www.kupino.pl Open in urlscan Pro
2606:4700:3036::6815:3853 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.ns.tescomasklep.pl/
Effective URL:
https://www.kupino.pl/gazetki/tescoma
Submission: On March 26 via automatic, source certstream-suspicious (March 26th 2021, 5:19:57 pm UTC)

Summary HTTP 93 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 17 domains to perform 93 HTTP transactions. The main IP is 2606:4700:3036::6815:3853, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.kupino.pl.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 10th 2020. Valid for: a year.

This is the only time www.kupino.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	77.78.104.3 77.78.104.3	15685 (CASABLANC...) (CASABLANCA-AS Internet & Collocation Provider)
1 18	2606:4700:303... 2606:4700:3036::6815:3853	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	185.29.133.58 185.29.133.58	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 5	138.201.63.149 138.201.63.149	24940 (HETZNER-AS) (HETZNER-AS)
1 2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.85.15.31 185.85.15.31	200107 (KL-EXT) (KL-EXT)
1	88.99.70.21 88.99.70.21	24940 (HETZNER-AS) (HETZNER-AS)
93	24

1 77.78.104.3 (Czech Republic) 1 redirects

ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ)
PTR: yurika.gransy.com

www.ns.tescomasklep.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:3036::6815:3853 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.kupino.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.kupino.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.133.58 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.117 (Ketsch, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.149 (Ketsch, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de

hal90009.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.85.15.31 (Russian Federation)

ASN200107 (KL-EXT, RU)

media.kaspersky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.70.21 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.21.70.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	371 KB
18	kupino.pl 1 redirects www.kupino.pl img.kupino.pl	212 KB
14	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	61 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net hal90009.redintelligence.net	9 KB
5	google.com 2 redirects adservice.google.com www.google.com	771 B
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	googletagservices.com www.googletagservices.com	135 KB
3	google.de adservice.google.de www.google.de	1013 B
3	google-analytics.com www.google-analytics.com	19 KB
2	awin1.com 1 redirects www.awin1.com	1 KB
2	gstatic.com fonts.gstatic.com	29 KB
1	contentspread.net cdn.contentspread.net	1 KB
1	kaspersky.com media.kaspersky.com	36 KB
1	googleapis.com fonts.googleapis.com	739 B
1	googleadservices.com partner.googleadservices.com	638 B
1	googletagmanager.com www.googletagmanager.com	31 KB
1	tescomasklep.pl 1 redirects www.ns.tescomasklep.pl	205 B
93	17

	Domain	Requested by
21	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
13	www.kupino.pl	1 redirects www.kupino.pl
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	www.kupino.pl pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	hal90009.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90009.redintelligence.net
5	img.kupino.pl	www.kupino.pl
4	www.google.com	2 redirects www.kupino.pl
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.awin1.com	1 redirects googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.de	www.kupino.pl
2	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.contentspread.net	hal90009.redintelligence.net
1	media.kaspersky.com	hal90009.redintelligence.net
1	fonts.googleapis.com	tpc.googlesyndication.com
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	www.kupino.pl
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.kupino.pl
1	www.ns.tescomasklep.pl	1 redirects
93	24

This site contains links to these domains. Also see Links.

Domain
www.kupino.at
www.kupino.com.ar
www.kupino.ca
www.kupino.co
www.kupino.cl
www.kupi.cz
www.kupino.de
www.kupino.es
www.kupino.fr
www.kupino.it
www.kupino.mx
www.kupino.nl
www.kupino.pe
www.kupino.sk
www.kupino.co.uk
www.kupino.com
www.kupino.co.za

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-10` - `2021-08-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
redintelligence.net R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
media.kaspersky.com DigiCert SHA2 Secure Server CA	`2020-05-14` - `2021-05-19`	a year	crt.sh
contentspread.net R3	`2021-02-01` - `2021-05-02`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.kupino.pl/gazetki/tescoma
Frame ID: EC98A82B5A468B7A4E33661EB50627BE
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210322/r20190131/zrt_lookup.html
Frame ID: E4D6AE77866098F62DB3011C2EB83C95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&h=90&slotname=4473104156&adk=720800722&adf=854766408&pi=t.ma~as.4473104156&w=1200&fwrn=1&fwrnh=100&lmt=1616779179&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=2&wgl=1&dt=1616779179500&bpp=17&bdt=158&idt=97&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8371144229085&frm=20&pv=2&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RyfG1PaynP&p=https%3A//www.kupino.pl&dtd=125
Frame ID: 7AE15A3636E3CD7CD443DEFB20BC2409
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&h=250&slotname=5250999203&adk=3748912971&adf=755399958&pi=t.ma~as.5250999203&w=300&lmt=1616779179&psa=0&format=300x250&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&wgl=1&dt=1616779179517&bpp=3&bdt=175&idt=123&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=8371144229085&frm=20&pv=1&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68vztScvTJ&p=https%3A//www.kupino.pl&dtd=126
Frame ID: D3EF9E750EA551F83EBE9D654F838F3B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&h=600&slotname=7607793130&adk=2261506114&adf=4072245520&pi=t.ma~as.7607793130&w=300&lmt=1616779179&psa=0&format=300x600&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&wgl=1&dt=1616779179520&bpp=1&bdt=178&idt=126&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C300x250&correlator=8371144229085&frm=20&pv=1&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=M6AuMFn44D&p=https%3A//www.kupino.pl&dtd=131
Frame ID: D5073C4AA74BA3973117E174D3ACE9BF
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&adk=1812271804&adf=3025194257&lmt=1616779179&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&ea=0&flash=0&pra=7&wgl=1&dt=1616779179547&bpp=1&bdt=205&idt=108&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C300x250%2C300x600&nras=1&correlator=8371144229085&frm=20&pv=1&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=113
Frame ID: B1512E4C6630D980192BAD179E6ECF61
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 076CF7598841378F0EE2EAA973EB7A1B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kkn9n4GD9OXgriPD4kOG_dPH557D54jLHxFIPOGmCpU.js
Frame ID: AAF5221FA4DFA6C793A38A2965FBE157
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/index.html
Frame ID: B265305457BDB1AFE27E55D1B4BC0746
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 402E516EDD101C6A00CBFDE1F2C99685
Requests: 2 HTTP requests in this frame

Frame: https://hal90009.redintelligence.net/request_content.php?s=91171300136959302179199011545009&a=63358416
Frame ID: 28FF9C74AE27BCC0A7042CE52CB089FB
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: A5F23E5961B7E8B6C1CCBE1CA6D8215B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.ns.tescomasklep.pl/ HTTP 302
https://www.kupino.pl/gazetki/tescoma/ HTTP 301
http://www.kupino.pl/gazetki/tescoma HTTP 307
https://www.kupino.pl/gazetki/tescoma Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

93
Requests

100 %
HTTPS

63 %
IPv6

17
Domains

24
Subdomains

24
IPs

6
Countries

908 kB
Transfer

1902 kB
Size

11
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kupino.at/
Title: Kupino.at

Search URL Search Domain Scan URL

URL: https://www.kupino.com.ar/
Title: Kupino.com.ar

Search URL Search Domain Scan URL

URL: https://www.kupino.ca/
Title: Kupino.ca

Search URL Search Domain Scan URL

URL: https://www.kupino.co/
Title: Kupino.co

Search URL Search Domain Scan URL

URL: https://www.kupino.cl/
Title: Kupino.cl

Search URL Search Domain Scan URL

URL: https://www.kupi.cz/
Title: Kupi.cz

Search URL Search Domain Scan URL

URL: https://www.kupino.de/
Title: Kupino.de

Search URL Search Domain Scan URL

URL: https://www.kupino.es/
Title: Kupino.es

Search URL Search Domain Scan URL

URL: https://www.kupino.fr/
Title: Kupino.fr

Search URL Search Domain Scan URL

URL: https://www.kupino.it/
Title: Kupino.it

Search URL Search Domain Scan URL

URL: https://www.kupino.mx/
Title: Kupino.mx

Search URL Search Domain Scan URL

URL: https://www.kupino.nl/
Title: Kupino.nl

Search URL Search Domain Scan URL

URL: https://www.kupino.pe/
Title: Kupino.pe

Search URL Search Domain Scan URL

URL: https://www.kupino.sk/
Title: Kupino.sk

Search URL Search Domain Scan URL

URL: https://www.kupino.co.uk/
Title: Kupino.co.uk

Search URL Search Domain Scan URL

URL: https://www.kupino.com/
Title: Kupino.com

Search URL Search Domain Scan URL

URL: https://www.kupino.co.za/
Title: Kupino.co.za

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.ns.tescomasklep.pl/ HTTP 302
https://www.kupino.pl/gazetki/tescoma/ HTTP 301
http://www.kupino.pl/gazetki/tescoma HTTP 307
https://www.kupino.pl/gazetki/tescoma Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 78

https://hal90009.redintelligence.net/request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=c88b4fcb04&subid=&uid=e79f434c07649a33&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8439988332461115220%26mt_id%3D8675609%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D5187605e-17ac-4a01-80e5-642ba053b59e%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCknWlqxdeYIfMKIWgzAb0oqqABc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTE3NDQ1Njc1NzUwMTk5N8gBCagDAaoEygFP0BIuTk-SiHEL6i49SwqH-jATWniOCDH5N2wxdfnB3MptfZF7b-Di_KGP_bK--nWBKxKzlsRxjEy0oG6u8scNoNOVvwhDqkoOlTNnXSJ4iP6-ipO1MA56bNsBy_1BirKaGPpC9DvUbOIL1kBZG59KJ5-0edGDz8i_Rca6okJc9oyMX1yoG0vPFO1qVwgyL2Z14fCKzy81RrVseY_GTO7rdXmEFjtVMk97RrAoNBNko2XccwT1P-Pfhim2Vwy8_R2XFhUBsYoqB5PWgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3Q-YxfUxHczCTlDnOajqse23TNBw%2526client%253Dca-pub-5174456757501997%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.kupino.pl%2F&ancestorOrigins=https%3A%2F%2Fwww.kupino.pl&random=6085665951116&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90009.redintelligence.net/request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=c88b4fcb04&subid=&uid=e79f434c07649a33&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8439988332461115220%26mt_id%3D8675609%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D5187605e-17ac-4a01-80e5-642ba053b59e%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCknWlqxdeYIfMKIWgzAb0oqqABc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTE3NDQ1Njc1NzUwMTk5N8gBCagDAaoEygFP0BIuTk-SiHEL6i49SwqH-jATWniOCDH5N2wxdfnB3MptfZF7b-Di_KGP_bK--nWBKxKzlsRxjEy0oG6u8scNoNOVvwhDqkoOlTNnXSJ4iP6-ipO1MA56bNsBy_1BirKaGPpC9DvUbOIL1kBZG59KJ5-0edGDz8i_Rca6okJc9oyMX1yoG0vPFO1qVwgyL2Z14fCKzy81RrVseY_GTO7rdXmEFjtVMk97RrAoNBNko2XccwT1P-Pfhim2Vwy8_R2XFhUBsYoqB5PWgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3Q-YxfUxHczCTlDnOajqse23TNBw%2526client%253Dca-pub-5174456757501997%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.kupino.pl%2F&ancestorOrigins=https%3A%2F%2Fwww.kupino.pl&random=6085665951116&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 83

https://www.awin1.com/cshow.php?s=2519556&v=14098&q=368694&r=296283&pref1=91171300136959302179199011545009&pv=0 HTTP 302
https://media.kaspersky.com/de/affiliates/kl_kis_300x250px.gif

