gs24.pl Open in urlscan Pro
2a02:1320:ffff:0:195:8:99:67 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Submission: On July 29 via manual (July 29th 2022, 8:57:26 am UTC) from PL — Scanned from DE

Summary HTTP 71 Redirects Links 49 Behaviour Indicators

Summary

This website contacted 22 IPs in 7 countries across 17 domains to perform 71 HTTP transactions. The main IP is 2a02:1320:ffff:0:195:8:99:67, located in Poland and belongs to POLSKAPRESS-AS, PL. The main domain is gs24.pl. The Cisco Umbrella rank of the primary domain is 301102.
TLS certificate: Issued by R3 on May 16th 2022. Valid for: 3 months.

This is the only time gs24.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a02:1320:fff... 2a02:1320:ffff:0:195:8:99:67	34409 (POLSKAPRE...) (POLSKAPRESS-AS)
3	2600:9000:223... 2600:9000:223f:8800:5:b7cc:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
27	2606:4700:10:... 2606:4700:10::ac43:1b52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.180.12.68 185.180.12.68	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:206... 2600:9000:206e:c00:4:f9aa:3d40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	46.4.68.145 46.4.68.145	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:811::200a	15169 (GOOGLE) (GOOGLE)
2 6	78.24.163.112 78.24.163.112	34409 (POLSKAPRE...) (POLSKAPRESS-AS)
1	18.66.112.125 18.66.112.125	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
6	2606:4700:10:... 2606:4700:10::6816:41f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:206... 2600:9000:206e:5e00:9:87b:340:21	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1	146.59.30.96 146.59.30.96	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
71	22

1 2a02:1320:ffff:0:195:8:99:67 (Poland)

ASN34409 (POLSKAPRESS-AS, PL)

gs24.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:8800:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.privacy-center.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:10::ac43:1b52 (United States)

ASN13335 (CLOUDFLARENET, US)

s-nsk.ppstatic.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.180.12.68 (Vienna, Austria)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-731.bunnyinfra.net

cdn.insurads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:c00:4:f9aa:3d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

jscdn.yieldbird.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.68.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 20-casanova.funcns.net

atm.api.dmp.nsaudience.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:811::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 78.24.163.112 (Poland) 2 redirects

ASN34409 (POLSKAPRESS-AS, PL)
PTR: gemius-01.kli.grtech.pl

mreg.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-125.fra56.r.cloudfront.net

privacy.polskapress.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6816:41f1 (United States)

ASN13335 (CLOUDFLARENET, US)

vhsrwd.aip24.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206e:5e00:9:87b:340:21 (United States)

ASN16509 (AMAZON-02, US)

d24rtvkqjwgutp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	ppstatic.pl s-nsk.ppstatic.pl — Cisco Umbrella Rank: 245462	388 KB
7	gemius.pl 2 redirects mreg.hit.gemius.pl — Cisco Umbrella Rank: 229207 ls.hit.gemius.pl — Cisco Umbrella Rank: 12817	21 KB
6	aip24.pl vhsrwd.aip24.pl — Cisco Umbrella Rank: 213211	642 B
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211 ad.doubleclick.net — Cisco Umbrella Rank: 202 stats.g.doubleclick.net — Cisco Umbrella Rank: 117	158 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	21 KB
4	gstatic.com fonts.gstatic.com	55 KB
3	privacy-center.org sdk.privacy-center.org — Cisco Umbrella Rank: 6848	159 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1308	1 KB
2	cloudfront.net d24rtvkqjwgutp.cloudfront.net	7 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	96 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 1186 api.btloader.com — Cisco Umbrella Rank: 1300	7 KB
1	polskapress.pl privacy.polskapress.pl — Cisco Umbrella Rank: 296923	9 KB
1	nsaudience.pl atm.api.dmp.nsaudience.pl — Cisco Umbrella Rank: 57498	11 KB
1	yieldbird.com jscdn.yieldbird.com — Cisco Umbrella Rank: 67368	149 KB
1	insurads.com cdn.insurads.com — Cisco Umbrella Rank: 16742	3 KB
1	gs24.pl gs24.pl — Cisco Umbrella Rank: 301102	19 KB
71	17

	Domain	Requested by
27	s-nsk.ppstatic.pl	gs24.pl
6	vhsrwd.aip24.pl	s-nsk.ppstatic.pl
6	mreg.hit.gemius.pl	2 redirects gs24.pl mreg.hit.gemius.pl
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com gs24.pl
4	fonts.gstatic.com	fonts.googleapis.com
3	securepubads.g.doubleclick.net	gs24.pl securepubads.g.doubleclick.net
3	sdk.privacy-center.org	gs24.pl sdk.privacy-center.org
2	stats.g.doubleclick.net	www.google-analytics.com
2	ad-delivery.net	gs24.pl
2	d24rtvkqjwgutp.cloudfront.net	jscdn.yieldbird.com
2	fonts.googleapis.com	gs24.pl
2	www.googletagmanager.com	gs24.pl
1	api.btloader.com	btloader.com
1	ls.hit.gemius.pl	mreg.hit.gemius.pl
1	ad.doubleclick.net	gs24.pl
1	privacy.polskapress.pl	sdk.privacy-center.org
1	atm.api.dmp.nsaudience.pl	gs24.pl
1	jscdn.yieldbird.com	gs24.pl
1	btloader.com	gs24.pl
1	cdn.insurads.com	gs24.pl
1	gs24.pl
71	21

This site contains links to these domains. Also see Links.

Domain
polskapress.pl
prywatnosc.polskapress.pl
plus.gs24.pl
szczecin.naszemiasto.pl
stargard.naszemiasto.pl
mysliborz.naszemiasto.pl
goleniow.naszemiasto.pl
gratka.pl
echodnia.eu
polskatimes.pl
gazetakrakowska.pl
gazetalubuska.pl
gazetawroclawska.pl
gloswielkopolski.pl
gk24.pl
gp24.pl
dziennikbaltycki.pl
dzienniklodzki.pl
pomorska.pl
kurierlubelski.pl
dziennikpolski24.pl
dziennikzachodni.pl
poranny.pl
wspolczesna.pl
expressilustrowany.pl
nowiny24.pl
nto.pl
www.telemagazyn.pl
sportowy24.pl
gol24.pl
www.motofakty.pl
strefaagro.pl
strefabiznesu.pl
stronakobiet.pl
www.nekrologi.net
www.facebook.com
itunes.apple.com
play.google.com
mediappg.pl
poznaj-ibo.polskapress.pl

Subject Issuer	Validity	Valid
gs24.pl R3	`2022-05-16` - `2022-08-14`	3 months	crt.sh
*.privacy-center.org Amazon	`2022-04-09` - `2023-05-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.insurads.com Go Daddy Secure Certificate Authority - G2	`2022-04-29` - `2023-05-31`	a year	crt.sh
jscdn.yieldbird.com Amazon	`2022-01-26` - `2023-02-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
api.dmp.nsaudience.pl R3	`2022-05-16` - `2022-08-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
privacy.polskapress.pl Amazon	`2022-05-18` - `2023-06-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2022-06-22` - `2022-09-20`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Frame ID: 37AF8875203136B0B45F15A3EFB92F8F
Requests: 69 HTTP requests in this frame

Frame: https://privacy.polskapress.pl/global-cookies.97ffcdd53ec8686a7706c94afb162c3d697df05d.html
Frame ID: 272BC90D4C31FDD397A347C3A88244EB
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: EF811FBF126D0F9EB099F4CBADBDEB78
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Strona nie została znaleziona - błąd 404 | Głos Szczeciński

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Didomi (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

sdk\.privacy-center\.org/.*/loader\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

71
Requests

97 %
HTTPS

62 %
IPv6

17
Domains

21
Subdomains

22
IPs

7
Countries

1106 kB
Transfer

3145 kB
Size

14
Cookies

49 Outgoing links

These are links going to different origins than the main page.

URL: https://polskapress.pl/
Title: Polska Press

Search URL Search Domain Scan URL

URL: https://prywatnosc.polskapress.pl/
Title: Polityki Prywatności

Search URL Search Domain Scan URL

URL: https://plus.gs24.pl/
Title: Głos Szczeciński Plus

Search URL Search Domain Scan URL

URL: https://szczecin.naszemiasto.pl/
Title: Wiadomości Szczecin

Search URL Search Domain Scan URL

URL: https://stargard.naszemiasto.pl/
Title: Wiadomości Police

Search URL Search Domain Scan URL

URL: https://mysliborz.naszemiasto.pl/
Title: Wiadomości Myślibórz

Search URL Search Domain Scan URL

URL: https://goleniow.naszemiasto.pl/
Title: Wiadomości Goleniów

Search URL Search Domain Scan URL

URL: https://gratka.pl/motoryzacja/osobowe/szczecin
Title: Samochody Szczecin

Search URL Search Domain Scan URL

URL: https://gratka.pl/nieruchomosci/domy/szczecin
Title: Domy Szczecin

Search URL Search Domain Scan URL

URL: https://gratka.pl/nieruchomosci/mieszkania/szczecin
Title: Mieszkania Szczecin

