ifotos.pl Open in urlscan Pro
37.187.111.177 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ifotos.pl/z/qaxnpws/
Submission Tags: falconsandbox
Submission: On March 18 via api (March 18th 2021, 6:54:43 pm UTC) from US

Summary HTTP 51 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 13 domains to perform 51 HTTP transactions. The main IP is 37.187.111.177, located in France and belongs to OVH, FR. The main domain is ifotos.pl.
TLS certificate: Issued by R3 on March 12th 2021. Valid for: 3 months.

This is the only time ifotos.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	37.187.111.177 37.187.111.177	16276 (OVH) (OVH)
8	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	52.85.115.31 52.85.115.31	16509 (AMAZON-02) (AMAZON-02)
1	5.196.66.84 5.196.66.84	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
12	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.226.159.59 13.226.159.59	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
51	16

11 37.187.111.177 (France)

ASN16276 (OVH, FR)
PTR: ns327730.ip-37-187-111.eu

ifotos.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.115.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-115-31.hel50.r.cloudfront.net

cdn.intum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.196.66.84 (France)

ASN16276 (OVH, FR)
PTR: ns334715.ip-5-196-66.eu

s6.ifotos.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-59.dus51.r.cloudfront.net

assets.intum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

scontent-frt3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	facebook.com www.facebook.com	290 KB
12	ifotos.pl ifotos.pl s6.ifotos.pl	406 KB
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	191 KB
5	doubleclick.net googleads.g.doubleclick.net	6 KB
2	fbcdn.net scontent-frt3-1.xx.fbcdn.net	17 KB
2	facebook.net connect.facebook.net	59 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	intum.com cdn.intum.com assets.intum.com	16 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	165 B
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	258 B
1	googletagmanager.com www.googletagmanager.com	38 KB
51	13

	Domain	Requested by
12	www.facebook.com	connect.facebook.net www.facebook.com
11	ifotos.pl	ifotos.pl
7	pagead2.googlesyndication.com	ifotos.pl pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	scontent-frt3-1.xx.fbcdn.net	www.facebook.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	connect.facebook.net	ifotos.pl connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	assets.intum.com	ifotos.pl
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s6.ifotos.pl	ifotos.pl
1	cdn.intum.com	ifotos.pl
1	www.googletagmanager.com	ifotos.pl
51	16

This site contains links to these domains. Also see Links.

Domain
www.creaweb.pl

Subject Issuer	Validity	Valid
ifotos.pl R3	`2021-03-12` - `2021-06-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.intum.com Amazon	`2020-09-11` - `2021-10-12`	a year	crt.sh
s6.ifotos.pl R3	`2021-02-20` - `2021-05-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://ifotos.pl/z/qaxnpws/
Frame ID: CDCCA7ADE3986B19B5F9FC211F75843D
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Frame ID: 2D7FBC411064E40AC80AF3BD2FBDEEF2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2582438751311963&output=html&h=60&slotname=5194271586&adk=1205751911&adf=1924411337&pi=t.ma~as.5194271586&w=468&lmt=1616093667&url=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&flash=0&wgl=1&dt=1616093667742&bpp=51&bdt=533&idt=143&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=6489321867969&frm=20&pv=2&ga_vid=1564168984.1616093668&ga_sid=1616093668&ga_hid=1607064616&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=573&ady=554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C44739387%2C21065725%2C21066612%2C21069892&oid=3&pvsid=1957064705856063&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aXauPWs0iW&p=https%3A//ifotos.pl&dtd=159
Frame ID: 8E74020AA140A6DE7A211F206000F3D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2582438751311963&output=html&adk=1812271804&adf=3025194257&lmt=1616093667&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616093667817&bpp=5&bdt=608&idt=97&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=5194271586&nras=1&correlator=6489321867969&frm=20&pv=1&ga_vid=1564168984.1616093668&ga_sid=1616093668&ga_hid=1607064616&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C44739387%2C21065725%2C21066612%2C21069892&oid=3&pvsid=1957064705856063&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=102
Frame ID: B03CFC5BC40D6E9C6E00DF853BF97B3D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2582438751311963&output=html&h=280&slotname=2159471668&adk=975071043&adf=166006029&pi=t.ma~as.2159471668&w=1200&fwrn=4&fwrnh=100&lmt=1616093667&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616093667822&bpp=4&bdt=613&idt=110&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=5194271586&nras=1&correlator=6489321867969&frm=20&pv=1&ga_vid=1564168984.1616093668&ga_sid=1616093668&ga_hid=1607064616&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C44739387%2C21065725%2C21066612%2C21069892&oid=3&pvsid=1957064705856063&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zKWCpObhq0&p=https%3A//ifotos.pl&dtd=113
Frame ID: 6FC754CBB0B4D3EF44CE48D274CA6070
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2582438751311963&output=html&h=280&slotname=2159471668&adk=4273489559&adf=1093948077&pi=t.ma~as.2159471668&w=531&fwrn=4&fwrnh=100&lmt=1616093667&rafmt=1&psa=0&format=531x280&url=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616093667839&bpp=2&bdt=630&idt=101&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&prev_slotnames=5194271586&nras=1&correlator=6489321867969&frm=20&pv=1&ga_vid=1564168984.1616093668&ga_sid=1616093668&ga_hid=1607064616&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=541&ady=989&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C44739387%2C21065725%2C21066612%2C21069892&oid=3&pvsid=1957064705856063&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=qsN1d9tbTS&p=https%3A//ifotos.pl&dtd=105
Frame ID: E626ED4C95AA8E3D0930E837B1FCC9F7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=268503386525935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df107241e416b73%26domain%3Difotos.pl%26origin%3Dhttps%253A%252F%252Fifotos.pl%252Ff14c47489a47db%26relation%3Dparent.parent&container_width=0&font=verdana&href=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&locale=pl_PL&sdk=joey&send=false&show_faces=false&width=600
Frame ID: 0DE7AA3881963AE497377904745F4289
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=268503386525935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd3f446f136684%26domain%3Difotos.pl%26origin%3Dhttps%253A%252F%252Fifotos.pl%252Ff14c47489a47db%26relation%3Dparent.parent&container_width=500&height=430&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FiFotosDotPl&locale=pl_PL&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=330
Frame ID: 81842256F96E3454B15CD467DE8B5D05
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: E30155DB2FC653DF5EB56FEB3AD65C40
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

51
Requests

100 %
HTTPS

69 %
IPv6

13
Domains

16
Subdomains

16
IPs

3
Countries

1070 kB
Transfer

2457 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.creaweb.pl/
Title: www.creaweb.pl