93 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request tescoma Show response
www.kupino.pl/gazetki/
Redirect Chain

https://www.ns.tescomasklep.pl/
https://www.kupino.pl/gazetki/tescoma/
http://www.kupino.pl/gazetki/tescoma
https://www.kupino.pl/gazetki/tescoma

17 KB
5 KB

179ms
178ms

Document
text/html

2606:4700:3036::6815:3853
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kupino.pl/gazetki/tescoma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:3853 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b99c6639750a1a973a521f5e661eb6bb500fd5991371079d8dca231b4129c9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.kupino.pl
:scheme: https
:path: /gazetki/tescoma
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d748ec89a79db62734265b4c21ed60d781616779179; SRV_ID=kupi-www2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate, private
pragma: no-cache
expires: Fri, 26 Mar 2021 17:19:39 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 0911258c9a00004ab5d200d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TqzVZ1MYiqhref4XWtc8dCeoAbZQw15qxDVIeETl35GDUqdSM1pHH1EIjlA8zP7JJrrj%2BS2ZvFcEvziYCnqzWGAxZD0WpHM43ulrX%2BT0M8%2FSODezIfBemboS"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 63620b8dcf5a4ab5-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Location: https://www.kupino.pl/gazetki/tescoma
Non-Authoritative-Reason: HSTS

GET
H2 200 kupi_layout.css
www.kupino.pl/assets/css/ 36 KB
7 KB 61ms
61ms Stylesheet
text/css 2606:4700:3036::6815:3853
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kupino.pl/assets/css/kupi_layout.css

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/gazetki/tescoma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:3853 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c09cad3d9bad5561475ccb0e483cb97685ad42da1e269b6263e10580cf039e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kupino.pl/gazetki/tescoma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0911258d5200004ab5a7819000000001
last-modified: Mon, 08 Jun 2020 09:08:51 GMT
server: cloudflare
etag: W/"90f9-5a78ef5960ec0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ROtNj1scyVs7TjMWZW4iEDCu1PyNyXI4OT86bYMjGZ5d2VhOlR%2FMCpfv2MEURAfdiIZTlfFbHIQuPMSI7rrErLK9kCRPYLBLbDclxbEnh6PqDryIg9nE2tBk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=3600
cf-ray: 63620b8ee9d24ab5-FRA

GET
H2 200 kupi_rating.css
www.kupino.pl/assets/css/ 2 KB
851 B 63ms
62ms Stylesheet
text/css 2606:4700:3036::6815:3853
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kupino.pl/assets/css/kupi_rating.css

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/gazetki/tescoma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:3853 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c47bd7452acd54e5efd7f368f5c7d7072b434291c81207290a8ab6bb46e679b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kupino.pl/gazetki/tescoma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0911258d5500004ab5be087000000001
last-modified: Mon, 08 Jun 2020 09:08:51 GMT
server: cloudflare
etag: W/"864-5a78ef5960ec0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NCuNDrc3aqQQBDGiaElf1HvPek0siM%2BROmqu6jqlngeSkC1AZvCy8xep45LaQqockt%2BL0jfAeFsO%2FP1gp7CE8GwQuuq2tTyUezN9ObgNsJD8xuErapTor%2FkC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=3600
cf-ray: 63620b8ee9d44ab5-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 46ms
23ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/gazetki/tescoma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b20e98110c9b401dd42a053f6135795be4b02c81fb2b3fe3df822ffe5bbd2670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49682
x-xss-protection: 0
server: cafe
etag: 5129438611371603463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 26 Mar 2021 17:19:39 GMT

GET
H2 200 tescoma_150_150.png
img.kupino.pl/kupi/thumbs/loga_shopy/ 5 KB
5 KB 71ms
60ms Image
image/png 2606:4700:3036::6815:3853
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kupino.pl/kupi/thumbs/loga_shopy/tescoma_150_150.png

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/gazetki/tescoma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:3853 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a961f2f4007a1bde2d26d38ae886906be8aee846fc1602ecafae66269ee3c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4654
cf-request-id: 0911258da100004ab5c7923000000001
last-modified: Thu, 04 Apr 2019 11:41:54 GMT
server: cloudflare
etag: "122e-585b2db5cd0d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wtnVXOwpd4IdBbwqRkSiqI%2BELlvG%2Byk3gA9NZbYLdn5yA075mGxVRNjLWGi9PrpJR29tmLF91Gg3Nyosez1w5dcpNz2q2nPKo2SztMUbt8VkjymxyoO%2B5trr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 63620b8f6ab14ab5-FRA

GET
H2 200 castorama_150_150.png
img.kupino.pl/kupi/thumbs/loga_shopy/ 4 KB
4 KB 25ms
15ms Image
image/png 2606:4700:3036::6815:3853
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kupino.pl/kupi/thumbs/loga_shopy/castorama_150_150.png

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/gazetki/tescoma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:3853 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541d865bf0fd746dac709f2c9555a18a53ed50ba9a1743ba22fa45fc7040f470

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1074
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3812
cf-request-id: 0911258da100004ab5db386000000001
last-modified: Thu, 04 Apr 2019 11:41:45 GMT
server: cloudflare
etag: "ee4-585b2dad9a690"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cOEYgriUzR2HwOiZu0OA7fxj8QVrzahF%2BqWNlc%2B7hk54tZQ6Ut0Dxnh%2FLb9Y%2F5l5Ozu5aD36rxBjfddgPLRZ5cw4SVOn0boyq1UluRbhGywiCZcM%2FpZcHuxC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 63620b8f6aaa4ab5-FRA

GET
H2 200 jysk_150_150.png
img.kupino.pl/kupi/thumbs/loga_shopy/ 8 KB
8 KB 69ms
59ms Image
image/png 2606:4700:3036::6815:3853
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kupino.pl/kupi/thumbs/loga_shopy/jysk_150_150.png

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/gazetki/tescoma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:3853 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20bf20c06717842b67c48105ef74e6a4fec645c7b3629f204c89ee47865223d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8112
cf-request-id: 0911258da100004ab5f1aa3000000001
last-modified: Thu, 04 Apr 2019 11:41:31 GMT
server: cloudflare
etag: "1fb0-585b2d9fc3361"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wvphqSGHraOe%2FuU0RP%2BHRoJMZpXcWpqsaVHwsMhcM5WGzREt3ez%2FyH6NN%2BMeCcwPrrW3PaBkCGjuKGptPaYwrub6XgXmwbqSYegZ6mlyuIeydMRlNKB9J%2F6w"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 63620b8f6aae4ab5-FRA

GET
H2 200 tesco_150_150.png
img.kupino.pl/kupi/thumbs/loga_shopy/ 5 KB
5 KB 26ms
15ms Image
image/png 2606:4700:3036::6815:3853
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kupino.pl/kupi/thumbs/loga_shopy/tesco_150_150.png

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/gazetki/tescoma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:3853 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07fdc3ce1d1452cd32dd85077cfb014cd44e5006a1b65bdfffe382a4b5ec9a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1681
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5092
cf-request-id: 0911258da100004ab50ca02000000001
last-modified: Thu, 04 Apr 2019 11:41:36 GMT
server: cloudflare
etag: "13e4-585b2da4e23cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BsybLfVAXPcWRAJriHxMVMbAzt39%2FirdN0Bn%2BC1Rvsq4o5CXAdnUC%2BeP8axNHVqUW2QUKAJVLrryt1ciQ63eODnr2eHDMyXEniyBqKT2QMFY4LYLu7Ov5oI%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 63620b8f6aab4ab5-FRA

GET
H2 200 super-pharm_150_150.png
img.kupino.pl/kupi/thumbs/loga_shopy/ 4 KB
5 KB 27ms
17ms Image
image/png 2606:4700:3036::6815:3853
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kupino.pl/kupi/thumbs/loga_shopy/super-pharm_150_150.png

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/gazetki/tescoma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:3853 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f90a22a69a12d531de4e8ee888cff8c8400305b823ccb19f3ff9ee64440057f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6940
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4535
cf-request-id: 0911258da100004ab5aabde000000001
last-modified: Thu, 04 Apr 2019 11:41:42 GMT
server: cloudflare
etag: "11b7-585b2daaba57c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BkVqjs1G1%2BfEWkAVJiHWkv0CVZy5GZxYQXwuUfyUFdtFcz%2Fo4xnb7l7wY8uk0GV8xegRn0ZQ48r1RSy9%2B1PSACGJY2RcTUfNJ%2FfBe9ePWYp2bBWKmSkGQG5i"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 63620b8f6ab24ab5-FRA

GET
H2 200 plugins.js Show response
www.kupino.pl/assets/js/ 86 KB
30 KB 88ms
88ms Script
application/javascript 2606:4700:3036::6815:3853
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kupino.pl/assets/js/plugins.js

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/gazetki/tescoma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:3853 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9d2f9745062252ed5c33813a43ccebcf8e703be28ddc39416063fc28f3579c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kupino.pl/gazetki/tescoma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0911258d9000004ab5edb58000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"156ea-1c5fc537f6900-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YBbbpa2fNSQjbu8JwRylwPSV%2BdQX6Hye5gBt5aulbUyTH5FM5yhd8zX33AgWIcWDjXRR2KHJLnt6SlDfM1YPVN8iTLqxZGmokclmO852GE3B35RifBNdf%2BoO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=3600
cf-ray: 63620b8f4a814ab5-FRA

GET
H2 200 util_messages.js Show response
www.kupino.pl/assets/js/ 1013 B
825 B 63ms
63ms Script
application/javascript 2606:4700:3036::6815:3853
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kupino.pl/assets/js/util_messages.js

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/gazetki/tescoma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:3853 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4af7969e3428fbb26bc2164b706219d4b9afed0c347a57977380850858d8e832

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kupino.pl/gazetki/tescoma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0911258d9200004ab58c20a000000001
last-modified: Mon, 30 Nov 2020 11:43:45 GMT
server: cloudflare
etag: W/"3f5-5b55185d22c22-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zMtcYPoouWOLch4WX1hMUixhikZ9JaejrFx2cSoWgwMBaWZwtmmDasi9yqMA3GoTKkggqwL9%2FafQnl3T7AKfS5o0coerKEtqJjOdlgp5ZPLslfFL2rFjHWAN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=3600
cf-ray: 63620b8f5a874ab5-FRA

GET
H2 200 view_shop.js Show response
www.kupino.pl/assets/js/ 20 KB
6 KB 60ms
58ms Script
application/javascript 2606:4700:3036::6815:3853
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kupino.pl/assets/js/view_shop.js

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/gazetki/tescoma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:3853 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

