5114 159 KB
49 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3311913476&pi=t.aa~a.1391894186~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=1&bdt=2970&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600%2C300x600&nras=4&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=4443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=EFoZ2rc8Wh&p=http%3A//nalewki.eu&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 05:23:06 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8036683555939549184/ Frame 68E6 636 KB
42 KB 47ms
43ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8036683555939549184/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3680164179&pi=t.aa~a.2825923036~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=2&bdt=2970&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600&nras=3&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=2499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yHmdGtFpy3&p=http%3A//nalewki.eu&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a89d4d00133451c238015f85b1ac5bd7fb2d3b5fd6364b0a4af375c1c18e321

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 139051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 43376
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 14:45:35 GMT
expires: Tue, 09 Apr 2024 14:45:35 GMT
last-modified: Mon, 27 Mar 2023 13:21:46 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FFF1 0
0 84ms
82ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWf2DOUA2ZIHgIoKKjuwPgdeYkAH289feb9XokpePEY3LrfuGOhABINelvXBgleKQgqAHoAHG9bXIA8gBCakCWemeMv5Msj6oAwHIAwKqBPQBT9BQW3iueiZ7_RVlFi1maYCxVSI_n_Lhtc3PegiI5ybpw5PYkhUmRpuMBobMF5-Jxm_oMYT7rsz1Zv3CQnBeVnpKhpjkEcv3w8G4TQZdorXuCxswSlaLNpkx6Q-imOMh3TgIdj2c1eZT9uS0jU8qsiE3fUBY8D8MhGpMbUFLre3UFsaeEAiI5nVwnmj088Elldu1ZM3-4FKBYOg-pE_x8oMOwvedC09U7BuF6tuSeZaVoxrka4fGvusDQZ-TpNRg2dw2aMaIBBDP2ZEYYdC-ov1rhn-O31Skx0MO5aU8g5sX7eYWJIaDUSPQ3RGAInhy4FQoTMAErIvw0rgEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB6KKyjeoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCWswrSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCogUAdAVAYAXAbIXHAoaCAASFHB1Yi05MzExNDAzNTMzMTMxMDMwGAA&sigh=59fqRa8B6DY&uach_m=[UACH]&cid=CAQSPADUE5ymbRCc9jg_cE8hlH8zCbx6QRbe4qs5a3ik8CGypI30JrUtm_xXGpIOY02gYAlfZd2d2S-8YOatphgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3680164179&pi=t.aa~a.2825923036~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=2&bdt=2970&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600&nras=3&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=2499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yHmdGtFpy3&p=http%3A//nalewki.eu&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3680164179&pi=t.aa~a.2825923036~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=2&bdt=2970&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600&nras=3&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=2499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yHmdGtFpy3&p=http%3A//nalewki.eu&dtd=23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 05:23:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame FFF1 3 KB
1 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3680164179&pi=t.aa~a.2825923036~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=2&bdt=2970&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600&nras=3&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=2499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yHmdGtFpy3&p=http%3A//nalewki.eu&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 18:46:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame FFF1 20 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3680164179&pi=t.aa~a.2825923036~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=2&bdt=2970&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600&nras=3&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=2499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yHmdGtFpy3&p=http%3A//nalewki.eu&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:37:44 GMT

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame FFF1 0
20 B 73ms
73ms Other
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMHg-evMo_4CFQKFgwcdgSsGEg&gqi=OUA2ZMmDIoyA7_UPsuSbQA&layout=/sadbundle/%24csp%253Der3%24/8036683555939549184/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3680164179&pi=t.aa~a.2825923036~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=2&bdt=2970&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600&nras=3&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=2499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yHmdGtFpy3&p=http%3A//nalewki.eu&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 05:23:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5114 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbddd9d871f02d874e6dbd2bd028e5f5c5cd68346becb517284d54ceda88a4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 68E6 16 KB
6 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8036683555939549184/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 01:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 13 Apr 2023 01:42:08 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 68E6 34 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8036683555939549184/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 01:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 13 Apr 2023 01:42:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FFF1 0
0 47ms
47ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaToylbfxUc1GTEYTx07MB2CjBm6CO6TP9NxO7IpivwfgAAoCn74qyoxZ4lJGnewA5hysO43BeSHcfRT0lefF3P5kGXnYQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3680164179&pi=t.aa~a.2825923036~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=2&bdt=2970&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600&nras=3&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=2499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yHmdGtFpy3&p=http%3A//nalewki.eu&dtd=23
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FFF1 159 KB
49 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3680164179&pi=t.aa~a.2825923036~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=2&bdt=2970&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600&nras=3&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=2499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yHmdGtFpy3&p=http%3A//nalewki.eu&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 05:23:06 GMT