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
ifotos.pl/z/qaxnpws/ 7 KB
8 KB 396ms
222ms Document
text/html 37.187.111.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ifotos.pl/z/qaxnpws/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.187.111.177 , France, ASN16276 (OVH, FR),
Reverse DNS: ns327730.ip-37-187-111.eu
Software: nginx/1.14.1 / PHP/5.6.40
Resource Hash: a2ec6aeba6b12afb386454f71220d69a707ee7ab9a8e8c9c13e6cdde0ac00b33

Request headers

Host: ifotos.pl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.14.1
Date: Thu, 18 Mar 2021 18:54:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=65
X-Powered-By: PHP/5.6.40
Set-Cookie: kohanasession=trn604l7csoif1f1nj9llataq4; expires=Thu, 18-Mar-2021 20:54:27 GMT; Max-Age=7200; path=/ kohanasession=trn604l7csoif1f1nj9llataq4; expires=Thu, 18-Mar-2021 20:54:27 GMT; Max-Age=7200; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

GET
H/1.1 200
OK advertisement.js Show response
ifotos.pl/media/ 143 B
489 B 92ms
91ms Script
application/javascript 37.187.111.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ifotos.pl/media/advertisement.js
Requested by: Host: ifotos.pl
URL: https://ifotos.pl/z/qaxnpws/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.187.111.177 , France, ASN16276 (OVH, FR),
Reverse DNS: ns327730.ip-37-187-111.eu
Software: nginx/1.14.1 /
Resource Hash: 395a12315a3873ac2e4178e9ed19d11dfc7a7e79f00c0a6634a0018e028757e1

Request headers

Referer: https://ifotos.pl/z/qaxnpws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 18:54:27 GMT
Last-Modified: Sun, 28 Jun 2020 09:03:47 GMT
Server: nginx/1.14.1
ETag: "5ef85cf3-8f"
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 143
Expires: Sat, 17 Apr 2021 18:54:27 GMT

GET
H/1.1 200
OK scripts.js Show response
ifotos.pl/media/ 270 KB
270 KB 343ms
151ms Script
application/javascript 37.187.111.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ifotos.pl/media/scripts.js?v=1.02
Requested by: Host: ifotos.pl
URL: https://ifotos.pl/z/qaxnpws/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.187.111.177 , France, ASN16276 (OVH, FR),
Reverse DNS: ns327730.ip-37-187-111.eu
Software: nginx/1.14.1 /
Resource Hash: be8acf85412fc851243a853bafdf673b4b5b4ffac06fca4abd5f75a73765d36a

Request headers

Referer: https://ifotos.pl/z/qaxnpws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 18:54:27 GMT
Last-Modified: Tue, 15 Dec 2020 16:25:35 GMT
Server: nginx/1.14.1
ETag: "5fd8e37f-437ea"
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 276458
Expires: Sat, 17 Apr 2021 18:54:27 GMT

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ifotos.pl
URL: https://ifotos.pl/z/qaxnpws/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc515c676daf3068a7455cbde297275f96c2fb38e573ca7621f285ffbc193534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 18:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49785
x-xss-protection: 0
server: cafe
etag: 5737719656913929434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 18 Mar 2021 18:54:27 GMT

GET
H/1.1 200
OK style.css
ifotos.pl/media/1/ 56 KB
56 KB 207ms
115ms Stylesheet
text/css 37.187.111.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ifotos.pl/media/1/style.css?v=1.02
Requested by: Host: ifotos.pl
URL: https://ifotos.pl/z/qaxnpws/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.187.111.177 , France, ASN16276 (OVH, FR),
Reverse DNS: ns327730.ip-37-187-111.eu
Software: nginx/1.14.1 /
Resource Hash: 1288e55b388fcdc0bb62ac7f2b6817591c930e8dfb6679454577559cbafc0f96

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 18:54:27 GMT
Last-Modified: Sun, 28 Jun 2020 09:03:45 GMT
Server: nginx/1.14.1
ETag: "5ef85cf1-e024"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 57380
Expires: Sat, 17 Apr 2021 18:54:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5250036-9

Requested by

Host: ifotos.pl
URL: https://ifotos.pl/z/qaxnpws/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b02eb6f9f037223fc6362c5a761fd05f21dd982c42320c20974fec20031aee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 18:54:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39093
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Mar 2021 18:54:27 GMT

GET
H2 200 widget.js Show response
cdn.intum.com/5361/ 22 KB
9 KB 309ms
106ms Script
application/javascript 52.85.115.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intum.com/5361/widget.js
Requested by: Host: ifotos.pl
URL: https://ifotos.pl/z/qaxnpws/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-31.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d125bf33e195434f383abf0f02ec2e8f4df38f77f1f68f545fad62777caad8a

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 12:16:32 GMT
content-encoding: gzip
last-modified: Tue, 13 Feb 2018 20:26:29 GMT
server: AmazonS3
age: 3479875
etag: W/"e5e2a3e85c127687e754f5a51972c793"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 3fcabc15a7f22952dcacfedd3d2b6a15.cloudfront.net (CloudFront)
cache-control: max-age=31557600
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: FXDp5IdXY4KZXrBdHIM-9HBKx6nc4CDOzygG3MibKgVjlYMpIyZjLA==

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 96 KB
34 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ifotos.pl
URL: https://ifotos.pl/z/qaxnpws/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe04f9c72ac70a12b7af30796296c7740d8b0ae5f68347467de8ac587c90b4c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 18:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34770
x-xss-protection: 0
server: cafe
etag: 17054015465126112915
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 18 Mar 2021 18:54:27 GMT

GET
H/1.1 200
OK sygnatura_qaxnpws.png
s6.ifotos.pl/img/ 36 KB
36 KB 416ms
181ms Image
image/png 5.196.66.84
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s6.ifotos.pl/img/sygnatura_qaxnpws.png
Requested by: Host: ifotos.pl
URL: https://ifotos.pl/z/qaxnpws/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.196.66.84 , France, ASN16276 (OVH, FR),
Reverse DNS: ns334715.ip-5-196-66.eu
Software: nginx / LOLCODE/1.5
Resource Hash: 7471b292cc8269ec8627342aac6050ef1e324516c4dd15c666e303bfb963770c

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 18:54:27 GMT
ETag: "5e08d211-8eeb"
Last-Modified: Sun, 29 Dec 2019 16:19:29 GMT
Server: nginx
X-Powered-By: LOLCODE/1.5
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 36587
Expires: Wed, 07 Apr 2021 18:54:27 GMT