Search URL Search Domain Scan URL

URL: https://echodnia.eu/
Title: Echo Dnia

Search URL Search Domain Scan URL

URL: https://polskatimes.pl/
Title: Polska Times

Search URL Search Domain Scan URL

URL: https://gazetakrakowska.pl/
Title: Gazeta Krakowska

Search URL Search Domain Scan URL

URL: https://gazetalubuska.pl/
Title: Gazeta Lubuska

Search URL Search Domain Scan URL

URL: https://gazetawroclawska.pl/
Title: Gazeta Wrocławska

Search URL Search Domain Scan URL

URL: https://gloswielkopolski.pl/
Title: Głos Wielkopolski

Search URL Search Domain Scan URL

URL: https://gk24.pl/
Title: Głos Koszaliński

Search URL Search Domain Scan URL

URL: https://gp24.pl/
Title: Głos Pomorza

Search URL Search Domain Scan URL

URL: https://dziennikbaltycki.pl/
Title: Dziennik Bałtycki

Search URL Search Domain Scan URL

URL: https://dzienniklodzki.pl/
Title: Dziennik Łódzki

Search URL Search Domain Scan URL

URL: https://pomorska.pl/
Title: Gazeta Pomorska

Search URL Search Domain Scan URL

URL: https://kurierlubelski.pl/
Title: Kurier Lubelski

Search URL Search Domain Scan URL

URL: https://dziennikpolski24.pl/
Title: Dziennik Polski

Search URL Search Domain Scan URL

URL: https://dziennikzachodni.pl/
Title: Dziennik Zachodni

Search URL Search Domain Scan URL

URL: https://poranny.pl/
Title: Poranny

Search URL Search Domain Scan URL

URL: https://wspolczesna.pl/
Title: Gazeta Współczesna

Search URL Search Domain Scan URL

URL: https://expressilustrowany.pl/
Title: Express Ilustrowany

Search URL Search Domain Scan URL

URL: https://nowiny24.pl/
Title: Nowiny

Search URL Search Domain Scan URL

URL: https://nto.pl/
Title: Nowa Trybuna Opolska

Search URL Search Domain Scan URL

URL: https://gratka.pl/
Title: Ogłoszenia

Search URL Search Domain Scan URL

URL: https://www.telemagazyn.pl/
Title: Program TV

Search URL Search Domain Scan URL

URL: https://sportowy24.pl/
Title: Sport

Search URL Search Domain Scan URL

URL: https://gol24.pl/
Title: Piłka nożna

Search URL Search Domain Scan URL

URL: https://www.motofakty.pl/
Title: Motoryzacja

Search URL Search Domain Scan URL

URL: https://strefaagro.pl/
Title: Strefa Agro

Search URL Search Domain Scan URL

URL: https://strefabiznesu.pl/
Title: Strefa Biznesu

Search URL Search Domain Scan URL

URL: https://stronakobiet.pl/
Title: Strona Kobiet

Search URL Search Domain Scan URL

URL: https://www.nekrologi.net/
Title: Nekrologi

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gs24pl/

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ag/app/gs24-pl/id463259970?mt=8
Title: Aplikacja iOS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.mecom.gs24.pl
Title: Aplikacja Android

Search URL Search Domain Scan URL

URL: https://plus.gs24.pl/wykup-dostep
Title: Prenumerata

Search URL Search Domain Scan URL

URL: https://prywatnosc.polskapress.pl/klauzula-pap
Title: Klauzula PAP

Search URL Search Domain Scan URL

URL: http://polskapress.pl/

Search URL Search Domain Scan URL

URL: https://polskapress.pl/pl/biuro-prasowe
Title: Dla prasy

Search URL Search Domain Scan URL

URL: https://plus.gs24.pl/wykup-dostep/?source=red_reg&medium=menu_gorne&campaign=nowa_sg
Title: Kup prenumeratę - oferta

Search URL Search Domain Scan URL

URL: https://plus.gs24.pl/wydania
Title: Archiwum

Search URL Search Domain Scan URL

URL: https://mediappg.pl/o-nas/biuro-reklamy-pomorze-zachodnie/szczecin
Title: Reklama

Search URL Search Domain Scan URL

URL: https://poznaj-ibo.polskapress.pl/?utm_source=ser_reg&utm_miejsce=GS24&utm_medium=link_sg&utm_priorytet=organiczny&utm_forma=&utm_campaign=ibo
Title: Zamów ogłoszenie w prasie

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://mreg.hit.gemius.pl/_1659085041508/redot.js?l=107&id=oqg1Lb9B1XZTTPXGDcHIAsPbXtcWe29IcIig_0Sj6n7.c7&et=action&hsrc=3&extra=_EC%3Dnotice_shown%7C_EN%3Dclick%7Cadblock.status%3Doff%7Cads.standard%3Dbetter_ads%7Cads.recover%3Dnone%7Cads.standard%3Dbetter_ads%7Cads.recover%3Dnone%7Cads.status%3Don%7Cuser.is_logged%3D0%7Cuser.id_pp%3D0%7Cuser.is_editor%3D0%7Caccess.is_paid%3D0%7Csite.type%3D404%7Clocation.city%3D%7Clocation.province%3D%7Csubscription.period%3D0%7Ccomponents.all%3D%2Fpartials%2Ffavicon.twig%2C%2Ferror%2Fbaner%2C%2Fnavigation%2Ffooter%2Fexpanded%7Chitflag%3D1&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgs24.pl%2Fwakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar%2Fc9-16530997&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=xXsly.wG6Q_MsSY9CxrUTBGCIeOWffBnfzJ_Xz5D5yz.U7AbyRf8dmWT8HNG5FEQIdW9OS9kECTvJ.PHaVXUOafwCF7d/nhkI9cXuktBCG/&ltime=386&fpdata=l7GFIu23VkSxH9lpO03BqnrlSVSIb_02gBbwunowx8z.G7&fpcap= HTTP 301
https://mreg.hit.gemius.pl/__/_1659085041508/redot.js?l=107&id=oqg1Lb9B1XZTTPXGDcHIAsPbXtcWe29IcIig_0Sj6n7.c7&et=action&hsrc=3&extra=_EC%3Dnotice_shown%7C_EN%3Dclick%7Cadblock.status%3Doff%7Cads.standard%3Dbetter_ads%7Cads.recover%3Dnone%7Cads.standard%3Dbetter_ads%7Cads.recover%3Dnone%7Cads.status%3Don%7Cuser.is_logged%3D0%7Cuser.id_pp%3D0%7Cuser.is_editor%3D0%7Caccess.is_paid%3D0%7Csite.type%3D404%7Clocation.city%3D%7Clocation.province%3D%7Csubscription.period%3D0%7Ccomponents.all%3D%2Fpartials%2Ffavicon.twig%2C%2Ferror%2Fbaner%2C%2Fnavigation%2Ffooter%2Fexpanded%7Chitflag%3D1&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgs24.pl%2Fwakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar%2Fc9-16530997&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=xXsly.wG6Q_MsSY9CxrUTBGCIeOWffBnfzJ_Xz5D5yz.U7AbyRf8dmWT8HNG5FEQIdW9OS9kECTvJ.PHaVXUOafwCF7d/nhkI9cXuktBCG/&ltime=386&fpdata=l7GFIu23VkSxH9lpO03BqnrlSVSIb_02gBbwunowx8z.G7&fpcap=

Request Chain 72

https://mreg.hit.gemius.pl/_1659085041510/rexdot.js?l=100&id=oqg1Lb9B1XZTTPXGDcHIAsPbXtcWe29IcIig_0Sj6n7.c7&et=view&hsrc=1&initsonar=1&extra=adblock.status%3Doff%7Cads.standard%3Dbetter_ads%7Cads.recover%3Dnone%7Cads.standard%3Dbetter_ads%7Cads.recover%3Dnone%7Cads.status%3Don%7Cuser.is_logged%3D0%7Cuser.id_pp%3D0%7Cuser.is_editor%3D0%7Caccess.is_paid%3D0%7Csite.type%3D404%7Clocation.city%3D%7Clocation.province%3D%7Csubscription.period%3D0%7Ccomponents.all%3D%2Fpartials%2Ffavicon.twig%2C%2Ferror%2Fbaner%2C%2Fnavigation%2Ffooter%2Fexpanded%7Chitflag%3D1&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgs24.pl%2Fwakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar%2Fc9-16530997&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=xXsly.wG6Q_MsSY9CxrUTBGCIeOWffBnfzJ_Xz5D5yz.U7AbyRf8dmWT8HNG5FEQIdW9OS9kECTvJ.PHaVXUOafwCF7d/nhkI9cXuktBCG/&ltime=386&fpdata=l7GFIu23VkSxH9lpO03BqnrlSVSIb_02gBbwunowx8z.G7&fpcap= HTTP 301
https://mreg.hit.gemius.pl/__/_1659085041510/rexdot.js?l=100&id=oqg1Lb9B1XZTTPXGDcHIAsPbXtcWe29IcIig_0Sj6n7.c7&et=view&hsrc=1&initsonar=1&extra=adblock.status%3Doff%7Cads.standard%3Dbetter_ads%7Cads.recover%3Dnone%7Cads.standard%3Dbetter_ads%7Cads.recover%3Dnone%7Cads.status%3Don%7Cuser.is_logged%3D0%7Cuser.id_pp%3D0%7Cuser.is_editor%3D0%7Caccess.is_paid%3D0%7Csite.type%3D404%7Clocation.city%3D%7Clocation.province%3D%7Csubscription.period%3D0%7Ccomponents.all%3D%2Fpartials%2Ffavicon.twig%2C%2Ferror%2Fbaner%2C%2Fnavigation%2Ffooter%2Fexpanded%7Chitflag%3D1&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgs24.pl%2Fwakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar%2Fc9-16530997&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=xXsly.wG6Q_MsSY9CxrUTBGCIeOWffBnfzJ_Xz5D5yz.U7AbyRf8dmWT8HNG5FEQIdW9OS9kECTvJ.PHaVXUOafwCF7d/nhkI9cXuktBCG/&ltime=386&fpdata=l7GFIu23VkSxH9lpO03BqnrlSVSIb_02gBbwunowx8z.G7&fpcap=

71 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request c9-16530997 Show response
gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/ 101 KB
19 KB 381ms
198ms Document
text/html 2a02:1320:ffff:0:195:8:99:67
POLSKAPRESS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:1320:ffff:0:195:8:99:67 , Poland, ASN34409 (POLSKAPRESS-AS, PL),
Reverse DNS
Software: Apache /
Resource Hash: 594fca895709d6dbd169eedf9a62143319efe7f5eb785474ca9c97d6a202178e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: max-age=30, public, stale-if-error=900
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 29 Jul 2022 08:57:20 GMT
server: Apache
vary: Accept-Encoding
x-esi: 1