632434921a15f518f688331e5373683733242e4441542af4ee2dfb7b2aedd536

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kupino.pl/gazetki/tescoma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0911258d9800004ab5ea1e6000000001
last-modified: Mon, 30 Nov 2020 11:43:45 GMT
server: cloudflare
etag: W/"508b-5b55185cef006-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S24WEqPtV4pPVk8LNaD4aoqWqCv8RZECaDxYwdkjm0SWH6D23NLdvR9nMiFnrLeDKN01QnEk2fJSFV%2BQ5tIbpE1Fugl5CaHDSRHvTyRbz4%2Ft7kUu9rdUQROm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=3600
cf-ray: 63620b8f5a964ab5-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 79 KB
31 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PCWZ92J

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/gazetki/tescoma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9bfae43a9ba6461aa4f7869697e6c2560679465cf3350b1ee49b5b73840447be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31634
x-xss-protection: 0
last-modified: Fri, 26 Mar 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Mar 2021 17:19:39 GMT

GET
H2 200 kupi_sprites.png
www.kupino.pl/assets/img/ 8 KB
9 KB 22ms
22ms Image
image/png 2606:4700:3036::6815:3853
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kupino.pl/assets/img/kupi_sprites.png

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/assets/css/kupi_layout.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:3853 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0751e319d63030495df65b5d4830029f9f1b51e042a1c9723a29b3e4be2a14ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kupino.pl/assets/css/kupi_layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3039
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8366
cf-request-id: 0911258d9a00004ab5bc1f9000000001
last-modified: Mon, 08 Jun 2020 09:08:51 GMT
server: cloudflare
etag: "20ae-5a78ef5960ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YrzA0z9ZExwJIvTbhV8QskWBT0XUfBErF2FKeIDP%2FemjHvHGSMrYBlJP5yrtYOx07hLHGm%2F%2FyGCQtpnsKy3CgyX2QrRyYDwjBpmb5nMWgI0jRcDCNJQr2fvc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 63620b8f5a984ab5-FRA

GET
H2 200 star_gray.svg
www.kupino.pl/assets/img/ 499 B
622 B 63ms
63ms Image
image/svg+xml 2606:4700:3036::6815:3853
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kupino.pl/assets/img/star_gray.svg

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/assets/css/kupi_rating.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:3853 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6e3f7723f8049ebdc3d45fa2edb28e9d9fce1db082f602e16bde2f3d2acf164

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kupino.pl/assets/css/kupi_rating.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0911258d9b00004ab5f3242000000001
last-modified: Mon, 08 Jun 2020 09:08:51 GMT
server: cloudflare
etag: W/"1f3-5a78ef5960ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L5jCCZGet5MiMexxAzA%2BIKZoZviK9i945yhc2Rn5nzIlNIUU88JNpDsSKzCxoRlQl5viDDR09e3B5LYwqnx1r5hi1K5EnuTahVAg%2BDFi6CiTve5c8IYk1kPw"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=3600
cf-ray: 63620b8f5a994ab5-FRA

GET
H2 200 star.svg
www.kupino.pl/assets/img/ 499 B
573 B 64ms
63ms Image
image/svg+xml 2606:4700:3036::6815:3853
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kupino.pl/assets/img/star.svg

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/assets/css/kupi_rating.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:3853 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e8f2d2769d68ea776eaa8281602dd4e5331bbd8776d8e43e38042216c7784d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kupino.pl/assets/css/kupi_rating.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0911258d9b00004ab500abc000000001
last-modified: Mon, 08 Jun 2020 09:08:51 GMT
server: cloudflare
etag: W/"1f3-5a78ef5960ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R35hM7vJa%2BH0dgnHZX9CzeyBxFslH%2FKNmBo3g9S0OVl5rzM3y5VVSNLaPUCb6MlVki3pt3XMc6zzTvcd6ZBBr0SM8VnsSnPBGqoiC0eqGsEdpV6sBhj9ZnNy"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=3600
cf-ray: 63620b8f5a9a4ab5-FRA

GET
H2 200 graviola-bold.woff
www.kupino.pl/assets/css/graviola/ 41 KB
41 KB 22ms
22ms Font
application/font-woff 2606:4700:3036::6815:3853
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kupino.pl/assets/css/graviola/graviola-bold.woff

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/assets/css/kupi_layout.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:3853 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36bd00661a1da5e66ca8a2b240ab514b7fe29e2e2b87abb9e7ce5d1db0204f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.kupino.pl
Referer: https://www.kupino.pl/assets/css/kupi_layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3039
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0911258d9d00004ab5b098e000000001
last-modified: Mon, 08 Jun 2020 09:08:51 GMT
server: cloudflare
etag: W/"a389-5a78ef5960ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dpzPmOv6Jnb9l1bjXbbcX9LsVoCceb1WXNzzziyrfUuPhuurkrZDBfpoaioL9SGdsYrYzwXexbrR8W43NjSpa9xo1FBrTnlYOlsKIDh7NH2fTA7CpRBiFqOF"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
vary: Accept-Encoding
cache-control: max-age=3600
cf-ray: 63620b8f6a9e4ab5-FRA

GET
H2 200 TriviaSeznam.woff
www.kupino.pl/assets/css/trivia/ 42 KB
42 KB 14ms
14ms Font
application/font-woff 2606:4700:3036::6815:3853
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kupino.pl/assets/css/trivia/TriviaSeznam.woff

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/assets/css/kupi_layout.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:3853 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

476d28e23c222d9d26093c40276a2de23fa29ad166105f9030bdc3a810fc9603

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.kupino.pl
Referer: https://www.kupino.pl/assets/css/kupi_layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3039
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0911258d9d00004ab5eaab9000000001
last-modified: Mon, 08 Jun 2020 09:08:51 GMT
server: cloudflare
etag: W/"a864-5a78ef5960ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NgAmWVCiKD1GZC7pSXdpgtP6Vf%2BZqOq8ja2sJ8sR41Pzb5U%2F0lrnA3TKAZ%2FwqmPDP4IVrLbqV5iwEmRek6isolbdbFEDXB1PbBoVUvLHWdCIzyWg0%2B1jKomr"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
vary: Accept-Encoding
cache-control: max-age=3600
cf-ray: 63620b8f6a9f4ab5-FRA

GET
H2 200 TriviaSeznam-Bold.woff
www.kupino.pl/assets/css/trivia/ 42 KB
42 KB 12ms
11ms Font
application/font-woff 2606:4700:3036::6815:3853
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kupino.pl/assets/css/trivia/TriviaSeznam-Bold.woff

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/assets/css/kupi_layout.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:3853 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12e7bfcf160d8f6de2a8b37fb636ca056a891ed77d4dd86d7e9f85857956ca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.kupino.pl
Referer: https://www.kupino.pl/assets/css/kupi_layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3039
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0911258d9d00004ab50fad7000000001
last-modified: Mon, 08 Jun 2020 09:08:51 GMT
server: cloudflare
etag: W/"a9c0-5a78ef5960ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Icx5TwX9WxqqWTLMh7gdy7HZyeoYrGV1U4MuAp5v2bml43BJ3zLKcyW%2BVFfFB7Nf%2B78wBi04j7rM%2FApE67C0wUWyxWlsjEzpYE%2FTCNm%2Bnmm616I8DPGidskr"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
vary: Accept-Encoding
cache-control: max-age=3600
cf-ray: 63620b8f6aa04ab5-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCWZ92J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3875
date: Fri, 26 Mar 2021 16:15:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 26 Mar 2021 18:15:04 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/ 226 KB
85 KB 58ms
45ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5174456757501997&plah=www.kupino.pl&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e845b3c43da250d2131dcca1a9af77bdaca1b61f1215be6317f2d5f17f999e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86619
x-xss-protection: 0
server: cafe
etag: 10759459106970592627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 26 Mar 2021 17:19:39 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210322/r20190131/ Frame E4D6 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210322/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210322/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kupino.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kupino.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 26 Mar 2021 02:30:17 GMT
expires: Fri, 09 Apr 2021 02:30:17 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 53362
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
65 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=352815524&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&ul=en-us&de=UTF-8&dt=Tescoma%20katalog%20%7C%20Kupino.pl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=402819643&gjid=22999833&cid=1526030308.1616779180&tid=UA-129297050-1&_gid=506023094.1616779180&_r=1&gtm=2wg3h0PCWZ92J&z=667836768

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Mar 2021 17:19:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kupino.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=352815524&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&ul=en-us&de=UTF-8&dt=Tescoma%20katalog%20%7C%20Kupino.pl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=1512419866&gjid=1759734192&cid=1526030308.1616779180&tid=UA-151109922-1&_gid=506023094.1616779180&_r=1&gtm=2wg3h0PCWZ92J&z=1104016844

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Mar 2021 17:19:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kupino.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 13ms
12ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-129297050-1&cid=1526030308.1616779180&jid=402819643&gjid=22999833&_gid=506023094.1616779180&_u=YEBAAEAAAAAAAC~&z=1038526025

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 26 Mar 2021 17:19:39 GMT
content-type: text/plain
access-control-allow-origin: https://www.kupino.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-151109922-1&cid=1526030308.1616779180&jid=1512419866&gjid=1759734192&_gid=506023094.1616779180&_u=YEDAAEABAAAAAC~&z=540378918

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 26 Mar 2021 17:19:39 GMT
content-type: text/plain
access-control-allow-origin: https://www.kupino.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
638 B 142ms
67ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.kupino.pl&callback=_gfp_s_&client=ca-pub-5174456757501997

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5174456757501997&plah=www.kupino.pl&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

32dcb8e0b324aa0865859ba49eb4d5eb629772abdb8f68ec74e0d3aef195e9be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 39ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kupino.pl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Mar 2021 17:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
243 B 14ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kupino.pl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Mar 2021 17:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7AE1 54 KB
20 KB 412ms
398ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&h=90&slotname=4473104156&adk=720800722&adf=854766408&pi=t.ma~as.4473104156&w=1200&fwrn=1&fwrnh=100&lmt=1616779179&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=2&wgl=1&dt=1616779179500&bpp=17&bdt=158&idt=97&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8371144229085&frm=20&pv=2&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RyfG1PaynP&p=https%3A//www.kupino.pl&dtd=125

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a842b08ceb444aab85f364c227eb18617d2f71a0c642ddebea931c3df1464091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5174456757501997&output=html&h=90&slotname=4473104156&adk=720800722&adf=854766408&pi=t.ma~as.4473104156&w=1200&fwrn=1&fwrnh=100&lmt=1616779179&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=2&wgl=1&dt=1616779179500&bpp=17&bdt=158&idt=97&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8371144229085&frm=20&pv=2&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RyfG1PaynP&p=https%3A//www.kupino.pl&dtd=125
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kupino.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kupino.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 26 Mar 2021 17:19:40 GMT
server: cafe
content-length: 20794
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 26-Mar-2021 17:34:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 26 Mar 2021 17:19:40 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 39ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cac02e231c61068da6a4e6c177f2ccd14a5360aa3509af3be992bfbbad0c127b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616585787019197"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28245
x-xss-protection: 0
expires: Fri, 26 Mar 2021 17:19:39 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 33ms
31ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-129297050-1&cid=1526030308.1616779180&jid=402819643&_u=YEBAAEAAAAAAAC~&z=1790614187

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/gazetki/tescoma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Mar 2021 17:19:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
29ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-129297050-1&cid=1526030308.1616779180&jid=402819643&_u=YEBAAEAAAAAAAC~&z=1790614187

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/gazetki/tescoma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Mar 2021 17:19:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-151109922-1&cid=1526030308.1616779180&jid=1512419866&_u=YEDAAEABAAAAAC~&z=1537350438

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/gazetki/tescoma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Mar 2021 17:19:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-151109922-1&cid=1526030308.1616779180&jid=1512419866&_u=YEDAAEABAAAAAC~&z=1537350438

Requested by

Host: www.kupino.pl
URL: https://www.kupino.pl/gazetki/tescoma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Mar 2021 17:19:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D3EF 8 KB
4 KB 687ms
687ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&h=250&slotname=5250999203&adk=3748912971&adf=755399958&pi=t.ma~as.5250999203&w=300&lmt=1616779179&psa=0&format=300x250&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&wgl=1&dt=1616779179517&bpp=3&bdt=175&idt=123&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=8371144229085&frm=20&pv=1&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68vztScvTJ&p=https%3A//www.kupino.pl&dtd=126

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcfbe962411934b74e2cbcd25dda6d0ba5eefb8662c09f67730a211f87f46eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5174456757501997&output=html&h=250&slotname=5250999203&adk=3748912971&adf=755399958&pi=t.ma~as.5250999203&w=300&lmt=1616779179&psa=0&format=300x250&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&wgl=1&dt=1616779179517&bpp=3&bdt=175&idt=123&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=8371144229085&frm=20&pv=1&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68vztScvTJ&p=https%3A//www.kupino.pl&dtd=126
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kupino.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kupino.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 26 Mar 2021 17:19:40 GMT
server: cafe
content-length: 3852
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 26-Mar-2021 17:34:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 26 Mar 2021 17:19:40 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D507 84 KB
30 KB 822ms
820ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&h=600&slotname=7607793130&adk=2261506114&adf=4072245520&pi=t.ma~as.7607793130&w=300&lmt=1616779179&psa=0&format=300x600&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&wgl=1&dt=1616779179520&bpp=1&bdt=178&idt=126&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C300x250&correlator=8371144229085&frm=20&pv=1&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=M6AuMFn44D&p=https%3A//www.kupino.pl&dtd=131

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5793d10c3b7a91013e36d1b2cff04abe9e30dcd9d0c37e53a662984aa6a2697

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI2GveW7zu8CFdEG0wod2OMHIA&gqi=qxdeYJPDKNC6-wau5I2YDw&layout=/sadbundle/%24csp%253Der3%24/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5174456757501997&output=html&h=600&slotname=7607793130&adk=2261506114&adf=4072245520&pi=t.ma~as.7607793130&w=300&lmt=1616779179&psa=0&format=300x600&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&wgl=1&dt=1616779179520&bpp=1&bdt=178&idt=126&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C300x250&correlator=8371144229085&frm=20&pv=1&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=M6AuMFn44D&p=https%3A//www.kupino.pl&dtd=131
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kupino.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kupino.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI2GveW7zu8CFdEG0wod2OMHIA&gqi=qxdeYJPDKNC6-wau5I2YDw&layout=/sadbundle/%24csp%253Der3%24/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 26 Mar 2021 17:19:40 GMT
server: cafe
content-length: 30554
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 26-Mar-2021 17:34:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 26 Mar 2021 17:19:40 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B151 4 KB
1 KB 61ms
61ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&adk=1812271804&adf=3025194257&lmt=1616779179&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&ea=0&flash=0&pra=7&wgl=1&dt=1616779179547&bpp=1&bdt=205&idt=108&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C300x250%2C300x600&nras=1&correlator=8371144229085&frm=20&pv=1&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=113

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

368eec66859e12254a2b0db75587c94d21b82ed324c7ef2945bbea77844d82e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5174456757501997&output=html&adk=1812271804&adf=3025194257&lmt=1616779179&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&ea=0&flash=0&pra=7&wgl=1&dt=1616779179547&bpp=1&bdt=205&idt=108&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C300x250%2C300x600&nras=1&correlator=8371144229085&frm=20&pv=1&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=113
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kupino.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kupino.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 26 Mar 2021 17:19:39 GMT
server: cafe
content-length: 709
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 26-Mar-2021 17:34:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 26 Mar 2021 17:19:39 GMT
cache-control: private

GET
H2 200 5040859352230625263
tpc.googlesyndication.com/simgad/ Frame 7AE1 38 KB
38 KB 28ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5040859352230625263?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnPdniUGdZOpThV7u-d55IyIKwOgQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&h=90&slotname=4473104156&adk=720800722&adf=854766408&pi=t.ma~as.4473104156&w=1200&fwrn=1&fwrnh=100&lmt=1616779179&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=2&wgl=1&dt=1616779179500&bpp=17&bdt=158&idt=97&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8371144229085&frm=20&pv=2&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RyfG1PaynP&p=https%3A//www.kupino.pl&dtd=125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06089901f4c163cd2a8f363f6d6bc579c850cb425dfff95bc138e8ed1328abda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:43:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 14:01:20 GMT
server: sffe
age: 383772
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38445
x-xss-protection: 0
expires: Tue, 22 Mar 2022 06:43:28 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/ Frame 7AE1 17 KB
7 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 14491782869175424788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Apr 2021 17:12:08 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 7AE1 2 KB
1 KB 35ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Apr 2021 17:13:54 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7AE1 118 KB
36 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e705dfac9d3d11ae87071979b2bbb52db73d03fff6252c1b73ce5b3c7ebb6e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616585768493349"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36563
x-xss-protection: 0
expires: Fri, 26 Mar 2021 17:19:40 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 7AE1 12 KB
5 KB 35ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5520
x-xss-protection: 0
server: cafe
etag: 4598867394938533942
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Apr 2021 17:17:18 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 7AE1 24 KB
10 KB 36ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bc5cdc982210fa5f543ec21cb32c7246c3226cc4d48a525248df920af7eb107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 10:51:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10339
x-xss-protection: 0
server: cafe
etag: 15412717976415995934
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Apr 2021 10:51:10 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7AE1 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEZK4qxdeYO7wKMSyzAaNoYjIDobR08th3tSlms4N2NPys6kZEAEg39n_JGCVAqABpMjS6ALIAQKoAwHIA8kEqgTXAU_QEGT1Jjnp1qTZ-pFXTMbVAfOv2uZgacqfwKC4wuZoBTjsefrJrVLEN8XgjH7CLK1QaOCPM02pumrkLJoVQQZDnrb64RabUTsMbfMmPRpx5rBEzR_YVU6Ck4-ECIwD5LRQdiMu1DXJJaKlhwT0qzdqb5lpraEE3qimA37cRsG5_vjL628cyxHJiKFXFHKQftS4xt38X1rRjkZ6_NPy8sQjzalDuZ1L82VIADXa3PivTTE0c4D6tX85zE32Us9OVQs1gCPvSywHJRmgUXrV4VwgzYc_NVANwATt-aqcsgOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHxLetlwGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQvaUB0ggJCIDhgBAQARgfgAoByAsB2BMNmBYBshcaChgIABIUcHViLTUxNzQ0NTY3NTc1MDE5OTc&sigh=7Azc6iq34Ho&tpd=AGWhJmsaL2rzKcbHNNBHb63oqpFVKaJCJVmA_bPJBFrMQdL65g

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&h=90&slotname=4473104156&adk=720800722&adf=854766408&pi=t.ma~as.4473104156&w=1200&fwrn=1&fwrnh=100&lmt=1616779179&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=2&wgl=1&dt=1616779179500&bpp=17&bdt=158&idt=97&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8371144229085&frm=20&pv=2&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RyfG1PaynP&p=https%3A//www.kupino.pl&dtd=125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 26 Mar 2021 17:19:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Mar 2021 17:19:40 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 076C 143 B
220 B 7ms
7ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&h=90&slotname=4473104156&adk=720800722&adf=854766408&pi=t.ma~as.4473104156&w=1200&fwrn=1&fwrnh=100&lmt=1616779179&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=2&wgl=1&dt=1616779179500&bpp=17&bdt=158&idt=97&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8371144229085&frm=20&pv=2&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RyfG1PaynP&p=https%3A//www.kupino.pl&dtd=125
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&h=90&slotname=4473104156&adk=720800722&adf=854766408&pi=t.ma~as.4473104156&w=1200&fwrn=1&fwrnh=100&lmt=1616779179&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=2&wgl=1&dt=1616779179500&bpp=17&bdt=158&idt=97&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8371144229085&frm=20&pv=2&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RyfG1PaynP&p=https%3A//www.kupino.pl&dtd=125

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 26 Mar 2021 16:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2294
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 076C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

40ms
39ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmmNa6ii1rbnrH_CKCV-4nRg2EnDfYimyF0rIbp-p48sPbOC2_zIkzrWE0Nbsc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 26 Mar 2021 17:19:40 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 26-Mar-2021 18:19:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 26 Mar 2021 17:19:40 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 26 Mar 2021 17:19:40 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7AE1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3bddd2f38e15b3534c563d21c90bb54116db027ec6f3b6279b341390a33783b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 kkn9n4GD9OXgriPD4kOG_dPH557D54jLHxFIPOGmCpU.js Show response
pagead2.googlesyndication.com/bg/ Frame AAF5 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kkn9n4GD9OXgriPD4kOG_dPH557D54jLHxFIPOGmCpU.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9249fd9f8183f4e5e0ae23c3e24386fdd3c7e79ec3e788cb1f11483ce1a60a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 13:42:58 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 272202
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5656
x-xss-protection: 0
expires: Wed, 23 Mar 2022 13:42:58 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame D3EF 2 KB
2 KB 148ms
63ms Script
application/x-javascript 185.29.133.58
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWprNU5XUmpZbVF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0Mzk5ODgzMzI0NjExMTUyMjAvODY3NTYwOS83MzI0NDE5LzQvbnhKcjRHc0E4eXVlckNjb19VWVFmemJRMUV0M2w5dEJfU1dQUUJlTnpQYy8xLzQvMC8wLzE1MTI1ODYvMC8yNDI4NzYvODYzMTgyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvODQzOTk4ODMzMjQ2MTExNTIyMC9hbXMvMC8yNjQvNzYvOTk5LzY2LzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MTY3NzkxNzkvMTYxNjc5MTc3OS80L3B1Yi01MTc0NDU2NzU3NTAxOTk3Lw/FGHBqeZuFcA_xHgXGPcLufFlSLs&nodeid=1610&group=eu&auctionid=8439988332461115220&sid=7324419&cid=8675609&bp=a_agffcb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.139&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCknWlqxdeYIfMKIWgzAb0oqqABc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTE3NDQ1Njc1NzUwMTk5N8gBCagDAaoEygFP0BIuTk-SiHEL6i49SwqH-jATWniOCDH5N2wxdfnB3MptfZF7b-Di_KGP_bK--nWBKxKzlsRxjEy0oG6u8scNoNOVvwhDqkoOlTNnXSJ4iP6-ipO1MA56bNsBy_1BirKaGPpC9DvUbOIL1kBZG59KJ5-0edGDz8i_Rca6okJc9oyMX1yoG0vPFO1qVwgyL2Z14fCKzy81RrVseY_GTO7rdXmEFjtVMk97RrAoNBNko2XccwT1P-Pfhim2Vwy8_R2XFhUBsYoqB5PWgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_3Q-YxfUxHczCTlDnOajqse23TNBw%26client%3Dca-pub-5174456757501997%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&h=250&slotname=5250999203&adk=3748912971&adf=755399958&pi=t.ma~as.5250999203&w=300&lmt=1616779179&psa=0&format=300x250&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&wgl=1&dt=1616779179517&bpp=3&bdt=175&idt=123&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=8371144229085&frm=20&pv=1&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68vztScvTJ&p=https%3A//www.kupino.pl&dtd=126
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.58 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.195.3 /
Resource Hash: 0a94a21fb70441cfdae2a2f68b47f851f6526f2ec9daa791a5b50de181a9b5d5

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 Mar 2021 17:19:35 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1616779179
Last-Modified: Fri, 26 Mar 2021 17:19:39 GMT
Server: MMBD/3.195.3
x-mm-latency: 18 (2)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x73, cdg-bidder-x138
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Fri, 26 Mar 2021 17:19:34 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame D3EF 2 KB
1 KB 37ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&h=250&slotname=5250999203&adk=3748912971&adf=755399958&pi=t.ma~as.5250999203&w=300&lmt=1616779179&psa=0&format=300x250&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&wgl=1&dt=1616779179517&bpp=3&bdt=175&idt=123&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=8371144229085&frm=20&pv=1&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68vztScvTJ&p=https%3A//www.kupino.pl&dtd=126

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Apr 2021 17:13:54 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D3EF 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e705dfac9d3d11ae87071979b2bbb52db73d03fff6252c1b73ce5b3c7ebb6e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616585768493349"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36563
x-xss-protection: 0
expires: Fri, 26 Mar 2021 17:19:40 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame D3EF 12 KB
6 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5520
x-xss-protection: 0
server: cafe
etag: 4598867394938533942
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Apr 2021 17:17:18 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame D3EF 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CalcBqxdeYIfMKIWgzAb0oqqABc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTE3NDQ1Njc1NzUwMTk5N8gBCagDAaoExwFP0BIuTk-SiHEL6i49SwqH-jATWniOCDH5N2wxdfnB3MptfZF7b-Di_KGP_bK--nWBKxKzlsRxjEy0oG6u8scNoNOVvwhDqkoOlTNnXSJ4iP6-ipO1MA56bNsBy_1BirKaGPpC9DvUbOIL1kBZG59KJ5-0edGDz8i_Rca6okJc9oyMX1yoG0vPFO1qVwgyL2Z14fCKzy81RrVseY_GTO7rdXmEFjtVMk97RrAoNBNko2XccwT1feHSFIUm8wsxWVU8zlWuQZc-gAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAGACgH6CwIIAYAMAbIXGAoWEhRwdWItNTE3NDQ1Njc1NzUwMTk5Nw&sigh=NlEC8xjCEeg&tpd=AGWhJmumLBrufAJit_qeN7TMj-zUf9cdjQR2UGFtzlSpZcN9Uju7FFe7vAH1EB1XGnjxsZF_UacolG-kMnDZnav79mqxJZDYFj4fc0V3NTfcpdK-P04f3WExRKIlxblM-c1kq8hGpWoKXaSBuf3VustAW_tf5mQ4MduE0mySknzH5Xb-yoNPQb4ihh80TPkkaaPtXzGZMKIbPx64xlXP27PIcT3VhHC_9Qvhx_a2ohGYsPPPJ-aFj5W1lufE8CZ6ovDygrifq0g1J6bNKFiSXbvRBA40tyTKl9ScGo2jcxsYVS2yf_VakRZ7fVdZe5fodQ4XZ9i6C8VoxT52y1DEfbj5S4U9Uh2qrcMjWJqoYivc5LOgV5VIdSIDJ42qAqUI-AKHmDKi4dE4I3Bhlyi0TKMWdU8U7cqjAziOiei438gsI5VJ1lY1zkpD5qI0Kiy9cHTp66pSv8N8OW6D8QR7wLniJRKDEzDKEGgVrLUQp4abb7jKq4i_QXFBTLHPuUlchUcenIzXY5F4B-BuhIsQ5k_z4yLNTcSXK74ksvwJbx_hCifWe6FuR6vvXj9YMnIEk_7l38AZqxIHcOiaJZd59-35K247NATQY1WgcvGQxaI36LFqvACAX2UVFAssI125vHrsuwLAJy9OcA_kgheVTcKp5WdduzrjdYQurhRcFyNcymSHZWxCS0-YM4_8fGVxiGnqewS_NIOaN3CG28A9EKRlCoJ9JloFMaKZ0bWiVVlGhkBgNkB4pvphIEX7WeUXooov3ipgVC8NzO62T671uH2ULSs8kpitWR2gSBufjTbfxkBCQY9JViCHtEoCwyRhxkfdzWNPHuOh1YNqGIFNLLb3ecl7t-oDuE0gIX1Ps41ehN4YoPmfrib4Ggdj09OYj8hwq3wVuwstcjiCJweDLEUhxa6PZcGMXwp8Z806TEzHqVJiK415oQhnq9O1KU8hP2uL2evBlvPNs61j4X5kYl9TZeKIUzZvAM6NyhQYb2TBSK6OJLMx1Nuz6cuFFtdBbrVC9lp2PHMmbE3Qdh6ysLLtZHaZQa9rIes

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&h=250&slotname=5250999203&adk=3748912971&adf=755399958&pi=t.ma~as.5250999203&w=300&lmt=1616779179&psa=0&format=300x250&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&wgl=1&dt=1616779179517&bpp=3&bdt=175&idt=123&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=8371144229085&frm=20&pv=1&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68vztScvTJ&p=https%3A//www.kupino.pl&dtd=126
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 26 Mar 2021 17:19:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/ Frame B265 77 KB
22 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&h=600&slotname=7607793130&adk=2261506114&adf=4072245520&pi=t.ma~as.7607793130&w=300&lmt=1616779179&psa=0&format=300x600&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&wgl=1&dt=1616779179520&bpp=1&bdt=178&idt=126&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C300x250&correlator=8371144229085&frm=20&pv=1&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=M6AuMFn44D&p=https%3A//www.kupino.pl&dtd=131

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64720ff1e5e62afe529c48f25a6843ac2ff455fb29397c82810c0e56b69d917a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Fri, 26 Mar 2021 06:21:33 GMT
expires: Sat, 26 Mar 2022 06:21:33 GMT
last-modified: Wed, 17 Feb 2021 16:03:36 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 20824
age: 39487
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame D507 0
0 45ms
44ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYYgaqxdeYM2EKdGNzAbYx5-AAp6d8oth4tCK36cNv-EeEAEg39n_JGCVAqAB2qmj7QLIAQmpAq7skubRyLM-qAMByANIqgTWAU_QMZowJfLl3I5FBdVmH2WiNDM0fvNzbPTgIZ-TbeO-t8r6_bjEpHWbLsB9tV2hA8ldIQRXUMH0t86vvbP_KKeCjodRb4MgT7fPJHFJd-5h0WQ_NP1ucxfq1Cs7E10LgkxQhpxRAXg2w0Jd7bdCl-YHSVLV_0wH9AN2lYCliAYpQx9ulQWPzAkw8Y0Gv7R0-S4pWLiUDYj_OQBLd6KW7yOBME6UEGjm4U_grGcnMfeL4DUpuqiQt4EWJ-TshAgLd6kxvwe0TV9fpHKZ7Jw_SuO4f771sybABLLas8mRApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfG35AMqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPqSB9IICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi01MTc0NDU2NzU3NTAxOTk3&sigh=WcvWjtpYCUI&template_id=419&tpd=AGWhJmsbHlZYdfaSKIfuRJrtnqWie9wf-HI_gcU8r_dwaJ3iLA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&h=600&slotname=7607793130&adk=2261506114&adf=4072245520&pi=t.ma~as.7607793130&w=300&lmt=1616779179&psa=0&format=300x600&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&wgl=1&dt=1616779179520&bpp=1&bdt=178&idt=126&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C300x250&correlator=8371144229085&frm=20&pv=1&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=M6AuMFn44D&p=https%3A//www.kupino.pl&dtd=131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 26 Mar 2021 17:19:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/ Frame D507 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 14491782869175424788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Apr 2021 17:12:08 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame D507 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Apr 2021 17:13:54 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D507 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e705dfac9d3d11ae87071979b2bbb52db73d03fff6252c1b73ce5b3c7ebb6e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616585768493349"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36563
x-xss-protection: 0
expires: Fri, 26 Mar 2021 17:19:40 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame D507 12 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5520
x-xss-protection: 0
server: cafe
etag: 4598867394938533942
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Apr 2021 17:17:18 GMT

GET
H/1.1 200
OK r9d3a58lo9uw Show response
hal9000.redintelligence.net/zone/ Frame D3EF 10 KB
3 KB 133ms
41ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/r9d3a58lo9uw?subid=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&rnd=8439988332461115220&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8439988332461115220%26mt_id%3D8675609%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D5187605e-17ac-4a01-80e5-642ba053b59e%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCknWlqxdeYIfMKIWgzAb0oqqABc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTE3NDQ1Njc1NzUwMTk5N8gBCagDAaoEygFP0BIuTk-SiHEL6i49SwqH-jATWniOCDH5N2wxdfnB3MptfZF7b-Di_KGP_bK--nWBKxKzlsRxjEy0oG6u8scNoNOVvwhDqkoOlTNnXSJ4iP6-ipO1MA56bNsBy_1BirKaGPpC9DvUbOIL1kBZG59KJ5-0edGDz8i_Rca6okJc9oyMX1yoG0vPFO1qVwgyL2Z14fCKzy81RrVseY_GTO7rdXmEFjtVMk97RrAoNBNko2XccwT1P-Pfhim2Vwy8_R2XFhUBsYoqB5PWgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3Q-YxfUxHczCTlDnOajqse23TNBw%2526client%253Dca-pub-5174456757501997%2526adurl%253D%26redirect%3D
Requested by: Host: www.kupino.pl
URL: https://www.kupino.pl/gazetki/tescoma
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4a0b4b26f7e47dbf5311b2b8855e64245b1b3613a6329a472869ad01efa0c9e4

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 Mar 2021 17:19:40 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3373
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame D3EF 49 B
330 B 155ms
63ms Image
image/gif 185.29.133.58
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=8439988332461115220&node_id=1610&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWprNU5XUmpZbVF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0Mzk5ODgzMzI0NjExMTUyMjAvODY3NTYwOS83MzI0NDE5LzQvbnhKcjRHc0E4eXVlckNjb19VWVFmemJRMUV0M2w5dEJfU1dQUUJlTnpQYy8xLzQvMC8wLzE1MTI1ODYvMC8yNDI4NzYvODYzMTgyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvODQzOTk4ODMzMjQ2MTExNTIyMC9hbXMvMC8yNjQvNzYvOTk5LzY2LzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MTY3NzkxNzkvMTYxNjc5MTc3OS80L3B1Yi01MTc0NDU2NzU3NTAxOTk3Lw/FGHBqeZuFcA_xHgXGPcLufFlSLs&nodeid=1610&group=eu&auctionid=8439988332461115220&sid=7324419&cid=8675609&bp=a_agffcb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.139&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCknWlqxdeYIfMKIWgzAb0oqqABc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTE3NDQ1Njc1NzUwMTk5N8gBCagDAaoEygFP0BIuTk-SiHEL6i49SwqH-jATWniOCDH5N2wxdfnB3MptfZF7b-Di_KGP_bK--nWBKxKzlsRxjEy0oG6u8scNoNOVvwhDqkoOlTNnXSJ4iP6-ipO1MA56bNsBy_1BirKaGPpC9DvUbOIL1kBZG59KJ5-0edGDz8i_Rca6okJc9oyMX1yoG0vPFO1qVwgyL2Z14fCKzy81RrVseY_GTO7rdXmEFjtVMk97RrAoNBNko2XccwT1P-Pfhim2Vwy8_R2XFhUBsYoqB5PWgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_3Q-YxfUxHczCTlDnOajqse23TNBw%26client%3Dca-pub-5174456757501997%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.58 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.195.3 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 Mar 2021 17:19:35 GMT
Server: MMBD/3.195.3
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x71, cdg-bidder-x138
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 26 Mar 2021 17:19:34 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame D3EF 43 B
359 B 136ms
49ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=8439988332461115220&v3=863182&v4=7324419&v5=8675609&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWprNU5XUmpZbVF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0Mzk5ODgzMzI0NjExMTUyMjAvODY3NTYwOS83MzI0NDE5LzQvbnhKcjRHc0E4eXVlckNjb19VWVFmemJRMUV0M2w5dEJfU1dQUUJlTnpQYy8xLzQvMC8wLzE1MTI1ODYvMC8yNDI4NzYvODYzMTgyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvODQzOTk4ODMzMjQ2MTExNTIyMC9hbXMvMC8yNjQvNzYvOTk5LzY2LzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MTY3NzkxNzkvMTYxNjc5MTc3OS80L3B1Yi01MTc0NDU2NzU3NTAxOTk3Lw/FGHBqeZuFcA_xHgXGPcLufFlSLs&nodeid=1610&group=eu&auctionid=8439988332461115220&sid=7324419&cid=8675609&bp=a_agffcb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.139&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCknWlqxdeYIfMKIWgzAb0oqqABc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTE3NDQ1Njc1NzUwMTk5N8gBCagDAaoEygFP0BIuTk-SiHEL6i49SwqH-jATWniOCDH5N2wxdfnB3MptfZF7b-Di_KGP_bK--nWBKxKzlsRxjEy0oG6u8scNoNOVvwhDqkoOlTNnXSJ4iP6-ipO1MA56bNsBy_1BirKaGPpC9DvUbOIL1kBZG59KJ5-0edGDz8i_Rca6okJc9oyMX1yoG0vPFO1qVwgyL2Z14fCKzy81RrVseY_GTO7rdXmEFjtVMk97RrAoNBNko2XccwT1P-Pfhim2Vwy8_R2XFhUBsYoqB5PWgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_3Q-YxfUxHczCTlDnOajqse23TNBw%26client%3Dca-pub-5174456757501997%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3611 f10363c master zrh-pixel-x4 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 Mar 2021 17:19:40 GMT
Server: MT3 3611 f10363c master zrh-pixel-x4
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 26 Mar 2021 17:19:39 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame D3EF 49 B
330 B 154ms
62ms Image
image/gif 185.29.133.58
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=8439988332461115220&st=7324419&time=1616779180&nodeid=1610
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWprNU5XUmpZbVF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0Mzk5ODgzMzI0NjExMTUyMjAvODY3NTYwOS83MzI0NDE5LzQvbnhKcjRHc0E4eXVlckNjb19VWVFmemJRMUV0M2w5dEJfU1dQUUJlTnpQYy8xLzQvMC8wLzE1MTI1ODYvMC8yNDI4NzYvODYzMTgyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvODQzOTk4ODMzMjQ2MTExNTIyMC9hbXMvMC8yNjQvNzYvOTk5LzY2LzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MTY3NzkxNzkvMTYxNjc5MTc3OS80L3B1Yi01MTc0NDU2NzU3NTAxOTk3Lw/FGHBqeZuFcA_xHgXGPcLufFlSLs&nodeid=1610&group=eu&auctionid=8439988332461115220&sid=7324419&cid=8675609&bp=a_agffcb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.139&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCknWlqxdeYIfMKIWgzAb0oqqABc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTE3NDQ1Njc1NzUwMTk5N8gBCagDAaoEygFP0BIuTk-SiHEL6i49SwqH-jATWniOCDH5N2wxdfnB3MptfZF7b-Di_KGP_bK--nWBKxKzlsRxjEy0oG6u8scNoNOVvwhDqkoOlTNnXSJ4iP6-ipO1MA56bNsBy_1BirKaGPpC9DvUbOIL1kBZG59KJ5-0edGDz8i_Rca6okJc9oyMX1yoG0vPFO1qVwgyL2Z14fCKzy81RrVseY_GTO7rdXmEFjtVMk97RrAoNBNko2XccwT1P-Pfhim2Vwy8_R2XFhUBsYoqB5PWgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_3Q-YxfUxHczCTlDnOajqse23TNBw%26client%3Dca-pub-5174456757501997%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.58 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.195.3 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 Mar 2021 17:19:35 GMT
Server: MMBD/3.195.3
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x79, cdg-bidder-x138
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 26 Mar 2021 17:19:34 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 402E 143 B
165 B 7ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&h=600&slotname=7607793130&adk=2261506114&adf=4072245520&pi=t.ma~as.7607793130&w=300&lmt=1616779179&psa=0&format=300x600&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&wgl=1&dt=1616779179520&bpp=1&bdt=178&idt=126&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C300x250&correlator=8371144229085&frm=20&pv=1&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=M6AuMFn44D&p=https%3A//www.kupino.pl&dtd=131
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmmNa6ii1rbnrH_CKCV-4nRg2EnDfYimyF0rIbp-p48sPbOC2_zIkzrWE0Nbsc; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&h=600&slotname=7607793130&adk=2261506114&adf=4072245520&pi=t.ma~as.7607793130&w=300&lmt=1616779179&psa=0&format=300x600&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&wgl=1&dt=1616779179520&bpp=1&bdt=178&idt=126&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C300x250&correlator=8371144229085&frm=20&pv=1&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=703&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=M6AuMFn44D&p=https%3A//www.kupino.pl&dtd=131

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 26 Mar 2021 16:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2294
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame B265 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 27 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B265 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 27 Mar 2021 13:07:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B265 4 KB
739 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1476c101cda6283fbd6a7b4381767b7ecde6d8e1bd871dd43bfba89f1b950a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Mar 2021 15:27:16 GMT
server: ESF
date: Fri, 26 Mar 2021 17:19:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Mar 2021 17:19:40 GMT

GET
H3-Q050 200 bild_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/images/ Frame B265 42 KB
43 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/images/bild_1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49a2ed3e509ec10cf7311f44da9f0faed5615499b7f6ec608cf820e805a2f355

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 556549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43075
x-xss-protection: 0
last-modified: Wed, 17 Feb 2021 16:03:36 GMT
server: sffe
date: Sat, 20 Mar 2021 06:43:51 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 06:43:51 GMT

GET
H3-Q050 200 bild_2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/images/ Frame B265 37 KB
37 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/images/bild_2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

119be8de41c5d6c567fb5bbce51d6319e779e00e983edb7bbe21e6407b1bcbbe

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 75372
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37484
x-xss-protection: 0
last-modified: Wed, 17 Feb 2021 16:03:36 GMT
server: sffe
date: Thu, 25 Mar 2021 20:23:28 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Mar 2022 20:23:28 GMT

GET
H3-Q050 200 textbox.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/images/ Frame B265 3 KB
2 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/images/textbox.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea4c2c5745d45340cead7b9f630217b853fd4246d8227904d8aa43edaedf77b1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 120573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1551
x-xss-protection: 0
last-modified: Wed, 17 Feb 2021 16:03:36 GMT
server: sffe
date: Thu, 25 Mar 2021 07:50:07 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Mar 2022 07:50:07 GMT

GET
H3-Q050 200 cta-icon.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/images/ Frame B265 198 B
258 B 7ms
6ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/images/cta-icon.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6458a29ee3ece5dfe1f568c9fbc935bd85c076510162ef82f79a1c76cf456eb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 277231
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
last-modified: Wed, 17 Feb 2021 16:03:36 GMT
server: sffe
date: Tue, 23 Mar 2021 12:19:09 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 12:19:09 GMT

GET
H3-Q050 200 cta-text.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/images/ Frame B265 1 KB
909 B 8ms
7ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/images/cta-text.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07c0e56d3dab9ba01869922dc45a09928804d0ce6c4de08f6f2ff1c558ac8670

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 240241
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Wed, 17 Feb 2021 16:03:36 GMT
server: sffe
date: Tue, 23 Mar 2021 22:35:39 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 22:35:39 GMT

GET
H3-Q050 200 logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/images/ Frame B265 2 KB
1 KB 10ms
10ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/images/logo.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10780656370840662998/Walbusch_Kent_Aktiv-AT-DE_300x600/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a23f4c0e409deeb4a5667a3969dd999a10b48a6fa4d6dc94ea931a09b567728

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 240397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1082
x-xss-protection: 0
last-modified: Wed, 17 Feb 2021 16:03:36 GMT
server: sffe
date: Tue, 23 Mar 2021 22:33:03 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 22:33:03 GMT

GET
DATA 200
OK truncated
/ Frame D507 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dc44de8288148be13766c8ce586847126d9e85fee972ba102eaf1dc4fa2a573

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame B265 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 15:00:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 8338
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Sat, 26 Mar 2022 15:00:42 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame B265 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 07:39:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 121208
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Fri, 25 Mar 2022 07:39:32 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 402E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

39ms
39ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmmNa6ii1rbnrH_CKCV-4nRg2EnDfYimyF0rIbp-p48sPbOC2_zIkzrWE0Nbsc; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 26 Mar 2021 17:19:40 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 26-Mar-2021 18:19:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 26 Mar 2021 17:19:40 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 26 Mar 2021 17:19:40 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 kkn9n4GD9OXgriPD4kOG_dPH557D54jLHxFIPOGmCpU.js Show response
pagead2.googlesyndication.com/bg/ Frame B265 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kkn9n4GD9OXgriPD4kOG_dPH557D54jLHxFIPOGmCpU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9249fd9f8183f4e5e0ae23c3e24386fdd3c7e79ec3e788cb1f11483ce1a60a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 13:42:58 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 272202
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5656
x-xss-protection: 0
expires: Wed, 23 Mar 2022 13:42:58 GMT

GET
H/1.1

200
OK

request.php Show response
hal90009.redintelligence.net/ Frame D3EF
Redirect Chain

https://hal90009.redintelligence.net/request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=c88b4fcb04&subid=&uid=e79f434c07649a33&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90009.redintelligence.net/request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=c88b4fcb04&subid=&uid=e79f434c07649a33&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
1 KB

192ms
98ms

Script
application/x-javascript

138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=c88b4fcb04&subid=&uid=e79f434c07649a33&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8439988332461115220%26mt_id%3D8675609%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D5187605e-17ac-4a01-80e5-642ba053b59e%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCknWlqxdeYIfMKIWgzAb0oqqABc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTE3NDQ1Njc1NzUwMTk5N8gBCagDAaoEygFP0BIuTk-SiHEL6i49SwqH-jATWniOCDH5N2wxdfnB3MptfZF7b-Di_KGP_bK--nWBKxKzlsRxjEy0oG6u8scNoNOVvwhDqkoOlTNnXSJ4iP6-ipO1MA56bNsBy_1BirKaGPpC9DvUbOIL1kBZG59KJ5-0edGDz8i_Rca6okJc9oyMX1yoG0vPFO1qVwgyL2Z14fCKzy81RrVseY_GTO7rdXmEFjtVMk97RrAoNBNko2XccwT1P-Pfhim2Vwy8_R2XFhUBsYoqB5PWgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3Q-YxfUxHczCTlDnOajqse23TNBw%2526client%253Dca-pub-5174456757501997%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.kupino.pl%2F&ancestorOrigins=https%3A%2F%2Fwww.kupino.pl&random=6085665951116&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5174456757501997&output=html&h=250&slotname=5250999203&adk=3748912971&adf=755399958&pi=t.ma~as.5250999203&w=300&lmt=1616779179&psa=0&format=300x250&url=https%3A%2F%2Fwww.kupino.pl%2Fgazetki%2Ftescoma&flash=0&wgl=1&dt=1616779179517&bpp=3&bdt=175&idt=123&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=8371144229085&frm=20&pv=1&ga_vid=1526030308.1616779180&ga_sid=1616779180&ga_hid=352815524&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2607490336390079&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68vztScvTJ&p=https%3A//www.kupino.pl&dtd=126
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c01de4e93e2af2bed60401754f5dc711454ff37a4b0160bae3f7f8affd2b987b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Mar 2021 17:19:40 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 91171300136959302179199011545009
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 727
Expires: Fri, 26 Mar 2021 17:19:40 +0100

Redirect headers

Pragma: no-cache
Date: Fri, 26 Mar 2021 17:19:40 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=c88b4fcb04&subid=&uid=e79f434c07649a33&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8439988332461115220%26mt_id%3D8675609%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D5187605e-17ac-4a01-80e5-642ba053b59e%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCknWlqxdeYIfMKIWgzAb0oqqABc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTE3NDQ1Njc1NzUwMTk5N8gBCagDAaoEygFP0BIuTk-SiHEL6i49SwqH-jATWniOCDH5N2wxdfnB3MptfZF7b-Di_KGP_bK--nWBKxKzlsRxjEy0oG6u8scNoNOVvwhDqkoOlTNnXSJ4iP6-ipO1MA56bNsBy_1BirKaGPpC9DvUbOIL1kBZG59KJ5-0edGDz8i_Rca6okJc9oyMX1yoG0vPFO1qVwgyL2Z14fCKzy81RrVseY_GTO7rdXmEFjtVMk97RrAoNBNko2XccwT1P-Pfhim2Vwy8_R2XFhUBsYoqB5PWgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3Q-YxfUxHczCTlDnOajqse23TNBw%2526client%253Dca-pub-5174456757501997%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.kupino.pl%2F&ancestorOrigins=https%3A%2F%2Fwww.kupino.pl&random=6085665951116&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Fri, 26 Mar 2021 17:19:40 +0100

GET
H/1.1 200
OK request_content.php Show response
hal90009.redintelligence.net/ Frame 28FF 3 KB
2 KB 124ms
36ms Document
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/request_content.php?s=91171300136959302179199011545009&a=63358416
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=c88b4fcb04&subid=&uid=e79f434c07649a33&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8439988332461115220%26mt_id%3D8675609%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D5187605e-17ac-4a01-80e5-642ba053b59e%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCknWlqxdeYIfMKIWgzAb0oqqABc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTE3NDQ1Njc1NzUwMTk5N8gBCagDAaoEygFP0BIuTk-SiHEL6i49SwqH-jATWniOCDH5N2wxdfnB3MptfZF7b-Di_KGP_bK--nWBKxKzlsRxjEy0oG6u8scNoNOVvwhDqkoOlTNnXSJ4iP6-ipO1MA56bNsBy_1BirKaGPpC9DvUbOIL1kBZG59KJ5-0edGDz8i_Rca6okJc9oyMX1yoG0vPFO1qVwgyL2Z14fCKzy81RrVseY_GTO7rdXmEFjtVMk97RrAoNBNko2XccwT1P-Pfhim2Vwy8_R2XFhUBsYoqB5PWgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3Q-YxfUxHczCTlDnOajqse23TNBw%2526client%253Dca-pub-5174456757501997%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.kupino.pl%2F&ancestorOrigins=https%3A%2F%2Fwww.kupino.pl&random=6085665951116&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d1b6e3c4a4c2649325a4f530813757a9c594da21d230945f4b95efa3b882e31d

Request headers

Host: hal90009.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=2b4e2aeea3c54993
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Fri, 26 Mar 2021 17:19:41 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 26 Mar 2021 17:19:41 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1345
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame D3EF 43 B
702 B 124ms
40ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519556&v=14098&q=368694&r=296283&pref1=91171300136959302179199011545009&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Mar 2021 17:19:41 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame D3EF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2d98e4f6740425b7afd19a778bb416fb12c0e898f4b259ba7b581736258f0e4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7AE1 42 B
479 B 69ms
55ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDHUr8AoNnoGOJuQW8Z_33WyZtEvRyLaqn2IyFwDgtU-X22ligQrK_w1PwKMcpwTC-npfui-LUJjVra28cNLypqdnK6QTAOR9JNWBLyp_deSdx_-ErJLKuF0pQ_g&sai=AMfl-YTEGp1v2_f8TgzI7xyfb2TFuLozSGRff6NWK6v9_5ZQQfvbtRh1TRHdscIcsIdQLI1Vo_tAMfXAta4h&sig=Cg0ArKJSzNNlIoM0hhhPEAE&id=osdim&mcvt=1000&p=0,433,90,1168&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210324&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=720800722&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616779179631&dlt=412&rpt=90&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Mar 2021 17:19:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

kl_kis_300x250px.gif
media.kaspersky.com/de/affiliates/ Frame 28FF
Redirect Chain

https://www.awin1.com/cshow.php?s=2519556&v=14098&q=368694&r=296283&pref1=91171300136959302179199011545009&pv=0
https://media.kaspersky.com/de/affiliates/kl_kis_300x250px.gif

36 KB
36 KB

217ms
109ms

Image
image/gif

185.85.15.31
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/kl_kis_300x250px.gif

Requested by

Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=91171300136959302179199011545009&a=63358416

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.85.15.31 , Russian Federation, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

47b04e7ebabf7a5d10e7ff6e7916bd9db7ec3fe22b7a03ac8712b90f01fef145

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 23 Sep 2019 13:27:24 GMT
server
x-powered-by: Kaspersky Labs, Kaspersky Labs
etag: "2ef1ea31272d51:0"
x-frame-options: SAMEORIGIN
content-type: image/gif
x-xss-protection: 1; mode=block
x-server: fr2/MSK8
accept-ranges: bytes
content-length: 36655
date: Fri, 26 Mar 2021 17:19:40 GMT