GET
H/1.1 200
OK textlink-ads.jpg
ifotos.pl/adimages/ 13 KB
13 KB 247ms
151ms Image
image/jpeg 37.187.111.177
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ifotos.pl/adimages/textlink-ads.jpg
Requested by: Host: ifotos.pl
URL: https://ifotos.pl/z/qaxnpws/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.187.111.177 , France, ASN16276 (OVH, FR),
Reverse DNS: ns327730.ip-37-187-111.eu
Software: nginx/1.14.1 /
Resource Hash: 2b2a35d022e7416f48eb46a53ada6b1542910b7ba3389cdd6b4ec995682d7c2f

Request headers

Referer: https://ifotos.pl/z/qaxnpws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 18:54:27 GMT
Last-Modified: Sun, 28 Jun 2020 09:03:47 GMT
Server: nginx/1.14.1
ETag: "5ef85cf3-33ec"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 13292

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ 226 KB
84 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2582438751311963&plah=ifotos.pl&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 18:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86501
x-xss-protection: 0
server: cafe
etag: 16342648926818324530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 18 Mar 2021 18:54:27 GMT

GET
H/1.1 200
OK bg.jpg
ifotos.pl/media/1/img/ 350 B
685 B 84ms
83ms Image
image/jpeg 37.187.111.177
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ifotos.pl/media/1/img/bg.jpg
Requested by: Host: ifotos.pl
URL: https://ifotos.pl/media/1/style.css?v=1.02
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.187.111.177 , France, ASN16276 (OVH, FR),
Reverse DNS: ns327730.ip-37-187-111.eu
Software: nginx/1.14.1 /
Resource Hash: 90663f3bcded6d7321495c0028673bc35e7078a0afb0c4e468f8e741137b22ce

Request headers

Referer: https://ifotos.pl/media/1/style.css?v=1.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 18:54:27 GMT
Last-Modified: Sun, 28 Jun 2020 09:03:46 GMT
Server: nginx/1.14.1
ETag: "5ef85cf2-15e"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 350
Expires: Sat, 17 Apr 2021 18:54:27 GMT

GET
H/1.1 200
OK top_links.png
ifotos.pl/media/1/img/ 4 KB
5 KB 86ms
85ms Image
image/png 37.187.111.177
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ifotos.pl/media/1/img/top_links.png
Requested by: Host: ifotos.pl
URL: https://ifotos.pl/media/1/style.css?v=1.02
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.187.111.177 , France, ASN16276 (OVH, FR),
Reverse DNS: ns327730.ip-37-187-111.eu
Software: nginx/1.14.1 /
Resource Hash: 2d57d6b32861f7679f9efb1239832a0faa608b82bb0ab3d2106fd35a7356932a

Request headers

Referer: https://ifotos.pl/media/1/style.css?v=1.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 18:54:27 GMT
Last-Modified: Sun, 28 Jun 2020 09:03:46 GMT
Server: nginx/1.14.1
ETag: "5ef85cf2-11d6"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 4566
Expires: Sat, 17 Apr 2021 18:54:27 GMT

GET
H/1.1 200
OK logo.png
ifotos.pl/media/1/img/ 10 KB
10 KB 88ms
87ms Image
image/png 37.187.111.177
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ifotos.pl/media/1/img/logo.png
Requested by: Host: ifotos.pl
URL: https://ifotos.pl/media/1/style.css?v=1.02
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.187.111.177 , France, ASN16276 (OVH, FR),
Reverse DNS: ns327730.ip-37-187-111.eu
Software: nginx/1.14.1 /
Resource Hash: 45588b038bfaab0b4b89f78c5c8fede0472069f59036531fa1d8b374c758dd4b

Request headers

Referer: https://ifotos.pl/media/1/style.css?v=1.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 18:54:27 GMT
Last-Modified: Sun, 28 Jun 2020 09:03:46 GMT
Server: nginx/1.14.1
ETag: "5ef85cf2-26af"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 9903
Expires: Sat, 17 Apr 2021 18:54:27 GMT

GET
H/1.1 200
OK corner_reedit.png
ifotos.pl/media/1/img/ 2 KB
3 KB 85ms
84ms Image
image/png 37.187.111.177
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ifotos.pl/media/1/img/corner_reedit.png
Requested by: Host: ifotos.pl
URL: https://ifotos.pl/media/1/style.css?v=1.02
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.187.111.177 , France, ASN16276 (OVH, FR),
Reverse DNS: ns327730.ip-37-187-111.eu
Software: nginx/1.14.1 /
Resource Hash: cb958da9e01ca2c7bb50f0463d338facb7000fb7ec1d42cc081af69b6f7cce3d

Request headers

Referer: https://ifotos.pl/media/1/style.css?v=1.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 18:54:27 GMT
Last-Modified: Sun, 28 Jun 2020 09:03:46 GMT
Server: nginx/1.14.1
ETag: "5ef85cf2-8cc"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 2252
Expires: Sat, 17 Apr 2021 18:54:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/ Frame 2D7F 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210316/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ifotos.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ifotos.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 18 Mar 2021 18:01:35 GMT
expires: Thu, 01 Apr 2021 18:01:35 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 3172
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 404
Not Found logo_cw_2013.png
ifotos.pl/media/1/media/1/img/ 571 B
571 B 70ms
70ms Image
text/html 37.187.111.177
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ifotos.pl/media/1/media/1/img/logo_cw_2013.png
Requested by: Host: ifotos.pl
URL: https://ifotos.pl/media/1/style.css?v=1.02
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.187.111.177 , France, ASN16276 (OVH, FR),
Reverse DNS: ns327730.ip-37-187-111.eu
Software: nginx/1.14.1 /
Resource Hash: 22ada793f9f0b7ab9b7b0cf9a96c1385a6bdcc9e8f8463bcc49ba48a0cacc9f2

Request headers

Referer: https://ifotos.pl/media/1/style.css?v=1.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 18:54:27 GMT
Content-Encoding: gzip
Server: nginx/1.14.1
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=65

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5250036-9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3112
date: Thu, 18 Mar 2021 18:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 18 Mar 2021 20:02:35 GMT

GET
H/1.1 200
OK facebook-right.png
ifotos.pl/media/1/img/ 3 KB
3 KB 73ms
73ms Image
image/png 37.187.111.177
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ifotos.pl/media/1/img/facebook-right.png
Requested by: Host: ifotos.pl
URL: https://ifotos.pl/media/1/style.css?v=1.02
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.187.111.177 , France, ASN16276 (OVH, FR),
Reverse DNS: ns327730.ip-37-187-111.eu
Software: nginx/1.14.1 /
Resource Hash: 1ce7b848770876249c059b3329b340741b408112e997491bc04f753ead95aa8f