GET
H2 200 loader.js Show response
sdk.privacy-center.org/d715c6cc-9594-4f76-b845-2556d88dfee3/ 84 KB
13 KB 131ms
41ms Script
application/javascript 2600:9000:223f:8800:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/d715c6cc-9594-4f76-b845-2556d88dfee3/loader.js?target=gs24.pl
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8800:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 46f50673284a26b8038be90143da6d79009566967c76dd754e729aae27c180db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:04:06 GMT
content-encoding: gzip
x-didomi-remote-config-source: Dynamo
server: CloudFront
age: 4260
etag: "5510528defbc6f8cbf2c601bad6d3fb8"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
x-amz-cf-pop: FRA56-P5
content-length: 12534
x-amz-cf-id: ogTAOKMNKigFEVxOqde2zvc6aFi9itZrrSXQTmjLivmdOXJe-Gb7Kw==

GET
H2 200 reklama.js Show response
s-nsk.ppstatic.pl/lib/adbnsk/v1.3.1/js/ads/gemius/g.ad.adserver.adsrv/ 27 B
250 B 165ms
72ms Script
application/x-javascript 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-nsk.ppstatic.pl/lib/adbnsk/v1.3.1/js/ads/gemius/g.ad.adserver.adsrv/reklama.js
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a56adfc22283f9a4369986b367653ad4543217ee24852bed5daada69e31ff34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
cf-cache-status: HIT
age: 10880035
cf-polished: origSize=30
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27
timing-allow-origin: *
last-modified: Wed, 19 Dec 2018 13:07:50 GMT
server: cloudflare
etag: W/"5c1a42a6-1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
expires: Wed, 04 Jan 2023 20:55:33 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7324a57f1a676913-FRA
cf-bgj: minify

GET
H2 200 fdba2a393986553fd08ad295542c4a4f.css
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/bundles/ 11 KB
3 KB 109ms
50ms Stylesheet
text/css 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/bundles/fdba2a393986553fd08ad295542c4a4f.css
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f4a920a8f07e0e54d4df1f88932064a48961c922180c74203ff8cddad4fb581

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 72882
cf-polished: origSize=11294
x-pp-app-name: api_assets
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-pp-app-version: 1.2.0
x-pp-app-host: elixir-10.srv.grtech.pl
last-modified: Thu, 28 Jul 2022 12:42:38 GMT
x-request-id: FwX-wv0hA8EwX2ICnpKB
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,JWT-Access-Token
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
cf-ray: 7324a57f1a666913-FRA
cf-bgj: minify

GET
H2 200 main.js Show response
s-nsk.ppstatic.pl/lib/events/v0.16.0/js/ 55 KB
16 KB 53ms
52ms Script
application/x-javascript 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-nsk.ppstatic.pl/lib/events/v0.16.0/js/main.js
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d00fdc028806fdb1dd71620ddffb0be2baea8f86ecc7d57410a0256fba4bbcd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 10880037
cf-ray: 7324a57f6ac96913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Apr 2021 08:26:17 GMT
server: cloudflare
etag: W/"60794a29-dd9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
expires: Mon, 04 Jul 2022 19:51:59 GMT
cache-control: max-age=31536000
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 ResponsiveLinks.min.js Show response
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/js/compiled/ 3 KB
1 KB 52ms
51ms Script
application/x-javascript 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/js/compiled/ResponsiveLinks.min.js
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2aaf99ce55a4301e7f828f3695f3b5bc34d39fac00bbc62bd50777010985691

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 73527
cf-ray: 7324a57f8af56913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Jul 2022 12:20:24 GMT
server: cloudflare
etag: W/"62e27f08-d74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 28 Jul 2023 12:31:34 GMT

GET
H2 200 LYEKUKIL.js Show response
cdn.insurads.com/bootstrap/ 7 KB
3 KB 274ms
90ms Script
application/x-javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insurads.com/bootstrap/LYEKUKIL.js
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: 929f0b5db0745bab36c5283203e01a5e434632e7d5a181508ee57d1e3d7ced42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: gzip
cdn-edgestorageid: 731
x-amz-request-id: 3M97PSXMZGRJKYQQ
cdn-cachedat: 02/01/2022 19:52:56
cdn-pullzone: 55316
x-amz-id-2: juO2iQZaS0F/2I+qTknFlO/9Qs1rafyRXGRyYK+zZXCLKqPeT60b1hrd5Cf8kiM+W4yws3fc7w8=
server: BunnyCDN-AT-731
last-modified: Tue, 01 Feb 2022 19:20:08 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "036026ab9abc045b5dd078aa45d34a18"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cdn-cache: HIT
cdn-uid: 56a941db-1de6-4dd7-bd60-f93546463707
cache-control: max-age=86400, s-maxage=604800
cdn-requestid: 966585dbe6dc64703c83f3f85be80583
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 sdk.97ffcdd53ec8686a7706c94afb162c3d697df05d.js Show response
sdk.privacy-center.org/ 396 KB
88 KB 46ms
46ms Script
application/javascript 2600:9000:223f:8800:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk.97ffcdd53ec8686a7706c94afb162c3d697df05d.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/d715c6cc-9594-4f76-b845-2556d88dfee3/loader.js?target=gs24.pl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8800:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc4ebc16199b00dbc9263f16b0c6d5ce2b9a32bc8b0ba1b32ceea47813318209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 26 Jul 2022 12:45:47 GMT
content-encoding: gzip
last-modified: Tue, 26 Jul 2022 12:41:18 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1658839013/ctime:1658839013/gid:0/gname:root/md5:a53e1716619495d86eaa141114b7cbb8/mode:33188/mtime:1658839013/uid:0/uname:root
age: 245494
etag: W/"a53e1716619495d86eaa141114b7cbb8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: JRVaTVS2Zlnhya3q0oyxxNxTZGnlSTTJq6p5oe8LKv8xO4Tl3Gz93g==

GET
H2 200 tag Show response
btloader.com/ 15 KB
7 KB 437ms
45ms Script
application/javascript 2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5659168086163456&upapi=true
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d86c0002edfc5115e21c434d561bcc41ab3cdd4ef9316616df955df4a629df2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:21 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 435
content-length: 6115
last-modified: Fri, 29 Jul 2022 08:49:50 GMT
server: cloudflare
etag: "e02f5a2cca9f9215569e4a0045808483"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGI%2Fhw9icogTOZEqxBQ7NKnjGSxHnJGvjUIH%2FjO8Djo6ysdrgHu8VRuocSqBQ9MiGn%2FAHHt2FXmxYv47UeXKsgO3CyVakEOEezQEs%2FGFr2IFp7IHc6skLEoKjDiZ6uzatcb27NK94Pq9Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400, no-transform
accept-ranges: bytes
cf-ray: 7324a5825836902a-FRA

GET
H2 200 yb.js Show response
jscdn.yieldbird.com/e690ce1d-8273-4dd0-b855-e6ec53f05fd1/ 549 KB
149 KB 228ms
52ms Script
application/javascript 2600:9000:206e:c00:4:f9aa:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jscdn.yieldbird.com/e690ce1d-8273-4dd0-b855-e6ec53f05fd1/yb.js
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:c00:4:f9aa:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 739bca7aa41487597ba994caeb26e5b3dd26eeecca11281ea8ab079dadda20a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: x7sDjN48G_QO8JH_1EwYayo8Oc8nyPKv
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 01:07:34 GMT
server: AmazonS3
age: 1588
etag: "87e6681389b0d1358817bcc07d83ccb2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 89325178f4430fe7d65a260b33ed0234.cloudfront.net (CloudFront)
cache-control: max-age=1800
date: Fri, 29 Jul 2022 08:32:14 GMT
x-amz-cf-pop: VIE50-C1
content-length: 151585
x-amz-cf-id: xzh7eEynW4RjB5Yq6-tadcvyNoDPnU4tZLgiFMAEq3Ze1m661OBdaA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 146ms
48ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

9342f65c2a6dabe315bb44d2471e1e95eecb5f64df910e2bab23434f5bbecb3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28382
x-xss-protection: 0
server: sffe
etag: "1287 / 62 of 1000 / last-modified: 1659046073"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Jul 2022 08:57:20 GMT

GET
H3 200 main.js Show response
s-nsk.ppstatic.pl/lib/ppa/v2.55.16/js/ 93 KB
23 KB 73ms
71ms Script
application/x-javascript 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-nsk.ppstatic.pl/lib/ppa/v2.55.16/js/main.js
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2d49e56e3439a3147619b79b533a978d775d771b85e478816a26a0f9e8abd45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 167195
cf-polished: origSize=95423
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
last-modified: Wed, 27 Jul 2022 08:37:31 GMT
server: cloudflare
etag: W/"62e0f94b-174bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
expires: Thu, 27 Jul 2023 10:30:42 GMT
cache-control: max-age=31536000
cf-ray: 7324a57fec239ba0-FRA
cf-bgj: minify

GET
H2 200 845a1f04a4ca337b59f1384f4f15a407.css
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/bundles/ 63 KB
9 KB 48ms
48ms Stylesheet
text/css 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/bundles/845a1f04a4ca337b59f1384f4f15a407.css
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6affa4b1de1abe7e4de2d6299fe12efa833eb5a11fc3eecac56850ffe592be7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 65463
cf-polished: origSize=65923
x-pp-app-name: api_assets
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-pp-app-version: 1.2.0
x-pp-app-host: elixir-08.srv.grtech.pl
last-modified: Thu, 28 Jul 2022 14:46:17 GMT
x-request-id: FwYFg_8byxge254Cgc0B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,JWT-Access-Token
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
cf-ray: 7324a57f8af86913-FRA
cf-bgj: minify

