www.rzut-kostka.pl Open in urlscan Pro
46.105.204.24 Public Scan

Software

cafe /

Resource Hash

eca1fadc9b5ecd3df8ab59b6d37a84f826415f3db501c33f7160e79d83c13114

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rzut-kostka.pl/
Origin: https://www.rzut-kostka.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 16:40:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52521
x-xss-protection: 0
server: cafe
etag: 13808996305491020040
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 16:40:01 GMT

GET
H2 200 kostka-online.png
www.rzut-kostka.pl/img/kostka-logo/ 2 KB
2 KB 46ms
45ms Image
image/png 46.105.204.24
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rzut-kostka.pl/img/kostka-logo/kostka-online.png
Requested by: Host: www.rzut-kostka.pl
URL: https://www.rzut-kostka.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.204.24 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster024.hosting.cdn.ovh.net
Software: /
Resource Hash: a57b7354fc738821a058ff84de69f8a251e7ab9f72d835dc08c5d3c181d6dca5

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.rzut-kostka.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 11:10:42 GMT
last-modified: Sun, 31 Jan 2021 17:36:30 GMT
x-cdn-cache: HIT
age: 624559
etag: "684-5ba35ad8089b2"
content-type: image/png
cache-control: max-age=2592000, public
x-cdn-pop: sbg
accept-ranges: bytes
x-cdn-request-id: 1048715863
content-length: 1668
expires: Fri, 01 Dec 2023 11:10:42 GMT

GET
H2 200 wirtualne-kostka.png
www.rzut-kostka.pl/img/kostka-logo/ 2 KB
2 KB 46ms
45ms Image
image/png 46.105.204.24
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rzut-kostka.pl/img/kostka-logo/wirtualne-kostka.png
Requested by: Host: www.rzut-kostka.pl
URL: https://www.rzut-kostka.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.204.24 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster024.hosting.cdn.ovh.net
Software: /
Resource Hash: a8b5a24aa1c27e7a3a3cec97ccc5f3c2cc758d48d98995bcceeb2a9455687ee5

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.rzut-kostka.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 11:10:42 GMT
last-modified: Sun, 31 Jan 2021 17:36:30 GMT
x-cdn-cache: HIT
age: 624559
etag: "7ee-5ba35ad80b892"
content-type: image/png
cache-control: max-age=2592000, public
x-cdn-pop: sbg
accept-ranges: bytes
x-cdn-request-id: 1048715864
content-length: 2030
expires: Fri, 01 Dec 2023 11:10:42 GMT

GET
H2 200 flag-en.png
www.rzut-kostka.pl/img/online-dice/ 4 KB
4 KB 47ms
46ms Image
image/png 46.105.204.24
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rzut-kostka.pl/img/online-dice/flag-en.png
Requested by: Host: www.rzut-kostka.pl
URL: https://www.rzut-kostka.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.204.24 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster024.hosting.cdn.ovh.net
Software: /
Resource Hash: d857a20658de18f8db0cf60d122a4e44172db90969bfc074be08658970c1bf3c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.rzut-kostka.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 11:10:42 GMT
last-modified: Mon, 03 May 2021 13:39:25 GMT
x-cdn-cache: HIT
age: 624559
etag: "e15-5c16d170e05d7"
content-type: image/png
cache-control: max-age=2592000, public
x-cdn-pop: sbg
accept-ranges: bytes
x-cdn-request-id: 1048715865
content-length: 3605
expires: Fri, 01 Dec 2023 11:10:42 GMT

GET
H2 200 flag-ru.png
www.rzut-kostka.pl/img/dice-ru/ 1 KB
2 KB 46ms
46ms Image
image/png 46.105.204.24
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rzut-kostka.pl/img/dice-ru/flag-ru.png
Requested by: Host: www.rzut-kostka.pl
URL: https://www.rzut-kostka.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.204.24 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster024.hosting.cdn.ovh.net
Software: /
Resource Hash: 82fe6e8c1b6f40b86356907eb1768f53d940c930c2723677f3b1eda98c5dbd5f

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.rzut-kostka.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 11:10:42 GMT
last-modified: Thu, 13 May 2021 15:13:14 GMT
x-cdn-cache: HIT
age: 624559
etag: "5ff-5c23790f31b29"
content-type: image/png
cache-control: max-age=2592000, public
x-cdn-pop: sbg
accept-ranges: bytes
x-cdn-request-id: 1048715866
content-length: 1535
expires: Fri, 01 Dec 2023 11:10:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 149ms
55ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-152640613-20

Requested by

Host: www.rzut-kostka.pl
URL: https://www.rzut-kostka.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

22a4a3569f0e95ccb635dbbb408fd84e717d33e0a00c02d0d69ebdeea5b58df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.rzut-kostka.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 16:40:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68824
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Nov 2023 16:40:01 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/ 400 KB
136 KB 188ms
106ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6706902600960751&plah=www.rzut-kostka.pl&bust=31079474

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6706902600960751

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba062643e584058bbb18cb659dab65be150ef5b958e50a15783c68f4b88a5a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.rzut-kostka.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 16:40:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138691
x-xss-protection: 0
server: cafe
etag: 4767929625249978211
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 16:40:01 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/ Frame FBF3 10 KB
5 KB 132ms
39ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6706902600960751

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rzut-kostka.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 57685
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 00:38:36 GMT
etag: 251720774729838433
expires: Wed, 22 Nov 2023 00:38:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
77 KB 64ms
63ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LKWNDHL41M&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152640613-20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fd6ba6f45ddce22fe08a706f1d01e9aea97b85609e3f9dfa1062732d44aac37f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.rzut-kostka.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 16:40:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79171
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 16:40:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 130ms
39ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152640613-20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.rzut-kostka.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2909
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 08 Nov 2023 17:51:32 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 126ms
56ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LKWNDHL41M&gtm=45je3b60v9111197191&_p=1699461601253&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1003198270.1699461602&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1699461601&sct=1&seg=0&dl=https%3A%2F%2Fwww.rzut-kostka.pl%2F&dt=Kostk%C4%85%20do%20gry%20-%20losowy%20rzut%20kostk%C4%85%20-%20wirtualne%20ko%C5%9Bci&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1005
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LKWNDHL41M&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.rzut-kostka.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 16:40:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rzut-kostka.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
209 B 48ms
47ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1777213227&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rzut-kostka.pl%2F&ul=en-us&de=UTF-8&dt=Kostk%C4%85%20do%20gry%20-%20losowy%20rzut%20kostk%C4%85%20-%20wirtualne%20ko%C5%9Bci&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=243937089&gjid=702218653&cid=1003198270.1699461602&tid=UA-152640613-20&_gid=1306959815.1699461602&_r=1&gtm=457e3b60&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1659710077

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rzut-kostka.pl/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 16:40:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rzut-kostka.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
607 B 137ms
48ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.rzut-kostka.pl&callback=_gfp_s_&client=ca-pub-6706902600960751

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6706902600960751&plah=www.rzut-kostka.pl&bust=31079474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

2f66758bb2f4d7d8d76f68c04d4ce35b601ca30f54e77a10dbfacf13517d03b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.rzut-kostka.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 16:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E467 3 KB
763 B 127ms
126ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6706902600960751&output=html&adk=1812271804&adf=3025194257&lmt=1699461601&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.rzut-kostka.pl%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699461601454&bpp=4&bdt=250&idt=290&shv=r20231106&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5938946657590&frm=20&pv=2&ga_vid=1003198270.1699461602&ga_sid=1699461602&ga_hid=1777213227&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078019%2C31079346%2C44807455%2C44807461%2C44807764%2C31078297%2C31079474%2C44806140%2C44808148&oid=2&pvsid=1349082670859469&tmod=759582275&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=308

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24d5de1797c376a42103d32b268c4d213d5fe811830b877a32ca9fa7e1b19f1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rzut-kostka.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 563
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 16:40:01 GMT
expires: Wed, 08 Nov 2023 16:40:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6644 26 KB
11 KB 479ms
479ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6706902600960751&output=html&h=90&slotname=3752892302&adk=980715148&adf=1839787983&pi=t.ma~as.3752892302&w=1200&lmt=1699461601&rafmt=12&format=1200x90&url=https%3A%2F%2Fwww.rzut-kostka.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699461601458&bpp=1&bdt=253&idt=311&shv=r20231106&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5938946657590&frm=20&pv=1&ga_vid=1003198270.1699461602&ga_sid=1699461602&ga_hid=1777213227&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=237&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078019%2C31079346%2C44807455%2C44807461%2C44807764%2C31078297%2C31079474%2C44806140%2C44808148&oid=2&pvsid=1349082670859469&tmod=759582275&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=wWTfK0VRZk&p=https%3A//www.rzut-kostka.pl&dtd=317