Request headers

Referer: https://ifotos.pl/media/1/style.css?v=1.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 18:54:27 GMT
Last-Modified: Sun, 28 Jun 2020 09:03:46 GMT
Server: nginx/1.14.1
ETag: "5ef85cf2-ade"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 2782
Expires: Sat, 17 Apr 2021 18:54:27 GMT

GET
H2 200 all.js Show response
connect.facebook.net/pl_PL/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pl_PL/all.js

Requested by

Host: ifotos.pl
URL: https://ifotos.pl/media/scripts.js?v=1.02

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

662ba71be2010d7cc236d336ae6fbb01bb7f900024ab3d4a0966d739d77484b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: JDpG41lAOWYres01eHcZtA==
cross-origin-resource-policy: cross-origin
expires: Thu, 18 Mar 2021 19:10:05 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1778
x-fb-rlafr: 0
x-fb-debug: PU+/mYyh8vTg70ECKoCiXq2IwwqwIfzBqQT1nHGMKNMYRNd3ex/ss1Gnovv72+03I+MQJfOAgaIofM0E2ttBkw==
x-fb-trip-id: 686109401
x-fb-content-md5: 221a907de169048b535970d5523e973a
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 18 Mar 2021 18:54:27 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "b0bfa4fa2364f1ca3c57b950f69415e2"
timing-allow-origin: *
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
258 B 84ms
84ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ifotos.pl&callback=_gfp_s_&client=ca-pub-2582438751311963

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2582438751311963&plah=ifotos.pl&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

47684eb9440ac7dbabf366e61b80af7baa6a58abfc4f4fd245e66079e30fb68f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 18:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ifotos.pl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 18:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ifotos.pl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 18:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8E74 399 B
225 B 167ms
166ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2582438751311963&output=html&h=60&slotname=5194271586&adk=1205751911&adf=1924411337&pi=t.ma~as.5194271586&w=468&lmt=1616093667&url=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&flash=0&wgl=1&dt=1616093667742&bpp=51&bdt=533&idt=143&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=6489321867969&frm=20&pv=2&ga_vid=1564168984.1616093668&ga_sid=1616093668&ga_hid=1607064616&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=573&ady=554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C44739387%2C21065725%2C21066612%2C21069892&oid=3&pvsid=1957064705856063&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aXauPWs0iW&p=https%3A//ifotos.pl&dtd=159

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cf6fbf285fda6cecd1b031df2035eec8bb2069739aecfac8f2340a2812c10f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2582438751311963&output=html&h=60&slotname=5194271586&adk=1205751911&adf=1924411337&pi=t.ma~as.5194271586&w=468&lmt=1616093667&url=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&flash=0&wgl=1&dt=1616093667742&bpp=51&bdt=533&idt=143&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=6489321867969&frm=20&pv=2&ga_vid=1564168984.1616093668&ga_sid=1616093668&ga_hid=1607064616&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=573&ady=554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C44739387%2C21065725%2C21066612%2C21069892&oid=3&pvsid=1957064705856063&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aXauPWs0iW&p=https%3A//ifotos.pl&dtd=159
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ifotos.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ifotos.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 18:54:28 GMT
server: cafe
content-length: 197
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 18-Mar-2021 19:09:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 18:54:28 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 18:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Thu, 18 Mar 2021 18:54:27 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 39ms
39ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&tn=DIV&id=footy&ign=false

Requested by

Host: ifotos.pl
URL: https://ifotos.pl/z/qaxnpws/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 18:54:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B03C 1 KB
733 B 80ms
79ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2582438751311963&output=html&adk=1812271804&adf=3025194257&lmt=1616093667&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616093667817&bpp=5&bdt=608&idt=97&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=5194271586&nras=1&correlator=6489321867969&frm=20&pv=1&ga_vid=1564168984.1616093668&ga_sid=1616093668&ga_hid=1607064616&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C44739387%2C21065725%2C21066612%2C21069892&oid=3&pvsid=1957064705856063&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=102

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfeeead7e82e344ac6a2064243f8e0dec190052c8f19ec99142e0e51cb37975e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2582438751311963&output=html&adk=1812271804&adf=3025194257&lmt=1616093667&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616093667817&bpp=5&bdt=608&idt=97&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=5194271586&nras=1&correlator=6489321867969&frm=20&pv=1&ga_vid=1564168984.1616093668&ga_sid=1616093668&ga_hid=1607064616&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C44739387%2C21065725%2C21066612%2C21069892&oid=3&pvsid=1957064705856063&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=102
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ifotos.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ifotos.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 18:54:27 GMT
server: cafe
content-length: 419
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 18-Mar-2021 19:09:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 18:54:27 GMT
cache-control: private

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
62 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1607064616&t=pageview&_s=1&dl=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&ul=en-us&de=UTF-8&dt=Grafika%20na%20iFotos.pl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=1548677562&gjid=1486091355&cid=1564168984.1616093668&tid=UA-5250036-9&_gid=680180692.1616093668&_r=1&gtm=2ou3a0&z=904342997

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 18:54:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ifotos.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6FC7 399 B
273 B 132ms
132ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2582438751311963&output=html&h=280&slotname=2159471668&adk=975071043&adf=166006029&pi=t.ma~as.2159471668&w=1200&fwrn=4&fwrnh=100&lmt=1616093667&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616093667822&bpp=4&bdt=613&idt=110&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=5194271586&nras=1&correlator=6489321867969&frm=20&pv=1&ga_vid=1564168984.1616093668&ga_sid=1616093668&ga_hid=1607064616&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C44739387%2C21065725%2C21066612%2C21069892&oid=3&pvsid=1957064705856063&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zKWCpObhq0&p=https%3A//ifotos.pl&dtd=113

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c9e25f9476833af3aeb11e7e4e703d12e9feca01d1339042b5f0a11f3e259b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2582438751311963&output=html&h=280&slotname=2159471668&adk=975071043&adf=166006029&pi=t.ma~as.2159471668&w=1200&fwrn=4&fwrnh=100&lmt=1616093667&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616093667822&bpp=4&bdt=613&idt=110&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=5194271586&nras=1&correlator=6489321867969&frm=20&pv=1&ga_vid=1564168984.1616093668&ga_sid=1616093668&ga_hid=1607064616&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C44739387%2C21065725%2C21066612%2C21069892&oid=3&pvsid=1957064705856063&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zKWCpObhq0&p=https%3A//ifotos.pl&dtd=113
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ifotos.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ifotos.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 18:54:28 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 18-Mar-2021 19:09:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 18:54:28 GMT
cache-control: private