GET
H/1.1 200
OK atm.js Show response
atm.api.dmp.nsaudience.pl/ 36 KB
11 KB 190ms
43ms Script
application/javascript 46.4.68.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://atm.api.dmp.nsaudience.pl/atm.js?sourceId=pp_gs24.pl
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.4.68.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 20-casanova.funcns.net
Software: nginx /
Resource Hash: 38851a0e24e5d8646e21d9a9485b894f1a930fa9f3a78af88c844770d603e3c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Jul 2022 08:57:20 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CAO COR COR CON TEL IVD SAM IND BUS"
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 129 KB
47 KB 220ms
134ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQCXKB

Requested by

Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f19a2e5bdadf18375956baf38009fde3b1af71ce71c710326932bad6ce239e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48120
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 08:57:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
49 KB 181ms
95ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NP2BMFJ

Requested by

Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

155feed0f7beaf76d3b61ad80a3b5ea26f984dade1f2c42f194230b480c1324a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49272
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 08:57:20 GMT

GET
H3 200 init.js Show response
s-nsk.ppstatic.pl/lib/events/v0.16.0/deep/v3/ 67 KB
20 KB 91ms
50ms Script
application/x-javascript 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-nsk.ppstatic.pl/lib/events/v0.16.0/deep/v3/init.js
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b1b094bec8949f79685bf35810b0a522967e71bf0d9d81f968ccbfb10d5e0e2

Request headers

Referer: https://gs24.pl/
Origin: https://gs24.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 10879542
cf-polished: origSize=68354
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
last-modified: Fri, 16 Apr 2021 08:26:17 GMT
server: cloudflare
etag: W/"60794a29-10b02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
expires: Tue, 13 Dec 2022 10:12:45 GMT
cache-control: max-age=31536000
cf-ray: 7324a5802ca79bc5-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 145ms
55ms Stylesheet
text/css 2a00:1450:400e:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,900%7CRoboto+Condensed:700&subset=latin,latin-ext&display=swap

Requested by

Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:811::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be5ff15629189a05e31e2655d6c1dd19e9dd8fc55a4fcdaf26413153b4120f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 08:24:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 29 Jul 2022 08:57:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Jul 2022 08:57:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 144ms
55ms Stylesheet
text/css 2a00:1450:400e:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,900%7CRoboto+Condensed:700&subset=latin,latin-ext&display=swap

Requested by

Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:811::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be5ff15629189a05e31e2655d6c1dd19e9dd8fc55a4fcdaf26413153b4120f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gs24.pl/
Origin: https://gs24.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 08:57:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 29 Jul 2022 08:57:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Jul 2022 08:57:20 GMT

GET
H3 200 color-set-concat.css
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/css/modifiers/ 7 KB
1 KB 62ms
62ms Stylesheet
text/css 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/css/modifiers/color-set-concat.css
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c3c10e90f70d13fd8f1505be7085a76ebc96ce503a4086d2c48649722ca0e69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 73526
cf-polished: origSize=6839
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
last-modified: Thu, 28 Jul 2022 12:19:44 GMT
server: cloudflare
etag: W/"62e27ee0-1ab7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
expires: Fri, 28 Jul 2023 12:31:35 GMT
cache-control: max-age=31536000
cf-ray: 7324a57fec1e9ba0-FRA
cf-bgj: minify

GET
H3 200 PPG_lazyload.min.js Show response
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/js/compiled/ 3 KB
2 KB 63ms
61ms Script
application/x-javascript 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/js/compiled/PPG_lazyload.min.js
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37603a17786da26b64bea00880b20091eabaff609b55633a333fd8a5a822c11b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 73526
cf-ray: 7324a57fec249ba0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Jul 2022 12:20:24 GMT
server: cloudflare
etag: W/"62e27f08-d72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 28 Jul 2023 12:31:35 GMT

GET
H3 200 jsLazyLoad.js Show response
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/js/compiled/apps/ 2 KB
1 KB 62ms
60ms Script
application/x-javascript 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/js/compiled/apps/jsLazyLoad.js
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fc4893c2d1cf07881b25f56d3828288834011aacc185fcc215e4a1aeaa6ecbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 73526
cf-ray: 7324a57fec269ba0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Jul 2022 12:20:24 GMT
server: cloudflare
etag: W/"62e27f08-6ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
expires: Fri, 28 Jul 2023 12:31:34 GMT
cache-control: max-age=31536000
timing-allow-origin: *
cf-bgj: minify

GET
H3 200 grid.css
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/css/owl/layouts/ 3 KB
866 B 60ms
58ms Stylesheet
text/css 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/css/owl/layouts/grid.css
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37817d480516ddae5f54bd6de5920b274a3f8e8f7f9e0fc337309fb6859423e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 73533
cf-polished: origSize=2930
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
last-modified: Thu, 28 Jul 2022 12:19:41 GMT
server: cloudflare
etag: W/"62e27edd-b72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
expires: Fri, 28 Jul 2023 12:31:27 GMT
cache-control: max-age=31536000
cf-ray: 7324a57fec279ba0-FRA
cf-bgj: minify

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bc4a46b19318a8abd7497ef564366b2c32f910ddba18eb31cdc562eb16cd464

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef49faab85bb84ef311393dcef2d08b2e4ae24d87c38f52bf7e8e4866e8a250e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 welcome-screen.js Show response
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/js/compiled/components/slots/ 4 KB
2 KB 51ms
50ms Script
application/x-javascript 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/js/compiled/components/slots/welcome-screen.js
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2f037a65e03bbffc4870ea83a30ebb3baf7d1953a5521089459af94e66f09e

Request headers

Referer: https://gs24.pl/
Origin: https://gs24.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 71119
cf-ray: 7324a5808d599bc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Jul 2022 12:20:23 GMT
server: cloudflare
etag: W/"62e27f07-e7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
expires: Fri, 28 Jul 2023 12:32:16 GMT
cache-control: max-age=31536000
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 xgemius.js Show response
mreg.hit.gemius.pl/ 57 KB
15 KB 361ms
63ms Script
application/x-javascript 78.24.163.112
POLSKAPRESS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mreg.hit.gemius.pl/xgemius.js
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 78.24.163.112 , Poland, ASN34409 (POLSKAPRESS-AS, PL),
Reverse DNS: gemius-01.kli.grtech.pl
Software: GHC /
Resource Hash: 4dd30f59ed701805d9fca0d4abf733ae5514110edfdeb68e07756a1f2966bcba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:21 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 11:52:01 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 15187
expires: Fri, 29 Jul 2022 20:57:21 GMT

GET
H2 200 global-cookies.97ffcdd53ec8686a7706c94afb162c3d697df05d.html Show response
privacy.polskapress.pl/ Frame 272B 26 KB
9 KB 176ms
40ms Document
text/html 18.66.112.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy.polskapress.pl/global-cookies.97ffcdd53ec8686a7706c94afb162c3d697df05d.html
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.97ffcdd53ec8686a7706c94afb162c3d697df05d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-125.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7fdb9663941a5dab9feabc36f94667a6c85e51bdf0c2a2788578de6108baf4f1

Request headers

Referer: https://gs24.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 245545
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 26 Jul 2022 12:44:56 GMT
etag: W/"771d36008344d4124c4c42e02934923e"
last-modified: Tue, 26 Jul 2022 12:42:27 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-id: edtMj9vpplfFPTKx8EFSvUsmydL8qp64u5vj6ZMWdgW34_eBsor_mg==
x-amz-cf-pop: FRA56-P5
x-amz-meta-s3cmd-attrs: atime:1658839018/ctime:1658839018/gid:0/gname:root/md5:771d36008344d4124c4c42e02934923e/mode:33188/mtime:1658839018/uid:0/uname:root
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H3 200 gratka.svg
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_sites/logo/svg/ 3 KB
2 KB 131ms
130ms Image
image/svg+xml 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_sites/logo/svg/gratka.svg
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98148db478f4e751a420f83fa8e08f0f469ff5cfe25ef8a5f3ff18915f3d6ed1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 73160
cf-ray: 7324a580edb39ba0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Jul 2022 12:20:23 GMT
server: cloudflare
etag: W/"62e27f07-c76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 28 Jul 2023 12:34:20 GMT

GET
H3 200 telemagazyn.svg
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_sites/logo/svg/ 3 KB
2 KB 51ms
47ms Image
image/svg+xml 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_sites/logo/svg/telemagazyn.svg
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5e42d2deac21a272634a7e4cf0131b7c751d7eac7932286c4a32a128e4f1d40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 73160
cf-ray: 7324a580fdbc9ba0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Jul 2022 12:20:23 GMT
server: cloudflare
etag: W/"62e27f07-bcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 28 Jul 2023 12:32:19 GMT

GET
H3 200 sportowy24.svg
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_sites/logo/svg/ 4 KB
2 KB 54ms
51ms Image
image/svg+xml 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_sites/logo/svg/sportowy24.svg
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0988816072017bd80c47e4ed0bf0fb2ee3a48c5b5b37895c6178da89ab06cba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 73253
cf-ray: 7324a580fdbd9ba0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Jul 2022 12:20:22 GMT
server: cloudflare
etag: W/"62e27f06-e8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 28 Jul 2023 12:32:19 GMT

GET
H3 200 gol24.svg
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_sites/logo/svg/ 3 KB
1 KB 130ms
128ms Image
image/svg+xml 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_sites/logo/svg/gol24.svg
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eab059b6229ac6ebc752c05a056c022f46ff79e2544d29ffb61e910bcad61a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 73253
cf-ray: 7324a580fdbe9ba0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Jul 2022 12:20:23 GMT
server: cloudflare
etag: W/"62e27f07-b5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 28 Jul 2023 12:34:20 GMT

GET
H3 200 motofakty.svg
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_sites/logo/svg/ 7 KB
3 KB 132ms
129ms Image
image/svg+xml 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_sites/logo/svg/motofakty.svg
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2c0fc8f3c67bdbf67c602bf84aeda3421bcc7e7e3d6457fd973698dc1a3627e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 73160
cf-ray: 7324a580fdbf9ba0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Jul 2022 12:20:22 GMT
server: cloudflare
etag: W/"62e27f06-1b9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 28 Jul 2023 12:34:20 GMT

GET
H3 200 stronakobiet.svg
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_sites/logo/svg/ 69 KB
18 KB 132ms
130ms Image
image/svg+xml 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_sites/logo/svg/stronakobiet.svg
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fc0ec0ad1f1bf41ce1471f992588a8fa6e05c503830cb7480e26abc28a16b43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 73253
cf-ray: 7324a580fdc09ba0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Jul 2022 12:20:22 GMT
server: cloudflare
etag: W/"62e27f06-11502"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 28 Jul 2023 12:32:19 GMT

GET
H3 200 strefaagro.svg
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_sites/logo/svg/ 6 KB
2 KB 52ms
50ms Image
image/svg+xml 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_sites/logo/svg/strefaagro.svg
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db0eea55a89c607cc293f9fd116d1d336b4e42111b19c57431b2ad5f58fe3f06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 73160
cf-ray: 7324a580fdc19ba0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Jul 2022 12:20:23 GMT
server: cloudflare
etag: W/"62e27f07-190e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 28 Jul 2023 12:32:43 GMT

GET
H3 200 strefabiznesu.svg
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_sites/logo/svg/ 10 KB
3 KB 133ms
131ms Image
image/svg+xml 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_sites/logo/svg/strefabiznesu.svg
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e96605565a746341314e47dd3d8b1556c4086f5c2916f4c86ae86561cadbcee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 73253
cf-ray: 7324a580fdc29ba0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Jul 2022 12:20:22 GMT
server: cloudflare
etag: W/"62e27f06-2626"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 28 Jul 2023 12:32:49 GMT

GET
H3 200 polskapress.svg
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_sites/logo/svg/ 8 KB
3 KB 134ms
131ms Image
image/svg+xml 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_sites/logo/svg/polskapress.svg
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d047f98682f2bd34ecf07ab3ae8dd08a86c8de8ad7efdd69d5430526bf60c8bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 73160
cf-ray: 7324a580fdc39ba0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Jul 2022 12:20:22 GMT
server: cloudflare
etag: W/"62e27f06-1f7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 28 Jul 2023 12:34:20 GMT

GET
H3 200 404.jpg
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_defaults/ 263 KB
264 KB 53ms
51ms Image
image/webp 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/images/_defaults/404.jpg
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38e41aac69f0936c6e20145f26a06ad5301f0026604a679e3130600c9a169110

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
cf-cache-status: HIT
age: 72626
cf-polished: origFmt=jpeg, origSize=423010
content-disposition: inline; filename="404.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 269728
timing-allow-origin: *
last-modified: Thu, 28 Jul 2022 12:20:16 GMT
server: cloudflare
etag: "62e27f00-67462"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 28 Jul 2023 12:32:16 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7324a580fdc49ba0-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 accordion.js Show response
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/js/compiled/atoms/navigation/footer/ 3 KB
2 KB 57ms
55ms Script
application/x-javascript 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/js/compiled/atoms/navigation/footer/accordion.js
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5967a22495c679d18207786bb5948eb2c4179c8b0763700fefc981fdac0d3419

Request headers

Referer: https://gs24.pl/
Origin: https://gs24.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 71672
cf-ray: 7324a580fe1b9bc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Jul 2022 12:20:24 GMT
server: cloudflare
etag: W/"62e27f08-d31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
expires: Fri, 28 Jul 2023 12:31:53 GMT
cache-control: max-age=31536000
timing-allow-origin: *
cf-bgj: minify

GET
H3 200 dropdown-user.js Show response
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/js/compiled/atoms/navigation/icons/ 3 KB
2 KB 64ms
62ms Script
application/x-javascript 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/js/compiled/atoms/navigation/icons/dropdown-user.js
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df34167a622657f8d4e28f03869e74d1478f095ec89ca576851e566da880df67

Request headers

Referer: https://gs24.pl/
Origin: https://gs24.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 71304
cf-ray: 7324a580fe1c9bc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Jul 2022 12:20:24 GMT
server: cloudflare
etag: W/"62e27f08-ccf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
expires: Fri, 28 Jul 2023 12:31:56 GMT
cache-control: max-age=31536000
timing-allow-origin: *
cf-bgj: minify

GET
H3 200 dropdown.js Show response
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/js/compiled/atoms/navigation/icons/ 3 KB
1 KB 55ms
53ms Script
application/x-javascript 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/js/compiled/atoms/navigation/icons/dropdown.js
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a7a4214540fcdaf6f9793f9d042d077535cc3a82c5e2ff53be315f5bfe678ff

Request headers

Referer: https://gs24.pl/
Origin: https://gs24.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 71304
cf-ray: 7324a580fe1e9bc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Jul 2022 12:20:24 GMT
server: cloudflare
etag: W/"62e27f08-d99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
expires: Fri, 28 Jul 2023 12:31:54 GMT
cache-control: max-age=31536000
timing-allow-origin: *
cf-bgj: minify

GET
H3 200 navbar.js Show response
s-nsk.ppstatic.pl/assets/nsk/v1.132.0/js/compiled/components/navigation/ 8 KB
3 KB 52ms
51ms Script
application/x-javascript 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.132.0/js/compiled/components/navigation/navbar.js
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e4b32333d14d5d66d21acaa9425c85856fba1823de62471f8b858ab397bb7a7

Request headers

Referer: https://gs24.pl/
Origin: https://gs24.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 71304
cf-ray: 7324a580fe1f9bc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Jul 2022 12:20:23 GMT
server: cloudflare
etag: W/"62e27f07-1ef5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
expires: Fri, 28 Jul 2023 12:32:15 GMT
cache-control: max-age=31536000
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 134ms
38ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900%7CRoboto+Condensed:700&subset=latin,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gs24.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 317548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 139ms
47ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900%7CRoboto+Condensed:700&subset=latin,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gs24.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 308965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 19:07:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 176ms
87ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900%7CRoboto+Condensed:700&subset=latin,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gs24.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 21:35:52 GMT
x-content-type-options: nosniff
age: 300088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 21:35:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 167ms
78ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900%7CRoboto+Condensed:700&subset=latin,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gs24.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 13:40:18 GMT
x-content-type-options: nosniff
age: 328622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 13:40:18 GMT

GET
H3 200 pubads_impl_2022071801.js Show response
securepubads.g.doubleclick.net/gpt/ 377 KB
129 KB 183ms
39ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

6f761aab3bf051efa97b8361efb44ec6aeab54bbdd9605bf673c401164fc9a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 07:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6433
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131644
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 08:35:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 29 Jul 2023 07:10:07 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 213 B
147 B 121ms
45ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gs24.pl

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

8b0db76bf7be6d1c80374b3173b34916cac2b8da42a127a457db444e50d56498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Jul 2022 08:57:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122
x-xss-protection: 0
expires: Fri, 29 Jul 2022 08:57:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 125ms
37ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NP2BMFJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6683
date: Fri, 29 Jul 2022 07:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 29 Jul 2022 09:05:57 GMT

GET
H2 200 events Show response
vhsrwd.aip24.pl/v1/streams/nWtM4NQ4cgHZ/ 15 B
573 B 128ms
52ms XHR
text/plain 2606:4700:10::6816:41f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vhsrwd.aip24.pl/v1/streams/nWtM4NQ4cgHZ/events

Requested by

Host: s-nsk.ppstatic.pl
URL: https://s-nsk.ppstatic.pl/lib/events/v0.16.0/deep/v3/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:41f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dc7ed46829688bbe940586a4c2e46abaf9a323b58083e6aa2486ee086a215af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Authorization: bearer o8qhHcJaM2plYsOVTEQsWuqL
Referer: https://gs24.pl/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7324a58398ea921f-FRA
pragma: no-cache
date: Fri, 29 Jul 2022 08:57:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
p3p: policyref="http://vhsrwd.aip24.pl/w3c/p3p.xml", CP="ADMa DEVa TAIa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin: https://gs24.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
content-length: 15
expires: 0

OPTIONS
H2 204 events
vhsrwd.aip24.pl/v1/streams/nWtM4NQ4cgHZ/ Frame 0
0 203ms
65ms Preflight 2606:4700:10::6816:41f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vhsrwd.aip24.pl/v1/streams/nWtM4NQ4cgHZ/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:41f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://gs24.pl
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://gs24.pl
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 7324a582bc4a6963-FRA
date: Fri, 29 Jul 2022 08:57:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000

GET
H2 200 ui-gdpr-pl.97ffcdd53ec8686a7706c94afb162c3d697df05d.js Show response
sdk.privacy-center.org/ 277 KB
59 KB 41ms
41ms Script
application/javascript 2600:9000:223f:8800:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/ui-gdpr-pl.97ffcdd53ec8686a7706c94afb162c3d697df05d.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.97ffcdd53ec8686a7706c94afb162c3d697df05d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8800:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61e4dcd7d0bd0a51f24cae761b2918e3867615f2c6fd3a9c5430b373f2c5f278

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 26 Jul 2022 12:46:19 GMT
content-encoding: gzip
last-modified: Tue, 26 Jul 2022 12:41:34 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1658839013/ctime:1658839013/gid:0/gname:root/md5:2ed0938454b9c77d5871cfdd306ff0b4/mode:33188/mtime:1658839013/uid:0/uname:root
age: 245463
etag: W/"2ed0938454b9c77d5871cfdd306ff0b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: mJPeUMAHD_qFmte8MFWtb3IAZ237XkVKQGqgNquQ3s7myzIWSzJ66g==

GET
H2 200 advisibility_polskapress.js Show response
d24rtvkqjwgutp.cloudfront.net/srv/ 10 KB
3 KB 152ms
44ms Script
application/javascript 2600:9000:206e:5e00:9:87b:340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d24rtvkqjwgutp.cloudfront.net/srv/advisibility_polskapress.js
Requested by: Host: jscdn.yieldbird.com
URL: https://jscdn.yieldbird.com/e690ce1d-8273-4dd0-b855-e6ec53f05fd1/yb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5e00:9:87b:340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac8553c77506823838b78bed00334d36cb73c9cbcd4b434ff4b4dbe5297b170a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: p6nUwp7hYp_dX6yzSdviduLWlKgoRZwv
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 20:37:11 GMT
server: AmazonS3
age: 1435
etag: W/"8f8da2421b4fb135fe82d75ebd2ad5d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ef3fdf4c8ab8a4babeb402e6d03ee7c2.cloudfront.net (CloudFront)
cache-control: max-age=1800
date: Fri, 29 Jul 2022 08:33:26 GMT
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: FEDu4w4Hekp5bhnzQ67kz09vrqVQW40ABpOWqwqDmQbny5jdmObNvA==

GET
H2 200 adops-tech.js Show response
d24rtvkqjwgutp.cloudfront.net/srv/ 11 KB
4 KB 150ms
46ms Script
application/javascript 2600:9000:206e:5e00:9:87b:340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d24rtvkqjwgutp.cloudfront.net/srv/adops-tech.js
Requested by: Host: jscdn.yieldbird.com
URL: https://jscdn.yieldbird.com/e690ce1d-8273-4dd0-b855-e6ec53f05fd1/yb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5e00:9:87b:340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 119f716909cb75ffd5242fc6c3d5e148144d8e64031a229b3084bcdab8d24d92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: sTS75LKQMWiTvhbQWExPwl5gMClUyYHX
content-encoding: gzip
last-modified: Tue, 26 Jul 2022 12:16:37 GMT
server: AmazonS3
age: 329
etag: W/"d77f4ca4337fb7d082283a1949e3b4f2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ef3fdf4c8ab8a4babeb402e6d03ee7c2.cloudfront.net (CloudFront)
cache-control: max-age=1800
date: Fri, 29 Jul 2022 08:51:53 GMT
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: SUtc1Ho5kD-drMShDcOTQtGb2qRyoRfyeQJf_nWqr24gDhmuo6ey2Q==

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 113ms
37ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1255
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 29 Jul 2022 09:36:26 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
339 B 136ms
44ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Fri, 29 Jul 2022 08:57:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1419318
x-guploader-uploadid: ADPycds5ly-F9Uw8pRQ6dBkLcihk5YldMFc8UNP2o7iczo8gvy92gQZuwnMtar1CaYFA_ZhoE0zgdoFlEttyqguUt8U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BL3Mep40KNWU0womc9SEJ487tbr%2Bcou9u9ck53%2B5KkCioiuNoQ10puStsQHgDfmSFMa98VW1pPV%2BCDOOmwY7cWwG4P5BOaLprT%2BhZyPJccf50vkn5CowqOUHqxZi1l4oQUmPV8i2g%2Bgvwzs0zg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7324a5834aab9a12-FRA
expires: Tue, 12 Jul 2022 23:38:38 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 132ms
37ms Image
image/x-icon 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 14:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Jul 2022 14:28:05 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
934 B 135ms
43ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.396411924958439
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Fri, 29 Jul 2022 08:57:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1419318
x-guploader-uploadid: ADPycds5ly-F9Uw8pRQ6dBkLcihk5YldMFc8UNP2o7iczo8gvy92gQZuwnMtar1CaYFA_ZhoE0zgdoFlEttyqguUt8U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZiXTUfeTPJ%2BaaHltUy%2BCwSBnPv5f5HQQlvmUi3%2F8ZeiNOckmzAGJs1qnn9406J7n8shWrAK4L2Ibb5BX%2BdVVYMOJtG07SAEy1tQYeHcYLJobxjavw%2Fkl2K2soMDv3UIzo0FclA%2FJofnBPzPlw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7324a5834aae9a12-FRA
expires: Tue, 12 Jul 2022 23:38:38 GMT

GET
H3 200 polskapress.svg
s-nsk.ppstatic.pl/assets/nsk/v1.90.2/images/_sites/logo/svg/ 8 KB
3 KB 51ms
50ms Image
image/svg+xml 2606:4700:10::ac43:1b52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-nsk.ppstatic.pl/assets/nsk/v1.90.2/images/_sites/logo/svg/polskapress.svg
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d047f98682f2bd34ecf07ab3ae8dd08a86c8de8ad7efdd69d5430526bf60c8bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 10880021
cf-ray: 7324a582e8959ba0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Jan 2021 10:20:51 GMT
server: cloudflare
etag: W/"6013e183-1f7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 05 Jan 2023 20:42:29 GMT

GET
H2 200 fpdata.js Show response
mreg.hit.gemius.pl/ 276 B
390 B 63ms
63ms Script
application/x-javascript 78.24.163.112
POLSKAPRESS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mreg.hit.gemius.pl/fpdata.js?href=gs24.pl
Requested by: Host: mreg.hit.gemius.pl
URL: https://mreg.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 78.24.163.112 , Poland, ASN34409 (POLSKAPRESS-AS, PL),
Reverse DNS: gemius-01.kli.grtech.pl
Software: GHC /
Resource Hash: 760f58b27982788f6c7f62d9df3476d631da48b6d07c697c872240dce14cd69c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 08:57:21 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 276
expires: Sun, 28 Aug 2022 08:57:21 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame EF81 5 KB
3 KB 368ms
55ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: mreg.hit.gemius.pl
URL: https://mreg.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: 06323d435579e5173f749988bef1e63f8c9ff3fd4255dae3220d6f78d32a9492

Request headers

Referer: https://gs24.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2721
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Jul 2022 08:57:21 GMT
etag: PRIVATE7520710249
expires: Sun, 28 Aug 2022 08:57:21 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 143ms
48ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2770843-19&cid=1322646605.1659085041&jid=50294331&gjid=1406338726&_gid=1150754086.1659085041&_u=aGBAgEAjAAAAAE~&z=2088333658

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gs24.pl/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 29 Jul 2022 08:57:21 GMT
content-type: text/plain
access-control-allow-origin: https://gs24.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
433 B 138ms
47ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-954015-7&cid=1322646605.1659085041&jid=423767227&gjid=101959246&_gid=1150754086.1659085041&_u=aGDAgEAjAAAAAE~&z=564858750

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gs24.pl/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 29 Jul 2022 08:57:21 GMT
content-type: text/plain
access-control-allow-origin: https://gs24.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
37ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1665714385&t=pageview&_s=1&dl=https%3A%2F%2Fgs24.pl%2Fwakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar%2Fc9-16530997&ul=en-us&de=UTF-8&dt=Strona%20nie%20zosta%C5%82a%20znaleziona%20-%20b%C5%82%C4%85d%20404%20%7C%20G%C5%82os%20Szczeci%C5%84ski&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAj~&jid=50294331&gjid=1406338726&cid=1322646605.1659085041&tid=UA-2770843-19&_gid=1150754086.1659085041&gtm=2wg7r0NP2BMFJ&z=1209830480

Requested by

Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 09:07:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 85803
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
37ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1665714385&t=pageview&_s=1&dl=https%3A%2F%2Fgs24.pl%2Fwakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar%2Fc9-16530997&ul=en-us&de=UTF-8&dt=Strona%20nie%20zosta%C5%82a%20znaleziona%20-%20b%C5%82%C4%85d%20404%20%7C%20G%C5%82os%20Szczeci%C5%84ski&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEAjAAAAAE~&jid=423767227&gjid=101959246&cid=1322646605.1659085041&tid=UA-954015-7&_gid=1150754086.1659085041&gtm=2wg7r0WQCXKB&z=900511418

Requested by

Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 09:07:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 85803
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
37ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1665714385&t=event&ni=0&_s=1&dl=https%3A%2F%2Fgs24.pl%2Fwakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar%2Fc9-16530997&ul=en-us&de=UTF-8&dt=Strona%20nie%20zosta%C5%82a%20znaleziona%20-%20b%C5%82%C4%85d%20404%20%7C%20G%C5%82os%20Szczeci%C5%84ski&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=notice_shown&ea=click&_u=aGDAgEAjAAAAAE~&jid=&gjid=&cid=1322646605.1659085041&tid=UA-2770843-19&_gid=1150754086.1659085041&gtm=2wg7r0NP2BMFJ&z=1770048518

Requested by

Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 09:07:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 85803
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pv Show response
api.btloader.com/ 0
128 B 241ms
150ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=BzZ4cszt&w=6252542162370560&o=5659168086163456&cv=2.0.9-1-g2cac8e3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fgs24.pl%2Fwakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar%2Fc9-16530997&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5659168086163456&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Jul 2022 08:57:21 GMT
cache-control: no-cache, no-store, must-revalidate
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

OPTIONS
H2 204 events
vhsrwd.aip24.pl/v1/streams/nWtM4NQ4cgHZ/ Frame 0
0 55ms
55ms Preflight 2606:4700:10::6816:41f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vhsrwd.aip24.pl/v1/streams/nWtM4NQ4cgHZ/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:41f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://gs24.pl
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://gs24.pl
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 7324a583fdd36963-FRA
date: Fri, 29 Jul 2022 08:57:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000

POST
H2 204 events Show response
vhsrwd.aip24.pl/v1/streams/nWtM4NQ4cgHZ/ 0
34 B 51ms
51ms XHR
text/plain 2606:4700:10::6816:41f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vhsrwd.aip24.pl/v1/streams/nWtM4NQ4cgHZ/events

Requested by

Host: s-nsk.ppstatic.pl
URL: https://s-nsk.ppstatic.pl/lib/events/v0.16.0/deep/v3/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:41f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Referer: https://gs24.pl/
accept-language: de-DE,de;q=0.9
Authorization: bearer o8qhHcJaM2plYsOVTEQsWuqL
Content-Type: application/json

Response headers

date: Fri, 29 Jul 2022 08:57:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-origin: https://gs24.pl
access-control-allow-credentials: true
cf-ray: 7324a5844985921f-FRA

POST
H2 204 events Show response
vhsrwd.aip24.pl/v1/streams/nWtM4NQ4cgHZ/ 0
35 B 52ms
52ms XHR
text/plain 2606:4700:10::6816:41f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vhsrwd.aip24.pl/v1/streams/nWtM4NQ4cgHZ/events

Requested by

Host: s-nsk.ppstatic.pl
URL: https://s-nsk.ppstatic.pl/lib/events/v0.16.0/deep/v3/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:41f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Referer: https://gs24.pl/
accept-language: de-DE,de;q=0.9
Authorization: bearer o8qhHcJaM2plYsOVTEQsWuqL
Content-Type: application/json

Response headers

date: Fri, 29 Jul 2022 08:57:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-origin: https://gs24.pl
access-control-allow-credentials: true
cf-ray: 7324a584598a921f-FRA

OPTIONS
H2 204 events
vhsrwd.aip24.pl/v1/streams/nWtM4NQ4cgHZ/ Frame 0
0 64ms
64ms Preflight 2606:4700:10::6816:41f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vhsrwd.aip24.pl/v1/streams/nWtM4NQ4cgHZ/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:41f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://gs24.pl
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://gs24.pl
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 7324a583fdd46963-FRA
date: Fri, 29 Jul 2022 08:57:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000

GET
H2

200

redot.js Show response
mreg.hit.gemius.pl/__/_1659085041508/
Redirect Chain

https://mreg.hit.gemius.pl/_1659085041508/redot.js?l=107&id=oqg1Lb9B1XZTTPXGDcHIAsPbXtcWe29IcIig_0Sj6n7.c7&et=action&hsrc=3&extra=_EC%3Dnotice_shown%7C_EN%3Dclick%7Cadblock.status%3Doff%7Cads.stand...
https://mreg.hit.gemius.pl/__/_1659085041508/redot.js?l=107&id=oqg1Lb9B1XZTTPXGDcHIAsPbXtcWe29IcIig_0Sj6n7.c7&et=action&hsrc=3&extra=_EC%3Dnotice_shown%7C_EN%3Dclick%7Cadblock.status%3Doff%7Cads.st...

2 B
177 B

125ms
125ms

Script
application/x-javascript

78.24.163.112
POLSKAPRESS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mreg.hit.gemius.pl/__/_1659085041508/redot.js?l=107&id=oqg1Lb9B1XZTTPXGDcHIAsPbXtcWe29IcIig_0Sj6n7.c7&et=action&hsrc=3&extra=_EC%3Dnotice_shown%7C_EN%3Dclick%7Cadblock.status%3Doff%7Cads.standard%3Dbetter_ads%7Cads.recover%3Dnone%7Cads.standard%3Dbetter_ads%7Cads.recover%3Dnone%7Cads.status%3Don%7Cuser.is_logged%3D0%7Cuser.id_pp%3D0%7Cuser.is_editor%3D0%7Caccess.is_paid%3D0%7Csite.type%3D404%7Clocation.city%3D%7Clocation.province%3D%7Csubscription.period%3D0%7Ccomponents.all%3D%2Fpartials%2Ffavicon.twig%2C%2Ferror%2Fbaner%2C%2Fnavigation%2Ffooter%2Fexpanded%7Chitflag%3D1&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgs24.pl%2Fwakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar%2Fc9-16530997&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=xXsly.wG6Q_MsSY9CxrUTBGCIeOWffBnfzJ_Xz5D5yz.U7AbyRf8dmWT8HNG5FEQIdW9OS9kECTvJ.PHaVXUOafwCF7d/nhkI9cXuktBCG/&ltime=386&fpdata=l7GFIu23VkSxH9lpO03BqnrlSVSIb_02gBbwunowx8z.G7&fpcap=
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H2
Server: 78.24.163.112 , Poland, ASN34409 (POLSKAPRESS-AS, PL),
Reverse DNS: gemius-01.kli.grtech.pl
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 08:57:21 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 2
expires: Thu, 28 Jul 2022 08:57:21 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Jul 2022 08:57:21 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1659085041508/redot.js?l=107&id=oqg1Lb9B1XZTTPXGDcHIAsPbXtcWe29IcIig_0Sj6n7.c7&et=action&hsrc=3&extra=_EC%3Dnotice_shown%7C_EN%3Dclick%7Cadblock.status%3Doff%7Cads.standard%3Dbetter_ads%7Cads.recover%3Dnone%7Cads.standard%3Dbetter_ads%7Cads.recover%3Dnone%7Cads.status%3Don%7Cuser.is_logged%3D0%7Cuser.id_pp%3D0%7Cuser.is_editor%3D0%7Caccess.is_paid%3D0%7Csite.type%3D404%7Clocation.city%3D%7Clocation.province%3D%7Csubscription.period%3D0%7Ccomponents.all%3D%2Fpartials%2Ffavicon.twig%2C%2Ferror%2Fbaner%2C%2Fnavigation%2Ffooter%2Fexpanded%7Chitflag%3D1&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgs24.pl%2Fwakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar%2Fc9-16530997&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=xXsly.wG6Q_MsSY9CxrUTBGCIeOWffBnfzJ_Xz5D5yz.U7AbyRf8dmWT8HNG5FEQIdW9OS9kECTvJ.PHaVXUOafwCF7d/nhkI9cXuktBCG/&ltime=386&fpdata=l7GFIu23VkSxH9lpO03BqnrlSVSIb_02gBbwunowx8z.G7&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 28 Jul 2022 08:57:21 GMT

GET
H2

200

rexdot.js Show response
mreg.hit.gemius.pl/__/_1659085041510/
Redirect Chain

https://mreg.hit.gemius.pl/_1659085041510/rexdot.js?l=100&id=oqg1Lb9B1XZTTPXGDcHIAsPbXtcWe29IcIig_0Sj6n7.c7&et=view&hsrc=1&initsonar=1&extra=adblock.status%3Doff%7Cads.standard%3Dbetter_ads%7Cads.r...
https://mreg.hit.gemius.pl/__/_1659085041510/rexdot.js?l=100&id=oqg1Lb9B1XZTTPXGDcHIAsPbXtcWe29IcIig_0Sj6n7.c7&et=view&hsrc=1&initsonar=1&extra=adblock.status%3Doff%7Cads.standard%3Dbetter_ads%7Cad...

504 B
758 B

165ms
165ms

Script
application/x-javascript

78.24.163.112
POLSKAPRESS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mreg.hit.gemius.pl/__/_1659085041510/rexdot.js?l=100&id=oqg1Lb9B1XZTTPXGDcHIAsPbXtcWe29IcIig_0Sj6n7.c7&et=view&hsrc=1&initsonar=1&extra=adblock.status%3Doff%7Cads.standard%3Dbetter_ads%7Cads.recover%3Dnone%7Cads.standard%3Dbetter_ads%7Cads.recover%3Dnone%7Cads.status%3Don%7Cuser.is_logged%3D0%7Cuser.id_pp%3D0%7Cuser.is_editor%3D0%7Caccess.is_paid%3D0%7Csite.type%3D404%7Clocation.city%3D%7Clocation.province%3D%7Csubscription.period%3D0%7Ccomponents.all%3D%2Fpartials%2Ffavicon.twig%2C%2Ferror%2Fbaner%2C%2Fnavigation%2Ffooter%2Fexpanded%7Chitflag%3D1&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgs24.pl%2Fwakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar%2Fc9-16530997&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=xXsly.wG6Q_MsSY9CxrUTBGCIeOWffBnfzJ_Xz5D5yz.U7AbyRf8dmWT8HNG5FEQIdW9OS9kECTvJ.PHaVXUOafwCF7d/nhkI9cXuktBCG/&ltime=386&fpdata=l7GFIu23VkSxH9lpO03BqnrlSVSIb_02gBbwunowx8z.G7&fpcap=
Requested by: Host: gs24.pl
URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997
Protocol: H2
Server: 78.24.163.112 , Poland, ASN34409 (POLSKAPRESS-AS, PL),
Reverse DNS: gemius-01.kli.grtech.pl
Software: GHC /
Resource Hash: 77e9ee1371e0f89bb25a862a3f0d8cbe651f3eb2364ccfce7cc3227eb1b7d662

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gs24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 08:57:21 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 504
expires: Thu, 28 Jul 2022 08:57:21 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Jul 2022 08:57:21 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1659085041510/rexdot.js?l=100&id=oqg1Lb9B1XZTTPXGDcHIAsPbXtcWe29IcIig_0Sj6n7.c7&et=view&hsrc=1&initsonar=1&extra=adblock.status%3Doff%7Cads.standard%3Dbetter_ads%7Cads.recover%3Dnone%7Cads.standard%3Dbetter_ads%7Cads.recover%3Dnone%7Cads.status%3Don%7Cuser.is_logged%3D0%7Cuser.id_pp%3D0%7Cuser.is_editor%3D0%7Caccess.is_paid%3D0%7Csite.type%3D404%7Clocation.city%3D%7Clocation.province%3D%7Csubscription.period%3D0%7Ccomponents.all%3D%2Fpartials%2Ffavicon.twig%2C%2Ferror%2Fbaner%2C%2Fnavigation%2Ffooter%2Fexpanded%7Chitflag%3D1&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgs24.pl%2Fwakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar%2Fc9-16530997&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=xXsly.wG6Q_MsSY9CxrUTBGCIeOWffBnfzJ_Xz5D5yz.U7AbyRf8dmWT8HNG5FEQIdW9OS9kECTvJ.PHaVXUOafwCF7d/nhkI9cXuktBCG/&ltime=386&fpdata=l7GFIu23VkSxH9lpO03BqnrlSVSIb_02gBbwunowx8z.G7&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 28 Jul 2022 08:57:21 GMT

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gs24.pl/	1969-12-31 23:59:59	Name: sesja_ppg Value: l1qc48ckuh6fjujb2je6i8on34
.gs24.pl/	1970-01-20 04:52:19	Name: ppa_preload_layer Value: 1
.gs24.pl/	1970-01-20 13:37:01	Name: deepbi_firstparty_cookie Value: cl668eajh2i3c7pu57b
.gs24.pl/	1970-01-20 04:51:26	Name: deepbi_user_session Value: ab8e4e2b-259e-45e7-b440-bc0807c7f74f\|1
.polskapress.pl/	1970-01-20 13:38:27	Name: didomi_accept_cookie Value: 1
.polskapress.pl/	1970-01-20 13:38:27	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTgyNDkyY2EtYzRlYi02OGJiLTk0ZDktMjdkMDBhZTgwNmVkIiwiY3JlYXRlZCI6IjIwMjItMDctMjlUMDg6NTc6MjAuOTU3WiIsInVwZGF0ZWQiOiIyMDIyLTA3LTI5VDA4OjU3OjIwLjk1N1oiLCJ2ZXJzaW9uIjpudWxsfQ==
.gs24.pl/	1970-01-20 22:22:37	Name: _ga Value: GA1.2.1322646605.1659085041
.gs24.pl/	1970-01-20 04:52:51	Name: _gid Value: GA1.2.1150754086.1659085041
.gs24.pl/	1970-01-20 04:51:25	Name: _dc_gtm_UA-2770843-19 Value: 1
.gs24.pl/	1970-01-20 04:51:25	Name: _dc_gtm_UA-954015-7 Value: 1
.gs24.pl/	1970-01-20 14:20:13	Name: __gfp_64b Value: l7GFIu23VkSxH9lpO03BqnrlSVSIb_02gBbwunowx8z.G7\|1659085041
.gs24.pl/	1969-12-31 23:59:59	Name: deepbi_user_deepcookie Value: l668eatm-u8ss6a
.hit.gemius.pl/	1970-01-20 05:01:29	Name: Gtest Value: KlGC4RMGQMGGeSkmkioPvglissGMXP8c25nSGJHEJGnIXBG.
.hit.gemius.pl/	1970-01-20 14:20:13	Name: Gdyn Value: Klx4HRGGQMGGeSkmkioPvglissGMXP8c25nSGJHEJGnIFRxSG7RrGS6Gt9GBFlMMYH7hRjBGqSRxSG8.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997(Line 378) Message: A preload for 'https://fonts.googleapis.com/css?family=Roboto:400,700,900%7CRoboto+Condensed:700&subset=latin,latin-ext&display=swap' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997(Line 378) Message: A preload for 'https://fonts.googleapis.com/css?family=Roboto:400,700,900%7CRoboto+Condensed:700&subset=latin,latin-ext&display=swap' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript	warning	URL: https://gs24.pl/wakacje-kredytowe-oplacaja-sie-wszystkim-trzeba-sie-spieszycar/c9-16530997 Message: The resource https://fonts.googleapis.com/css?family=Roboto:400,700,900%7CRoboto+Condensed:700&subset=latin,latin-ext&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
api.btloader.com
atm.api.dmp.nsaudience.pl
btloader.com
cdn.insurads.com
d24rtvkqjwgutp.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gs24.pl
jscdn.yieldbird.com
ls.hit.gemius.pl
mreg.hit.gemius.pl
privacy.polskapress.pl
s-nsk.ppstatic.pl
sdk.privacy-center.org
securepubads.g.doubleclick.net
stats.g.doubleclick.net
vhsrwd.aip24.pl
www.google-analytics.com
www.googletagmanager.com
130.211.23.194
142.250.184.194
142.250.185.166
146.59.30.96
18.66.112.125
185.180.12.68
2600:9000:206e:5e00:9:87b:340:21
2600:9000:206e:c00:4:f9aa:3d40:93a1
2600:9000:223f:8800:5:b7cc:d3c0:93a1
2606:4700:10::6816:41f1
2606:4700:10::ac43:1b52
2606:4700:20::681a:78b
2606:4700:20::ac43:4513
2a00:1450:4001:808::2003
2a00:1450:4001:812::2008
2a00:1450:4001:829::200e
2a00:1450:400c:c1b::9b
2a00:1450:400e:811::200a
2a02:1320:ffff:0:195:8:99:67
46.4.68.145
78.24.163.112
06323d435579e5173f749988bef1e63f8c9ff3fd4255dae3220d6f78d32a9492
0c3c10e90f70d13fd8f1505be7085a76ebc96ce503a4086d2c48649722ca0e69
119f716909cb75ffd5242fc6c3d5e148144d8e64031a229b3084bcdab8d24d92
155feed0f7beaf76d3b61ad80a3b5ea26f984dade1f2c42f194230b480c1324a
1a7a4214540fcdaf6f9793f9d042d077535cc3a82c5e2ff53be315f5bfe678ff
1d86c0002edfc5115e21c434d561bcc41ab3cdd4ef9316616df955df4a629df2
2a2f037a65e03bbffc4870ea83a30ebb3baf7d1953a5521089459af94e66f09e
2a56adfc22283f9a4369986b367653ad4543217ee24852bed5daada69e31ff34
37603a17786da26b64bea00880b20091eabaff609b55633a333fd8a5a822c11b
37817d480516ddae5f54bd6de5920b274a3f8e8f7f9e0fc337309fb6859423e0
38851a0e24e5d8646e21d9a9485b894f1a930fa9f3a78af88c844770d603e3c9
38e41aac69f0936c6e20145f26a06ad5301f0026604a679e3130600c9a169110
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
46f50673284a26b8038be90143da6d79009566967c76dd754e729aae27c180db
4dd30f59ed701805d9fca0d4abf733ae5514110edfdeb68e07756a1f2966bcba
4fc4893c2d1cf07881b25f56d3828288834011aacc185fcc215e4a1aeaa6ecbe
594fca895709d6dbd169eedf9a62143319efe7f5eb785474ca9c97d6a202178e
5967a22495c679d18207786bb5948eb2c4179c8b0763700fefc981fdac0d3419
5dc7ed46829688bbe940586a4c2e46abaf9a323b58083e6aa2486ee086a215af
61e4dcd7d0bd0a51f24cae761b2918e3867615f2c6fd3a9c5430b373f2c5f278
6b1b094bec8949f79685bf35810b0a522967e71bf0d9d81f968ccbfb10d5e0e2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f4a920a8f07e0e54d4df1f88932064a48961c922180c74203ff8cddad4fb581
6f761aab3bf051efa97b8361efb44ec6aeab54bbdd9605bf673c401164fc9a21
6fc0ec0ad1f1bf41ce1471f992588a8fa6e05c503830cb7480e26abc28a16b43
739bca7aa41487597ba994caeb26e5b3dd26eeecca11281ea8ab079dadda20a8
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
760f58b27982788f6c7f62d9df3476d631da48b6d07c697c872240dce14cd69c
77e9ee1371e0f89bb25a862a3f0d8cbe651f3eb2364ccfce7cc3227eb1b7d662
7fdb9663941a5dab9feabc36f94667a6c85e51bdf0c2a2788578de6108baf4f1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b0db76bf7be6d1c80374b3173b34916cac2b8da42a127a457db444e50d56498
8bc4a46b19318a8abd7497ef564366b2c32f910ddba18eb31cdc562eb16cd464
8e4b32333d14d5d66d21acaa9425c85856fba1823de62471f8b858ab397bb7a7
929f0b5db0745bab36c5283203e01a5e434632e7d5a181508ee57d1e3d7ced42
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9342f65c2a6dabe315bb44d2471e1e95eecb5f64df910e2bab23434f5bbecb3e
98148db478f4e751a420f83fa8e08f0f469ff5cfe25ef8a5f3ff18915f3d6ed1
9eab059b6229ac6ebc752c05a056c022f46ff79e2544d29ffb61e910bcad61a1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac8553c77506823838b78bed00334d36cb73c9cbcd4b434ff4b4dbe5297b170a
b2c0fc8f3c67bdbf67c602bf84aeda3421bcc7e7e3d6457fd973698dc1a3627e
be5ff15629189a05e31e2655d6c1dd19e9dd8fc55a4fcdaf26413153b4120f7e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00fdc028806fdb1dd71620ddffb0be2baea8f86ecc7d57410a0256fba4bbcd7
d047f98682f2bd34ecf07ab3ae8dd08a86c8de8ad7efdd69d5430526bf60c8bc
d0988816072017bd80c47e4ed0bf0fb2ee3a48c5b5b37895c6178da89ab06cba
d2d49e56e3439a3147619b79b533a978d775d771b85e478816a26a0f9e8abd45
d5e42d2deac21a272634a7e4cf0131b7c751d7eac7932286c4a32a128e4f1d40
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db0eea55a89c607cc293f9fd116d1d336b4e42111b19c57431b2ad5f58fe3f06
df34167a622657f8d4e28f03869e74d1478f095ec89ca576851e566da880df67
e2aaf99ce55a4301e7f828f3695f3b5bc34d39fac00bbc62bd50777010985691
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96605565a746341314e47dd3d8b1556c4086f5c2916f4c86ae86561cadbcee3
ef49faab85bb84ef311393dcef2d08b2e4ae24d87c38f52bf7e8e4866e8a250e
f19a2e5bdadf18375956baf38009fde3b1af71ce71c710326932bad6ce239e41
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6affa4b1de1abe7e4de2d6299fe12efa833eb5a11fc3eecac56850ffe592be7
fc4ebc16199b00dbc9263f16b0c6d5ce2b9a32bc8b0ba1b32ceea47813318209
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

gs24.pl Open in urlscan Pro 2a02:1320:ffff:0:195:8:99:67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

71 Requests

97 %HTTPS

62 %IPv6

17 Domains

21 Subdomains

22 IPs

7 Countries

1106 kBTransfer

3145 kBSize

14 Cookies

49 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gs24.pl Open in urlscan Pro
2a02:1320:ffff:0:195:8:99:67 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

97 %
HTTPS

62 %
IPv6

17
Domains

21
Subdomains

22
IPs

7
Countries

1106 kB
Transfer

3145 kB
Size

14
Cookies

71 HTTP transactions
3 data transactions