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d07e3ff294e9e6d2fb288826bae4d9cbe67ac65720fc71484127dd9908883ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rzut-kostka.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10824
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 16:40:02 GMT
expires: Wed, 08 Nov 2023 16:40:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7E72 142 KB
44 KB 524ms
523ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6706902600960751&output=html&h=250&slotname=2991309127&adk=3960222006&adf=3132389021&pi=t.ma~as.2991309127&w=1200&lmt=1699461601&rafmt=12&format=1200x250&url=https%3A%2F%2Fwww.rzut-kostka.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699461601459&bpp=1&bdt=255&idt=318&shv=r20231106&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90&nras=1&correlator=5938946657590&frm=20&pv=1&ga_vid=1003198270.1699461602&ga_sid=1699461602&ga_hid=1777213227&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078019%2C31079346%2C44807455%2C44807461%2C44807764%2C31078297%2C31079474%2C44806140%2C44808148&oid=2&pvsid=1349082670859469&tmod=759582275&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=nZmIwyF3b9&p=https%3A//www.rzut-kostka.pl&dtd=321

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecba83e4fb21b2678d35fe15207e1a018cb5e0c5d4f42b746031b89b0e9e3009

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rzut-kostka.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 16:40:02 GMT
expires: Wed, 08 Nov 2023 16:40:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6644 624 B
246 B 84ms
82ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIj2LhDPspIBGNK86fwBMAE&v=APEucNXwgycHqLVWTqUcXCcaHssxpbNCaGU-hXzIreCfVrN97r10uJuvWcPAO6C-jLNGWN_1oVDX0AB55VV-jXuJyMQBrx3kMb_gGBHyIWWeRoOLt-lwK2YoY7xv329pKyO565QMgjQ2vHbyIOjUYFeTNe8UV5idGTft2c6Me8GrSyl9Q1PEXdo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6706902600960751&output=html&h=90&slotname=3752892302&adk=980715148&adf=1839787983&pi=t.ma~as.3752892302&w=1200&lmt=1699461601&rafmt=12&format=1200x90&url=https%3A%2F%2Fwww.rzut-kostka.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699461601458&bpp=1&bdt=253&idt=311&shv=r20231106&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5938946657590&frm=20&pv=1&ga_vid=1003198270.1699461602&ga_sid=1699461602&ga_hid=1777213227&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=237&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078019%2C31079346%2C44807455%2C44807461%2C44807764%2C31078297%2C31079474%2C44806140%2C44808148&oid=2&pvsid=1349082670859469&tmod=759582275&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=wWTfK0VRZk&p=https%3A//www.rzut-kostka.pl&dtd=317

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6706902600960751&output=html&h=90&slotname=3752892302&adk=980715148&adf=1839787983&pi=t.ma~as.3752892302&w=1200&lmt=1699461601&rafmt=12&format=1200x90&url=https%3A%2F%2Fwww.rzut-kostka.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699461601458&bpp=1&bdt=253&idt=311&shv=r20231106&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5938946657590&frm=20&pv=1&ga_vid=1003198270.1699461602&ga_sid=1699461602&ga_hid=1777213227&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=237&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078019%2C31079346%2C44807455%2C44807461%2C44807764%2C31078297%2C31079474%2C44806140%2C44808148&oid=2&pvsid=1349082670859469&tmod=759582275&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=wWTfK0VRZk&p=https%3A//www.rzut-kostka.pl&dtd=317
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 16:40:02 GMT
expires: Wed, 08 Nov 2023 16:40:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BABB 92 KB
32 KB 185ms
183ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3420da2b260abe345161cc29857cbbc84426d366c896a1738302e7aa56e9496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 16:40:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32794
x-xss-protection: 0
server: cafe
etag: 4863332729753539511
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 16:40:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame BABB 3 KB
1 KB 151ms
50ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:31:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 15:31:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame BABB 20 KB
9 KB 139ms
39ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:02:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BABB 190 KB
60 KB 152ms
50ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 16:40:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 16:40:02 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BABB 42 B
63 B 77ms
77ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BwPrA0WLy-iOl7eQRnIG2fiS2iTZq5Wu2V1tkZRhxhL4_wEzkU_YFk0FzfDeZRb2mwt3TbW_ty1GmzBAQB5cE-XSEIHtprS8yG-Mp4FlyeovmnbBE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 16:40:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BABB 0
20 B 80ms
79ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1901888653026875100&x=1&ct=119

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 16:40:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7E72 2 KB
975 B 138ms
49ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6706902600960751&output=html&h=250&slotname=2991309127&adk=3960222006&adf=3132389021&pi=t.ma~as.2991309127&w=1200&lmt=1699461601&rafmt=12&format=1200x250&url=https%3A%2F%2Fwww.rzut-kostka.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699461601459&bpp=1&bdt=255&idt=318&shv=r20231106&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90&nras=1&correlator=5938946657590&frm=20&pv=1&ga_vid=1003198270.1699461602&ga_sid=1699461602&ga_hid=1777213227&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078019%2C31079346%2C44807455%2C44807461%2C44807764%2C31078297%2C31079474%2C44806140%2C44808148&oid=2&pvsid=1349082670859469&tmod=759582275&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=nZmIwyF3b9&p=https%3A//www.rzut-kostka.pl&dtd=321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Nov 2023 16:40:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 16:39:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Nov 2023 16:40:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 7E72 2 KB
903 B 126ms
49ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:02:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 7E72 23 KB
9 KB 126ms
51ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:02:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 7E72 3 KB
1 KB 156ms
81ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:31:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 15:31:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 7E72 20 KB
8 KB 118ms
44ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:02:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7E72 190 KB
60 KB 191ms
114ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 16:40:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 16:40:02 GMT

GET
H2 200 81801f102bbf3ca11da2806ffde236a3.js Show response
www.gstatic.com/mysidia/ Frame 7E72 37 KB
16 KB 127ms
41ms Script
text/javascript 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/81801f102bbf3ca11da2806ffde236a3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15369
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 05:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 05:38:23 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 7E72 64 KB
64 KB 135ms
40ms Image
image/jpeg 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRplWxAvkK1WyjOwE5i0qIJbU_17dasNKj-1MrGGWPUXEzFcks&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ba01e666c4e93d47098450683a7110e014f125856f352ec159666ba33460f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 19:11:35 GMT
x-content-type-options: nosniff
age: 77307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65502
x-xss-protection: 0
last-modified: Fri, 27 May 2022 21:34:08 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 06 Nov 2024 19:11:35 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 7E72 36 KB
36 KB 172ms
77ms Image
image/jpeg 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTXoabr3QKU5c33KQxkCt8iRXCVEkeswfYQxX-JLPfYEP-8WyyDKp-GZc71u-o&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

sffe /

Resource Hash

a907485d3fbef1a5e9ba53b12015a872b6f2d26de72348aa889cc01684db974a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 10:16:35 GMT
x-content-type-options: nosniff
age: 109407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36706
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 08:43:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 06 Nov 2024 10:16:35 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 7E72 23 KB
23 KB 140ms
40ms Image
image/jpeg 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTJGphLgySsgnUuDjxTuoeXBcA0PJ6TJHj_CZJGi0uQ-IcoYrhf9fMgBYmx7mE&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

sffe /

Resource Hash

f27505a2b502a3dcd8666a5349d4b034d9f2e0f21864f9b2c710d9baa9155923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:59:04 GMT
x-content-type-options: nosniff
age: 261658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23267
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 05:33:52 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 04 Nov 2024 15:59:04 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 7E72 26 KB
26 KB 135ms
40ms Image
image/jpeg 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQpcx7uwLlSTyWU-uls-QndsF46-5a0VrwH0hTPw_o1rNXcN2pe_ioLaLu3-eA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

sffe /

Resource Hash

b5ec9b960b0685aa8bdea87a70630cc4731a8bf67a6008611c6f7eb789e8d350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 05:15:39 GMT
x-content-type-options: nosniff
age: 41063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26246
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 14:28:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 07 Nov 2024 05:15:39 GMT

GET
H2

200

2970763475081480569
tpc.googlesyndication.com/simgad/ Frame 7E72
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC3gYacFxCABRigATIIRKWLgyYo4ik
https://tpc.googlesyndication.com/simgad/2970763475081480569