GET
H2 200 all.js Show response
connect.facebook.net/pl_PL/ 190 KB
57 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pl_PL/all.js?hash=9ba4730f4888667c17885ffbf14d08bf&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f0005eba0f1ccb7b133ead435f8cd3942a5f60891cc051b6362f79e43b9d0f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://ifotos.pl
Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: iwcHQz+Gvk0/0qAnnjcmwA==
cross-origin-resource-policy: cross-origin
expires: Fri, 18 Mar 2022 16:57:17 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 58397
x-fb-rlafr: 0
x-fb-debug: sz4IQVM45/5W21aFfTAEeFf3ymumXVYI1gzVTQxXgibH6zkClPUja9KD/flsDg5VVEc8ObIFn3+TkpP0UZkrrQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 8e5bf08caccf887a6ddf0e41f937e392
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 18 Mar 2021 18:54:27 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "c60f1504a23df301e2c0f5ae71206b21"
timing-allow-origin: *
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E626 399 B
226 B 207ms
206ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2582438751311963&output=html&h=280&slotname=2159471668&adk=4273489559&adf=1093948077&pi=t.ma~as.2159471668&w=531&fwrn=4&fwrnh=100&lmt=1616093667&rafmt=1&psa=0&format=531x280&url=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616093667839&bpp=2&bdt=630&idt=101&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&prev_slotnames=5194271586&nras=1&correlator=6489321867969&frm=20&pv=1&ga_vid=1564168984.1616093668&ga_sid=1616093668&ga_hid=1607064616&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=541&ady=989&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C44739387%2C21065725%2C21066612%2C21069892&oid=3&pvsid=1957064705856063&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=qsN1d9tbTS&p=https%3A//ifotos.pl&dtd=105

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81eba0023f815c06cccbde5cbdbcccc7ba863447917f836690c8e12564158ea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2582438751311963&output=html&h=280&slotname=2159471668&adk=4273489559&adf=1093948077&pi=t.ma~as.2159471668&w=531&fwrn=4&fwrnh=100&lmt=1616093667&rafmt=1&psa=0&format=531x280&url=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616093667839&bpp=2&bdt=630&idt=101&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&prev_slotnames=5194271586&nras=1&correlator=6489321867969&frm=20&pv=1&ga_vid=1564168984.1616093668&ga_sid=1616093668&ga_hid=1607064616&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=541&ady=989&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C44739387%2C21065725%2C21066612%2C21069892&oid=3&pvsid=1957064705856063&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=qsN1d9tbTS&p=https%3A//ifotos.pl&dtd=105
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ifotos.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ifotos.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 18:54:28 GMT
server: cafe
content-length: 198
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 18-Mar-2021 19:09:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 18:54:28 GMT
cache-control: private

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 33ms
33ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=268503386525935&input_token&origin=1&redirect_uri=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/all.js?hash=9ba4730f4888667c17885ffbf14d08bf&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 48Sfrr4JBjO8wKj8+TPY4a49MCOTVRrPkf+144ahe2ylv3++mg/jVmXLB0vU8ydv9Z/3pgbRZILETCzfaOB/Gg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 18 Mar 2021 18:54:28 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ifotos.pl
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 widget_black_sugester-b456af149c3c224e44aa1894fb6f9bb467587657e2e1b51724fb5cd847a14f19.png
assets.intum.com/assets/widget/ 7 KB
7 KB 205ms
56ms Image
image/png 13.226.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.intum.com/assets/widget/widget_black_sugester-b456af149c3c224e44aa1894fb6f9bb467587657e2e1b51724fb5cd847a14f19.png
Requested by: Host: ifotos.pl
URL: https://ifotos.pl/z/qaxnpws/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-59.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b456af149c3c224e44aa1894fb6f9bb467587657e2e1b51724fb5cd847a14f19

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 06:59:39 GMT
content-encoding: identity
last-modified: Wed, 08 Jul 2015 15:40:09 GMT
server: AmazonS3
age: 42890
etag: "e8a6a05626c64e8794fac36cfd3a56b7"
x-cache: Hit from cloudfront
content-type: image/png
via: 1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 7161
x-amz-cf-id: VKAH586AH8YXpdXAPUW0c5vHerxK39DNPMnCu1SFNhorh8f9Ks-iXA==

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 26ms
25ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24f60fe4779a4b37fe4c1dfb4f92ada5e80b9c842b0268fce0da58964c446937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 18:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6674
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 0DE7 56 KB
15 KB 73ms
73ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=268503386525935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df107241e416b73%26domain%3Difotos.pl%26origin%3Dhttps%253A%252F%252Fifotos.pl%252Ff14c47489a47db%26relation%3Dparent.parent&container_width=0&font=verdana&href=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&locale=pl_PL&sdk=joey&send=false&show_faces=false&width=600

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/all.js?hash=9ba4730f4888667c17885ffbf14d08bf&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

03657ecaafc13aaf461c921df372fda16816b9272652cfd76f92470709d36287

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=268503386525935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df107241e416b73%26domain%3Difotos.pl%26origin%3Dhttps%253A%252F%252Fifotos.pl%252Ff14c47489a47db%26relation%3Dparent.parent&container_width=0&font=verdana&href=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&locale=pl_PL&sdk=joey&send=false&show_faces=false&width=600
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ifotos.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ifotos.pl/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: fkqkVybn9UKsIpEcmUNsZ3LaGNsqg2zyMxVV+yKDZbLrlOM42n/iyQDVdOrmxIx2AS0w7hmyGT2DBom2fRrZgg==
date: Thu, 18 Mar 2021 18:54:28 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 8184 47 KB
14 KB 60ms
60ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=268503386525935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd3f446f136684%26domain%3Difotos.pl%26origin%3Dhttps%253A%252F%252Fifotos.pl%252Ff14c47489a47db%26relation%3Dparent.parent&container_width=500&height=430&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FiFotosDotPl&locale=pl_PL&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=330

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/all.js?hash=9ba4730f4888667c17885ffbf14d08bf&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3ec35b572e232f14cd58ed15a89246a833df4a5e30e4399967b1d819772f179e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/page.php?adapt_container_width=true&app_id=268503386525935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd3f446f136684%26domain%3Difotos.pl%26origin%3Dhttps%253A%252F%252Fifotos.pl%252Ff14c47489a47db%26relation%3Dparent.parent&container_width=500&height=430&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FiFotosDotPl&locale=pl_PL&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=330
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ifotos.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ifotos.pl/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: z9dbZt2QqSzdbRJYhLl8NBNtHQbbBUPzsAlQZMImRqi2PxLKvojr8sRLpg5m7V/LRzFVFMDpDNZcCjoCd2hPhQ==
date: Thu, 18 Mar 2021 18:54:28 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 18:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 18 Mar 2021 18:54:28 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame E301 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ifotos.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ifotos.pl/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 18 Mar 2021 15:12:08 GMT
expires: Fri, 18 Mar 2022 15:12:08 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 13340
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js Show response
pagead2.googlesyndication.com/bg/ Frame E301 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 06:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 44566
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5697
x-xss-protection: 0
expires: Fri, 18 Mar 2022 06:31:42 GMT