GET
DATA 200
OK truncated
/ Frame FFF1 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3fb6c154e9bc6d033a9614ea553cacadfd00dde491a3d2b0fd738e847a081ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELTx0HgTB0o0xf2a1QRO3j8&google_cver=1&google_push=Aer7DvKTXxCoExbQp_g8Lniigl4oHkiys1eb7dP1NHZn7DdEZU6aKAOMBzjduFJxMapRx_Qyc_6e1-N5SSDSgswak7bXSdGekC5exEyQ

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nalewki.eu/	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600
.nalewki.eu/	1970-01-20 20:22:52	Name: __gads Value: ID=c7a767aa10b573d5-2227d77f8ddd00b7:T=1681276984:RT=1681276984:S=ALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw
.nalewki.eu/	1970-01-20 20:22:52	Name: __gpi Value: UID=00000bd4f9f64dab:T=1681276984:RT=1681276984:S=ALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA
.doubleclick.net/	1970-01-20 20:22:52	Name: IDE Value: AHWqTUmA2bG9Ne9x7ecb1gJYGAYAddnSh3dB1yHKlRXA94t4-MzRjDgV37URseYIro4
.doubleclick.net/	1970-01-20 11:01:17	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 11:01:20	Name: DSID Value: NO_DATA
.adfarm1.adition.com/	1970-01-20 13:10:52	Name: UserID1 Value: 7221029670399113364
.blismedia.com/	1970-01-20 19:46:56	Name: b Value: 6436403A46A2C0AC8FDE90F9BLIS
.mathtag.com/	1970-01-20 20:27:12	Name: uuid Value: f6796436-403a-4000-a880-94f333ab99e0
.mathtag.com/	1970-01-20 11:44:28	Name: mt_mop Value: 4:1681276986
.tribalfusion.com/	1970-01-20 13:10:52	Name: ANON_ID Value: aWns6EujieEo7YxU36xWjVEarPRY9ob7uegiYl5ZccSCbwA15BZdRpP6tZdpJnEjN8Me4SxYWVIB8lVyAWZd5gqC