15 KB
15 KB

40ms
39ms

Image
image/png

172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2970763475081480569

Requested by

Protocol

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

sffe /

Resource Hash

03a779e7cf2b336f79a777dca22ef3423f3e9210df741bd9216270b29834b459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:08:57 GMT
x-content-type-options: nosniff
age: 369065
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14909
x-xss-protection: 0
last-modified: Wed, 16 Sep 2020 18:59:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Nov 2024 10:08:57 GMT

Redirect headers

date: Wed, 08 Nov 2023 15:02:15 GMT
x-content-type-options: nosniff
server: cafe
age: 5867
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/2970763475081480569
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 08 Dec 2023 15:02:15 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 6644
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbuRC9DSzgkdIkycR3jdXE&google_cver=1

43 B
336 B

57ms
57ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbuRC9DSzgkdIkycR3jdXE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIj2LhDPspIBGNK86fwBMAE&v=APEucNXwgycHqLVWTqUcXCcaHssxpbNCaGU-hXzIreCfVrN97r10uJuvWcPAO6C-jLNGWN_1oVDX0AB55VV-jXuJyMQBrx3kMb_gGBHyIWWeRoOLt-lwK2YoY7xv329pKyO565QMgjQ2vHbyIOjUYFeTNe8UV5idGTft2c6Me8GrSyl9Q1PEXdo
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 16:40:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ToiJyYasF9BQv8Q5hvnSyoqR7no2ibd%2FIZR1jAc7Z3PvNN8jO6C%2BrW3HhyGGstp%2BxsLG0BABv64UV7ROsYlGm6IovvmN1ZaN6ED8e0CHT2IeWNlrjUseEhepQUS8SRtwexKPlrRvnaviDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 822f41681e02bf99-WAW
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 16:40:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbuRC9DSzgkdIkycR3jdXE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6644
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUu54vTDUj07d-J8pWm6egAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbuRC9DSzgkdIkycR3jdXE&google_cver=1

43 B
768 B

64ms
64ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbuRC9DSzgkdIkycR3jdXE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIj2LhDPspIBGNK86fwBMAE&v=APEucNXwgycHqLVWTqUcXCcaHssxpbNCaGU-hXzIreCfVrN97r10uJuvWcPAO6C-jLNGWN_1oVDX0AB55VV-jXuJyMQBrx3kMb_gGBHyIWWeRoOLt-lwK2YoY7xv329pKyO565QMgjQ2vHbyIOjUYFeTNe8UV5idGTft2c6Me8GrSyl9Q1PEXdo
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 16:40:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6uP6HmEqfQQnLDHXBKp6PwGLaPq2aO0vTEWhDOPvqdPsSGFe3WJkEfyiHjs0XaksWm4YlQjmT%2BUmK3t%2BSVdg7tyRfnndX4Lwt3LLH59hZEemFeX91ZXCq24mLKCyDrPEqweUtV8LKDBmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 822f4168bc103575-WAW
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 16:40:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbuRC9DSzgkdIkycR3jdXE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 6644
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDc8OmLF6NgpGDbcr-dByhM&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDc8OmLF6NgpGDbcr-dByhM%26google_cver%3D1

43 B
892 B

48ms
48ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDc8OmLF6NgpGDbcr-dByhM%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIj2LhDPspIBGNK86fwBMAE&v=APEucNXwgycHqLVWTqUcXCcaHssxpbNCaGU-hXzIreCfVrN97r10uJuvWcPAO6C-jLNGWN_1oVDX0AB55VV-jXuJyMQBrx3kMb_gGBHyIWWeRoOLt-lwK2YoY7xv329pKyO565QMgjQ2vHbyIOjUYFeTNe8UV5idGTft2c6Me8GrSyl9Q1PEXdo

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 16:40:02 GMT
an-x-request-uuid: 097f0288-5873-4c97-8317-a2ee4d0aa074
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.67.86.191; 176.67.86.191; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 16:40:02 GMT
an-x-request-uuid: 47d6df6d-8717-4783-b338-adef03468a66
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDc8OmLF6NgpGDbcr-dByhM%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 176.67.86.191; 176.67.86.191; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6644
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ2MzQzMTI0NjY4MzU3ODgzOA%3D%3D

170 B
243 B

50ms
50ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ2MzQzMTI0NjY4MzU3ODgzOA%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 16:40:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 16:40:02 GMT
an-x-request-uuid: c1ffdd19-b87a-4d4a-9009-1dea8d20dafa
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ2MzQzMTI0NjY4MzU3ODgzOA%3D%3D
x-proxy-origin: 176.67.86.191; 176.67.86.191; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7E72 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 745de06826600702e8563d3ac1c6d043725051daad7878321dbc299a28bba4f8

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BABB 0
20 B 73ms
73ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6665587505242&version=m202311060101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 16:40:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BABB 0
20 B 74ms
73ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6665587505242&version=m202311060101&ct=119&x=1&cor=1901888653026875100