GET
H2 200 a38W9N8bpOR.css
www.facebook.com/rsrc.php/v3/yA/l/0,cross/ Frame 8184 30 KB
9 KB 7ms
6ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yA/l/0,cross/a38W9N8bpOR.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=268503386525935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd3f446f136684%26domain%3Difotos.pl%26origin%3Dhttps%253A%252F%252Fifotos.pl%252Ff14c47489a47db%26relation%3Dparent.parent&container_width=500&height=430&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FiFotosDotPl&locale=pl_PL&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cd201e7c9c9e7387ef43df3ee952e2006d6ea59a7dfb7d5a3d63c993c29167ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=268503386525935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd3f446f136684%26domain%3Difotos.pl%26origin%3Dhttps%253A%252F%252Fifotos.pl%252Ff14c47489a47db%26relation%3Dparent.parent&container_width=500&height=430&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FiFotosDotPl&locale=pl_PL&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:25:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6sOrN7YFKusPvUwbZkDcMQ==
cross-origin-resource-policy: cross-origin
content-length: 8606
x-fb-rlafr: 0
x-fb-debug: DFB9mnlARKL61jcTw4rpZhz6OQn9rK+xAHqwuR6+exiLI7OvhJXFvJho0Djo3PUNyWKgx68g0J0L2GQQmaMp1A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 17 Mar 2022 19:25:19 GMT

GET
H2 200 COFZ7ITuwSz.js Show response
www.facebook.com/rsrc.php/v3/yH/r/ Frame 8184 268 KB
71 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yH/r/COFZ7ITuwSz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5df547860d495d1b54ba7a44059e8413f4010a6dd111b6a0d40803665852ed70

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=268503386525935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd3f446f136684%26domain%3Difotos.pl%26origin%3Dhttps%253A%252F%252Fifotos.pl%252Ff14c47489a47db%26relation%3Dparent.parent&container_width=500&height=430&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FiFotosDotPl&locale=pl_PL&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 03:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: RdaRlLRvra/nUVf/g2gp9w==
cross-origin-resource-policy: cross-origin
content-length: 72280
x-fb-rlafr: 0
x-fb-debug: Cp6OrbdnAVNBG7GrzwoOix/RlVo11Gh2zkZGTRTY07dWJqKeLSzYMEEszq6KaiMIaLL3YudhqDPgImyEV9RkEg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 17 Mar 2022 03:17:45 GMT

GET
H2 200 5uWXDBbj7dh.js Show response
www.facebook.com/rsrc.php/v3/yp/r/ Frame 8184 65 KB
20 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yp/r/5uWXDBbj7dh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bea6892d84675a9af55a6aa8df0ed48031b955b87cabf13fe7448dd6eb2fed99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=268503386525935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd3f446f136684%26domain%3Difotos.pl%26origin%3Dhttps%253A%252F%252Fifotos.pl%252Ff14c47489a47db%26relation%3Dparent.parent&container_width=500&height=430&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FiFotosDotPl&locale=pl_PL&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: U3OBy9GOLf+ofqPG5yMb/NygJjkc40KgYY62JrckSPkgZMt+G03jf0WbCAVhNwmrVbWcXiFkB4lbphlxRL9cTg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Cfo2M49o9x+I1QtbBGCQ5w==
date: Wed, 10 Mar 2021 20:34:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20250
x-fb-rlafr: 0
expires: Thu, 10 Mar 2022 20:34:13 GMT

GET
H2 200 uqaYG-2xXaf.js Show response
www.facebook.com/rsrc.php/v3i7Kf4/yp/l/pl_PL/ Frame 8184 122 KB
34 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3i7Kf4/yp/l/pl_PL/uqaYG-2xXaf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e514a9981cd478115ebf2c88c1ccbbdabc430dc76afbba19e488a4177a67a6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=268503386525935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd3f446f136684%26domain%3Difotos.pl%26origin%3Dhttps%253A%252F%252Fifotos.pl%252Ff14c47489a47db%26relation%3Dparent.parent&container_width=500&height=430&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FiFotosDotPl&locale=pl_PL&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: u38WNClG0alysOqu7lhSVqp3harK/UBWDFOVmXh/GlIAFezX7pegdaAiL0Yr/ywlr2okCC/wK0iuXybRwsbWPA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Fa5rj1pdw8vMyOP8FAfnVQ==
date: Sat, 13 Mar 2021 17:11:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34857
x-fb-rlafr: 0
expires: Sun, 13 Mar 2022 17:11:57 GMT

GET
H2 200 nLyZ6bYhSNu.js Show response
www.facebook.com/rsrc.php/v3/yW/r/ Frame 8184 7 KB
2 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yW/r/nLyZ6bYhSNu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67d8e7a3e7815e72595c83389b163f51ecd562ed6c394cdaf5cbc93c7330623e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=268503386525935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd3f446f136684%26domain%3Difotos.pl%26origin%3Dhttps%253A%252F%252Fifotos.pl%252Ff14c47489a47db%26relation%3Dparent.parent&container_width=500&height=430&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FiFotosDotPl&locale=pl_PL&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 4Wj7ffS/WvweTvswViyPXBJqMZMiNBQwzdPPZ+bjSG99t2f+VfjlxFigPvsfln3oPb5bKba0WGpTzfnO7LnZQQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: sAMp5DhlJ2pej3twf5dwWw==
date: Sat, 06 Mar 2021 00:26:25 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2304
x-fb-rlafr: 0
expires: Sun, 06 Mar 2022 00:26:25 GMT

GET
H2 200 11039284_944424765629741_1720777997100899469_o.png
scontent-frt3-1.xx.fbcdn.net/v/t31.0-0/p118x118/ Frame 8184 15 KB
15 KB 20ms
6ms Image
image/png 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.xx.fbcdn.net/v/t31.0-0/p118x118/11039284_944424765629741_1720777997100899469_o.png?_nc_cat=102&ccb=1-3&_nc_sid=dd9801&_nc_ohc=tif6wfpbw5kAX817Bw0&_nc_ht=scontent-frt3-1.xx&_nc_tp=30&oh=289e0442a13ef4c1bfd1ac3df4dbf1a1&oe=607B1CB2
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=268503386525935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd3f446f136684%26domain%3Difotos.pl%26origin%3Dhttps%253A%252F%252Fifotos.pl%252Ff14c47489a47db%26relation%3Dparent.parent&container_width=500&height=430&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FiFotosDotPl&locale=pl_PL&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=330
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 5872fe4c36c7af8f3b1310a4d1219d433f78e157d74de52629e0989878cc67a4

