qrntwski.ugu.pl Open in urlscan Pro
178.33.52.226 Public Scan

URL:
http://qrntwski.ugu.pl/
Submission: On June 12 via manual (June 12th 2021, 8:28:26 am UTC) from PL

Summary HTTP 34 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 10 domains to perform 34 HTTP transactions. The main IP is 178.33.52.226, located in Murs-Erigne, France and belongs to OVH, FR. The main domain is qrntwski.ugu.pl.

This is the only time qrntwski.ugu.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	178.33.52.226 178.33.52.226	16276 (OVH) (OVH)
2	78.47.91.50 78.47.91.50	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	212.77.101.20 212.77.101.20	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	78.47.91.49 78.47.91.49	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
11	193.17.41.93 193.17.41.93	31080 (O2-AS) (O2-AS)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
34	14

1 178.33.52.226 (Murs-Erigne, France)

ASN16276 (OVH, FR)
PTR: users1.ugu.pl

qrntwski.ugu.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.47.91.50 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.stooq.com

static.stooq.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.77.101.20 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: krs.wp.pl

cw.money.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.47.91.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.stooq.com

static.stooq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 193.17.41.93 (Poland)

ASN31080 (O2-AS, PL)
PTR: s1.sportowefakty.wp.pl

static1.money.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

048987fa33da7fcec1b6bf2c5b4082fa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	money.pl cw.money.pl static1.money.pl	19 KB
6	googlesyndication.com 048987fa33da7fcec1b6bf2c5b4082fa.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	25 KB
2	google.com adservice.google.com www.google.com	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	stooq.com static.stooq.com	2 KB
2	doubleclick.net securepubads.g.doubleclick.net	112 KB
2	stooq.pl static.stooq.pl	4 KB
1	google.de adservice.google.de	853 B
1	googletagservices.com www.googletagservices.com	21 KB
1	ugu.pl qrntwski.ugu.pl	3 KB
34	10

	Domain	Requested by
11	static1.money.pl	cw.money.pl
4	cw.money.pl	qrntwski.ugu.pl
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	www.google-analytics.com	qrntwski.ugu.pl www.google-analytics.com
2	static.stooq.com	qrntwski.ugu.pl
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	static.stooq.pl	qrntwski.ugu.pl
1	www.google.com	tpc.googlesyndication.com
1	048987fa33da7fcec1b6bf2c5b4082fa.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.googletagservices.com	qrntwski.ugu.pl
1	qrntwski.ugu.pl
34	14

This site contains links to these domains. Also see Links.

Domain
stooq.pl

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://qrntwski.ugu.pl/
Frame ID: 2EFA5F6D364592DCAE30C7DA0C90DD0D
Requests: 16 HTTP requests in this frame

Frame: http://cw.money.pl/indeksy_gpw.html
Frame ID: ED2F67CA231C20CDF507AE926EF4B7DB
Requests: 3 HTTP requests in this frame

Frame: http://cw.money.pl/mapki_pogoda_mala.html
Frame ID: 03A12F767914594376CDEB5131F85618
Requests: 4 HTTP requests in this frame

Frame: http://cw.money.pl/wiadomosci_kraj.html
Frame ID: 1200D3270E1E33057BE1F2D307ABA633
Requests: 4 HTTP requests in this frame

Frame: http://cw.money.pl/wiadomosci_swiat.html
Frame ID: A432BB2AC433D3CD84C983798BCB3D8E
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 85282FE085A8CB2AEA0491019DB89C06
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5752168AE667D224D170DAF93248E1B5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

34
Requests

38 %
HTTPS

57 %
IPv6

10
Domains

14
Subdomains

14
IPs

4
Countries

208 kB
Transfer

523 kB
Size

3
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://stooq.pl/q/?s=^dji
Title: Dow

Search URL Search Domain Scan URL

URL: https://stooq.pl/q/?s=^ndq
Title: Nasdaq

Search URL Search Domain Scan URL

URL: https://stooq.pl/q/?s=^nkx
Title: Nikkei

Search URL Search Domain Scan URL

URL: https://stooq.pl/q/?s=^dax
Title: DAX

Search URL Search Domain Scan URL

URL: https://stooq.pl/q/?s=cl.f
Title: Ropa WTI

Search URL Search Domain Scan URL

URL: https://stooq.pl/q/?s=xauusd
Title: Złoto

Search URL Search Domain Scan URL

URL: https://stooq.pl/q/?s=^ndq&c=1y&t=l

Search URL Search Domain Scan URL

URL: https://stooq.pl/q/?s=eurpln
Title: EUR/PLN

Search URL Search Domain Scan URL

URL: https://stooq.pl/q/?s=chfpln
Title: CHF/PLN

Search URL Search Domain Scan URL

URL: https://stooq.pl/q/?s=usdpln
Title: USD/PLN

Search URL Search Domain Scan URL

URL: https://stooq.pl/q/?s=eurusd
Title: EUR/USD

Search URL Search Domain Scan URL

URL: https://stooq.pl/q/?s=gbpusd
Title: GBP/USD

Search URL Search Domain Scan URL

URL: https://stooq.pl/q/?s=usdjpy
Title: USD/JPY

Search URL Search Domain Scan URL

URL: https://stooq.pl/q/?s=eurusd&c=1y&t=l

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
qrntwski.ugu.pl/ 7 KB
3 KB 118ms
89ms Document
text/html 178.33.52.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://qrntwski.ugu.pl/
Protocol: HTTP/1.1
Server: 178.33.52.226 Murs-Erigne, France, ASN16276 (OVH, FR),
Reverse DNS: users1.ugu.pl
Software: Apache /
Resource Hash: c0ec44f4575f5910328aa02dace59ca7d14ca4f91b726df40a4c78baee81c42a

Request headers

Host: qrntwski.ugu.pl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 08:28:09 GMT
Server: Apache
X-Adverts: ugu.pl/0.3
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2544
Connection: close
Content-Type: text/html

GET
H/1.1 200
OK wc.js Show response
static.stooq.pl/pp/ 2 KB
2 KB 98ms
50ms Script
application/javascript 78.47.91.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://static.stooq.pl/pp/wc.js
Requested by: Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol: HTTP/1.1
Server: 78.47.91.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.stooq.com
Software: nginx /
Resource Hash: b893cdf4f7e7008f5172364756c3630e8155e960b579b254cc3e8234df6f2c02

Request headers

Referer: http://qrntwski.ugu.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 08:28:10 GMT
Last-Modified: Sat, 12 Jun 2021 08:27:16 GMT
Server: nginx
ETag: "60c46fe4-651"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1617

GET
H/1.1 200
OK cc.js Show response
static.stooq.pl/pp/ 2 KB
2 KB 98ms
50ms Script
application/javascript 78.47.91.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://static.stooq.pl/pp/cc.js
Requested by: Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol: HTTP/1.1
Server: 78.47.91.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.stooq.com
Software: nginx /
Resource Hash: 173e97f6eebfa6e6e43f766944c679e055578d5cba82ae8b46cb9c6d8c914e95

Request headers

Referer: http://qrntwski.ugu.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 08:28:10 GMT
Last-Modified: Sat, 12 Jun 2021 08:27:16 GMT
Server: nginx
ETag: "60c46fe4-665"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1637

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 61 KB
21 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://qrntwski.ugu.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 08:28:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "900 / 106 of 1000 / last-modified: 1623449339"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 21293
X-XSS-Protection: 0
Expires: Sat, 12 Jun 2021 08:28:10 GMT

GET
H/1.1 200
OK indeksy_gpw.html Show response
cw.money.pl/ Frame ED2F 2 KB
1 KB 139ms
98ms Document
text/html 212.77.101.20
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: http://cw.money.pl/indeksy_gpw.html
Requested by: Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol: HTTP/1.1
Server: 212.77.101.20 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: krs.wp.pl
Software: nginx /
Resource Hash: 0033b7fe98b83e0e79fa5014b5526acb5fd9154ee90859b154ed726ec6635e24

Request headers

Host: cw.money.pl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://qrntwski.ugu.pl/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://qrntwski.ugu.pl/

Response headers

Server: nginx
Date: Sat, 12 Jun 2021 08:28:10 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 837
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding

GET
H/1.1 200
OK mapki_pogoda_mala.html Show response
cw.money.pl/ Frame 03A1 2 KB
1 KB 128ms
88ms Document
text/html 212.77.101.20
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: http://cw.money.pl/mapki_pogoda_mala.html
Requested by: Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol: HTTP/1.1
Server: 212.77.101.20 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: krs.wp.pl
Software: nginx /
Resource Hash: 0334a1512142646f974b58a1f1fa2d8cbfbce2c4df8178cc8cfad1bf456a4a24

Request headers

Host: cw.money.pl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://qrntwski.ugu.pl/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://qrntwski.ugu.pl/

Response headers

Server: nginx
Date: Sat, 12 Jun 2021 08:28:10 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 851
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding

GET
H2 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ 318 KB
112 KB 101ms
32ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://qrntwski.ugu.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 08:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Sat, 12 Jun 2021 08:28:10 GMT

GET
H/1.1 200
OK %5Espx_1y_l.png
static.stooq.com/c/ 943 B
1 KB 76ms
48ms Image
image/png 78.47.91.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.stooq.com/c/%5Espx_1y_l.png
Requested by: Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol: HTTP/1.1
Server: 78.47.91.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.stooq.com
Software: nginx /
Resource Hash: d912809e8c3dbbdb69140e465a2261fe09ba7df695ce37195bdda0728dcf84d6

Request headers

Referer: http://qrntwski.ugu.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 08:28:10 GMT
Last-Modified: Fri, 11 Jun 2021 21:59:16 GMT
Server: nginx
ETag: "60c3dcb4-3af"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 943

GET
H/1.1 200
OK eurusd_1y_l.png
static.stooq.com/c/ 988 B
1 KB 65ms
39ms Image
image/png 78.47.91.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.stooq.com/c/eurusd_1y_l.png
Requested by: Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol: HTTP/1.1
Server: 78.47.91.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.stooq.com
Software: nginx /
Resource Hash: 6255c825016e2b68b059cdc5a4551b4a9d315fd7c7b0c601ba05b2de3d055270

Request headers

Referer: http://qrntwski.ugu.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 08:28:10 GMT
Last-Modified: Fri, 11 Jun 2021 21:59:16 GMT
Server: nginx
ETag: "60c3dcb4-3dc"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 988

GET
H/1.1 200
OK wiadomosci_kraj.html Show response
cw.money.pl/ Frame 1200 6 KB
2 KB 96ms
81ms Document
text/html 212.77.101.20
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: http://cw.money.pl/wiadomosci_kraj.html
Requested by: Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol: HTTP/1.1
Server: 212.77.101.20 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: krs.wp.pl
Software: nginx /
Resource Hash: fcfc2a5e742669c147f88df265b0a17060b58be928918596e01cdeb166bfbf92

Request headers

Host: cw.money.pl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://qrntwski.ugu.pl/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://qrntwski.ugu.pl/

Response headers

Server: nginx
Date: Sat, 12 Jun 2021 08:28:10 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 2228
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding

GET
H/1.1 200
OK wiadomosci_swiat.html Show response
cw.money.pl/ Frame A432 6 KB
2 KB 104ms
90ms Document
text/html 212.77.101.20
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: http://cw.money.pl/wiadomosci_swiat.html
Requested by: Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol: HTTP/1.1
Server: 212.77.101.20 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: krs.wp.pl
Software: nginx /
Resource Hash: 7d0412698e9ab06654b7ae9b30e9c9278dbfaac3a9306ea0cd5cbdd2bffe3259

Request headers

Host: cw.money.pl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://qrntwski.ugu.pl/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://qrntwski.ugu.pl/

Response headers

Server: nginx
Date: Sat, 12 Jun 2021 08:28:10 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 2139
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
19 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://qrntwski.ugu.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 207
date: Sat, 12 Jun 2021 08:24:43 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 12 Jun 2021 10:24:43 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1569327087&t=pageview&_s=1&dl=http%3A%2F%2Fqrntwski.ugu.pl%2F&ul=en-us&de=ISO-8859-2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=527004493&gjid=1668296258&cid=1301030627.1623486490&tid=UA-1665446-6&_gid=1745326154.1623486490&_r=1&_slc=1&z=6898472

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://qrntwski.ugu.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 08:28:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://qrntwski.ugu.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK swfobject.js Show response
static1.money.pl/j/ Frame 03A1 6 KB
3 KB 117ms
70ms Script
text/javascript 193.17.41.93
O2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://static1.money.pl/j/swfobject.js
Requested by: Host: cw.money.pl
URL: http://cw.money.pl/mapki_pogoda_mala.html
Protocol: HTTP/1.1
Server: 193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS: s1.sportowefakty.wp.pl
Software: nginx /
Resource Hash: ed03c6362a5b7fa3c0e4ed7afc991fc6471a25f3d2af8d3f5111137ae1ae853b

Request headers

Referer: http://cw.money.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 08:28:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Feb 2019 15:37:02 GMT
Server: nginx
ETag: W/"5e4c8d122c50c2c810d19bc9cef61628"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1209600
x-rgw-object-type: Normal
X-Proxy-Type: ceph
Connection: keep-alive
Transfer-Encoding: chunked
Expires: Sat, 26 Jun 2021 08:28:10 GMT

GET
H/1.1 200
OK moneypl_pp2.gif
static1.money.pl/i/loga/ Frame 03A1 1 KB
2 KB 117ms
71ms Image
image/gif 193.17.41.93
O2-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.money.pl/i/loga/moneypl_pp2.gif
Requested by: Host: cw.money.pl
URL: http://cw.money.pl/mapki_pogoda_mala.html
Protocol: HTTP/1.1
Server: 193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS: s1.sportowefakty.wp.pl
Software: nginx /
Resource Hash: 97f4c286f54019fbb874f2fce6c9d026b6016dc6aa9993a567f7bd5405c12b61

Request headers

Referer: http://cw.money.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 08:28:10 GMT
Last-Modified: Wed, 20 Feb 2019 15:36:58 GMT
Server: nginx
ETag: "42b8fe967bde79769819483f50cffd1d"
Content-Type: image/gif
Cache-Control: max-age=1209600
x-rgw-object-type: Normal
X-Proxy-Type: ceph
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1358
Expires: Sat, 26 Jun 2021 08:28:10 GMT

GET
H/1.1 200
OK moneypl_pp2.gif
static1.money.pl/i/loga/ Frame ED2F 1 KB
2 KB 129ms
84ms Image
image/gif 193.17.41.93
O2-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.money.pl/i/loga/moneypl_pp2.gif
Requested by: Host: cw.money.pl
URL: http://cw.money.pl/indeksy_gpw.html
Protocol: HTTP/1.1
Server: 193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS: s1.sportowefakty.wp.pl
Software: nginx /
Resource Hash: 97f4c286f54019fbb874f2fce6c9d026b6016dc6aa9993a567f7bd5405c12b61

Request headers

Referer: http://cw.money.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 08:28:10 GMT
Last-Modified: Wed, 20 Feb 2019 15:36:58 GMT
Server: nginx
ETag: "42b8fe967bde79769819483f50cffd1d"
Content-Type: image/gif
Cache-Control: max-age=1209600
x-rgw-object-type: Normal
X-Proxy-Type: ceph
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1358
Expires: Sat, 26 Jun 2021 08:28:10 GMT

GET
H/1.1 200
OK a3.gif
static1.money.pl/i/ Frame ED2F 46 B
415 B 124ms
79ms Image
image/gif 193.17.41.93
O2-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.money.pl/i/a3.gif
Requested by: Host: cw.money.pl
URL: http://cw.money.pl/indeksy_gpw.html
Protocol: HTTP/1.1
Server: 193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS: s1.sportowefakty.wp.pl
Software: nginx /
Resource Hash: 4ca63bc497ed178be3a527fc4232ae72a4ba9b6858554f028679c4f5542b274a

Request headers

Referer: http://cw.money.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 08:28:10 GMT
Last-Modified: Wed, 20 Feb 2019 15:36:54 GMT
Server: nginx
ETag: "50b0df7abd5e56775031bf761ef653b9"
Content-Type: image/gif
Cache-Control: max-age=1209600
x-rgw-object-type: Normal
X-Proxy-Type: ceph
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46
Expires: Sat, 26 Jun 2021 08:28:10 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=qrntwski.ugu.pl

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://qrntwski.ugu.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 12 Jun 2021 08:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qrntwski.ugu.pl

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://qrntwski.ugu.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 12 Jun 2021 08:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 473 B
291 B 177ms
144ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=649217559717546&correlator=4324061417989250&output=ldjh&impl=fifs&eid=31061223%2C31061279%2C31061361%2C31061143%2C44744016&vrg=2021060801&ptt=17&sc=0&sfv=1-0-38&ecs=20210612&iu_parts=1708342%2CUGU_PL_StronyUzytkownikow_CSWE_naglowek_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=23&abxe=1&lmt=1623486490&dt=1623486490261&dlt=1623486490009&idt=231&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=8&adks=2559276565&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fqrntwski.ugu.pl%2F&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1301030627.1623486490&ga_sid=1623486490&ga_hid=1569327087&ga_fc=false&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

a272b6b03299b44f02e14b0f402a427c6f6448809d77f40682a9f2422c5c2489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://qrntwski.ugu.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 08:28:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 261
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://qrntwski.ugu.pl
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
048987fa33da7fcec1b6bf2c5b4082fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 49ms
13ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://048987fa33da7fcec1b6bf2c5b4082fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://qrntwski.ugu.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK moneypl_pp2.gif
static1.money.pl/i/loga/ Frame 1200 1 KB
2 KB 45ms
43ms Image
image/gif 193.17.41.93
O2-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.money.pl/i/loga/moneypl_pp2.gif
Requested by: Host: cw.money.pl
URL: http://cw.money.pl/wiadomosci_kraj.html
Protocol: HTTP/1.1
Server: 193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS: s1.sportowefakty.wp.pl
Software: nginx /
Resource Hash: 97f4c286f54019fbb874f2fce6c9d026b6016dc6aa9993a567f7bd5405c12b61

Request headers

Referer: http://cw.money.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 08:28:10 GMT
Last-Modified: Wed, 20 Feb 2019 15:36:58 GMT
Server: nginx
ETag: "42b8fe967bde79769819483f50cffd1d"
Content-Type: image/gif
Cache-Control: max-age=1209600
x-rgw-object-type: Normal
X-Proxy-Type: ceph
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1358
Expires: Sat, 26 Jun 2021 08:28:10 GMT

GET
H/1.1 200
OK moneypl_pp2.gif
static1.money.pl/i/loga/ Frame A432 1 KB
2 KB 45ms
44ms Image
image/gif 193.17.41.93
O2-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.money.pl/i/loga/moneypl_pp2.gif
Requested by: Host: cw.money.pl
URL: http://cw.money.pl/wiadomosci_swiat.html
Protocol: HTTP/1.1
Server: 193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS: s1.sportowefakty.wp.pl
Software: nginx /
Resource Hash: 97f4c286f54019fbb874f2fce6c9d026b6016dc6aa9993a567f7bd5405c12b61

Request headers

Referer: http://cw.money.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 08:28:10 GMT
Last-Modified: Wed, 20 Feb 2019 15:36:58 GMT
Server: nginx
ETag: "42b8fe967bde79769819483f50cffd1d"
Content-Type: image/gif
Cache-Control: max-age=1209600
x-rgw-object-type: Normal
X-Proxy-Type: ceph
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1358
Expires: Sat, 26 Jun 2021 08:28:10 GMT

GET
H/1.1 200
OK a3.gif
static1.money.pl/i/ Frame 1200 46 B
415 B 55ms
47ms Image
image/gif 193.17.41.93
O2-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.money.pl/i/a3.gif
Requested by: Host: cw.money.pl
URL: http://cw.money.pl/wiadomosci_kraj.html
Protocol: HTTP/1.1
Server: 193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS: s1.sportowefakty.wp.pl
Software: nginx /
Resource Hash: 4ca63bc497ed178be3a527fc4232ae72a4ba9b6858554f028679c4f5542b274a

Request headers

Referer: http://cw.money.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 08:28:10 GMT
Last-Modified: Wed, 20 Feb 2019 15:36:54 GMT
Server: nginx
ETag: "50b0df7abd5e56775031bf761ef653b9"
Content-Type: image/gif
Cache-Control: max-age=1209600
x-rgw-object-type: Normal
X-Proxy-Type: ceph
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46
Expires: Sat, 26 Jun 2021 08:28:10 GMT

GET
H/1.1 200
OK a5.gif
static1.money.pl/i/ Frame 1200 46 B
415 B 84ms
70ms Image
image/gif 193.17.41.93
O2-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.money.pl/i/a5.gif
Requested by: Host: cw.money.pl
URL: http://cw.money.pl/wiadomosci_kraj.html
Protocol: HTTP/1.1
Server: 193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS: s1.sportowefakty.wp.pl
Software: nginx /
Resource Hash: a7de4e3bef1ab6d526efc5fd7937168ea532f5c874434370e42eeb1c48e48b46

Request headers

Referer: http://cw.money.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 08:28:10 GMT
Last-Modified: Wed, 20 Feb 2019 15:36:54 GMT
Server: nginx
ETag: "23029e5631945735f2bba9c7ad5a654f"
Content-Type: image/gif
Cache-Control: max-age=1209600
x-rgw-object-type: Normal
X-Proxy-Type: ceph
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46
Expires: Sat, 26 Jun 2021 08:28:10 GMT

GET
H/1.1 200
OK a3.gif
static1.money.pl/i/ Frame A432 46 B
415 B 61ms
48ms Image
image/gif 193.17.41.93
O2-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.money.pl/i/a3.gif
Requested by: Host: cw.money.pl
URL: http://cw.money.pl/wiadomosci_swiat.html
Protocol: HTTP/1.1
Server: 193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS: s1.sportowefakty.wp.pl
Software: nginx /
Resource Hash: 4ca63bc497ed178be3a527fc4232ae72a4ba9b6858554f028679c4f5542b274a

Request headers

Referer: http://cw.money.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 08:28:10 GMT
Last-Modified: Wed, 20 Feb 2019 15:36:54 GMT
Server: nginx
ETag: "50b0df7abd5e56775031bf761ef653b9"
Content-Type: image/gif
Cache-Control: max-age=1209600
x-rgw-object-type: Normal
X-Proxy-Type: ceph
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46
Expires: Sat, 26 Jun 2021 08:28:10 GMT

GET
H/1.1 200
OK a5.gif
static1.money.pl/i/ Frame A432 46 B
415 B 87ms
73ms Image
image/gif 193.17.41.93
O2-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.money.pl/i/a5.gif
Requested by: Host: cw.money.pl
URL: http://cw.money.pl/wiadomosci_swiat.html
Protocol: HTTP/1.1
Server: 193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS: s1.sportowefakty.wp.pl
Software: nginx /
Resource Hash: a7de4e3bef1ab6d526efc5fd7937168ea532f5c874434370e42eeb1c48e48b46

Request headers

Referer: http://cw.money.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 08:28:10 GMT
Last-Modified: Wed, 20 Feb 2019 15:36:54 GMT
Server: nginx
ETag: "23029e5631945735f2bba9c7ad5a654f"
Content-Type: image/gif
Cache-Control: max-age=1209600
x-rgw-object-type: Normal
X-Proxy-Type: ceph
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46
Expires: Sat, 26 Jun 2021 08:28:10 GMT

GET
H/1.1 200
OK a3.gif
static1.money.pl/i/ Frame 03A1 46 B
415 B 94ms
52ms Image
image/gif 193.17.41.93
O2-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.money.pl/i/a3.gif
Requested by: Host: cw.money.pl
URL: http://cw.money.pl/mapki_pogoda_mala.html
Protocol: HTTP/1.1
Server: 193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS: s1.sportowefakty.wp.pl
Software: nginx /
Resource Hash: 4ca63bc497ed178be3a527fc4232ae72a4ba9b6858554f028679c4f5542b274a

Request headers

Referer: http://cw.money.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 08:28:10 GMT
Last-Modified: Wed, 20 Feb 2019 15:36:54 GMT
Server: nginx
ETag: "50b0df7abd5e56775031bf761ef653b9"
Content-Type: image/gif
Cache-Control: max-age=1209600
x-rgw-object-type: Normal
X-Proxy-Type: ceph
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46
Expires: Sat, 26 Jun 2021 08:28:10 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 44ms
20ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c744d59042fd54bff5ba51df002dbb855d38498631d0873acbedd0003a81068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://qrntwski.ugu.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 12 Jun 2021 08:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7995
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://qrntwski.ugu.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 08:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 12 Jun 2021 08:28:10 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 8528 12 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://qrntwski.ugu.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://qrntwski.ugu.pl/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 12 Jun 2021 08:26:20 GMT
expires: Sun, 12 Jun 2022 08:26:20 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5752 783 B
779 B 16ms
16ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

51067a396c58bb642da96f4f24a0580496f91409ac92291880184b210f72ff28

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fhRbHvr15au+YzUeIjM0eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://qrntwski.ugu.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://qrntwski.ugu.pl/

Response headers

expires: Sat, 12 Jun 2021 08:28:10 GMT
date: Sat, 12 Jun 2021 08:28:10 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-fhRbHvr15au+YzUeIjM0eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 BIKfHL6N8NnL0SRbyz4COSMYlE8t2lwSnrtAnHeyH4k.js Show response
pagead2.googlesyndication.com/bg/ Frame 8528 14 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BIKfHL6N8NnL0SRbyz4COSMYlE8t2lwSnrtAnHeyH4k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04829f1cbe8df0d9cbd1245bcb3e02392318944f2dda5c129ebb409c77b21f89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 06:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5722
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 06:56:30 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=649217559717546&bg=!aWqlai7NAAY6sG-_OrA7ACkAdvg8WotStx4TMr7duqllDZtOYW9xCkMGZJti_BKK_JS5jUYK69NP-AIAAADQUgAAAA1oAQeZAmdKoVmJdGECSD06Tw2XT1U2tRoX8GIF7eYIRoy7MP6moYd__n4QM-qP_UD5On3WaoW2GiJ_ZNJrfBhDntsDykfM22uBgSBXkD-XNoiaTTb7Sw0T9CKRO29kl40Mq3dd5oXMsBNIGsIKLpUttzxJeDjDJFdNF7Rkez1rrTiJm2GX13B390ZGFc5xWvJz2NkWhZnlSL_ax8-4mvpCAIXygAHEbZC8S5T2dVYivR85ZUerRsQt_zSQV0Rz3weSnUtCnXP4ofmxjrj0O5gUc3fyg8byVGwzV-1wFGT3V91PgC5NRYsoEeu1-PBbHYCeR18t3AqBg7SLb-Y-0UrmKzz3qy_HFXifdifQ726cNuw5oGTdNkMCjMf1YukB7Wk7t_tieC6L_W54nnlPeiyLi2wfoxi0V-8ZXKEzWFnPJkPbq987y9Dwthl6QE_EijbiK1Kxm2YTuQ4mqxxiO8MDigCxJ-hxXKiRSVYBoNAnIWoZsiZSeYkdvjEA19gNGRmFy8V73wgKuIUOQEY9v9HjTFF3QIWPFTKybyjcGoVkW4UDacsTfBHusRuZB94Ce-4o84go4YNFCwxH9O-5TZ9eQpM6z9qcMgtgcjYc3RE_rmfo5I3BcUeXlBfkrNvlYokDqYx6tbpTEJ42bA6Z6mAynWm-49BmMVAw8LOAAbx_4aBR-3tu2rOZ8y5i09aV3LU70_q__yPrA3xN7FqU-FqtpSCncR0Cv4fmduP_9AMl4nyYhGdAKyf7Ehty3UMg1MPDf8lPwM1CwVvvcdpUCiW5Oad4i3E2KRrrhx4LEaIncHXoV88xjHfKFqosQ90

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://qrntwski.ugu.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 08:28:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ugu.pl/	1970-01-19 18:58:06	Name: _gat Value: 1
.ugu.pl/	1970-01-19 18:59:32	Name: _gid Value: GA1.2.1745326154.1623486490
.ugu.pl/	1970-01-20 12:29:18	Name: _ga Value: GA1.2.1301030627.1623486490

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

048987fa33da7fcec1b6bf2c5b4082fa.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cw.money.pl
pagead2.googlesyndication.com
qrntwski.ugu.pl
securepubads.g.doubleclick.net
static.stooq.com
static.stooq.pl
static1.money.pl
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
172.217.23.98
178.33.52.226
193.17.41.93
212.77.101.20
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2001
78.47.91.49
78.47.91.50
0033b7fe98b83e0e79fa5014b5526acb5fd9154ee90859b154ed726ec6635e24
0334a1512142646f974b58a1f1fa2d8cbfbce2c4df8178cc8cfad1bf456a4a24
04829f1cbe8df0d9cbd1245bcb3e02392318944f2dda5c129ebb409c77b21f89
0c744d59042fd54bff5ba51df002dbb855d38498631d0873acbedd0003a81068
173e97f6eebfa6e6e43f766944c679e055578d5cba82ae8b46cb9c6d8c914e95
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
4ca63bc497ed178be3a527fc4232ae72a4ba9b6858554f028679c4f5542b274a
4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104
51067a396c58bb642da96f4f24a0580496f91409ac92291880184b210f72ff28
6255c825016e2b68b059cdc5a4551b4a9d315fd7c7b0c601ba05b2de3d055270
7d0412698e9ab06654b7ae9b30e9c9278dbfaac3a9306ea0cd5cbdd2bffe3259
8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1
97f4c286f54019fbb874f2fce6c9d026b6016dc6aa9993a567f7bd5405c12b61
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a272b6b03299b44f02e14b0f402a427c6f6448809d77f40682a9f2422c5c2489
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7de4e3bef1ab6d526efc5fd7937168ea532f5c874434370e42eeb1c48e48b46
b893cdf4f7e7008f5172364756c3630e8155e960b579b254cc3e8234df6f2c02
c0ec44f4575f5910328aa02dace59ca7d14ca4f91b726df40a4c78baee81c42a
d912809e8c3dbbdb69140e465a2261fe09ba7df695ce37195bdda0728dcf84d6
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
ed03c6362a5b7fa3c0e4ed7afc991fc6471a25f3d2af8d3f5111137ae1ae853b
fcfc2a5e742669c147f88df265b0a17060b58be928918596e01cdeb166bfbf92

qrntwski.ugu.pl Open in urlscan Pro 178.33.52.226 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

34 Requests

38 %HTTPS

57 %IPv6

10 Domains

14 Subdomains

14 IPs

4 Countries

208 kBTransfer

523 kBSize

3 Cookies

14 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

qrntwski.ugu.pl Open in urlscan Pro
178.33.52.226 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

38 %
HTTPS

57 %
IPv6

10
Domains

14
Subdomains

14
IPs

4
Countries

208 kB
Transfer

523 kB
Size

3
Cookies

34 HTTP transactions
0 data transactions