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 16:40:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BABB 91 KB
38 KB 82ms
81ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bn5bS8rrdBjxRTwmwwogz63VssEhZqtcCynfpE2cHW_Ci6i5Qo03qSsmuW5kuhODeNjtlwfLLmM8PfNwqv7xdxLvSWzxGIRLSqpI-2-v6aYkb1jn2lOLmWVTfLonv0ntJrvCbEFF8uMZFPgJc7lfnoOSF6--Y_lW2HzjWuoLziUTb4etehT8YYKyM75pORC_L1KHDfUJiObrMNopGyWR0qSlmUUfg0qqX27Fwiz8CwPfJ3OP4&cry=1&dbm_d=AKAmf-BJcMP1QF9D4MSw_BVQ1A_YSSBmsl0R-qGXiV0tc2dQUolbd9uRNpr5PfxFBZh3bOJxbYuLdrFHzNOvB6sOTbjROTmGwAGQe4Fc2-7PRENHYvg_Dw5fQXchHYmds9jGjb0r-FZhwmxVOKX4TRN6N0fKAhtMAGeKLw2ca5QRO9AjPCYp5wnc6CxT7uSuMdVK-VUzy96xgwQu5LD3Utk_3Yl7Nh-B2TAjuioMsCKYWY7dZpCLbJcW3w0EPIcPJT8E3y5Ek07k7DRRO03Ckb8b4IcioMbry7ELj2aGrq7rrwNrGVNsMKTK_DC_20T1be6L-2Tqiy4Xtr7fxw16674ems2MFColX01jK4ZGYcBSyi97Ec-3ltoHWHWPeja8BH3O8wyjxDTJa5hmISq_JXnupgnf2c4ydUe7im-rPmhcgmFI-7ua2FyhTFu7FXoAKUpiNozB1p13PuvVH8fVZ9gzquU7Q06H3ua6fJQ6OTNk0ITgBIfTV2QbolO1R46jNZZHnbU-CoT_H5JGWEMveYOUDd0Y3OzkhsDPMJaPKDvH3_HnDTjBEfBDYYQO60ML9-EOLMZgpUwa5sDqWUSuCaDVXtVctxqFS5Xf-KI391p_jW62re7_LjFaLrK8jd7P1Qq439uVMp_ckyYr6vgsTRV2kcAwfAF7kPI4-LRDXwQsitfm3uu24BgSB-Ta2u1QwW36QgmeUIA3sN5YYVFQn0SBnUh7FnqBEJjln8FTQ1cfObE6WaMZlj5aFKLW3pUVDnOzaj83F0F2ehYLPZW0o9iVZRSPE_GFcjwMPi4QfH8ogGYUF8KD1fGModVnSsyh43RnvjjzJdbMs-EyHEicksJu6NHBMR32Ozikag-f1wdsH4D252L3GbCiCMnpOX1Kfc5Ymgju9J1hT3qS6430K-lvK7cfFVAq8Oi3Vwm5LH9ujMNwxAayffzA7ffOf2hc2cFz5p5yKlQmNqkDS3hYEnKB_ZaCbfS9bv-pcNVDUWemnHVw_-hKT-fDcysrI1dG8xfxPal8N3iNGVf-PKHiZ4i0ZjK57m5Rd5ojef5WvHF_BIB6WfMMM_vSMcrZyXbiCzyTNJ82ttcyEaXgIqxtTpXthHmrYswT9-FAsaEbaUmS-yrLnXkM2FlgAgB5lEjHQTSpgiUwFnCz_zCH-R-yzLm7DrMmxGRkMABYCViGcFzIFuG92FIXE1Eg8Zq1yjlg0qjcxLJKxJGj9j9Ij_TdMsJ7UNjwvTz5STbhJxbR535O9IXlkKuYmdmA-yqJSDogHISEo6CA_HnuSHAOQXG6mbEh5Zw5cgth2S9PqibLmewJrlZKDj2UKIM9dHJ36nKaDDCeNiBEKosQmK-6uT-lP_Bf0n5uHEMBX99xnVBcrxTnwVoi-eocWxV1UdpCOOxcEKLhQXiLKilpRjhrm3IdWduiPx-UCWuYTpGPKsdaeGowj_nxvopMe0Ilzr3-KYKKJvlF1SUQegZXsfskk7LACWhTv3PdjVpurM5YD5lVVKCv-vDOdVok1zDVWDvyQjXFW-1r-U1FM54soz2LPhVje7k3msfHkredn9pI5g5juIUZOGR-KNN0etB0rMjCzolNOr1o0UvVuIKv1FSKHMpAw55AiFqthSjh-v4N061h6x6uRIYiuxk7FQpNyICOWJ-dGv06sJOfQ0EvxLuRYVG6e8xxSI7JSnrnajXG_SlkRmfVOON_HaCNO70RNQ5Ny41UXn4u551olmCQwRmmNJQbOfZ24yAqNwW7sJVYST4NMMaUDBQekagASDQISJh31We-qlOxYtmZrTV-leDnp3Luefwht8nJbnDCat69mh9gKywXxNAUACrNHJCtY1i1QVM3UvidksHpEI10cDCAzTGeLl4Ol_2g_diU0RRTommQp9DCOAFAqkUfLNBlGqg5iCQkBmi1SvHOEp8XabIkYWOYor1eHAMpvgNAmgr5h8hDsM_52eNuzV5Kj67wZ6pVOWJcbH4EuiICBhV7tNdrC200oBL9LtNcoFId-M8P4T0rnPgIG6Q8bq9S8UnE7dNNVnFsBfLIW-aebz3FyoRCrDRMA8AOGJxZ8NWveDRt8l0cUkTUzhuwjH3YKPpjsxnK0ZMjBOt4Vi43VXzbIOQJGHLaEr7d3tIbCAHAhSf3Inuhm1m4xSdIsbaYeLcieX2l_KrFjG-McOimmW6Av2Et3P51dDhyBGW1XpOvOJqxyrAt8RTZyiAe7f84tQo9g0FuVIBtLtL37gHwm_OVStyctQqQNKKYK6TVodLU8cawV4NOXH4_dTzxGa-yDY--Zmi1c6gqUUVW0cKjmgYzTwTya2I5jMvahlbypxhVnOwPNgjo_ummnoIB1_NQ6u-SAuJYPSwPAUhTVqsCJG-5pY13U8xSTVFw8iF_ElsbCGfvc0cZ0recMAvl6A0qmfdy2Xkaiu0FQYlPenQeMg0Iktfu_otO5iOzYlKwzr0VmrNK1nHgq0EVwnVe_BU-Ik35P7kGQYmSA2j05SUYiD-XNX_4heAcqSIujIz9W0z11r-d8YbSlQiv18_g3NUSBgn8BrVx4TwYINy-ro-pr7_qrFxj1KdaSlCodwqUNHYlUajKgOLWfMnf3TNohfELczH2e36IdlU2gBNWWO6kNsTqg4UMoDRAuvondWDyIbmLWu2lRa-tq1Bdramzt1o5wrbmRJeZuPo7q1a8ifAz3gLx2fBNnMvIYfFHj0CSmFu0k0DQb3h9r5sJ4DXMQiiOc3S2ZNYP_d0YlB03-RwrEbzT7dWad3qbjCbE_P4Uh474rERgFeVewZE57niY7Hk-dd5MXbeNSx2ZsW3Vdnop3B_2y4rYe3cIoHJEXlsGcnrVvz1xX2CD42KU-kxrHNeBEuj5FnnFNn0Alqpzn640WUoFlNm7wtOXrs3BtzNIWprtmX8s3LNGwR73KxrUN3AoS6-JNn7h_5C1rZJy14zfFJJCMIAXx-_5EziD_OFBDSF3yRurZQi_zrP_-TEmghOD23IJNOYunZ7Ieak_LvKHXGWffeCj4er2AI0f7rTXY0DYT7YAfVNsp1OcSTSnhChCOeS7eKb0YOfplhXMr_wHZVgXGrvxWUlqT7W3e5Awk1GA6sKqXIRSmiStvfzxmwKoOS1X6u6Vot9NM_d4BSWUAQj59ajDoJccxcIWFXDumIPxEzZdsc6m6WghlX5yDu5IBKAp5nctZauFD_Ufa2dyWGvkFIekQROtUvsEvoPEWmsW6Q2vLzkEIYKp-e3dMhgf11kbwO0Ng0RyU3KFJEkTFNA3n5hUv0VXck26uLWFSN-FrzcBE-Z4HjQAcoBMWD85FXS86FwSx3fMUArOnotg_gwT0GHJTVatq0itdW4sDKk4b7a_leF3ULmH1I6sqv48KzOq4pTp_fuLdfPGzxX_y-L2dA6frDVBKtbsXhKgF9lla-LV5Jk8fwQB5jJxIrhpc1UL_pSOP5GRURs2uC2GO2XK5rkaLkkRS9GuSQoC-Lk_MKAxByM-ICnHiXhnL5etIzWlvi8cC9l6SkR_yeNRg1ECAMD8iKQW5d0rMPLfYIZIsl45CL_xVUvStb7Uka24m1xE3tho5szZEXPtCHIHPo8gG6R2DJdivffEoUqLHuSrS9wXe7BrlqGQjuhoCcRVXbglJQJv32252sWwHsSx8E7gdmX3eEc9jKM7f8wyc8ZId73b74Vn0xUF_HMULlG0Ef4pjOsHTKvcc66ExcWetTrWBjy-aEOmz43X9uL-xlrNpad3mH0BfJami5EHsNqs2XR3N21_G9Czk13FOv0vyaN7ggFZYpUnjr63QvVe2yC2KoOyW0QEeaVGsfeaUHSWX0dsNcbWlzJ0_7OQofVgpmAnIGpAphYSDLMw6S-pFc-J4KTUc6qDmaqiFdYGa4o8CWlVdlaiA_8FZSEZIQHeQdm2pQ3qtDgB53awozOmAXllxnFxHJCjfduDWljM1NgXRSXnxl74JRqk5lpQNTRfiPcLpXMLEjddOIaiFIzUbiAWohYIqXAde8SWXdd9klodNDKBD0o4lCAZJrPYfF_JsYV54Q-4HfMiLn5CfQjtkKazJg&cid=CAQSTwDICaaNwiRAPRPPlgYnjfWAoida3Yr8xOjYnRU_fjSZh1EAzxk9rjgmhZ7aU4hL_mgvbOP4FSbiv_B48FelDxz_aAhTArTIolA9jxcHe-4YAQ&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fwww.rzut-kostka.pl%2F&ds=l&xdt=1&iif=1&cor=1901888653026875100&adk=2124396030&idt=190&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a93511e2eab84744ed1be1e47cb0d978e9ee82895e82e68991376264a115a4e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6706902600960751&output=html&h=90&slotname=3752892302&adk=980715148&adf=1839787983&pi=t.ma~as.3752892302&w=1200&lmt=1699461601&rafmt=12&format=1200x90&url=https%3A%2F%2Fwww.rzut-kostka.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699461601458&bpp=1&bdt=253&idt=311&shv=r20231106&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5938946657590&frm=20&pv=1&ga_vid=1003198270.1699461602&ga_sid=1699461602&ga_hid=1777213227&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=237&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078019%2C31079346%2C44807455%2C44807461%2C44807764%2C31078297%2C31079474%2C44806140%2C44808148&oid=2&pvsid=1349082670859469&tmod=759582275&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=wWTfK0VRZk&p=https%3A//www.rzut-kostka.pl&dtd=317
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 16:40:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38833
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 7E72 20 KB
21 KB 125ms
39ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 09:20:48 GMT
x-content-type-options: nosniff