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 3046989841
date: Thu, 18 Mar 2021 18:54:28 GMT
x-fb-trip-id: 2052514463
last-modified: Sun, 06 Sep 2015 17:40:31 GMT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 740111338
x-fb-config-version-olb-prod: 1044
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 14977

GET
H2 200 11990437_944424098963141_1613556562009283539_n.png
scontent-frt3-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/ Frame 8184 2 KB
2 KB 18ms
7ms Image
image/png 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/11990437_944424098963141_1613556562009283539_n.png?_nc_cat=104&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=uUjpOC9QP4kAX_gL3Of&_nc_ht=scontent-frt3-1.xx&_nc_tp=30&oh=560d11182549ab689a0587464ee8adb8&oe=60773E89
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=268503386525935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd3f446f136684%26domain%3Difotos.pl%26origin%3Dhttps%253A%252F%252Fifotos.pl%252Ff14c47489a47db%26relation%3Dparent.parent&container_width=500&height=430&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FiFotosDotPl&locale=pl_PL&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=330
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4a3ad14a07e56909b22c39874369807461f5001a887c5f726de93f8383925655

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2599551300
date: Thu, 18 Mar 2021 18:54:28 GMT
x-fb-trip-id: 2052514463
last-modified: Sun, 06 Sep 2015 17:37:56 GMT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 589824458
x-fb-config-version-olb-prod: 1046
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1705

GET
H2 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 0DE7 400 B
540 B 6ms
5ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=268503386525935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df107241e416b73%26domain%3Difotos.pl%26origin%3Dhttps%253A%252F%252Fifotos.pl%252Ff14c47489a47db%26relation%3Dparent.parent&container_width=0&font=verdana&href=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&locale=pl_PL&sdk=joey&send=false&show_faces=false&width=600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=268503386525935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df107241e416b73%26domain%3Difotos.pl%26origin%3Dhttps%253A%252F%252Fifotos.pl%252Ff14c47489a47db%26relation%3Dparent.parent&container_width=0&font=verdana&href=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&locale=pl_PL&sdk=joey&send=false&show_faces=false&width=600
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: c+aIcc15GZmo1JRgU9/Lz7l96oai54NoQuCUg7ZiTc37ah0Bd83ozsb8O1zmrIYrIkGgVkT3s8qo80lnBK6i3g==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Tue, 09 Mar 2021 07:28:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Wed, 09 Mar 2022 07:28:00 GMT

GET
H2 200 fcAKwzhlut7.js Show response
www.facebook.com/rsrc.php/v3i7Kf4/yC/l/pl_PL/ Frame 0DE7 479 KB
124 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3i7Kf4/yC/l/pl_PL/fcAKwzhlut7.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

faa53c724be5391afac937c1aeed6e03d97c576cc2f1b5531c6736c333b3fa19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=268503386525935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df107241e416b73%26domain%3Difotos.pl%26origin%3Dhttps%253A%252F%252Fifotos.pl%252Ff14c47489a47db%26relation%3Dparent.parent&container_width=0&font=verdana&href=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&locale=pl_PL&sdk=joey&send=false&show_faces=false&width=600
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 0rUxYvMqvsuO77SPk3h/lrxlQNZROChWLKL9g9/NkDCDfARoUHn5kXkW4SPlbgPhwyJT3uhaCsuh7GXkjAGxMw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: s8Ldu7X/I72rbhebGgMU+g==
date: Wed, 17 Mar 2021 02:06:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 126361
x-fb-rlafr: 0
expires: Thu, 17 Mar 2022 02:06:00 GMT

GET
H2 200 ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame 8184 573 B
784 B 6ms
5ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yA/l/0,cross/a38W9N8bpOR.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yA/l/0,cross/a38W9N8bpOR.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: LZsjHcEygvAc/wRonNVhEnY9eXkzLtLsb4hoMLjfqbZ6zP6aJgUe170w80pbIRE1UI4yWNuvKK8iO5SOtEb0bQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Wed, 17 Mar 2021 18:33:40 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 573
x-fb-rlafr: 0
expires: Thu, 17 Mar 2022 18:33:40 GMT

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 0DE7 67 B
200 B 33ms
33ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1616093668270&t_start=1616093668271&t_domcontent=1616093668290&t_layout=1616093668388&t_onload=1616093668388&t_paint=1616093668388&t_creport=1616093668388&t_tti=1616093668290&lid=6941069452049796166-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=268503386525935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df107241e416b73%26domain%3Difotos.pl%26origin%3Dhttps%253A%252F%252Fifotos.pl%252Ff14c47489a47db%26relation%3Dparent.parent&container_width=0&font=verdana&href=https%3A%2F%2Fifotos.pl%2Fz%2Fqaxnpws%2F&locale=pl_PL&sdk=joey&send=false&show_faces=false&width=600
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: /pRlEoDkH/IwJJBYk3uM+vsSIVjhhpCU7qvAY3Hlnrt3RchnOEDCSx5xMir2yqtQAEnLeb+ASGe9LT47Ky5Etw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 18 Mar 2021 18:54:28 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 41ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=1957064705856063&bg=!7e6l7qrNAAbUo7L91KM7ACkAdvg8WuJnGAZGcw3Ixhjk3fHxcJTzf-cwJLe_MUQ-JBONz5F930bNiwIAAADLUgAAAAxoAQcKAIDYqi-GdvlDyAtNbB8VPNMrKTxLOOGjdyBWWuET_kqfkjQDOmeyVzjo0yQxNgiE-wg4fGv3G1KgpnK-spfOISECVXe915r60wzRmWk3x1VniCyAGW1fZ8NtkpG_X4TPQClCDpWQMmZ_HJ34b3fP31coKs3rNSCvvrsp5r7G8HCY1ZkB12Qj0qQhrIoATQ6njYBVOP7gHQ7rk59zxHVGNzGvTZDiHFIIYxb6aUKvH5Zm1E0pCmCXkanol6sJG07A6tKkCC1bvojh1DdRWO0ceOj-6-DIF0Ah6J70vkrkm5hFcW75RUDyMbcN-NbzlPJMLxHkfZud4n7HLBO3f1To5N-ZoATuaR2MD3IIU8Spyg3EFZ048JmsvNwSfbM8eAYdMVHfkr21FSgROse9BfKK3q95zSTiL7FJipyE08fLpeBBxB_XsD3nwfKq1Zm1Y7Pg9U4XNMNlv-duLVHc8GZ71sNyFTZfDJpa56VFreaJKLHiqF3NTcDxC7CdXhbQ3bpdHRCdTJjgH-j0Hg8ltitDSkc24Pm552MPis5p4K9m6PiAfYoO9Vvv4Imb2TO8V_Msdd8iN6PmgtpPcoePnQd0zIG2wE6eEDdqB-uof24-L7HQDWl_oRf6lOyQFS4onnjTvB_0uxniXoRkm5qNHGxf1ol_duazGG2QfJHxm5PHMes2TeoJRDZxZInhXe20fjoMD4t6ile5qL9Pd2J2yI7Tr4OzjUz8VWUlmOfbotm_PGD7VMC-LmvmNZZhe-wPn_ByuAYw0hdtx8CAOL1TM1uDA1Svr1ZuEOsM3Ngopg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ifotos.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 18:54:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

259 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 16:54:54	Name: test_cookie Value: CheckForPermission
.ifotos.pl/	1970-01-19 16:54:53	Name: _gat_gtag_UA_5250036_9 Value: 1
.ifotos.pl/	1970-01-20 02:16:29	Name: __gads Value: ID=e6b56af453739d45-22bc5a7c20a7000c:T=1616093667:RT=1616093667:S=ALNI_MZp44XOulvNO4Kx3snHhi6_9DalDg
.ifotos.pl/	1970-01-19 16:56:20	Name: _gid Value: GA1.2.680180692.1616093668
.ifotos.pl/	1970-01-20 10:26:05	Name: _ga Value: GA1.2.1564168984.1616093668
ifotos.pl/	1970-01-19 16:55:00	Name: kohanasession Value: trn604l7csoif1f1nj9llataq4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
assets.intum.com
cdn.intum.com
connect.facebook.net
googleads.g.doubleclick.net
ifotos.pl
pagead2.googlesyndication.com
partner.googleadservices.com
s6.ifotos.pl
scontent-frt3-1.xx.fbcdn.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
13.226.159.59
142.250.185.162
2a00:1450:4001:801::2002
2a00:1450:4001:801::200e
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
37.187.111.177
5.196.66.84
52.85.115.31
03657ecaafc13aaf461c921df372fda16816b9272652cfd76f92470709d36287
0b02eb6f9f037223fc6362c5a761fd05f21dd982c42320c20974fec20031aee9
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1288e55b388fcdc0bb62ac7f2b6817591c930e8dfb6679454577559cbafc0f96
1ce7b848770876249c059b3329b340741b408112e997491bc04f753ead95aa8f
22ada793f9f0b7ab9b7b0cf9a96c1385a6bdcc9e8f8463bcc49ba48a0cacc9f2
24f60fe4779a4b37fe4c1dfb4f92ada5e80b9c842b0268fce0da58964c446937
2b2a35d022e7416f48eb46a53ada6b1542910b7ba3389cdd6b4ec995682d7c2f
2d57d6b32861f7679f9efb1239832a0faa608b82bb0ab3d2106fd35a7356932a
395a12315a3873ac2e4178e9ed19d11dfc7a7e79f00c0a6634a0018e028757e1
3d125bf33e195434f383abf0f02ec2e8f4df38f77f1f68f545fad62777caad8a
3ec35b572e232f14cd58ed15a89246a833df4a5e30e4399967b1d819772f179e
45588b038bfaab0b4b89f78c5c8fede0472069f59036531fa1d8b374c758dd4b
47684eb9440ac7dbabf366e61b80af7baa6a58abfc4f4fd245e66079e30fb68f
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a3ad14a07e56909b22c39874369807461f5001a887c5f726de93f8383925655
5872fe4c36c7af8f3b1310a4d1219d433f78e157d74de52629e0989878cc67a4
5cf6fbf285fda6cecd1b031df2035eec8bb2069739aecfac8f2340a2812c10f4
5df547860d495d1b54ba7a44059e8413f4010a6dd111b6a0d40803665852ed70
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
662ba71be2010d7cc236d336ae6fbb01bb7f900024ab3d4a0966d739d77484b2
67d8e7a3e7815e72595c83389b163f51ecd562ed6c394cdaf5cbc93c7330623e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7471b292cc8269ec8627342aac6050ef1e324516c4dd15c666e303bfb963770c
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
81eba0023f815c06cccbde5cbdbcccc7ba863447917f836690c8e12564158ea5
8c9e25f9476833af3aeb11e7e4e703d12e9feca01d1339042b5f0a11f3e259b1
90663f3bcded6d7321495c0028673bc35e7078a0afb0c4e468f8e741137b22ce
9f0005eba0f1ccb7b133ead435f8cd3942a5f60891cc051b6362f79e43b9d0f3
a2ec6aeba6b12afb386454f71220d69a707ee7ab9a8e8c9c13e6cdde0ac00b33
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6
b456af149c3c224e44aa1894fb6f9bb467587657e2e1b51724fb5cd847a14f19
be8acf85412fc851243a853bafdf673b4b5b4ffac06fca4abd5f75a73765d36a
bea6892d84675a9af55a6aa8df0ed48031b955b87cabf13fe7448dd6eb2fed99
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
cb958da9e01ca2c7bb50f0463d338facb7000fb7ec1d42cc081af69b6f7cce3d
cc515c676daf3068a7455cbde297275f96c2fb38e573ca7621f285ffbc193534
cd201e7c9c9e7387ef43df3ee952e2006d6ea59a7dfb7d5a3d63c993c29167ef
cfeeead7e82e344ac6a2064243f8e0dec190052c8f19ec99142e0e51cb37975e
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e514a9981cd478115ebf2c88c1ccbbdabc430dc76afbba19e488a4177a67a6f9
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
faa53c724be5391afac937c1aeed6e03d97c576cc2f1b5531c6736c333b3fa19
fe04f9c72ac70a12b7af30796296c7740d8b0ae5f68347467de8ac587c90b4c4

ifotos.pl Open in urlscan Pro 37.187.111.177 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

69 %IPv6

13 Domains

16 Subdomains

16 IPs

3 Countries

1070 kBTransfer

2457 kBSize

6 Cookies

1 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ifotos.pl Open in urlscan Pro
37.187.111.177 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

69 %
IPv6

13
Domains

16
Subdomains

16
IPs

3
Countries

1070 kB
Transfer

2457 kB
Size

6
Cookies

51 HTTP transactions
0 data transactions