Redirect headers

Date: Fri, 26 Mar 2021 17:19:41 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/kl_kis_300x250px.gif
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
hal90009.redintelligence.net/ Frame 28FF 0
150 B 114ms
39ms Script
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/viewability?s=91171300136959302179199011545009&a=a3df2637&vb=m
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=91171300136959302179199011545009&a=63358416
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90009.redintelligence.net/request_content.php?s=91171300136959302179199011545009&a=63358416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 Mar 2021 17:19:41 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 28FF 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/24i/tools/js/ Frame 28FF 851 B
1 KB 162ms
45ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=91171300136959302179199011545009&a=63358416
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 Mar 2021 17:19:41 GMT
Last-Modified: Tue, 03 May 2016 20:54:50 GMT
Server: nginx
ETag: "5729101a-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 19ms
19ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210322&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821b32349bc134879008c6d16dbbe62ac213c6be4b321e9eeefe43c06aafffcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Mar 2021 17:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6526
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 26 Mar 2021 17:19:41 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame A5F2 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kupino.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kupino.pl/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 26 Mar 2021 16:47:16 GMT
expires: Sat, 26 Mar 2022 16:47:16 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1945
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 kkn9n4GD9OXgriPD4kOG_dPH557D54jLHxFIPOGmCpU.js Show response
pagead2.googlesyndication.com/bg/ Frame A5F2 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kkn9n4GD9OXgriPD4kOG_dPH557D54jLHxFIPOGmCpU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9249fd9f8183f4e5e0ae23c3e24386fdd3c7e79ec3e788cb1f11483ce1a60a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 13:42:58 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 272203
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5656
x-xss-protection: 0
expires: Wed, 23 Mar 2022 13:42:58 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D507 42 B
66 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_QpZQAQKObO97SETZu-6DVihx30AdZub6XnWugexp1bwX44o12Qb9zf2H-GXtpbBQM-vdulWSBfjn0EV6tr6BJ-rsuc0ljK1DW0KZlIVUzHw80H50XkPfo81Zgg&sai=AMfl-YSDgaKlDZ9jZppVeLKIdRVb6fQd1CdAP-cR2dKnqjDyOI65NfYOsemCkyMKeI8Oj_IFESJpQOobBS7d&sig=Cg0ArKJSzCknzxO6aao6EAE&id=osdim&mcvt=1001&p=703,1110,1303,1410&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210324&bin=7&avms=nio&bs=0,0&mc=0.83&if=1&app=0&itpl=2&adk=2261506114&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616779179653&dlt=827&rpt=60&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Mar 2021 17:19:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 40ms
40ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210322&jk=2607490336390079&bg=!urmluf3NAAbUo7L91KM7ACkAdvg8Wo8uad__kbk1KIrATgR3ozk8O4_KXrDHXtRLOeRJnFDIX8gwVAIAAABfUgAAAAtoAQcKAQ2VZd1vq1-SSL5bqrAFQs5eY4KzFnNGp0w7ypWSEMd1gsm80jmtSTInwQSl0NEiZ_ljMkNw3skUcgJ8f-i3ixtl5bZKdpNuchw5EHmug-7GgsFrqyYMEdKmsnkv6MiWZ-HQhlvHXULyGjB9AmmNh_lI113isi1JbP1RMsXWBk25TTCJ0jT3QbhUrGR4GgZ9Xd7y3V4Bn5GmXx8WQsgGR_f2nN5Q_cKjuqzIqC2pS1OBzh47BKOEQUDCG8P4PRjWB8g5LsQ2ZDIcWB7TlIPMFB9fFNufjAkZ3O7-dIPr1pATIraw5Sn2qXxgZZ22hOGEb-uc0HpKgIgVl11zG7q9NTozPgA1qpTT6KHnoep8S5kByTa2NuiCWruGpR8t0Pvm109AV-94P1qeX_vDBMRvHz2ayh7B9M0WKMqXW10L2wAMBdihvhtFcD1xnKnfQGmSPWvxT5duq1vL52_084XemyLKbt5wm9lrZp1cEUQlrGBofEyO8hGB5PBvq9UyIThgcyOw6QDXdnEIBmw7cbv7wyC7mH0Eyrb7Y4OD0L1pSjX5xUI5SkyjSLFgf8JtyYaapRJzHnah1QCSF0i2nHxkbsnTEmDdifAy-_a5PtBdYlPR4VFW2dYf_4V3dIj7qQ0rL2f9bfHPJ9FdjwE03NhLYGcu1oZy4dyb6YYB0wjrEhqsVkDvPNToaGo152TgcqupilxpoYhqsxdpGovKrWctSHTM6E8efyE-Xt2GkLfb-BrWF1rPAZ_O_7r6Td1g3bD2k0Q7agFZfid3q9-qSq91zAOywENR2UHw7ktLocvM3dVfJrXPtsvn0Ni8Ienf-migW_f1hG8vGI4r1AEL7yKSClIyWWGis0L55BjcdDxxa_9B7CxljbTXkhBR6ei08uKoi33bSYPDDN2CelnIpWNqwB4qZqaup-KnxtS_UIgQXEyqna3xbzYfQ0Y4FcCZ7-i5cQn5sxKVe8dLDF4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kupino.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Mar 2021 17:19:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D3EF 42 B
89 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_c7KJSCD6jGKQ-vsPAs6WPAW9mXwaKaT_rzsx5vnPJPUFgrXRktdD_-kTYhR8VnIrLWY1COQQRDBORYHjnQBM8t6SqE7BQg&sig=Cg0ArKJSzOJOrP8kolYOEAE&id=osdim&mcvt=1001&p=415,1110,665,1410&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210324&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3748912971&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616779179645&dlt=690&rpt=60&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Mar 2021 17:19:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90009.redintelligence.net/ Frame 28FF 0
150 B 111ms
40ms Script
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/viewability?s=91171300136959302179199011545009&a=a3df2637&vb=v
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=91171300136959302179199011545009&a=63358416
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90009.redintelligence.net/request_content.php?s=91171300136959302179199011545009&a=63358416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 Mar 2021 17:19:42 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B265 0
46 B 40ms
39ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=135.0000&a1=https&f1=layout_html&s1=0&d1=9.0000&i=498736856284&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F10780656370840662998%2FWalbusch_Kent_Aktiv-AT-DE_300x600%2Findex.html&gqi=qxdeYJPDKNC6-wau5I2YDw&qqi=CI2GveW7zu8CFdEG0wod2OMHIA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Mar 2021 17:19:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redintelligence.net/	1970-01-19 19:15:55	Name: 8lcfmzhxc8d6_uid Value: 2b4e2aeea3c54993
.doubleclick.net/	1970-01-19 17:06:22	Name: DSID Value: NO_DATA
.kupino.pl/	1970-01-20 02:27:55	Name: __gads Value: ID=9a9da6112d1ba8e8-22ff0bbae0ba0007:T=1616779179:RT=1616779179:S=ALNI_MbTPyyWFi9fqSA09pItI3glHXJYsg
.doubleclick.net/	1970-01-20 02:27:55	Name: IDE Value: AHWqTUmmNa6ii1rbnrH_CKCV-4nRg2EnDfYimyF0rIbp-p48sPbOC2_zIkzrWE0Nbsc
.kupino.pl/	1970-01-19 17:06:19	Name: _gat_UA-129297050-1 Value: 1
www.kupino.pl/	1969-12-31 23:59:59	Name: SRV_ID Value: kupi-www2
.kupino.pl/	1970-01-19 17:07:45	Name: _gid Value: GA1.2.506023094.1616779180
.doubleclick.net/	1970-01-19 17:06:20	Name: test_cookie Value: CheckForPermission
.kupino.pl/	1970-01-19 17:06:19	Name: _gat_UA-151109922-1 Value: 1
.kupino.pl/	1970-01-20 10:37:31	Name: _ga Value: GA1.2.1526030308.1616779180
.kupino.pl/	1970-01-19 17:49:31	Name: __cfduid Value: d748ec89a79db62734265b4c21ed60d781616779179

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.contentspread.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90009.redintelligence.net
img.kupino.pl
media.kaspersky.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
stats.g.doubleclick.net
tags.mathtag.com
tpc.googlesyndication.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.kupino.pl
www.ns.tescomasklep.pl
104.111.239.217
138.201.63.117
138.201.63.149
142.250.185.130
185.29.133.58
185.85.15.31
2.18.233.201
2606:4700:3036::6815:3853
2a00:1450:4001:801::2002
2a00:1450:4001:802::200e
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9d
77.78.104.3
88.99.70.21
06089901f4c163cd2a8f363f6d6bc579c850cb425dfff95bc138e8ed1328abda
0751e319d63030495df65b5d4830029f9f1b51e042a1c9723a29b3e4be2a14ee
07c0e56d3dab9ba01869922dc45a09928804d0ce6c4de08f6f2ff1c558ac8670
07fdc3ce1d1452cd32dd85077cfb014cd44e5006a1b65bdfffe382a4b5ec9a35
0a23f4c0e409deeb4a5667a3969dd999a10b48a6fa4d6dc94ea931a09b567728
0a94a21fb70441cfdae2a2f68b47f851f6526f2ec9daa791a5b50de181a9b5d5
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
119be8de41c5d6c567fb5bbce51d6319e779e00e983edb7bbe21e6407b1bcbbe
1476c101cda6283fbd6a7b4381767b7ecde6d8e1bd871dd43bfba89f1b950a87
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
20bf20c06717842b67c48105ef74e6a4fec645c7b3629f204c89ee47865223d7
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
32dcb8e0b324aa0865859ba49eb4d5eb629772abdb8f68ec74e0d3aef195e9be
368eec66859e12254a2b0db75587c94d21b82ed324c7ef2945bbea77844d82e7
36bd00661a1da5e66ca8a2b240ab514b7fe29e2e2b87abb9e7ce5d1db0204f5b
3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2
3b99c6639750a1a973a521f5e661eb6bb500fd5991371079d8dca231b4129c9a
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
476d28e23c222d9d26093c40276a2de23fa29ad166105f9030bdc3a810fc9603
47b04e7ebabf7a5d10e7ff6e7916bd9db7ec3fe22b7a03ac8712b90f01fef145
49a2ed3e509ec10cf7311f44da9f0faed5615499b7f6ec608cf820e805a2f355
4a0b4b26f7e47dbf5311b2b8855e64245b1b3613a6329a472869ad01efa0c9e4
4af7969e3428fbb26bc2164b706219d4b9afed0c347a57977380850858d8e832
4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288
51e8f2d2769d68ea776eaa8281602dd4e5331bbd8776d8e43e38042216c7784d
541d865bf0fd746dac709f2c9555a18a53ed50ba9a1743ba22fa45fc7040f470
632434921a15f518f688331e5373683733242e4441542af4ee2dfb7b2aedd536
64720ff1e5e62afe529c48f25a6843ac2ff455fb29397c82810c0e56b69d917a
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6c47bd7452acd54e5efd7f368f5c7d7072b434291c81207290a8ab6bb46e679b
6dc44de8288148be13766c8ce586847126d9e85fee972ba102eaf1dc4fa2a573
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
7bc5cdc982210fa5f543ec21cb32c7246c3226cc4d48a525248df920af7eb107
821b32349bc134879008c6d16dbbe62ac213c6be4b321e9eeefe43c06aafffcd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8e845b3c43da250d2131dcca1a9af77bdaca1b61f1215be6317f2d5f17f999e1
9249fd9f8183f4e5e0ae23c3e24386fdd3c7e79ec3e788cb1f11483ce1a60a95
9bfae43a9ba6461aa4f7869697e6c2560679465cf3350b1ee49b5b73840447be
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9f90a22a69a12d531de4e8ee888cff8c8400305b823ccb19f3ff9ee64440057f
a12e7bfcf160d8f6de2a8b37fb636ca056a891ed77d4dd86d7e9f85857956ca7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a842b08ceb444aab85f364c227eb18617d2f71a0c642ddebea931c3df1464091
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20e98110c9b401dd42a053f6135795be4b02c81fb2b3fe3df822ffe5bbd2670
b2d98e4f6740425b7afd19a778bb416fb12c0e898f4b259ba7b581736258f0e4
b6458a29ee3ece5dfe1f568c9fbc935bd85c076510162ef82f79a1c76cf456eb
b6e3f7723f8049ebdc3d45fa2edb28e9d9fce1db082f602e16bde2f3d2acf164
c01de4e93e2af2bed60401754f5dc711454ff37a4b0160bae3f7f8affd2b987b
c09cad3d9bad5561475ccb0e483cb97685ad42da1e269b6263e10580cf039e6b
c1a961f2f4007a1bde2d26d38ae886906be8aee846fc1602ecafae66269ee3c1
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c5793d10c3b7a91013e36d1b2cff04abe9e30dcd9d0c37e53a662984aa6a2697
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cac02e231c61068da6a4e6c177f2ccd14a5360aa3509af3be992bfbbad0c127b
d1b6e3c4a4c2649325a4f530813757a9c594da21d230945f4b95efa3b882e31d
d3bddd2f38e15b3534c563d21c90bb54116db027ec6f3b6279b341390a33783b
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
dcfbe962411934b74e2cbcd25dda6d0ba5eefb8662c09f67730a211f87f46eec
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e705dfac9d3d11ae87071979b2bbb52db73d03fff6252c1b73ce5b3c7ebb6e9c
e9d2f9745062252ed5c33813a43ccebcf8e703be28ddc39416063fc28f3579c7
ea4c2c5745d45340cead7b9f630217b853fd4246d8227904d8aa43edaedf77b1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.kupino.pl Open in urlscan Pro 2606:4700:3036::6815:3853 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

93 Requests

100 %HTTPS

63 %IPv6

17 Domains

24 Subdomains

24 IPs

6 Countries

908 kBTransfer

1902 kBSize

11 Cookies

17 Outgoing links

Page URL History

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.kupino.pl Open in urlscan Pro
2606:4700:3036::6815:3853 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

100 %
HTTPS

63 %
IPv6

17
Domains

24
Subdomains

24
IPs

6
Countries

908 kB
Transfer

1902 kB
Size

11
Cookies

93 HTTP transactions
4 data transactions