age: 371954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Nov 2024 09:20:48 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame BABB 111 KB
39 KB 154ms
39ms Script
text/javascript 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.rzut-kostka.pl
URL: https://www.rzut-kostka.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 14:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8523
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 14:17:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame BABB 11 KB
4 KB 39ms
39ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bn5bS8rrdBjxRTwmwwogz63VssEhZqtcCynfpE2cHW_Ci6i5Qo03qSsmuW5kuhODeNjtlwfLLmM8PfNwqv7xdxLvSWzxGIRLSqpI-2-v6aYkb1jn2lOLmWVTfLonv0ntJrvCbEFF8uMZFPgJc7lfnoOSF6--Y_lW2HzjWuoLziUTb4etehT8YYKyM75pORC_L1KHDfUJiObrMNopGyWR0qSlmUUfg0qqX27Fwiz8CwPfJ3OP4&cry=1&dbm_d=AKAmf-BJcMP1QF9D4MSw_BVQ1A_YSSBmsl0R-qGXiV0tc2dQUolbd9uRNpr5PfxFBZh3bOJxbYuLdrFHzNOvB6sOTbjROTmGwAGQe4Fc2-7PRENHYvg_Dw5fQXchHYmds9jGjb0r-FZhwmxVOKX4TRN6N0fKAhtMAGeKLw2ca5QRO9AjPCYp5wnc6CxT7uSuMdVK-VUzy96xgwQu5LD3Utk_3Yl7Nh-B2TAjuioMsCKYWY7dZpCLbJcW3w0EPIcPJT8E3y5Ek07k7DRRO03Ckb8b4IcioMbry7ELj2aGrq7rrwNrGVNsMKTK_DC_20T1be6L-2Tqiy4Xtr7fxw16674ems2MFColX01jK4ZGYcBSyi97Ec-3ltoHWHWPeja8BH3O8wyjxDTJa5hmISq_JXnupgnf2c4ydUe7im-rPmhcgmFI-7ua2FyhTFu7FXoAKUpiNozB1p13PuvVH8fVZ9gzquU7Q06H3ua6fJQ6OTNk0ITgBIfTV2QbolO1R46jNZZHnbU-CoT_H5JGWEMveYOUDd0Y3OzkhsDPMJaPKDvH3_HnDTjBEfBDYYQO60ML9-EOLMZgpUwa5sDqWUSuCaDVXtVctxqFS5Xf-KI391p_jW62re7_LjFaLrK8jd7P1Qq439uVMp_ckyYr6vgsTRV2kcAwfAF7kPI4-LRDXwQsitfm3uu24BgSB-Ta2u1QwW36QgmeUIA3sN5YYVFQn0SBnUh7FnqBEJjln8FTQ1cfObE6WaMZlj5aFKLW3pUVDnOzaj83F0F2ehYLPZW0o9iVZRSPE_GFcjwMPi4QfH8ogGYUF8KD1fGModVnSsyh43RnvjjzJdbMs-EyHEicksJu6NHBMR32Ozikag-f1wdsH4D252L3GbCiCMnpOX1Kfc5Ymgju9J1hT3qS6430K-lvK7cfFVAq8Oi3Vwm5LH9ujMNwxAayffzA7ffOf2hc2cFz5p5yKlQmNqkDS3hYEnKB_ZaCbfS9bv-pcNVDUWemnHVw_-hKT-fDcysrI1dG8xfxPal8N3iNGVf-PKHiZ4i0ZjK57m5Rd5ojef5WvHF_BIB6WfMMM_vSMcrZyXbiCzyTNJ82ttcyEaXgIqxtTpXthHmrYswT9-FAsaEbaUmS-yrLnXkM2FlgAgB5lEjHQTSpgiUwFnCz_zCH-R-yzLm7DrMmxGRkMABYCViGcFzIFuG92FIXE1Eg8Zq1yjlg0qjcxLJKxJGj9j9Ij_TdMsJ7UNjwvTz5STbhJxbR535O9IXlkKuYmdmA-yqJSDogHISEo6CA_HnuSHAOQXG6mbEh5Zw5cgth2S9PqibLmewJrlZKDj2UKIM9dHJ36nKaDDCeNiBEKosQmK-6uT-lP_Bf0n5uHEMBX99xnVBcrxTnwVoi-eocWxV1UdpCOOxcEKLhQXiLKilpRjhrm3IdWduiPx-UCWuYTpGPKsdaeGowj_nxvopMe0Ilzr3-KYKKJvlF1SUQegZXsfskk7LACWhTv3PdjVpurM5YD5lVVKCv-vDOdVok1zDVWDvyQjXFW-1r-U1FM54soz2LPhVje7k3msfHkredn9pI5g5juIUZOGR-KNN0etB0rMjCzolNOr1o0UvVuIKv1FSKHMpAw55AiFqthSjh-v4N061h6x6uRIYiuxk7FQpNyICOWJ-dGv06sJOfQ0EvxLuRYVG6e8xxSI7JSnrnajXG_SlkRmfVOON_HaCNO70RNQ5Ny41UXn4u551olmCQwRmmNJQbOfZ24yAqNwW7sJVYST4NMMaUDBQekagASDQISJh31We-qlOxYtmZrTV-leDnp3Luefwht8nJbnDCat69mh9gKywXxNAUACrNHJCtY1i1QVM3UvidksHpEI10cDCAzTGeLl4Ol_2g_diU0RRTommQp9DCOAFAqkUfLNBlGqg5iCQkBmi1SvHOEp8XabIkYWOYor1eHAMpvgNAmgr5h8hDsM_52eNuzV5Kj67wZ6pVOWJcbH4EuiICBhV7tNdrC200oBL9LtNcoFId-M8P4T0rnPgIG6Q8bq9S8UnE7dNNVnFsBfLIW-aebz3FyoRCrDRMA8AOGJxZ8NWveDRt8l0cUkTUzhuwjH3YKPpjsxnK0ZMjBOt4Vi43VXzbIOQJGHLaEr7d3tIbCAHAhSf3Inuhm1m4xSdIsbaYeLcieX2l_KrFjG-McOimmW6Av2Et3P51dDhyBGW1XpOvOJqxyrAt8RTZyiAe7f84tQo9g0FuVIBtLtL37gHwm_OVStyctQqQNKKYK6TVodLU8cawV4NOXH4_dTzxGa-yDY--Zmi1c6gqUUVW0cKjmgYzTwTya2I5jMvahlbypxhVnOwPNgjo_ummnoIB1_NQ6u-SAuJYPSwPAUhTVqsCJG-5pY13U8xSTVFw8iF_ElsbCGfvc0cZ0recMAvl6A0qmfdy2Xkaiu0FQYlPenQeMg0Iktfu_otO5iOzYlKwzr0VmrNK1nHgq0EVwnVe_BU-Ik35P7kGQYmSA2j05SUYiD-XNX_4heAcqSIujIz9W0z11r-d8YbSlQiv18_g3NUSBgn8BrVx4TwYINy-ro-pr7_qrFxj1KdaSlCodwqUNHYlUajKgOLWfMnf3TNohfELczH2e36IdlU2gBNWWO6kNsTqg4UMoDRAuvondWDyIbmLWu2lRa-tq1Bdramzt1o5wrbmRJeZuPo7q1a8ifAz3gLx2fBNnMvIYfFHj0CSmFu0k0DQb3h9r5sJ4DXMQiiOc3S2ZNYP_d0YlB03-RwrEbzT7dWad3qbjCbE_P4Uh474rERgFeVewZE57niY7Hk-dd5MXbeNSx2ZsW3Vdnop3B_2y4rYe3cIoHJEXlsGcnrVvz1xX2CD42KU-kxrHNeBEuj5FnnFNn0Alqpzn640WUoFlNm7wtOXrs3BtzNIWprtmX8s3LNGwR73KxrUN3AoS6-JNn7h_5C1rZJy14zfFJJCMIAXx-_5EziD_OFBDSF3yRurZQi_zrP_-TEmghOD23IJNOYunZ7Ieak_LvKHXGWffeCj4er2AI0f7rTXY0DYT7YAfVNsp1OcSTSnhChCOeS7eKb0YOfplhXMr_wHZVgXGrvxWUlqT7W3e5Awk1GA6sKqXIRSmiStvfzxmwKoOS1X6u6Vot9NM_d4BSWUAQj59ajDoJccxcIWFXDumIPxEzZdsc6m6WghlX5yDu5IBKAp5nctZauFD_Ufa2dyWGvkFIekQROtUvsEvoPEWmsW6Q2vLzkEIYKp-e3dMhgf11kbwO0Ng0RyU3KFJEkTFNA3n5hUv0VXck26uLWFSN-FrzcBE-Z4HjQAcoBMWD85FXS86FwSx3fMUArOnotg_gwT0GHJTVatq0itdW4sDKk4b7a_leF3ULmH1I6sqv48KzOq4pTp_fuLdfPGzxX_y-L2dA6frDVBKtbsXhKgF9lla-LV5Jk8fwQB5jJxIrhpc1UL_pSOP5GRURs2uC2GO2XK5rkaLkkRS9GuSQoC-Lk_MKAxByM-ICnHiXhnL5etIzWlvi8cC9l6SkR_yeNRg1ECAMD8iKQW5d0rMPLfYIZIsl45CL_xVUvStb7Uka24m1xE3tho5szZEXPtCHIHPo8gG6R2DJdivffEoUqLHuSrS9wXe7BrlqGQjuhoCcRVXbglJQJv32252sWwHsSx8E7gdmX3eEc9jKM7f8wyc8ZId73b74Vn0xUF_HMULlG0Ef4pjOsHTKvcc66ExcWetTrWBjy-aEOmz43X9uL-xlrNpad3mH0BfJami5EHsNqs2XR3N21_G9Czk13FOv0vyaN7ggFZYpUnjr63QvVe2yC2KoOyW0QEeaVGsfeaUHSWX0dsNcbWlzJ0_7OQofVgpmAnIGpAphYSDLMw6S-pFc-J4KTUc6qDmaqiFdYGa4o8CWlVdlaiA_8FZSEZIQHeQdm2pQ3qtDgB53awozOmAXllxnFxHJCjfduDWljM1NgXRSXnxl74JRqk5lpQNTRfiPcLpXMLEjddOIaiFIzUbiAWohYIqXAde8SWXdd9klodNDKBD0o4lCAZJrPYfF_JsYV54Q-4HfMiLn5CfQjtkKazJg&cid=CAQSTwDICaaNwiRAPRPPlgYnjfWAoida3Yr8xOjYnRU_fjSZh1EAzxk9rjgmhZ7aU4hL_mgvbOP4FSbiv_B48FelDxz_aAhTArTIolA9jxcHe-4YAQ&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fwww.rzut-kostka.pl%2F&ds=l&xdt=1&iif=1&cor=1901888653026875100&adk=2124396030&idt=190&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73807
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:09:55 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame BABB 31 KB
12 KB 39ms
39ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:06:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11881
x-xss-protection: 0
server: cafe
etag: 5723174479369309319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:06:11 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame BABB 41 KB
14 KB 39ms
39ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.rzut-kostka.pl
URL: https://www.rzut-kostka.pl/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 569856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
DATA 200
OK truncated
/ Frame BABB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c52ba43dd72963bef98eabb6359768911d2c055a57d0061c1e1cc8a6388f913