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELTx0HgTB0o0xf2a1QRO3j8&google_cver=1&google_push=Aer7DvKTXxCoExbQp_g8Lniigl4oHkiys1eb7dP1NHZn7DdEZU6aKAOMBzjduFJxMapRx_Qyc_6e1-N5SSDSgswak7bXSdGekC5exEyQ Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAer7DvK2yk2tHyGQYK3pNXkTCYEgK3TRBJ2xWgnRPoJVXgiSckgqZHyxZvmjoVf_fisxGL7AgsTLkq7Pxt4RsbSAdWRF6aPznR3G&google_gid=CAESEGF_CxI_xRuoD_EsPsmzSIo&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3311913476&pi=t.aa~a.1391894186~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=1&bdt=2970&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600%2C300x600&nras=4&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=4443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=EFoZ2rc8Wh&p=http%3A//nalewki.eu&dtd=27 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/8036683555939549184/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3311913476&pi=t.aa~a.1391894186~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=1&bdt=2970&idt=1&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600%2C300x600&nras=4&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=4443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=EFoZ2rc8Wh&p=http%3A//nalewki.eu&dtd=27 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/8036683555939549184/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3680164179&pi=t.aa~a.2825923036~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=2&bdt=2970&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600&nras=3&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=2499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yHmdGtFpy3&p=http%3A//nalewki.eu&dtd=23 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/8036683555939549184/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9311403533131030&output=html&h=600&adk=3036314401&adf=3680164179&pi=t.aa~a.2825923036~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1681276985&rafmt=1&to=qs&pwprc=2181469555&format=300x600&url=http%3A%2F%2Fnalewki.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1681276985519&bpp=2&bdt=2970&idt=-M&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc7a767aa10b573d5-2227d77f8ddd00b7%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MZUDUMw5NthOL9fb8OYp7yt2_c-Vw&gpic=UID%3D00000bd4f9f64dab%3AT%3D1681276984%3ART%3D1681276984%3AS%3DALNI_MYEXFabkli26pHWiyUxX-nLhMU6bA&prev_fmts=0x0%2C592x280%2C592x280%2C728x90%2C300x600&nras=3&correlator=7510274885530&frm=20&pv=1&ga_vid=392353341.1681276984&ga_sid=1681276984&ga_hid=311312084&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=2499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&psts=AHQMDFdz5N0Wtm5hoVMKYxh0hEl6TGBdIRRUhRU22515PK9G6A2GbH3BviPxKWE3fNTKcxkoO8Oj4OCBNmLhJMOzYALPedpt%2CAHQMDFdPl8Q2y9qiRDmttDDBSRGFSokPYw7AnYbm-JI5N1ZIb7bTn9QNOQVs_s2gYp2rctI5GYynOcXXvb6tloS-5btdRQ%2CAHQMDFec-gN0-ANhH7s-1sDMp1ni9pzrbS8NZZ5YhXVBWaKj_tm7D6SYwlEVGpt6sNKRtk5AWb3QSo4jHI6Wk51jRmAwnA&pvsid=1460213915247265&tmod=1598529690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yHmdGtFpy3&p=http%3A//nalewki.eu&dtd=23 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/8036683555939549184/index.html".
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271802&client=ca-pub-9311403533131030&fa=2&ifi=9&uci=a!9&btvi=5&xpc=tzBUQKZNs7&p=http%3A//nalewki.eu Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
adservice.google.com
adservice.google.de
candycompany.pl
cm.g.doubleclick.net
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
i.wpimg.pl
id.rlcdn.com
nalewki.eu
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
s.tribalfusion.com
straga.pl
sync.mathtag.com
tpc.googlesyndication.com
tr.blismedia.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.polskatradycja.pl
zpierwszegotloczenia.pl
googlecm.hit.gemius.pl
109.95.157.49
162.215.117.254
172.217.18.2
178.255.41.10
185.208.164.102
185.29.134.244
212.77.100.137
2606:4700::6812:18ad
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
34.96.105.8
35.244.174.68
51.89.9.253
85.114.159.118
91.204.88.131
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
091789edec86828e77bf8f10d610e3f982d2de199fa926644c2834dbcff0bd3a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
2124b71ae5581800b6cb5648b6e28171dd33c8afd35cba5dcb75284abc40507f
2323385882defa6e7f77925d559601bb92d662dabbaf01a016880b220798808a
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
2a89d4d00133451c238015f85b1ac5bd7fb2d3b5fd6364b0a4af375c1c18e321
2b682eafdbb1105c7e0292965160ed0e2a446a30ac0d49049297f29e8c48a278
2e8bc223f1fa1af23cc14a3053715b44b8f982693e5250e2a49e9ba5272232fc
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b
30880fa0006dd15a4289e8cb2e0b6d3ddfc8c33cf98582dcd91446e8b38a9405
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b4e5121cdc6135c30476d258909c0e815737033f335812ab770213f967b7bd
35fd59b97a8e0d867188a88d4ec485d4daa94c2ac3ae46790435ee7b59f229c2
36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5
39084e3c9263de0748a8217c81ed2ec03c9c2e3851cb011dd262bdddeeb36899
3da15f9f77843b1f21e0ba5b65f16907c9ea1ddc3f0ceab304b4a0d5851a04b1
45bb172dab0e9ea68aa44c52fc81c80310cfa131a53ea0be027f0a8fe928f694
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
524c897d31f945c845781dd35052fcefb14582fff4e2d7873d329de9a420b631
5322e9332534ef029a65e59150183fac8e55518f79d32c1997a5646100de9c65
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5679a2e3213fa141d9711b09c42c2052bb574819116a4e80b55e44f9f951904c
5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
646adce0f2cb809447eedf1eb3e3170d823c334ec411388d9bca306c87cdeacd
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a
75af173316b01eda579bbbf1fc566326ec29160dda7c5c16a5b03acfe4802eb9
82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d
85390f8aade42d3056905e655ba88f109d14911db2dd4fa55ecf90589a0c73c8
8780a1296b2198218955f78f1121bf0577804e60dc207a2ba75d6400d4f836a4
893787f88c2d79377be1153f4bd8dc61f6012bea5e59e55a79fcadacebf9061e
8ef795deb555a848071d31cb6a21b4fa31084122137873bf54857309414bc9cc
94f229715266533168e8bde4c66fc0b249d45e022cb9cc333495f4a68a702017
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e26ab5064dab4ccd659362ecb893cd010d78264a4ae5b540766820d1026815d
9f138daa11c7730eb760f89ea9f7fb18f00e5147415c721f89399b338f4ff7fd
a43307ad6c71083c0fbe967a6c9b4ef2c485bc0ec79f3a49b26add4b3ed1a792
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a60a81518617402ed6803f5bf5e08176389efd60e0904b6f90011303a0660f64
a78db705cbf3071e66a1731e970fb56bfa1e1b4db1f644af65647d0b0c87c180
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c0c87ce733802d97c8e5e459190c87af410a55fef15e5e624c6b6ff075d20247
c3273dca32b2b690696bd45184fbc05905f7c3b41e79c447abe68f68e8a06f0c
c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9
c885b71cffb1153ba213e090165c17fdda244b4807b622c1cee91025b536dd53
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d1c09e80f13f58fa8735352042ae3ee483c8d801c705881cc076b3f39cff3375
d4408ee3d4bd95013d9c25d7096f95f1dd04b0abb7b4123427bdc366e9c25a8c
d4f24797ac4621646a35e5e688a697b8595cdcb186317372d3bc70c490bd6c73
d5bb49f9dcd30943371a9c24270e19a1cccb7da1a4dbea3f21ec44d6f197ea4f
d6a0ccee31f397086765dfacf790871ff937c6bc8db532880b8b3612ceed4a72
dbe0c737af7d3434c8ba18e66b1e47fd089e1a493f0f06fe5f4712b579fad283
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e478a8c3284326662e5ffaea97e28f7625699b5f4c88f7b50d41ae74f2cf95b0
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8e31be0e8fda52da29511c7339ae94fb93215ddb386c02168e73ac1ef5d889f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3fb6c154e9bc6d033a9614ea553cacadfd00dde491a3d2b0fd738e847a081ea
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
facece9eae2e01ec85a929f94527cc0a496d0b1201bd701f4eaa54da307d0ecb
fb7b852e74c07fce6d901f1cc61855a7d857949644b66e475af187d87cb1df7c
fbddd9d871f02d874e6dbd2bd028e5f5c5cd68346becb517284d54ceda88a4bd
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff3d824a6163d9cc40301df830cc284b8d7e3f17434646b519e9a364f8491bb8

nalewki.eu Open in urlscan Pro 162.215.117.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

153 Requests

84 %HTTPS

45 %IPv6

21 Domains

26 Subdomains

20 IPs

4 Countries

2836 kBTransfer

6721 kBSize

11 Cookies

3 Outgoing links

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

nalewki.eu Open in urlscan Pro
162.215.117.254 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

84 %
HTTPS

45 %
IPv6

21
Domains

26
Subdomains

20
IPs

4
Countries

2836 kB
Transfer

6721 kB
Size

11
Cookies

153 HTTP transactions
8 data transactions