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D3B6 38 KB
13 KB 39ms
39ms Document
text/html 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 462342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 08:14:20 GMT
expires: Sat, 02 Nov 2024 08:14:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame D3B6 38 KB
15 KB 40ms
40ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 15:55:57 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7E72
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CQYK04blLZeHnMfuU9u8PtpCJ4ASW5P7qcuCr68CQEd_kor3AARABIIOhintg6eTJhdgaoAH767zPA8gBCakCXRZRzZAUkD6oAwHIA8sEqgT7AU_Qbdha4Ijy-Ku1OEKgFJ2vy4yG9OxzGoz...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226294216642144964334%22,%22debug_reporting%22:true,%22destination%22:%22https://ceneo.pl%22,%22event_report_window%22:%2225...

0
0

154ms
74ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226294216642144964334%22,%22debug_reporting%22:true,%22destination%22:%22https://ceneo.pl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22971978235%22],%224%22:[%2211-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227561457093050022913%22}&andc=true

Requested by

Host: www.rzut-kostka.pl
URL: https://www.rzut-kostka.pl/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 16:40:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6294216642144964334","debug_reporting":true,"destination":"https://ceneo.pl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["971978235"],"4":["11-08"],"6":["true"]},"priority":"500","source_event_id":"7561457093050022913"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Nov 2023 16:40:03 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 08 Nov 2023 16:40:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6294216642144964334","debug_reporting":true,"destination":"https://ceneo.pl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["971978235"],"4":["11-08"],"6":["true"]},"priority":"500","source_event_id":"7561457093050022913"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A7A 50 KB
19 KB 40ms
40ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

sffe /

Resource Hash

871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 209630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19628
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 06:26:12 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 174ms
74ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 08 Nov 2023 16:40:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5985348084309385991/ Frame F652 23 KB
5 KB 121ms
40ms Document
text/html 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e376e47cc7a55c3d137fb2fab241c2b436cf40762f457b88f67e3d2bc383d771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 529760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5508
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 13:30:42 GMT
expires: Fri, 01 Nov 2024 13:30:42 GMT
last-modified: Thu, 02 Nov 2023 10:07:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BABB 0
0 100ms
85ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvCZdFnCaWvmC6aQQAtwfALFNU8C9insWNaKOAWIFrd9QG066R95UUIWWAllhtGsGUOBnMswARua7OmOaiUbPjwKnEgOjdj9wM0BUjMQ9CJB3zLq4os8d-XaiP6Pzre5vyhCuYb5TLJ5rJPGx6cI8TeUyS6viKaSnZtqV7f4Nv1B8ytm-IPZ0poCdSyhyBhR4NIEaSsqSJSM_1l7oilzXYDbt9t_riCKZGlEqNVJX-tRGNUwgpPKtvmyF9WXERJmKJIbmmcm_KrrQoSUqZyzNgkvl7Ad14VXKuxtV-PFw_AdgDzY75A0xTKF8MEewIgR4uwNFH7OCigHBHLz7l7S7_E_juC8Nt1jNAoqt9by7DPKUNYlepbq4QVzxWCBeJAAcwoIBnoD9IqjZBhA6GP86ECHvu0pUj-Bdq5LSbuuMndr-IAp4iDKoQX6dCd3XMTR_3UExV_2XFyGvKU0A0N0jytv7_O2u2F_YTjgkNWTpGXKufk-aAQlHqCYEWE07U4wjA3jpINVN5baw6n1HjvAQ0B4qKE3LhTCKlmZsNNnaYhRyhucCCtqVzPVgLgMbVO9x74GgbQX5Y5sCaNPT6-9QxvoUSaaumkS7gmSYrK6J-HlYV_VwS_ZyYHCCfehl13emZnesX8NxVwWcFhaqhWjGiPsZ3N4sAZsYj9ynA2eL5S2uDQVt5cmsW7Jk-o6GwCBiLT7PyFBh2g3l3oWPBt2kS2lHKXzdBrTWjS4aR61lfp2KCjhso1A1Uo9jW7TDMNZSXcDBtVCgLdty5qoRd5aSOxmxt5eoBA7EO4K3An1Hkmofoq8_miu91ZXYZL5chZmqAnDh7M7ZPsEIZsZ5tUjCaReY-29HktuJvsCZxVTLM6Sk6houyTu5HD-AOh79e2P0C-AkOrsSq82MWiRaZFksOr8C56baTNYu_shg3PeHgm6vq7pwy0Ic1tfEXQW4C3xkJBpWpat0N3i8TVRZKXi9jU5jdoMvpbCf7rG8CRkA9iy_EqV10RZlFuS3KRaidGt67itnpE6v9YckvT06atIIIX_cNRIvJgSsTR8EpLyEN0eV1fHcWX1X_mIgc3JeKCJhGic2HrtwT4qudiMju--Bd4RWFGcZpL3VyFilEbcouAwdMt8XoHWRTDqyXX7SRAWoDEBgLOf2IgH4PduqUQ7befYKgHCJBPtNzN1FSE9no3NwmLkf8YwBNwMUBLzFSvLRlPtWD5aQ9sdqY7apS7AfQJUjYRggFAJ7_iKu22_tX1d3h_uj-clAJzLrfTUQVWoHr9wVPpzW2MZXwuoUHAAxEP18t48AYu5x-sA3gXOy95EiM6BqoOOljhQU9_G-XVrT4&sai=AMfl-YQmOokUUmBRho7OW1BTUBoBq1M576LP-P4bOWgZzMGobmsg6NZQgrXcit5IwL2vPlELUTm2ri8hrUWvXHpcjJSUFO4buSJMFyVYM9evYfTNYdaaOP-4iIKFHI_KyNl90b4nBzqO7nJX1vSAyz4KX06jeEUqNL6Fk5gf2-6SUtgdBRuzGDZzx_5p2IqXHUqlMVmI8MDr6Hl6O13uBCVLuiTWkY36P6Dxe9cQBbCU_qSTUfmJyH4P8Q3isvfyNaXxJYqVoe6povij-uzRdbiw8L5wPWv-7phE62e8AhHUGSfQhecSzDOmCSjCOXp2palUkfQ&sig=Cg0ArKJSzBoK5Nyx1Z7QEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=248&cbvp=1&cstd=245&cisv=r20231106.57508&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.rzut-kostka.pl
URL: https://www.rzut-kostka.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 08 Nov 2023 16:40:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3B6 0
20 B 76ms
76ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BvBny4rlLZdKtIv-99u8Pgfq1yAgAAAAAOAHgBAI&bg=!x8SlxIvNAAb4oU7C2KE7ADQBe5WfOLC5jov_iFwAPD1MYnQ0HoBfxKWGjaNngIl6rd2Hd9kFl96QATVNT44I47iiJjBcAgAAAHdSAAAABWgBB5kDGog48v1gmFUUsvttqH4UQS_X7SGmi1cagsAvcfqabpFD9ObgXGkkW_r8wDANnavYj0c2JZAgQz0CcfxQqB3w9cm4mbBhYEp3kIcImYgkHMWcZPvxrk26_CCcJJ_mSy8CMh9pTleCDKQ8jVb9GeDgnq0wy_8JEzK9Lx3a6CMIOBFpN8R7jzc0GRHW6Gtu6wCK9uw_2ddFJmihtUHeJz1Oiqlv1gJy12OACe1_eIRutjUtnBMp39yf8Cnjj_isdgTr9HezI1EoIT4kGiA_wiI1CcKc5BImAVx8yN5FOZM-U0z6Sfv1_SdUr9DdtJefPX31M7Xvu-6eIBuet2-ZjhwJ-GJJbR1s7J-kgKxhG7FTxqQldKyehrVh-sWVM2FOdlVcPotkOiuxOvnRDQDZN9TpymSPeFSkxG9MpY20Sfw9ek1JvPJ6FnkhM23Z1bEfEver5Faf6ExGeJTyZEncRdfyeOOIgleukjZWZ3zq3LLCIzjP7qa7CJawOPS34UIHMs3yswHBH37iWVVyaRUIutwvkgwNKm8lemR_IYZvZilEvZCTiURzQRL0trpjtZNs5sobxR9LbvTbTvn4DoZrT-AlnjrS9vJkZKGbeC8gEL1DMyurXZUprpOfe7rnhGaP_MT7UkTM2M_l6aUrUleCJ67Ze2CeXFe5WevkPkZwTMukttMr7DcMvGMeUPMqmwiAsY3woFIsRZ8NUFPwHdofSrimxOBY-9rTx3-YTnqJN3aLJwj0Eubuke8Au7DuTBcxykJbnZ8ZJ8Yhj-Ga7V7SnpBOKHO1MqESEQMf6KxLT79sLXLZIwbepqkvbjfKvjFTyaF6ZD0tWZH7ur6qMxPnWoeTnHupu9q9Gebk_vQf-VG0WrPTd-eJFKIBZZt1NQquDpVzVLVnspEJhTzM2tChUpML4KL_x143y86xGAO764L0SqOVCQkfcfx3Lg_0QCJ-CkLdx5pzWyFvzAjIxwIIdxxs_qLZmcZEE83HbrbNvgjkaHDuEWn4Lkx4aJdSfcCjYca9Aulg0XGIwe2QU9C1ELcsJD5KqAcZql6VXomA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 16:40:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/5985348084309385991/ Frame F652 5 KB
5 KB 40ms
40ms Image
image/jpeg 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5985348084309385991/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17ce1d10dcf17d24da2396b9ac1dfaf0354a8c4eaf60ef5d3c7960edf457a206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:30:42 GMT
x-content-type-options: nosniff
age: 529761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5569
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 10:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 13:30:42 GMT

GET
H3 200 01.png
s0.2mdn.net/sadbundle/5985348084309385991/ Frame F652 5 KB
5 KB 44ms
42ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5985348084309385991/01.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4465b548a41e42f531df9642cce9aa57a4a1f38204964080e9fd8d139c499f18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:30:42 GMT
x-content-type-options: nosniff
age: 529761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5483
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 10:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 13:30:42 GMT

GET
H3 200 02.png
s0.2mdn.net/sadbundle/5985348084309385991/ Frame F652 8 KB
8 KB 49ms
48ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5985348084309385991/02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d307d90afcfff2a667e197d2a94c0f9ddd74e3046d51b9e2364d3bc8f316ee5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:30:42 GMT
x-content-type-options: nosniff
age: 529761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 10:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 13:30:42 GMT

GET
H3 200 03.png
s0.2mdn.net/sadbundle/5985348084309385991/ Frame F652 6 KB
6 KB 111ms
110ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5985348084309385991/03.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8bd6f1467a4ac91bb81f480aa599674dcacb4d56afe7f2ab5cd836671dc09ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:30:42 GMT
x-content-type-options: nosniff
age: 529761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5817
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 10:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 13:30:42 GMT

GET
H3 200 01-i.png
s0.2mdn.net/sadbundle/5985348084309385991/ Frame F652 4 KB
4 KB 104ms
103ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5985348084309385991/01-i.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9280fe1a4a1d8a7bf657280dc95e736420fa365aa13f4afa5487a7cb147640bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:30:43 GMT
x-content-type-options: nosniff
age: 529760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3715
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 10:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 13:30:43 GMT

GET
H3 200 02-i.png
s0.2mdn.net/sadbundle/5985348084309385991/ Frame F652 4 KB
4 KB 108ms
107ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5985348084309385991/02-i.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58df6f9962146be2e2f859f93f2d6c934f7b8e64ecd0afa67dfd2816baecd65e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:30:42 GMT
x-content-type-options: nosniff
age: 529761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4475
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 10:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 13:30:42 GMT

GET
H3 200 03-i.png
s0.2mdn.net/sadbundle/5985348084309385991/ Frame F652 4 KB
4 KB 73ms
71ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5985348084309385991/03-i.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa2a380309f63645c3a2ad18e2253c18f3e7e48e98f1db9c84a6c6cb6ee9d529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:30:42 GMT
x-content-type-options: nosniff
age: 529761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3732
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 10:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 13:30:42 GMT

GET
H3 200 text_01_A.png
s0.2mdn.net/sadbundle/5985348084309385991/ Frame F652 8 KB
8 KB 99ms
98ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5985348084309385991/text_01_A.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30a127be5696a5d92cdb2a465821e7e119869b5a0e76ee0d4dc3394d861f0bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:30:42 GMT
x-content-type-options: nosniff
age: 529761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8098
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 10:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 13:30:42 GMT

GET
H3 200 text_02_A.png
s0.2mdn.net/sadbundle/5985348084309385991/ Frame F652 11 KB
11 KB 77ms
76ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5985348084309385991/text_02_A.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d08c03199d6fc01f7a2007ba49b632dde70170809958fd8cd1291d4d26cdba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:30:43 GMT
x-content-type-options: nosniff
age: 529760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10757
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 10:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 13:30:43 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/5985348084309385991/ Frame F652 4 KB
4 KB 74ms
73ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5985348084309385991/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74edd2eacc2b44e49c7f8feba513b4ce22e4e9c772999f9124997165f8b799d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:30:42 GMT
x-content-type-options: nosniff
age: 529761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3588
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 10:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 13:30:42 GMT

GET
H3 200 logo.gif
s0.2mdn.net/sadbundle/5985348084309385991/ Frame F652 58 KB
58 KB 54ms
53ms Image
image/gif 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5985348084309385991/logo.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24a4413314f2819c0dfab62274126eceaf69605e3999726880c0769c82a71b3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:30:43 GMT
x-content-type-options: nosniff
age: 529760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59427
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 10:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 13:30:43 GMT

GET
H3 200 button.png
s0.2mdn.net/sadbundle/5985348084309385991/ Frame F652 13 KB
13 KB 86ms
85ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5985348084309385991/button.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98b1502e66c844082c44c2cc5da6b046e900ad2f8188c0fca7f286721cf4ce1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5985348084309385991/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:30:43 GMT
x-content-type-options: nosniff
age: 529760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13706
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 10:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 13:30:43 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BABB 0
0 79ms
78ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvCZdFnCaWvmC6aQQAtwfALFNU8C9insWNaKOAWIFrd9QG066R95UUIWWAllhtGsGUOBnMswARua7OmOaiUbPjwKnEgOjdj9wM0BUjMQ9CJB3zLq4os8d-XaiP6Pzre5vyhCuYb5TLJ5rJPGx6cI8TeUyS6viKaSnZtqV7f4Nv1B8ytm-IPZ0poCdSyhyBhR4NIEaSsqSJSM_1l7oilzXYDbt9t_riCKZGlEqNVJX-tRGNUwgpPKtvmyF9WXERJmKJIbmmcm_KrrQoSUqZyzNgkvl7Ad14VXKuxtV-PFw_AdgDzY75A0xTKF8MEewIgR4uwNFH7OCigHBHLz7l7S7_E_juC8Nt1jNAoqt9by7DPKUNYlepbq4QVzxWCBeJAAcwoIBnoD9IqjZBhA6GP86ECHvu0pUj-Bdq5LSbuuMndr-IAp4iDKoQX6dCd3XMTR_3UExV_2XFyGvKU0A0N0jytv7_O2u2F_YTjgkNWTpGXKufk-aAQlHqCYEWE07U4wjA3jpINVN5baw6n1HjvAQ0B4qKE3LhTCKlmZsNNnaYhRyhucCCtqVzPVgLgMbVO9x74GgbQX5Y5sCaNPT6-9QxvoUSaaumkS7gmSYrK6J-HlYV_VwS_ZyYHCCfehl13emZnesX8NxVwWcFhaqhWjGiPsZ3N4sAZsYj9ynA2eL5S2uDQVt5cmsW7Jk-o6GwCBiLT7PyFBh2g3l3oWPBt2kS2lHKXzdBrTWjS4aR61lfp2KCjhso1A1Uo9jW7TDMNZSXcDBtVCgLdty5qoRd5aSOxmxt5eoBA7EO4K3An1Hkmofoq8_miu91ZXYZL5chZmqAnDh7M7ZPsEIZsZ5tUjCaReY-29HktuJvsCZxVTLM6Sk6houyTu5HD-AOh79e2P0C-AkOrsSq82MWiRaZFksOr8C56baTNYu_shg3PeHgm6vq7pwy0Ic1tfEXQW4C3xkJBpWpat0N3i8TVRZKXi9jU5jdoMvpbCf7rG8CRkA9iy_EqV10RZlFuS3KRaidGt67itnpE6v9YckvT06atIIIX_cNRIvJgSsTR8EpLyEN0eV1fHcWX1X_mIgc3JeKCJhGic2HrtwT4qudiMju--Bd4RWFGcZpL3VyFilEbcouAwdMt8XoHWRTDqyXX7SRAWoDEBgLOf2IgH4PduqUQ7befYKgHCJBPtNzN1FSE9no3NwmLkf8YwBNwMUBLzFSvLRlPtWD5aQ9sdqY7apS7AfQJUjYRggFAJ7_iKu22_tX1d3h_uj-clAJzLrfTUQVWoHr9wVPpzW2MZXwuoUHAAxEP18t48AYu5x-sA3gXOy95EiM6BqoOOljhQU9_G-XVrT4&sai=AMfl-YQmOokUUmBRho7OW1BTUBoBq1M576LP-P4bOWgZzMGobmsg6NZQgrXcit5IwL2vPlELUTm2ri8hrUWvXHpcjJSUFO4buSJMFyVYM9evYfTNYdaaOP-4iIKFHI_KyNl90b4nBzqO7nJX1vSAyz4KX06jeEUqNL6Fk5gf2-6SUtgdBRuzGDZzx_5p2IqXHUqlMVmI8MDr6Hl6O13uBCVLuiTWkY36P6Dxe9cQBbCU_qSTUfmJyH4P8Q3isvfyNaXxJYqVoe6povij-uzRdbiw8L5wPWv-7phE62e8AhHUGSfQhecSzDOmCSjCOXp2palUkfQ&sig=Cg0ArKJSzBoK5Nyx1Z7QEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=507&vt=11&dtpt=259&dett=3&cstd=245&cisv=r20231106.57508&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.rzut-kostka.pl
URL: https://www.rzut-kostka.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 16:40:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 96ms
95ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231106&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48d71cd0c6a0e8c1b53738baecad77e0df587c62044b7a2d4e2e07ca38740226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.rzut-kostka.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 16:40:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12248
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 81ms
80ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.rzut-kostka.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 16:40:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Nov 2023 16:40:03 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7644 13 KB
5 KB 46ms
40ms Document
text/html 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rzut-kostka.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 3720
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 15:38:03 GMT
expires: Thu, 07 Nov 2024 15:38:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FEB6 829 B
1 KB 145ms
50ms Document
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

GSE /

Resource Hash

443da7b452b8c60dff2300f7a6e23b4e72ca3de88e74288f930bee753ebb9dc2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gm2J0oXqm0mMhCkI_juqoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rzut-kostka.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gm2J0oXqm0mMhCkI_juqoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 16:40:03 GMT
expires: Wed, 08 Nov 2023 16:40:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 7644 38 KB
15 KB 40ms
39ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 15:55:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FEB6 0
0 73ms
73ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231106&jk=1349082670859469&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s01-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7644 0
10 B 40ms
39ms Image
text/plain 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GUYPXg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 16:40:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7E72 42 B
64 B 79ms
78ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhM93Rnaj4l2kEEZDEf2ogD2KxsT3c-PAjbAO5P5SGphWPZDF8oXMQbyH_E4_pAZ-p8Owo67_YzBGfamuPgeiQPHil48VdsVM1Eae4A3q18rUJYFQ3kRGdg_1nxq3CDzdQQcyxOUdae6t5&sai=AMfl-YReX7gqjqq7iFYnKMQinoY78Q1j9J3kriqeFANEhtGqK43T-6L2qPopySjQgoW03JzAzgIJAieI8W0XckRUZ_cA3N-SulMvFsKyFFymbQP6wQaFrdhMDCrZSQNi1t08rSa1ApYt2pJVNE_6f6LHgw&sig=Cg0ArKJSzNk4T8wK3KmBEAE&cid=CAQSTwDICaaNZ_GyfFL6rwvSw3_6_VNqdH8O1OKAK36r-FYZfQd1c183Y3ixi2wyG8pjJasV1ykIBwvBEaSUxR43FNC7NnwwBRoybOybissVyKAYAQ&id=lidar2&mcvt=1000&p=0,0,250,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3960222006&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699461601781&rpt=993&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 16:40:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
77ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231106&jk=1349082670859469&bg=!hIelh8jNAAb4oU7C2KE7ADQBe5WfOPzZAa4GWTlW-d-3nd6EE9cXI4tbZAihYZMHJ936sHPDmJctqmOx5fPBFcXgLecEAgAAAFFSAAAAHWgBB5kCuDKIvj8Z2g1T2tA1arBDHoFBptZoAK74lJWJ5Zqn0NfmPf6sby06JxKa0sROq6NDYADh0fgv1TKAyEddi7lfznub6LT0PwTSNGJEOgbStQTzsTs4eyQAfeBV8rDH1d79kFhYJQcR5rn7tW3nt8odFNtI1Q4LHGiJhyFjWDabaUYqyI-LpPU7iLNua1Z5sk3fSzMxZRKGw8V1Nl1jsSfyHAFM5jN7JhAFCu0xe-SDo86rCroL48Q97cevuy1CAvR-36VJbBMb-RZOJ_7bl_Mi2dtOaby8lb_qSgsno9FTJNQEUv2TtfEnziZE_9OvaHb_89VbsZS0yM4f9XWZLC2Uu-5njv_edEtA-laGUYc22v90fBorAZKbXDxBl-VoltKMQzOrmy05hCKomNsw1mFBFhpcmvLWEvL0kc6SGidALGnJ42tpB6kbuTc98C3DHMo1iZ9ajnKkgljWa86dtGNIX5WPWxG7oFC-PBeMMPHMdUZehumWskT88oSI70J-7fG9cceKvp5jw-1CH_bXDSW3gU7Q_b16sfbHLffUipAZ_8PSw2pmYWve6Y09vAARBQfOp0NLg0oTo-kYWYxP6_tYvviw-h_BzmPodnIXaVrht1rJRBUoA5HHBo78cIzeKmI3HpVakUc9qU4e5t8Fumvw1bhfmYrztgcELwjv6s6xn01nZuRNZvLSfORMD-rAgzKf_4SkPasmI5KnNB9qGzdNGi1Id-leFT4ZAQgYn9Feq030Xh6mZxaSaeXWIdRJ2K1CUZHj5iADZmNE5tnybElfZ6R4VmTDAMaF2v-rD9fRiW73KMPa0tbt_wZaNv_RqpMvG-ndbyLtBCldKjh2N7XBdtBaHsPB3ZBbB0dO8Ue8Oe3m2CicaCb4-GdrPuzoFOsLj_J-UUn4b0EuF7q5pmhzm4Gz2CJwj7QYJA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s01-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.rzut-kostka.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BABB 0
20 B 75ms
74ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6665587505242&version=m202311060101&ct=119&x=1&cor=1901888653026875100

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS