odzyskanerzeczy.click Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

URL: https://odzyskanerzeczy.click/
Submission: On December 15 via api from PL — Scanned from NL

Summary

This website contacted 26 IPs in 4 countries across 18 domains to perform 135 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is odzyskanerzeczy.click.
TLS certificate: Issued by GTS CA 1P5 on December 14th 2023. Valid for: 3 months.
This is the only time odzyskanerzeczy.click was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 5 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 62.129.206.181 12824 (HOMEPL-AS)
54 2600:9000:226... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 52.222.232.47 16509 (AMAZON-02)
1 216.58.212.130 15169 (GOOGLE)
2 195.177.217.192 50599 (Autonomou...)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f08... 32934 (FACEBOOK)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 216.58.206.38 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
6 172.217.18.100 15169 (GOOGLE)
9 142.250.184.195 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
135 26
Apex Domain
Subdomains
Transfer
54 website-files.com
assets-global.website-files.com — Cisco Umbrella Rank: 6575
20 MB
15 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
10121152.fls.doubleclick.net
10902911.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
static.doubleclick.net — Cisco Umbrella Rank: 248
12 KB
12 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2693
adservice.google.com — Cisco Umbrella Rank: 93
21 KB
9 google.nl
www.google.nl — Cisco Umbrella Rank: 9642
1 KB
7 youtube.com
www.youtube.com — Cisco Umbrella Rank: 71
970 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
489 KB
6 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 340
fonts.googleapis.com — Cisco Umbrella Rank: 29
jnn-pa.googleapis.com — Cisco Umbrella Rank: 203
48 KB
5 gstatic.com
fonts.gstatic.com
124 KB
5 odzyskanerzeczy.click
odzyskanerzeczy.click
24 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
120 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
216 B
2 goadservices.com
t.goadservices.com — Cisco Umbrella Rank: 258430
1 KB
2 pizzadominium.pl
www.pizzadominium.pl
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 89
2 KB
1 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2199
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
19 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
31 KB
135 18
Domain Requested by
54 assets-global.website-files.com odzyskanerzeczy.click
assets-global.website-files.com
9 www.google.nl odzyskanerzeczy.click
8 www.google.com odzyskanerzeczy.click
www.youtube.com
7 www.youtube.com odzyskanerzeczy.click
www.youtube.com
6 googleads.g.doubleclick.net www.googleadservices.com
www.googletagmanager.com
www.youtube.com
6 www.googletagmanager.com odzyskanerzeczy.click
www.googletagmanager.com
www.google-analytics.com
5 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 odzyskanerzeczy.click 1 redirects odzyskanerzeczy.click
4 jnn-pa.googleapis.com www.youtube.com
4 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 connect.facebook.net odzyskanerzeczy.click
connect.facebook.net
2 www.facebook.com odzyskanerzeczy.click
2 adservice.google.com 10902911.fls.doubleclick.net
10121152.fls.doubleclick.net
2 region1.analytics.google.com www.googletagmanager.com
2 10902911.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 10121152.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 t.goadservices.com odzyskanerzeczy.click
t.goadservices.com
2 www.pizzadominium.pl odzyskanerzeczy.click
1 i.ytimg.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 region1.google-analytics.com www.googletagmanager.com
1 script.crazyegg.com www.googletagmanager.com
1 fonts.googleapis.com ajax.googleapis.com
1 www.googleadservices.com odzyskanerzeczy.click
1 d3e54v103j8qbb.cloudfront.net odzyskanerzeczy.click
1 ajax.googleapis.com odzyskanerzeczy.click
135 27
Subject Issuer Validity Valid
odzyskanerzeczy.click
GTS CA 1P5
2023-12-14 -
2024-03-13
3 months crt.sh
*.pizzadominium.pl
Certyfikat SSL
2023-06-21 -
2024-06-20
a year crt.sh
*.website-files.com
Amazon RSA 2048 M03
2023-09-11 -
2024-10-08
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.goadservices.com
DOMENY SSL DV Certification Authority
2023-05-30 -
2024-05-29
a year crt.sh
*.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-09-23 -
2023-12-22
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-03-09 -
2024-03-08
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.google.nl
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
edgestatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh

This page contains 4 frames:

Primary Page: https://odzyskanerzeczy.click/
Frame ID: 23378050D969BAC174E52EBDB72E6DB5
Requests: 114 HTTP requests in this frame

Frame: https://www.youtube.com/embed/5eCk-BTyot4?rel=1&controls=0&autoplay=0&mute=0&start=0
Frame ID: 56FB797654D7CA92CA0288C904B56FBF
Requests: 15 HTTP requests in this frame

Frame: https://10121152.fls.doubleclick.net/activityi;dc_pre=CPL3pPWRkIMDFQtFkQUdpRcK0A;src=10121152;type=invmedia;cat=sg-za0;ord=6255125000539;auiddc=572841475.1702598565;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fodzyskanerzeczy.click%2F
Frame ID: CBA5F6A60D8E4194721180832E5CF3EE
Requests: 2 HTTP requests in this frame

Frame: https://10902911.fls.doubleclick.net/activityi;dc_pre=CMKppfWRkIMDFXJLkQUdFU8JtA;src=10902911;type=rmkt0;cat=domin0;ord=1099136030168;auiddc=572841475.1702598565;u1=https%3A%2F%2Fodzyskanerzeczy.click%2F;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fodzyskanerzeczy.click%2F
Frame ID: BC4C4F1E600EB9F0F1A71A6E1A225D6E
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

": Dziecko zginęło pod kołami auta! Drastyczne nagranie!! [+18]"Tutti Santi – pizza Mistrza Włoch Valerio Valle

Page URL History Show full URLs

  1. https://odzyskanerzeczy.click/ Page URL
  2. https://odzyskanerzeczy.click/cdn-cgi/phish-bypass?atok=1QXXhn5E8ZAumB9AE9LLq1Dlu3iJEQyAyLAxfoVPMw8-170259... HTTP 301
    https://odzyskanerzeczy.click/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 10%
Detected patterns
  • basket.*\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

135
Requests

100 %
HTTPS

73 %
IPv6

18
Domains

27
Subdomains

26
IPs

4
Countries

22159 kB
Transfer

27146 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://odzyskanerzeczy.click/ Page URL
  2. https://odzyskanerzeczy.click/cdn-cgi/phish-bypass?atok=1QXXhn5E8ZAumB9AE9LLq1Dlu3iJEQyAyLAxfoVPMw8-1702598559-0-%2F HTTP 301
    https://odzyskanerzeczy.click/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73
  • https://10121152.fls.doubleclick.net/activityi;src=10121152;type=invmedia;cat=sg-za0;ord=6255125000539;auiddc=572841475.1702598565;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fodzyskanerzeczy.click%2F HTTP 302
  • https://10121152.fls.doubleclick.net/activityi;dc_pre=CPL3pPWRkIMDFQtFkQUdpRcK0A;src=10121152;type=invmedia;cat=sg-za0;ord=6255125000539;auiddc=572841475.1702598565;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fodzyskanerzeczy.click%2F
Request Chain 74
  • https://10902911.fls.doubleclick.net/activityi;src=10902911;type=rmkt0;cat=domin0;ord=1099136030168;auiddc=572841475.1702598565;u1=https%3A%2F%2Fodzyskanerzeczy.click%2F;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fodzyskanerzeczy.click%2F HTTP 302
  • https://10902911.fls.doubleclick.net/activityi;dc_pre=CMKppfWRkIMDFXJLkQUdFU8JtA;src=10902911;type=rmkt0;cat=domin0;ord=1099136030168;auiddc=572841475.1702598565;u1=https%3A%2F%2Fodzyskanerzeczy.click%2F;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fodzyskanerzeczy.click%2F

135 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
odzyskanerzeczy.click/
4 KB
2 KB
Document
General
Full URL
https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9c317746b56e3e39a8eab4fee70a2613feb1e3c8d4b1f25d582d533385d7bde
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cf-ray
835a6b4229ab66c2-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Dec 2023 00:02:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m145WW8eIsdSPreCQZ%2F41cgNTf2AScndLW4j4vlPtlE%2BtTFKbk6kZFrk5GBbGScxzn%2Fje241oWEw7s7riiDHTz%2FBkSIt7mPqCdazVnTk4t6fppjxvrEaSJlGk7lomN6SLV2Agw9nSsIABb8mowxCSgYLBvg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf.errors.css
odzyskanerzeczy.click/cdn-cgi/styles/
24 KB
5 KB
Stylesheet
General
Full URL
https://odzyskanerzeczy.click/cdn-cgi/styles/cf.errors.css
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 01 Dec 2023 15:04:24 GMT
server
cloudflare
etag
W/"6569f5f8-5e44"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
835a6b4259dc66c2-AMS
expires
Fri, 15 Dec 2023 02:02:39 GMT
icon-exclamation.png
odzyskanerzeczy.click/cdn-cgi/images/
452 B
541 B
Image
General
Full URL
https://odzyskanerzeczy.click/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:02:39 GMT
x-content-type-options
nosniff
last-modified
Fri, 01 Dec 2023 15:04:24 GMT
server
cloudflare
etag
"6569f5f8-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
835a6b4289fe66c2-AMS
content-length
452
expires
Fri, 15 Dec 2023 02:02:39 GMT
Primary Request /
odzyskanerzeczy.click/
Redirect Chain
  • https://odzyskanerzeczy.click/cdn-cgi/phish-bypass?atok=1QXXhn5E8ZAumB9AE9LLq1Dlu3iJEQyAyLAxfoVPMw8-1702598559-0-%2F
  • https://odzyskanerzeczy.click/
84 KB
16 KB
Document
General
Full URL
https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
ba28801deddb3ad3edddbf2905e189240614d82538f8adda05f385f1a4052493

Request headers

Referer
https://odzyskanerzeczy.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
835a6b620f8f66c2-AMS
content-encoding
br
content-type
text/html
date
Fri, 15 Dec 2023 00:02:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzMRzdTT7ear73y2vZbBQjfx7aCh9YU6TBel45gz7ZHgQMLTR7o8QyBwt3P3hsKNmN4LNJyIBToomM3yjEuv2CHbzwZHh%2Bq1xNhEHdJ%2FjjLAREsKnkpu2WUdwh9X%2BNRDLHaz%2BqgDl7O03EpoPkekS3uN4S0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
x-turbo-charged-by
LiteSpeed

Redirect headers

cache-control
private, no-cache
cf-ray
835a6b61df5566c2-AMS
content-length
167
content-type
text/html
date
Fri, 15 Dec 2023 00:02:44 GMT
location
https://odzyskanerzeczy.click/
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
40f51bac67bbf527dc16315c49927b14.css
www.pizzadominium.pl/public/resources/style/packed/
0
0
Stylesheet
General
Full URL
https://www.pizzadominium.pl/public/resources/style/packed/40f51bac67bbf527dc16315c49927b14.css
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.129.206.181 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver011865.home.pl
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

c6eee5fe262225c62db5effc6ceab34a.js
www.pizzadominium.pl/public/resources/javascript/packed/
0
0
Script
General
Full URL
https://www.pizzadominium.pl/public/resources/javascript/packed/c6eee5fe262225c62db5effc6ceab34a.js
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.129.206.181 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver011865.home.pl
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

tuttisanti.a8d9078eb.min.css
assets-global.website-files.com/6164835fc4bcb2f391412e0b/css/
183 KB
33 KB
Stylesheet
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/css/tuttisanti.a8d9078eb.min.css
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21f41df2a26506eef0ad92690a596cf18028083bbf3a8d450e507ff0fe02de5a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
zcZbkSF6b25Q8WqFU2EzbRa8KljkReDc
content-encoding
gzip
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
date
Fri, 15 Dec 2023 00:02:44 GMT
age
74341
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33709
last-modified
Tue, 28 Nov 2023 19:56:30 GMT
server
AmazonS3
etag
"214fc80d2c1a7683f1fa01124f99e828"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
O_9G4STxaeHdIqwZyDvPOYXlMA6ox5LDPDmK0FXnoSvOuE2zQWARiA==
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/
13 KB
6 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 19:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Dec 2024 19:07:20 GMT
js
www.googletagmanager.com/gtag/
174 KB
64 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-16797240-28
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
693b660b1d5accf956686b51dc9cce252f1784748a9c58a78a58ac4ef2a07ad6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:02:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
64922
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Dec 2023 00:02:44 GMT
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/
87 KB
31 KB
Script
General
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6164835fc4bcb2f391412e0b
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://odzyskanerzeczy.click/
Origin
https://odzyskanerzeczy.click
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 08:21:02 GMT
content-encoding
gzip
via
1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
age
58648
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
5RZ9H9HOxDjoHbXqS1vA0_bgbzWoenwORrvCsGVgHHt8PUjI28twGA==
tuttisanti.7d2a54d3a.js
assets-global.website-files.com/6164835fc4bcb2f391412e0b/js/
1001 KB
200 KB
Script
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/js/tuttisanti.7d2a54d3a.js
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ddaaebeef7015bba09ad0bad33d9af21664074c2e84738cfb28861789b00b7fa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
iweQEZ4wuu49bvB0mtDQBeFJU1KBhAMy
content-encoding
gzip
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
date
Thu, 14 Dec 2023 05:14:19 GMT
age
67706
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
203750
last-modified
Tue, 28 Nov 2023 19:56:30 GMT
server
AmazonS3
etag
"7eda2ec3c3b993a30aa0e3e47d2c611f"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
Q4ffuyS2im3giN3_F-p-N7VyjMgPMMUVR-e0s3oQzxZqyAUCg5s4Jg==
conversion.js
www.googleadservices.com/pagead/
50 KB
19 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
756cca29e306e66f94e7b705c45bb0bc0315d7e745c159971cbecc65e62e7d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18841
x-xss-protection
0
server
cafe
etag
14511532860437540159
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 00:02:44 GMT
2e80fdf3-9946-473d-96ce-7db59482af2c
t.goadservices.com/tags/
782 B
1013 B
Script
General
Full URL
https://t.goadservices.com/tags/2e80fdf3-9946-473d-96ce-7db59482af2c
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.177.217.192 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS
host-195-177-217-192.dataspace.pl
Software
nginx /
Resource Hash
48a3fb42b4179a24fa50c6eabaa509e7a54b6da6db26eca6b8f8a4f9b6405027

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 00:02:44 GMT
Cache-Control
private, no-cache, no-store
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=UTF-8
gtm.js
www.googletagmanager.com/
243 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N26QLB
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e33a95a24e9b305b0c512e5fbf2f5883f3f2447793f12fbdbd3155d52311282e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:02:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85375
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Dec 2023 00:02:44 GMT
css
fonts.googleapis.com/
30 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00f0ca5978af7f577f3bb245b52f5b98546fca77cbf7b2b42838fddc2b53cd59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Dec 2023 00:02:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 23:45:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Dec 2023 00:02:44 GMT
gtm.js
www.googletagmanager.com/
244 KB
86 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W7QXJVR
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d2bbbafc9a0ce6b1046d841e958f05a7ed5177a8a79583870a701576eecbbd1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:02:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88003
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Dec 2023 00:02:44 GMT
5eCk-BTyot4
www.youtube.com/embed/ Frame 56FB
91 KB
41 KB
Document
General
Full URL
https://www.youtube.com/embed/5eCk-BTyot4?rel=1&controls=0&autoplay=0&mute=0&start=0
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eea67cec0cd2e7df898a0d03744d7f53e68fde8e943867c7d75f98a107ba4784
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://odzyskanerzeczy.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 00:02:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
62028966a80b8f62775bfa51_top-poster-00001.jpg
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
30 KB
30 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/62028966a80b8f62775bfa51_top-poster-00001.jpg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc87bbc39a4fb4f0f5abe0ba3227acaa1f58a20ed83ec606d59811e141c1ba55

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
rnoGoDgckrlir0mpL2HHI.mat7vvLtSG
date
Thu, 14 Dec 2023 09:06:49 GMT
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
53756
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30599
last-modified
Tue, 08 Feb 2022 15:17:39 GMT
server
AmazonS3
etag
"1391372fe2905c2cf17cd2013940916b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
70Hh8BOtEOhnH8f8oR5oiYOzf0NHZ2SMqqp4WlrXgxBGmKmEkBtHQA==
616a026fac007b17a6e6315b_tlowelcome.jpg
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
363 KB
364 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/616a026fac007b17a6e6315b_tlowelcome.jpg
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/css/tuttisanti.a8d9078eb.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bc0006195d427cbb9b6868cf90f4636db5ac22072c0794b1a43a2924758bb66

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/css/tuttisanti.a8d9078eb.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 09:06:12 GMT
x-amz-version-id
DviHqesB_I8rgDdU43qxDIWAWltfD2w3
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
140193
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
372127
last-modified
Fri, 15 Oct 2021 22:36:32 GMT
server
AmazonS3
etag
"31ae891d01686e2df9eed1292a0cd368"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
wPP0vboN46C_5IEjRqCPMt6kZsS-fl1dPuNtW8SuWudqXfNPEjkkiA==
6176d8d83d8e8e6b22c06905_hs-2.webp
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
76 KB
77 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6176d8d83d8e8e6b22c06905_hs-2.webp
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/css/tuttisanti.a8d9078eb.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45a857b1c92bcca4b15e9d2316f6f953bfabdf082da7bbd633d9cfded15acf5b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/css/tuttisanti.a8d9078eb.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
rtoTFZxMjO.xF4f3p80WhLWOpdJ1obgf
date
Thu, 14 Dec 2023 08:36:18 GMT
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
55587
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
77822
last-modified
Thu, 06 Jul 2023 10:38:45 GMT
server
AmazonS3
etag
"23175b2e681fa024d8d32e6d1efda018"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
TAVgfEVu_W7SGAGPfKk8V5pZbOfurubCTtjNGLZZ4iBVblOrPGnGwQ==
6176d88ebb9ad9628a45bef5_hs-3.webp
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
120 KB
121 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6176d88ebb9ad9628a45bef5_hs-3.webp
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/css/tuttisanti.a8d9078eb.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31a281c02422893c5201eda9023b931aa81315277d485c2d12ca79c2fe68c82c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/css/tuttisanti.a8d9078eb.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
IDtdM6KNVo028pORJnZCJuhiWQFBh24X
date
Thu, 14 Dec 2023 08:00:11 GMT
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
57753
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
122806
last-modified
Thu, 06 Jul 2023 10:38:46 GMT
server
AmazonS3
etag
"5b528201196cee691ec374976c313c19"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
AfNrBJBBopheKLS8pv_dkwsU-KSn5IocvUTDOrcaK_MCFgQjAFEbAg==
616897571d3b752dcf8b953a_dodatki.webp
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
154 KB
154 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/616897571d3b752dcf8b953a_dodatki.webp
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/css/tuttisanti.a8d9078eb.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efce6cb168c19988f7d503d29d8b375356f16c2d0ca7627bf5539103440500d4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/css/tuttisanti.a8d9078eb.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
W0tFsJjhjH6Goht3v3mvVv_0lPurImYC
date
Thu, 14 Dec 2023 08:36:18 GMT
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
55587
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
157412
last-modified
Thu, 06 Jul 2023 10:38:46 GMT
server
AmazonS3
etag
"6e8be1393580896bc8ffb19ceb40e07e"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
2y8N1Tis91WwM6jmZDdIZG4gswYa78NWc-nJRamnt-ua-1FDlUWURA==
6176d82c6759e182ec9c3b63_hs-4.webp
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
66 KB
66 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6176d82c6759e182ec9c3b63_hs-4.webp
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/css/tuttisanti.a8d9078eb.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3b935e66e5f677a136ff588c4e9ae6d85b9dc9022f0c93f5074d27a2f79f609

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/css/tuttisanti.a8d9078eb.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ewoTAYln2SDMu.TZuYK9KOrMMFjrTovH
date
Thu, 14 Dec 2023 08:00:11 GMT
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
57753
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
67422
last-modified
Thu, 06 Jul 2023 10:38:45 GMT
server
AmazonS3
etag
"4980df3b29bbc89f7a7f31f71bb025ab"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
bSiSxpHZS8zj1fKAFRwaPvhn1cY1I1XIn3IzJFnjZBhKjEYKNQNEdw==
63dae3f43f5ef626a7102542_dzienpizza.webp
assets-global.website-files.com/6164835fc4bcb28607412e34/
79 KB
80 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/63dae3f43f5ef626a7102542_dzienpizza.webp
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a86f41d620c41e5e9c457a272b3260764cd3ccb057c7c278ba8fde4e9c7b7371

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 19:48:14 GMT
x-amz-version-id
cYMMfQYkNjoFKQLqUT72RyBv.woouOF3
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5458470
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
80998
last-modified
Wed, 01 Feb 2023 22:18:44 GMT
server
AmazonS3
etag
"41c7716726d177cf2b657d2be2a1b870"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
Q0bm2Hg4QFmPdHCWP2FJaphM6zDn_4E5F4PotJfnbfApnkfhVCmhLQ==
6266d47876dd5b6fca3a3908_02615.jpg
assets-global.website-files.com/6164835fc4bcb28607412e34/
461 KB
462 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/6266d47876dd5b6fca3a3908_02615.jpg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
427813d281697a29d440ade1dac4ed02a9dd9dfa7b51c12cb845a11e7aa1e3a3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 19:48:14 GMT
x-amz-version-id
IhuQO.hRq0wHYn2kO7cVt_Og4A4jx2p.
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5458471
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
472492
last-modified
Wed, 27 Apr 2022 10:19:35 GMT
server
AmazonS3
etag
"b126459aa5d08d68c649a2d66a9202ec"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
nV69Ux54F-RA2RfTMYacdMVPNyo-SSmJC1chDXQEDOXN8GtrZXrjBw==
6429924ef9d51a006898cfa7_Carl_Bloch_-_In_a_Roman_Osteria_-_Google_Art_Project%20kopia.webp
assets-global.website-files.com/6164835fc4bcb28607412e34/
3 MB
3 MB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/6429924ef9d51a006898cfa7_Carl_Bloch_-_In_a_Roman_Osteria_-_Google_Art_Project%20kopia.webp
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7487dabe3b3ccff82b7a64265a3207a7a646d15b2b52346efe5ced83817e4afc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 19:48:14 GMT
x-amz-version-id
YVf1zGnoTpRnpWcVF0eyvvlyOTAfEpul
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5458470
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3452852
last-modified
Thu, 15 Jun 2023 15:07:22 GMT
server
AmazonS3
etag
"6d31f98c9f5c4a3fd6dc00b93b3fdfe5"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
qJwnoY59bIV8t0j2Kk_6WPWIGtVw9pKLhSskAQ45lKg-vws8q_JG-w==
620d785c65278277212b7728__DSC5095-min.JPG
assets-global.website-files.com/6164835fc4bcb28607412e34/
762 KB
763 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/620d785c65278277212b7728__DSC5095-min.JPG
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ebc0e9789e727166ecc9bcc0e0105a060c2523c070541a6dc138b908e5759f57

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 10:21:13 GMT
x-amz-version-id
v2TInWmABnUENksaYn4nS2USP0FbZJhe
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
1777292
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
780066
last-modified
Wed, 16 Feb 2022 22:19:09 GMT
server
AmazonS3
etag
"8412f7944fb44f6798ceef61cefad70d"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
6rFn1paoxphB7V1ngdtnGeqGguDJFowDeuFHRkY0vKaCyW6oOTCEdA==
6176e0c513c6b298df2005a7_san-marco.webp
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
126 KB
127 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6176e0c513c6b298df2005a7_san-marco.webp
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/css/tuttisanti.a8d9078eb.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17f00be1c4c68d813046ea5753614cf87d10678c3d86efce874f291ab8da59be

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/css/tuttisanti.a8d9078eb.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
gG6IWS2247sDcXIKmZF.oYPhz_j5y39G
date
Thu, 14 Dec 2023 08:00:11 GMT
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
57753
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
129400
last-modified
Thu, 06 Jul 2023 10:38:46 GMT
server
AmazonS3
etag
"c7c2a13d01836e7c6fbbcdf88156bfc3"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
ru3Gsh3rW9g_970kcqJU7XYPJ11-ol2vuy2GW9gioZ2KSxvqawnJOQ==
6176e0c92c9aa60b1b407eae_san-luca.webp
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
132 KB
133 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6176e0c92c9aa60b1b407eae_san-luca.webp
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/css/tuttisanti.a8d9078eb.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acb92e398a8bd8e660758749ec8971e1253eadfd8ba27a65552e777b06d15724

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/css/tuttisanti.a8d9078eb.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
wtIi1dDJ.lZowsk3DGeZhJOVGH0OHwnW
date
Thu, 14 Dec 2023 08:36:18 GMT
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
55587
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
135354
last-modified
Thu, 06 Jul 2023 10:38:45 GMT
server
AmazonS3
etag
"9cbe5ebdb5a26a548f1760a606e4d0e9"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
Ui1KcJkVRY9x1O-CGzpO6C2gso_iQwSF9sWlzzuwPktrF7UjnFUu3g==
6176e0cbef1cc49d91b2987c_sangiovanni.webp
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
108 KB
108 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6176e0cbef1cc49d91b2987c_sangiovanni.webp
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/css/tuttisanti.a8d9078eb.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0166c3747b83b0c930891d7708ed53b27ec34103b1db04365fe5b6c67df152b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/css/tuttisanti.a8d9078eb.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
vJbsn.cCscWceZERu2m0LFpfYdExGIld
date
Thu, 14 Dec 2023 08:36:18 GMT
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
55587
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
110186
last-modified
Thu, 06 Jul 2023 10:38:47 GMT
server
AmazonS3
etag
"7f5c7a2dfe397c846c4680ee940f7140"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
y4j-oHlmzMB9O2K5NCutgCScmUe1Ba_4p1SPAMx8RMlkHTpzQ3nsEA==
6203e0436049057f524f4f33_M%C3%B3j%20film%2020-poster-00001.jpg
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
0
0
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6203e0436049057f524f4f33_M%C3%B3j%20film%2020-poster-00001.jpg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

652e9a7739ac9daf369305dd_Z62_4686.jpg
assets-global.website-files.com/6164835fc4bcb28607412e34/
687 KB
689 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/652e9a7739ac9daf369305dd_Z62_4686.jpg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd05be4936f9a120bdd40d23d6e507ad514496d5012c507650e803ffea90334d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:54:06 GMT
x-amz-version-id
Ott2UT2NRx6UZLeVyRSBrg8603JkewRx
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5044119
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
703957
last-modified
Tue, 17 Oct 2023 14:30:16 GMT
server
AmazonS3
etag
"5f283cdc64045ba648142ad4704fc068"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
UqotsSl629CPxTlnHF8s7mcC1YQize6Esd0_wal1rx3Wm0ZMJzDNaw==
64f8a08f440f975a1afd02cc_0B8A9864-Poprawione-Szum.webp
assets-global.website-files.com/6164835fc4bcb28607412e34/
412 KB
413 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/64f8a08f440f975a1afd02cc_0B8A9864-Poprawione-Szum.webp
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e55bf6bf7e8528bd8ee50a181e8f9a7bd68047aea7f148ad7e6d767d747ac90a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 07:34:26 GMT
x-amz-version-id
ynE1Kp0jcLez3AoYuFlVXP9Q6heFZGp.
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5502499
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
421948
last-modified
Wed, 06 Sep 2023 15:53:53 GMT
server
AmazonS3
etag
"a1a67fc02361408a8497baad451c5943"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
ro6JcVr0qbvNJVVWAKuPzPZPi_D2RQnLEmAnuz9c341dl9G45rcbCQ==
6401ed5b50eec8f3d30addc5_IMG_2433%20kopia.webp
assets-global.website-files.com/6164835fc4bcb28607412e34/
2 MB
2 MB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/6401ed5b50eec8f3d30addc5_IMG_2433%20kopia.webp
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ebe87934784059762886e5c50c81c4739c799c7f2ceac4bc5fa874328309b85c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 07:34:26 GMT
x-amz-version-id
pbTkVSrQeU8ccrsVcd_6D02_D_tweuVT
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5502499
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1906226
last-modified
Fri, 03 Mar 2023 12:51:41 GMT
server
AmazonS3
etag
"c88cc6236a6d8b23e3d3977282cf3d4b"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
cwiAZ94OQDvwG0SRHyM7_HPJrYdrRVk4Uirs0J2ZjFeyOrlZfbK_rQ==
6245ca085dd9044180851abb_20220331111741__I7A0333-1-2-min.jpg
assets-global.website-files.com/6164835fc4bcb28607412e34/
541 KB
542 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/6245ca085dd9044180851abb_20220331111741__I7A0333-1-2-min.jpg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e0a49263e79dfb673c05436c5f64b6f4683cade7afe74a7ea8c824327ab2cfa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 07:34:26 GMT
x-amz-version-id
GChHXpV0I3eVkV0eaFsQlgXn5LxOMYXl
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5502499
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
553657
last-modified
Thu, 31 Mar 2022 15:34:34 GMT
server
AmazonS3
etag
"c4d733a2aef65aebd4f0a61eed8ce90f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
iR54fpgoCQXRi-vhhGIITAIdj2TZmfTIHk5lpfMzibFgEhk6u8lrCA==
61f972b305eb6726f2bbcca1_IMG_20200521_162626-min.jpg
assets-global.website-files.com/6164835fc4bcb28607412e34/
1 MB
1 MB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/61f972b305eb6726f2bbcca1_IMG_20200521_162626-min.jpg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72222fcb90ca1f4445b7f1e3f395919fa02fbaf636875518be6b52b28310b0d3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 07:34:27 GMT
x-amz-version-id
R8..Cd7rivQHeJRzX7dWLkoX5XpkTWzW
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5502498
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1201540
last-modified
Tue, 01 Feb 2022 17:49:41 GMT
server
AmazonS3
etag
"1c13a082cfda1628334eb1fce8c2f960"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
MwfnrHZ_AESC3F7GsHdZb8sGiKuUEIt7HXTVE0uQXFTHSdBLYWP1fg==
61f9705b95a34432823764a2_DSC05560.jpeg
assets-global.website-files.com/6164835fc4bcb28607412e34/
396 KB
397 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/61f9705b95a34432823764a2_DSC05560.jpeg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba02ee4060c212891f426a2fd8280161411a31c1658b19582c9690308c2668ad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 07:34:26 GMT
x-amz-version-id
5WhANNt3p7IbMmo0pSAxLSafJkwbxvUA
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5502498
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
405690
last-modified
Tue, 01 Feb 2022 17:39:40 GMT
server
AmazonS3
etag
"7033840d67690a1bcc82647323198980"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
K7mUysjmoplItCjaNmwCUzhCTiU-CoLck5a56vfS2dP-sJib1YbOWA==
61f96c6bb44bcb3624e02b8e_DSC05433.jpeg
assets-global.website-files.com/6164835fc4bcb28607412e34/
321 KB
322 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/61f96c6bb44bcb3624e02b8e_DSC05433.jpeg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44bf5af608a0b37256b8696feb23905d6f53803a7ba9a5a9731292eacf8327a3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 07:34:27 GMT
x-amz-version-id
8GtMaWKY5AxbTHEX3f.A_WsPEuqs9aVa
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5502497
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
328455
last-modified
Tue, 01 Feb 2022 17:22:53 GMT
server
AmazonS3
etag
"20aca15ee133a4261e0487f2d7906ff2"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
RHRwzTu9giRKRXf6Cr6un4xYAEpXmAJOzBVuZoc3iKEB7SOa0o1vHw==
61f96a4d95a3443a7a373a99_0B8A7184_M-min.jpg
assets-global.website-files.com/6164835fc4bcb28607412e34/
1 MB
1 MB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/61f96a4d95a3443a7a373a99_0B8A7184_M-min.jpg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00d81dafc011e03ba8baf67dae78378c972fc09753c8ad984a1fe532269ad143

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 07:34:27 GMT
x-amz-version-id
wyCaLOMhIYuwTO2eIxB4EGOGTDiL2K8S
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5502498
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1323694
last-modified
Tue, 01 Feb 2022 17:13:51 GMT
server
AmazonS3
etag
"4cb66e8f8a68afa420f509b3fac620b9"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
SQci-DWL2ie9EgfLfAPRigrr6XZpnVdrd7oUvG29QsY-GMXEh8bkBg==
61f965cf4c68ed1bcc09ad5c_20191115-Tutti%20Santi_Lubin-min.jpg
assets-global.website-files.com/6164835fc4bcb28607412e34/
435 KB
436 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/61f965cf4c68ed1bcc09ad5c_20191115-Tutti%20Santi_Lubin-min.jpg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75cdd9f894b79772dab799da50ef58dd62bfc66f56ac741c8147d8ba3ebcd77b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 07:34:27 GMT
x-amz-version-id
pomPUrPQjWHulR0.nXPuPrlGBRDTsQUS
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5502497
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
445138
last-modified
Tue, 01 Feb 2022 16:54:41 GMT
server
AmazonS3
etag
"9e1c1f8f45b0fc980ddef2662eed277d"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
lLzvd27wO9xWCiFumbjyVlIJjxb39YJQAyLlhO66-15qAGmG4n4n1w==
61f9608a6db2a0832bfa5336_tutti-santi-krakow-wnetrze1.jpeg
assets-global.website-files.com/6164835fc4bcb28607412e34/
462 KB
463 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/61f9608a6db2a0832bfa5336_tutti-santi-krakow-wnetrze1.jpeg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccc2b6b6bfdfff89f91ffefd8038a166bb67ee73dbc8a9ac34c4b9a65e3ab832

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 07:34:28 GMT
x-amz-version-id
zd96eeoYnJapgAEc89BJ_kfVJFqFdVcn
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5502497
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
473483
last-modified
Tue, 01 Feb 2022 16:32:12 GMT
server
AmazonS3
etag
"101110101eb3efbc1c41f6ed6cbcdf51"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
RcpbFEZsF-zd-6xUnDr2GlflnZEhWVJBgFe9shp1_d45paif4wkyXA==
61f968c78a628641c838b0af_Tutti_Santi_KrakE%CC%A8w_FULL-1.jpg
assets-global.website-files.com/6164835fc4bcb28607412e34/
345 KB
346 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/61f968c78a628641c838b0af_Tutti_Santi_KrakE%CC%A8w_FULL-1.jpg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5287a128f9cca2dac491034a4e9cce2291f206a949c0447112515a8b7a9cf3e4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 07:34:29 GMT
x-amz-version-id
beOWO5RevuuCMQsT0vmeEtZxY36KXQ1i
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5502496
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
353262
last-modified
Tue, 01 Feb 2022 17:07:21 GMT
server
AmazonS3
etag
"6fb2ea942cc3abc624cf6c7763366473"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
NXX9eM_HeLswyHqcvwk63FUDtV9WZ__XNuZ8GTb69TudPwVYYsfJrQ==
61f959b6b44bcb4753df98ef_received_1452085508476614.jpeg
assets-global.website-files.com/6164835fc4bcb28607412e34/
89 KB
90 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/61f959b6b44bcb4753df98ef_received_1452085508476614.jpeg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b58b3bc64ddbf8a1b7a0e6760c945ffe02abd5bda03c9759b91bf7c8213a220a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 07:34:29 GMT
x-amz-version-id
paf8rzuZoGBvyajT31LCB9MomT1Z4L1X
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5502496
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
91220
last-modified
Tue, 01 Feb 2022 16:03:03 GMT
server
AmazonS3
etag
"050c361f608feb26d898c4b1628c66e6"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
JX0MFVxRp-GFmY0WNYXr_e66uO3vJ7GtFj63r2ycofJgDY2-uFHrfA==
6202927d00efe291668a1798_Sernik2.jpg
assets-global.website-files.com/6164835fc4bcb28607412e34/
363 KB
364 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/6202927d00efe291668a1798_Sernik2.jpg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d221f8b4caa3a0f867a2c61407ce13d65c991f5abc4fb0059c4c885e079b5a6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 07:34:30 GMT
x-amz-version-id
FeKMq.5YnNScTv_L79xmClL046H4gVpC
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5502495
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
371544
last-modified
Tue, 08 Feb 2022 15:55:42 GMT
server
AmazonS3
etag
"1c0addec2b68bb5f111f26dca5d98e48"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
b0Q71xMc9dNa68ppLtGpA_ab_PYTwY1OWvF5vfvD_KeB_P_h8DUNyw==
61f94e48bffb999e62e46634_IMG_9910-min.JPG
assets-global.website-files.com/6164835fc4bcb28607412e34/
1 MB
1 MB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/61f94e48bffb999e62e46634_IMG_9910-min.JPG
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7cd2b6845750f7aab225e349b3708f6f91e682b6137834eb621d2c7cef27be2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 07:34:25 GMT
x-amz-version-id
FSGOFrxfCY.5IfDZP1ag5nOVSi0EjWi8
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5502500
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1185945
last-modified
Tue, 01 Feb 2022 15:14:18 GMT
server
AmazonS3
etag
"92703da6ee566fdffdf011620be2661b"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
CrTllM4a4GB4j3K2iK3nOJ3zgVFixS9fic2vh7U2kNFtzv6iep9FfQ==
61f936a4f2347a07b855c8a7_IMG_8424-min.JPG
assets-global.website-files.com/6164835fc4bcb28607412e34/
315 KB
316 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/61f936a4f2347a07b855c8a7_IMG_8424-min.JPG
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
032f267eb36c48ede506c34c14540eaf21230b18e251544273c71d4c462a4c57

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 07:34:30 GMT
x-amz-version-id
xuj57sUWw6cORNsJKqSopGL7FUFie086
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5502495
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
322445
last-modified
Tue, 01 Feb 2022 13:33:26 GMT
server
AmazonS3
etag
"8d02b0fb18de467539ed87e80396e405"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
mc4WOLFB2Z36x2O2bOQ8qx69blYmXys4_X9g9qs0dBlnaVbAzqTFCQ==
61f93351a1ae55f536af9114_61988098_2357773064500483_7464323178110648320_o.jpg
assets-global.website-files.com/6164835fc4bcb28607412e34/
374 KB
375 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/61f93351a1ae55f536af9114_61988098_2357773064500483_7464323178110648320_o.jpg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a35c795237d4fb54f56edc0d2a38dbcab417da765da3fe2c9e05437e2f3aa67

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 07:34:30 GMT
x-amz-version-id
TYpWG8rgjloFL7fHbVANbiFfZ2IQGKot
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5502495
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
382718
last-modified
Tue, 01 Feb 2022 13:19:14 GMT
server
AmazonS3
etag
"1ecc36a1ba21a3468915665287ded6b1"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
D07MQsHeOPQb4afLYO_wa_FaouBUrTHe1RPkYQs1HxJXXqG56pmkhw==
61f91ab8877dbc957260502e_121511456_391476065359836_3087350458587192919_n%20(003)-1-min.jpg
assets-global.website-files.com/6164835fc4bcb28607412e34/
705 KB
706 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/61f91ab8877dbc957260502e_121511456_391476065359836_3087350458587192919_n%20(003)-1-min.jpg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ff93e515bc7c3fbc74e42ecb2860852af567be2d3775ba66b327b9cbea974c0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 07:34:30 GMT
x-amz-version-id
omSO2WQuOf3j.MFvbqhGItJVmG.5tfPf
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5502495
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
721848
last-modified
Tue, 01 Feb 2022 12:54:23 GMT
server
AmazonS3
etag
"de44230643d4c175b87cb7db21f115d9"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
_duNEK8SYyT8HXWOJGnHLVZO5ijlDU_BXKoMJLKCM8gYd5wBmQGdlQ==
63908f655fb6d11e875caceb_249222618_877147159671556_1446079978692106903_n.webp
assets-global.website-files.com/6164835fc4bcb28607412e34/
285 KB
286 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb28607412e34/63908f655fb6d11e875caceb_249222618_877147159671556_1446079978692106903_n.webp
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c01d332da6049e77e8ecc38d5be136a559ba07c594a49282ad1037c0375c11f3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 07:34:31 GMT
x-amz-version-id
P5fpgjysa0XLVjd5JXT__WfoQBG6dRXJ
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5502494
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
291638
last-modified
Wed, 07 Dec 2022 13:04:39 GMT
server
AmazonS3
etag
"c076f00a16a25a9cca00742e6b190378"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
F4iP5GF-_PjgvbkKKcaEiR5XwZSPMlQAhXOt-Wppx9ui34Fziat0BA==
6165d28e1cb1845b03800683_logo2.svg
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
166 KB
47 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6165d28e1cb1845b03800683_logo2.svg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
498e6aa98fdcf4d022d5ad8edbbb293168d0d6ce020c6833e0107db2322461c6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:46:42 GMT
x-amz-version-id
K70E9aSs2pwUa1jLnGeEe8FqqGQIuWal
content-encoding
br
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5044563
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 12 Oct 2021 18:23:13 GMT
server
AmazonS3
etag
W/"d4153b2be69fbf6048305f989fe6dbe3"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-id
PIqbG89KKICPiKLn9_kalqlvKll5IPomyTB7SUbVZXsKIypeeR9S6A==
6164835fc4bcb250e6412e5d_covilla-instagram.svg
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
1 KB
949 B
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6164835fc4bcb250e6412e5d_covilla-instagram.svg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7bd7a128b34e719fc2c759b6134526912f5dc3d18c9f0b56f4e1d63062d3660

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 08:40:07 GMT
x-amz-version-id
ROOq4CtjlI4wi6al6ElpqKukRDxteZjI
content-encoding
br
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
2820158
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 11 Oct 2021 18:33:05 GMT
server
AmazonS3
etag
W/"8cc59d09bbd2a9571255e1db10703808"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-id
pKvgx8H6B_2705uoDwdYvFE1iwX_QZRfyetO_-3K7MxR4VL8HCk92Q==
6164835fc4bcb23006412e61_covilla-facebook-f.svg
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
891 B
1 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6164835fc4bcb23006412e61_covilla-facebook-f.svg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64993c732f6b857fd515bbb5f8cb264489a669eb56bf634931bf12898fe98417

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 11:35:42 GMT
x-amz-version-id
UconDxqkuMcAXQ3ZEEXQi8Od10FKTbyR
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
4969623
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
891
last-modified
Mon, 11 Oct 2021 18:33:06 GMT
server
AmazonS3
etag
"ac0f6525e37afde16e37217c5e356fdb"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
PtbqEU0KoJcUI4cQ4VnG4Nx0Y05krikJH4VSmAHo0detlyZeMU4zGQ==
61f707ead49a53174a39f491_kotylion-zwyciezca-foof-business-awards.webp
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
7 KB
8 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/61f707ead49a53174a39f491_kotylion-zwyciezca-foof-business-awards.webp
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
575aa07d01b981ab29e48d0a33e613df8e5ddaef7945b8ce75f825ec1ddaf5e1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
lriLhScZVdhsMyv7GfQNOaHiEAbh5hPu
date
Thu, 14 Dec 2023 10:28:59 GMT
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
48826
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
7648
last-modified
Thu, 06 Jul 2023 10:36:28 GMT
server
AmazonS3
etag
"2adbb105aa57a78673cdc2add6fa9a99"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
LVecgF34m0rqYvMkHfg3xWO8AzbKx6XoVDf7OfhxGhpX--qaYPg2UQ==
6166c8c07fab1b3b9bca87bf_legend.svg
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
49 KB
14 KB
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6166c8c07fab1b3b9bca87bf_legend.svg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
804241f377e97c7991d9554a39358d5ad2b77878b13bff743ae42e9f2a38d8a6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:46:42 GMT
x-amz-version-id
qjsG.EV_I_UI_fiwznt.54hQco6UlKxG
content-encoding
br
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5044563
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 13 Oct 2021 11:53:38 GMT
server
AmazonS3
etag
W/"ced3ea7346765ffc434ffbd83056e522"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-id
tgcegijzGbQEhjQ1IOO_YxXesgFfmi5wgiaL2ZPpMOkF23nC_mC9wA==
6164835fc4bcb2a650412e3c_play-icon.svg
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
1 KB
992 B
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6164835fc4bcb2a650412e3c_play-icon.svg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
867621cda0c590864f15da3e7bf3593d1794e6cb265ae4f0cf1da1a81c2e76f2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:46:42 GMT
x-amz-version-id
7th0UmIhoEL2UNifnr4_hj6SDglxbjTf
content-encoding
br
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5044563
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 11 Oct 2021 18:33:05 GMT
server
AmazonS3
etag
W/"bee7e44d898c4b5f6c187c2c24c12d29"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-id
FYhbaS3XmCq9azb03h-4z36B_6qIWYwUjy_tJsDc9DlvJzPFW4DdCQ==
6164835fc4bcb21588412e52_arrow-left(24x24)%402x.svg
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
343 B
801 B
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6164835fc4bcb21588412e52_arrow-left(24x24)%402x.svg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fc7a0261fb63d87bd87974820f99961617e50047cdab1b8a1aaa4ddafeba648

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:54:06 GMT
x-amz-version-id
DXYlAO3GBWk9_9lHcTrezmN5o3rlr8Gw
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5044119
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
343
last-modified
Mon, 11 Oct 2021 18:33:05 GMT
server
AmazonS3
etag
"f3d682fc9995c135f106ae08c77d1aa2"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
RHSAvzuWEohuJws4uyicOiMKM0r0Z6nIvW0-9ZmZR-3MmiRcau-fKQ==
6164835fc4bcb21738412e53_arrow-right(24x24)%402x.svg
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
346 B
804 B
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6164835fc4bcb21738412e53_arrow-right(24x24)%402x.svg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e65e6fe85ba8c8de263d964c8985e013ee346d6f8316f6f4e016c6cc65786cb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:54:06 GMT
x-amz-version-id
aTzn_WtUDkURl2Kh2xzwgDTgIOZ8DhqI
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5044119
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
346
last-modified
Mon, 11 Oct 2021 18:33:05 GMT
server
AmazonS3
etag
"defab683a37bd6dc0dbaad209b76cca9"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
MYdwxXseEsDmYcMzB_PUA7ke06Yec3xOClJeRSSb844h1G2Ig_cJtQ==
6164835fc4bcb21d05412e55_arrow-left(24x24)%402x%20(1).svg
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
347 B
806 B
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6164835fc4bcb21d05412e55_arrow-left(24x24)%402x%20(1).svg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98ffcd7d8a55a7b090184f3e86dc25249b20c783fd98e7dc1654b70bb3372fca

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:54:06 GMT
x-amz-version-id
BB5OHLUGEkp8P3ckf53.Ib8yt70Hx15Z
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
5044119
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
347
last-modified
Mon, 11 Oct 2021 18:33:05 GMT
server
AmazonS3
etag
"efc304dc24018bfd8678e34ad7a53d88"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
hI9KEWqypVD-xvQNZ92E7e2kj1kOmN-YJ7VmLF2pMtlXmCuHlgGriA==
6164835fc4bcb2384a412e54_arrow-right(24x24)%402x%20(1).svg
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
350 B
810 B
Image
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6164835fc4bcb2384a412e54_arrow-right(24x24)%402x%20(1).svg
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84fd3fb787381a09f372a2085dddf1b6ba1831f0452a9e3438b0380f00f8ff0e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 08:15:16 GMT
x-amz-version-id
SD_UKxHqLFNtRTHYetz.3hZSCrgBqE7K
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
2735249
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
350
last-modified
Mon, 11 Oct 2021 18:33:05 GMT
server
AmazonS3
etag
"762362ef82d52540f2edd34361cbf614"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
y6f6Oq0xVooxqkXgxIFDFarczdhoLaKfdiQRjXIufGZZzwUhi4ArgA==
62028966a80b8f62775bfa51_top-transcode.mp4
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
3 MB
3 MB
Media
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/62028966a80b8f62775bfa51_top-transcode.mp4
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e5f743d2d3bcf91d3441ef7474c3d89cd24b4c9acc8abf1425ca7bd9f55bf92

Request headers

Referer
https://odzyskanerzeczy.click/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
69_w9JIz9KK3sg1a5iP9XSVraNB4geJZ
date
Thu, 14 Dec 2023 06:13:34 GMT
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
age
64151
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 0-2921938/2921939
Content-Length
2921939
last-modified
Tue, 08 Feb 2022 15:17:13 GMT
server
AmazonS3
etag
"9fa6f11d4fd3a76ba07352128e87a4f6"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
7u5XTMfqQD-_GcahojkMCRNZGShQ47TgFokhB0GYG_h6WuCCVSoP0w==
6203e0436049057f524f4f33_M%C3%B3j%20film%2020-transcode.mp4
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
0
0
Media
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6203e0436049057f524f4f33_M%C3%B3j%20film%2020-transcode.mp4
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://odzyskanerzeczy.click/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

6164835fc4bcb2aa11412e3b_menu-nav.json
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
7 KB
1 KB
XHR
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6164835fc4bcb2aa11412e3b_menu-nav.json
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/js/tuttisanti.7d2a54d3a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07526484281d3d0f81f439fe386563a1782196975c45bffd65d3e29a609331be

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:46:43 GMT
x-amz-version-id
EIdPgZ7HkrenuYOYE7v2c83994XejzLH
content-encoding
br
via
1.1 f75621cd6e47ae7d0a4d07cd1877339c.cloudfront.net (CloudFront)
age
5044562
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 11 Oct 2021 18:33:05 GMT
server
AmazonS3
etag
W/"62283913c195cf3bcf50860dd1bcb8b0"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
Ziqk-k-UK8BBazCUatCwC93DMoW4ZkQvHItIZQ7y5CQ3JbSzoB-5Zg==
6164835fc4bcb2aa11412e3b_menu-nav.json
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
7 KB
1 KB
XHR
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6164835fc4bcb2aa11412e3b_menu-nav.json
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/js/tuttisanti.7d2a54d3a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07526484281d3d0f81f439fe386563a1782196975c45bffd65d3e29a609331be

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:46:43 GMT
x-amz-version-id
EIdPgZ7HkrenuYOYE7v2c83994XejzLH
content-encoding
br
via
1.1 f75621cd6e47ae7d0a4d07cd1877339c.cloudfront.net (CloudFront)
age
5044562
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 11 Oct 2021 18:33:05 GMT
server
AmazonS3
etag
W/"62283913c195cf3bcf50860dd1bcb8b0"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
FynsXJQlqQTu4CvofIdx9KSN0xr_deD0KO2UGfXUDogWGEUW5H57Qg==
6164835fc4bcb2aa11412e3b_menu-nav.json
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
7 KB
1 KB
XHR
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6164835fc4bcb2aa11412e3b_menu-nav.json
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/js/tuttisanti.7d2a54d3a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07526484281d3d0f81f439fe386563a1782196975c45bffd65d3e29a609331be

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:46:43 GMT
x-amz-version-id
EIdPgZ7HkrenuYOYE7v2c83994XejzLH
content-encoding
br
via
1.1 f75621cd6e47ae7d0a4d07cd1877339c.cloudfront.net (CloudFront)
age
5044562
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 11 Oct 2021 18:33:05 GMT
server
AmazonS3
etag
W/"62283913c195cf3bcf50860dd1bcb8b0"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
0URil18EK_-7wXjKMPTpWJ1v1y8DNPEJ5cTmwYTRZqcPLiM5TamY4Q==
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16797240-28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 14 Dec 2023 23:48:14 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
870
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 15 Dec 2023 01:48:14 GMT
fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 15 Dec 2023 00:02:44 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
EhzStOazGtcNnpQhmpWRk+CJEo3dP7uky0umh/HI0/yR0b/PmoDC8PVvSFft25Mog4fYhYHLAMEWYPEH927D0g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/991090543/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991090543/?random=1702598564741&cv=9&fst=1702598564741&num=1&label=5lXtCKmFz2IQ767L2AM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fodzyskanerzeczy.click%2F&ref=https%3A%2F%2Fodzyskanerzeczy.click%2F&tiba=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6af16ddf9ed2c663f775214c673a0ba8f977ebd04d764849af97b5bb2d9583ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1426
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/969732012/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/969732012/?random=1702598564743&cv=9&fst=1702598564741&num=2&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fodzyskanerzeczy.click%2F&ref=https%3A%2F%2Fodzyskanerzeczy.click%2F&tiba=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4ff3a40f414fcb5a5408cacc563ba3dcac9870c9b2fd9bef02497c9585d9279
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1385
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/946161663/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/946161663/?random=1702598564744&cv=9&fst=1702598564741&num=3&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fodzyskanerzeczy.click%2F&ref=https%3A%2F%2Fodzyskanerzeczy.click%2F&tiba=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5dd45d0942a7f429508cb20f66072de90b8950935e1c15534cbb72a52f87176
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1382
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/968643253/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/968643253/?random=1702598564745&cv=9&fst=1702598564741&num=4&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fodzyskanerzeczy.click%2F&ref=https%3A%2F%2Fodzyskanerzeczy.click%2F&tiba=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffaac4e5bb197eb4ce8d16da142fe4e056de0d17d63ae7a67db426e8ae7978b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1385
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://odzyskanerzeczy.click
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:34:04 GMT
x-content-type-options
nosniff
age
282520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 17:34:04 GMT
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://odzyskanerzeczy.click
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:11:39 GMT
x-content-type-options
nosniff
age
262265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27812
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:37:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 23:11:39 GMT
js
www.googletagmanager.com/gtag/
241 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-15N31ETXG9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N26QLB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b27c4b31af098d27b6f5321554f930ce039314e746073323b8a914aa989ed33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:02:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85553
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Dec 2023 00:02:44 GMT
7476.js
script.crazyegg.com/pages/scripts/0092/
0
0
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0092/7476.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N26QLB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:02:44 GMT
cf-cache-status
HIT
last-modified
Thu, 14 Dec 2023 08:14:16 GMT
server
cloudflare
age
56908
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
835a6b665d786636-AMS
content-length
0
activityi;dc_pre=CPL3pPWRkIMDFQtFkQUdpRcK0A;src=10121152;type=invmedia;cat=sg-za0;ord=6255125000539;auiddc=572841475.1702598565;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;u...
10121152.fls.doubleclick.net/ Frame CBA5
Redirect Chain
  • https://10121152.fls.doubleclick.net/activityi;src=10121152;type=invmedia;cat=sg-za0;ord=6255125000539;auiddc=572841475.1702598565;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab...
  • https://10121152.fls.doubleclick.net/activityi;dc_pre=CPL3pPWRkIMDFQtFkQUdpRcK0A;src=10121152;type=invmedia;cat=sg-za0;ord=6255125000539;auiddc=572841475.1702598565;gtm=45He3bt0v71743015;gcd=11l1l1...
501 B
636 B
Document
General
Full URL
https://10121152.fls.doubleclick.net/activityi;dc_pre=CPL3pPWRkIMDFQtFkQUdpRcK0A;src=10121152;type=invmedia;cat=sg-za0;ord=6255125000539;auiddc=572841475.1702598565;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fodzyskanerzeczy.click%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N26QLB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
30c0870eff53c9d135b8e23c5c9479c49e80a6b3987440950a44378847f4af81
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://odzyskanerzeczy.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
298
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 00:02:45 GMT
expires
Fri, 15 Dec 2023 00:02:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 00:02:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10121152.fls.doubleclick.net/activityi;dc_pre=CPL3pPWRkIMDFQtFkQUdpRcK0A;src=10121152;type=invmedia;cat=sg-za0;ord=6255125000539;auiddc=572841475.1702598565;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fodzyskanerzeczy.click%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CMKppfWRkIMDFXJLkQUdFU8JtA;src=10902911;type=rmkt0;cat=domin0;ord=1099136030168;auiddc=572841475.1702598565;u1=https%3A%2F%2Fodzyskanerzeczy.click%2F;gtm=45He3bt0v71743015;gcd=11l1...
10902911.fls.doubleclick.net/ Frame BC4C
Redirect Chain
  • https://10902911.fls.doubleclick.net/activityi;src=10902911;type=rmkt0;cat=domin0;ord=1099136030168;auiddc=572841475.1702598565;u1=https%3A%2F%2Fodzyskanerzeczy.click%2F;gtm=45He3bt0v71743015;gcd=1...
  • https://10902911.fls.doubleclick.net/activityi;dc_pre=CMKppfWRkIMDFXJLkQUdFU8JtA;src=10902911;type=rmkt0;cat=domin0;ord=1099136030168;auiddc=572841475.1702598565;u1=https%3A%2F%2Fodzyskanerzeczy.cl...
540 B
641 B
Document
General
Full URL
https://10902911.fls.doubleclick.net/activityi;dc_pre=CMKppfWRkIMDFXJLkQUdFU8JtA;src=10902911;type=rmkt0;cat=domin0;ord=1099136030168;auiddc=572841475.1702598565;u1=https%3A%2F%2Fodzyskanerzeczy.click%2F;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fodzyskanerzeczy.click%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N26QLB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
6b0c02e4cc8d666fd1d7c4797b1d9f0931f1a7709a4507ab89b3633590de7f3a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://odzyskanerzeczy.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
303
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 00:02:45 GMT
expires
Fri, 15 Dec 2023 00:02:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 00:02:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10902911.fls.doubleclick.net/activityi;dc_pre=CMKppfWRkIMDFXJLkQUdFU8JtA;src=10902911;type=rmkt0;cat=domin0;ord=1099136030168;auiddc=572841475.1702598565;u1=https%3A%2F%2Fodzyskanerzeczy.click%2F;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fodzyskanerzeczy.click%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
2e80fdf3-9946-473d-96ce-7db59482af2c
t.goadservices.com/engine/
0
180 B
Script
General
Full URL
https://t.goadservices.com/engine/2e80fdf3-9946-473d-96ce-7db59482af2c
Requested by
Host: t.goadservices.com
URL: https://t.goadservices.com/tags/2e80fdf3-9946-473d-96ce-7db59482af2c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.177.217.192 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS
host-195-177-217-192.dataspace.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 00:02:44 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=UTF-8
617717c23d8e8e4386c1b777_146-basket-trolley-shopping-card-outline-edited%20(1).json
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
23 KB
4 KB
XHR
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/617717c23d8e8e4386c1b777_146-basket-trolley-shopping-card-outline-edited%20(1).json
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/js/tuttisanti.7d2a54d3a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0839015dbcb753263378540185981c0193c6c6690db71d77cecd9147c340bcbf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:46:43 GMT
x-amz-version-id
GVrmTm2S26wrGQjcjWdi9nopboj6qP3t
content-encoding
br
via
1.1 f75621cd6e47ae7d0a4d07cd1877339c.cloudfront.net (CloudFront)
age
5044562
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 25 Oct 2021 20:47:00 GMT
server
AmazonS3
etag
W/"069fa9a3e5936ff514edbdc1f1802516"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
951wUiW5GWfsPVpS4XlIzKVB3WwetJk5xlYXN4Cnu3ZB9oQWDv9TsA==
6164835fc4bcb2aa11412e3b_menu-nav.json
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
7 KB
1 KB
XHR
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6164835fc4bcb2aa11412e3b_menu-nav.json
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/js/tuttisanti.7d2a54d3a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07526484281d3d0f81f439fe386563a1782196975c45bffd65d3e29a609331be

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:46:43 GMT
x-amz-version-id
EIdPgZ7HkrenuYOYE7v2c83994XejzLH
content-encoding
br
via
1.1 f75621cd6e47ae7d0a4d07cd1877339c.cloudfront.net (CloudFront)
age
5044562
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 11 Oct 2021 18:33:05 GMT
server
AmazonS3
etag
W/"62283913c195cf3bcf50860dd1bcb8b0"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
3FsySFUO3udvjiO0ct7stfjrew87WBZGq6tgUmkaku6rOVnDPCgHTA==
6164835fc4bcb2aa11412e3b_menu-nav.json
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
7 KB
1 KB
XHR
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6164835fc4bcb2aa11412e3b_menu-nav.json
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/js/tuttisanti.7d2a54d3a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07526484281d3d0f81f439fe386563a1782196975c45bffd65d3e29a609331be

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:46:43 GMT
x-amz-version-id
EIdPgZ7HkrenuYOYE7v2c83994XejzLH
content-encoding
br
via
1.1 f75621cd6e47ae7d0a4d07cd1877339c.cloudfront.net (CloudFront)
age
5044562
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 11 Oct 2021 18:33:05 GMT
server
AmazonS3
etag
W/"62283913c195cf3bcf50860dd1bcb8b0"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
FwWxMWsdWG9KKChevD71Uo3ImjKO_pLLQBNiGESXlqDv2ntNuKv6Gw==
6166fe023d514a3fecc144ed_146-basket-trolley-shopping-card-outline-edited.json
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
23 KB
4 KB
XHR
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6166fe023d514a3fecc144ed_146-basket-trolley-shopping-card-outline-edited.json
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/js/tuttisanti.7d2a54d3a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c39cb7336bbfc97d0e82ea58fa5d96d88c5e744a0b3f7c7ebc15c60d56c68143

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:46:43 GMT
x-amz-version-id
XSgfBELEmsgb77Ia6J3EznD0lg05LSmq
content-encoding
br
via
1.1 f75621cd6e47ae7d0a4d07cd1877339c.cloudfront.net (CloudFront)
age
5044562
x-amz-cf-pop
TXL50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 13 Oct 2021 15:40:52 GMT
server
AmazonS3
etag
W/"a4cff3d6631a953605bb1322ca813790"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
x--avnTp-zX2xUDuZiTNdGLhp85kreANhGM87pEKJf9tcZt35BOwJg==
www-player.css
www.youtube.com/s/player/d23221b6/ Frame 56FB
366 KB
47 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/d23221b6/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5eCk-BTyot4?rel=1&controls=0&autoplay=0&mute=0&start=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee11928e9a31b92c22b88f0c49dae1f791043fe071dacf46b848efe85254c003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/5eCk-BTyot4?rel=1&controls=0&autoplay=0&mute=0&start=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 22:12:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
6627
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48218
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 02:47:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 13 Dec 2024 22:12:17 GMT
embed.js
www.youtube.com/s/player/d23221b6/player_ias.vflset/nl_NL/ Frame 56FB
53 KB
16 KB
Script
General
Full URL
https://www.youtube.com/s/player/d23221b6/player_ias.vflset/nl_NL/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5eCk-BTyot4?rel=1&controls=0&autoplay=0&mute=0&start=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fd5c17700bbb0c944a3f0a7d78d4710533bf1b6ade33d89790ecb7bb46aed6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/5eCk-BTyot4?rel=1&controls=0&autoplay=0&mute=0&start=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 08:37:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
141890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16672
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 02:47:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 12 Dec 2024 08:37:54 GMT
www-embed-player.js
www.youtube.com/s/player/d23221b6/www-embed-player.vflset/ Frame 56FB
322 KB
96 KB
Script
General
Full URL
https://www.youtube.com/s/player/d23221b6/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5eCk-BTyot4?rel=1&controls=0&autoplay=0&mute=0&start=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c71106628b235959659a80caca8df6f9e8dfc9eac825605e79d2738726f287d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/5eCk-BTyot4?rel=1&controls=0&autoplay=0&mute=0&start=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 23:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98540
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 02:47:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 13 Dec 2024 23:54:13 GMT
base.js
www.youtube.com/s/player/d23221b6/player_ias.vflset/nl_NL/ Frame 56FB
2 MB
769 KB
Script
General
Full URL
https://www.youtube.com/s/player/d23221b6/player_ias.vflset/nl_NL/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5eCk-BTyot4?rel=1&controls=0&autoplay=0&mute=0&start=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b11b45ff021b16c5f2ba8e8cf2aa516bf18bf78cacc06d9e169635ab1a90b8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/5eCk-BTyot4?rel=1&controls=0&autoplay=0&mute=0&start=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 08:37:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
787064
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 02:47:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 12 Dec 2024 08:37:54 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/
33 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://odzyskanerzeczy.click
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 23:26:44 GMT
x-content-type-options
nosniff
age
2160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34288
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:26:44 GMT
js
www.googletagmanager.com/gtag/
257 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MC0J8CRL5T&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7QXJVR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3c018d3f1f24df6bb8ab56b28cd17451289bde5ffa2776353c2b5bf6f4e5d136
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:02:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89363
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Dec 2023 00:02:44 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/465909222/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/465909222/?random=1702598564905&cv=11&fst=1702598564905&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v836505734&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fodzyskanerzeczy.click%2F&ref=https%3A%2F%2Fodzyskanerzeczy.click%2F&hn=www.googleadservices.com&frm=0&tiba=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&auid=572841475.1702598565&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7QXJVR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa428a99fcb64116fc9e5795eaf30d52e0e3e3f9f61886100e88fac6e4d98b5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 56FB
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5eCk-BTyot4?rel=1&controls=0&autoplay=0&mute=0&start=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 23:26:56 GMT
x-content-type-options
nosniff
age
2148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 56FB
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5eCk-BTyot4?rel=1&controls=0&autoplay=0&mute=0&start=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 21:01:27 GMT
x-content-type-options
nosniff
age
97277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Dec 2024 21:01:27 GMT
collect
region1.google-analytics.com/g/
0
259 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-15N31ETXG9&gtm=45je3bt0v883405594z871743015&_p=1702598564484&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1175976220.1702598565&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702598564&sct=1&seg=0&dl=https%3A%2F%2Fodzyskanerzeczy.click%2F&dr=https%3A%2F%2Fodzyskanerzeczy.click%2F&dt=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=818
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-15N31ETXG9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://odzyskanerzeczy.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1060844193962204
connect.facebook.net/signals/config/
115 KB
31 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1060844193962204?v=2.9.138&r=stable&domain=odzyskanerzeczy.click
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ea61599e69c89e0ed7d385b0363698ce8faf328971341fd58308adeb4e05cdb3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 15 Dec 2023 00:02:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
OgnPpMj/oRM0zSpl4kVOS9BUc5iJSl539IO7H1TZQuslAikMTHuG76moC+oqiXrSQPTHjVxuK/M4IZYsb5jv9Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/991090543/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/991090543/?random=1702598564741&cv=9&fst=1702598400000&num=1&label=5lXtCKmFz2IQ767L2AM&guid=ON&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fodzyskanerzeczy.click%2F&ref=https%3A%2F%2Fodzyskanerzeczy.click%2F&tiba=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Jx34QbdD502VfOHM30d7lZlFJtwCyg&random=3910516557&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/991090543/
42 B
108 B
Image
General
Full URL
https://www.google.nl/pagead/1p-user-list/991090543/?random=1702598564741&cv=9&fst=1702598400000&num=1&label=5lXtCKmFz2IQ767L2AM&guid=ON&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fodzyskanerzeczy.click%2F&ref=https%3A%2F%2Fodzyskanerzeczy.click%2F&tiba=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Jx34QbdD502VfOHM30d7lZlFJtwCyg&random=3910516557&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/946161663/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/946161663/?random=1702598564744&cv=9&fst=1702598400000&num=3&guid=ON&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fodzyskanerzeczy.click%2F&ref=https%3A%2F%2Fodzyskanerzeczy.click%2F&tiba=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_H1aliMYZkE5hKpMf0-9Dc4jTXlRf6w&random=270475810&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/946161663/
42 B
455 B
Image
General
Full URL
https://www.google.nl/pagead/1p-user-list/946161663/?random=1702598564744&cv=9&fst=1702598400000&num=3&guid=ON&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fodzyskanerzeczy.click%2F&ref=https%3A%2F%2Fodzyskanerzeczy.click%2F&tiba=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_H1aliMYZkE5hKpMf0-9Dc4jTXlRf6w&random=270475810&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/969732012/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/969732012/?random=1702598564743&cv=9&fst=1702598400000&num=2&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fodzyskanerzeczy.click%2F&ref=https%3A%2F%2Fodzyskanerzeczy.click%2F&tiba=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_ywmMr2cGBIzfWGuhM1JNSgMBwjiGFA&random=78535425&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/969732012/
42 B
108 B
Image
General
Full URL
https://www.google.nl/pagead/1p-user-list/969732012/?random=1702598564743&cv=9&fst=1702598400000&num=2&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fodzyskanerzeczy.click%2F&ref=https%3A%2F%2Fodzyskanerzeczy.click%2F&tiba=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_ywmMr2cGBIzfWGuhM1JNSgMBwjiGFA&random=78535425&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/968643253/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/968643253/?random=1702598564745&cv=9&fst=1702598400000&num=4&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fodzyskanerzeczy.click%2F&ref=https%3A%2F%2Fodzyskanerzeczy.click%2F&tiba=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_8l5MLLofvIHFkOeyWKEDpOr8-iLytA&random=1418008090&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/968643253/
42 B
108 B
Image
General
Full URL
https://www.google.nl/pagead/1p-user-list/968643253/?random=1702598564745&cv=9&fst=1702598400000&num=4&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fodzyskanerzeczy.click%2F&ref=https%3A%2F%2Fodzyskanerzeczy.click%2F&tiba=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_8l5MLLofvIHFkOeyWKEDpOr8-iLytA&random=1418008090&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
211 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1156559874&t=pageview&_s=1&dl=https%3A%2F%2Fodzyskanerzeczy.click%2F&ul=en-us&de=UTF-8&dt=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=262982792&gjid=1711568986&cid=1175976220.1702598565&tid=UA-16797240-28&_gid=77651866.1702598565&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1889133608
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://odzyskanerzeczy.click/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://odzyskanerzeczy.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
16 B
84 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1156559874&t=pageview&_s=1&dl=https%3A%2F%2Fodzyskanerzeczy.click%2F&ul=en-us&de=UTF-8&dt=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1693458917&gjid=1508754629&cid=1175976220.1702598565&tid=UA-15952150-9&_gid=77651866.1702598565&_r=1&_slc=1&gtm=45He3bt0n71N26QLBv71743015&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1573001975
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2e67ed6358a4d4ac2d7d776c10a5711c1600eb3cd5d94c6b5c6f23ea8f7023fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://odzyskanerzeczy.click/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://odzyskanerzeczy.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
4 B
71 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1156559874&t=pageview&_s=1&dl=https%3A%2F%2Fodzyskanerzeczy.click%2F&ul=en-us&de=UTF-8&dt=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=63445062&gjid=130753076&cid=1175976220.1702598565&tid=UA-185009127-1&_gid=77651866.1702598565&_r=1&_slc=1&gtm=45He3bt0n81W7QXJVRv836505734&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1647723391
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://odzyskanerzeczy.click/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://odzyskanerzeczy.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/465909222/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/465909222/?random=1702598564905&cv=11&fst=1702598400000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v836505734&u_w=1600&u_h=1200&url=https%3A%2F%2Fodzyskanerzeczy.click%2F&ref=https%3A%2F%2Fodzyskanerzeczy.click%2F&frm=0&tiba=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_vhah-8bvbEM8nBQEZm3Xp2p7oelzyA&random=2561094215&rmt_tld=0&ipr=y
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/465909222/
42 B
108 B
Image
General
Full URL
https://www.google.nl/pagead/1p-user-list/465909222/?random=1702598564905&cv=11&fst=1702598400000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v836505734&u_w=1600&u_h=1200&url=https%3A%2F%2Fodzyskanerzeczy.click%2F&ref=https%3A%2F%2Fodzyskanerzeczy.click%2F&frm=0&tiba=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_vhah-8bvbEM8nBQEZm3Xp2p7oelzyA&random=2561094215&rmt_tld=1&ipr=y
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MC0J8CRL5T&_ono=1&gtm=45je3bt0v884302799z8836505734&_p=1702598564484&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1175976220.1702598565&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702598565&sct=1&seg=0&dl=https%3A%2F%2Fodzyskanerzeczy.click%2F&dr=https%3A%2F%2Fodzyskanerzeczy.click%2F&dt=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&en=page_view&_fv=1&_ss=1&tfd=929
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MC0J8CRL5T&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://odzyskanerzeczy.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
259 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-MC0J8CRL5T&cid=1175976220.1702598565&gtm=45je3bt0v884302799z8836505734&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MC0J8CRL5T&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://odzyskanerzeczy.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/
42 B
107 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-MC0J8CRL5T&cid=1175976220.1702598565&gtm=45je3bt0v884302799z8836505734&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=161830935
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CMKppfWRkIMDFXJLkQUdFU8JtA;src=10902911;type=rmkt0;cat=domin0;ord=1099136030168;auiddc=*;u1=https%3A%2F%2Fodzyskanerzeczy.click%2F;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;u...
adservice.google.com/ddm/fls/z/ Frame BC4C
42 B
107 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CMKppfWRkIMDFXJLkQUdFU8JtA;src=10902911;type=rmkt0;cat=domin0;ord=1099136030168;auiddc=*;u1=https%3A%2F%2Fodzyskanerzeczy.click%2F;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fodzyskanerzeczy.click%2F
Requested by
Host: 10902911.fls.doubleclick.net
URL: https://10902911.fls.doubleclick.net/activityi;dc_pre=CMKppfWRkIMDFXJLkQUdFU8JtA;src=10902911;type=rmkt0;cat=domin0;ord=1099136030168;auiddc=572841475.1702598565;u1=https%3A%2F%2Fodzyskanerzeczy.click%2F;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fodzyskanerzeczy.click%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://10902911.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CPL3pPWRkIMDFQtFkQUdpRcK0A;src=10121152;type=invmedia;cat=sg-za0;ord=6255125000539;auiddc=*;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
adservice.google.com/ddm/fls/z/ Frame CBA5
42 B
401 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPL3pPWRkIMDFQtFkQUdpRcK0A;src=10121152;type=invmedia;cat=sg-za0;ord=6255125000539;auiddc=*;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fodzyskanerzeczy.click%2F
Requested by
Host: 10121152.fls.doubleclick.net
URL: https://10121152.fls.doubleclick.net/activityi;dc_pre=CPL3pPWRkIMDFQtFkQUdpRcK0A;src=10121152;type=invmedia;cat=sg-za0;ord=6255125000539;auiddc=572841475.1702598565;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fodzyskanerzeczy.click%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://10121152.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 56FB
113 B
305 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4b82875b938162f04a9a00ba534fff0523a0f16d8de7f64905fa6b5e8010329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 56FB
29 B
495 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 23:51:11 GMT
x-content-type-options
nosniff
age
694
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 00:06:11 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 15 Dec 2023 00:02:45 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 56FB
87 KB
40 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/nl_NL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b373f45b1aa342a995d904cee5a55c06ab20c5e303d8136180bfd780a5ee45e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 15 Dec 2023 00:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41064
x-xss-protection
0
q3ybFvLVurjIRsyeRT4FtV2O7nz4ZH1nHhTn1-npVcU.js
www.google.com/js/th/ Frame 56FB
51 KB
20 KB
Script
General
Full URL
https://www.google.com/js/th/q3ybFvLVurjIRsyeRT4FtV2O7nz4ZH1nHhTn1-npVcU.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/nl_NL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
sffe /
Resource Hash
ab7c9b16f2d5bab8c846cc9e453e05b55d8eee7cf8647d671e14e7d7e9e955c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:14:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
226080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19841
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 09:14:45 GMT
default.webp
i.ytimg.com/vi_webp/5eCk-BTyot4/ Frame 56FB
2 KB
2 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/5eCk-BTyot4/default.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5eCk-BTyot4?rel=1&controls=0&autoplay=0&mute=0&start=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8441ffbdc8d58a74570a929de17ffe1c3f1b177d36ed7f79b17fe079137d0522
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:02:45 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2052
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 15 Dec 2023 02:02:45 GMT
collect
stats.g.doubleclick.net/j/
4 B
151 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-15952150-9&cid=1175976220.1702598565&jid=1693458917&gjid=1508754629&_gid=77651866.1702598565&_u=YADAAUABAAAAACAAI~&z=1064297220
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://odzyskanerzeczy.click/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 15 Dec 2023 00:02:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://odzyskanerzeczy.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
250 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N0WGMNV8JE&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b5d273f7a523874109abdc195ca8d6194c4732820fef8c63390402dd5cc7b93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:02:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86549
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Dec 2023 00:02:45 GMT
collect
stats.g.doubleclick.net/j/
4 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-185009127-1&cid=1175976220.1702598565&jid=63445062&gjid=130753076&_gid=77651866.1702598565&_u=YADAAUABAAAAACAAI~&z=155827995
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://odzyskanerzeczy.click/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 15 Dec 2023 00:02:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://odzyskanerzeczy.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
965654053972556
connect.facebook.net/signals/config/
133 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/965654053972556?v=2.9.138&r=stable&domain=odzyskanerzeczy.click
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6d9e43ce1538a763aa4ac11b5540e6c061ebdbd52d39fb02e60ebd16b8c4c850
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 15 Dec 2023 00:02:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
mBP4IBoM/mGV7riTMr5TLVsTO7Hymqfupm0bRq+Ck4tNz6jSp+TUuAIUZcCw4HpXdviY3OMWWhz0NSRIz9nNEg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1060844193962204&ev=PageView&dl=https%3A%2F%2Fodzyskanerzeczy.click&rl=https%3A%2F%2Fodzyskanerzeczy.click&if=false&ts=1702598565716&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1702598565715.1913975549&pm=1&hrl=b49863&it=1702598565001&coo=false&cs_cc=1&rqm=GET
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 15 Dec 2023 00:02:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
6203e0436049057f524f4f33_M%C3%B3j%20film%2020-transcode.webm
assets-global.website-files.com/6164835fc4bcb2f391412e0b/
0
0
Media
General
Full URL
https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6203e0436049057f524f4f33_M%C3%B3j%20film%2020-transcode.webm
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://odzyskanerzeczy.click/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

generate_204
www.youtube.com/ Frame 56FB
0
10 B
Image
General
Full URL
https://www.youtube.com/generate_204?lGAo7Q
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5eCk-BTyot4?rel=1&controls=0&autoplay=0&mute=0&start=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/5eCk-BTyot4?rel=1&controls=0&autoplay=0&mute=0&start=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:02:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-15952150-9&cid=1175976220.1702598565&jid=1693458917&_u=YADAAUABAAAAACAAI~&z=507639025
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/
42 B
107 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-15952150-9&cid=1175976220.1702598565&jid=1693458917&_u=YADAAUABAAAAACAAI~&z=507639025
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-185009127-1&cid=1175976220.1702598565&jid=63445062&_u=YADAAUABAAAAACAAI~&z=2145997282
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/
42 B
107 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-185009127-1&cid=1175976220.1702598565&jid=63445062&_u=YADAAUABAAAAACAAI~&z=2145997282
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
45 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-N0WGMNV8JE&gtm=45je3bt0v9135581334&_p=1702598564484&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1175976220.1702598565&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fodzyskanerzeczy.click%2F&dt=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&sid=1702598565&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1702
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N0WGMNV8JE&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://odzyskanerzeczy.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
17 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N0WGMNV8JE&cid=1175976220.1702598565&gtm=45je3bt0v9135581334&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N0WGMNV8JE&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://odzyskanerzeczy.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/
42 B
107 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N0WGMNV8JE&cid=1175976220.1702598565&gtm=45je3bt0v9135581334&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=1996371716
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 00:02:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=965654053972556&ev=PageView&dl=https%3A%2F%2Fodzyskanerzeczy.click%2F&rl=https%3A%2F%2Fodzyskanerzeczy.click%2F&if=false&ts=1702598565844&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702598565715.1913975549&it=1702598565001&coo=false&rqm=GET
Requested by
Host: odzyskanerzeczy.click
URL: https://odzyskanerzeczy.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 15 Dec 2023 00:02:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 15 Dec 2023 00:02:45 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 56FB
90 B
134 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
281044515f7d2f9beefca9b2c9f887d23160c7b132b1e4deba887b8fad4edbb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 15 Dec 2023 00:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1156559874&t=timing&_s=2&dl=https%3A%2F%2Fodzyskanerzeczy.click%2F&ul=en-us&de=UTF-8&dt=%22%3A%20Dziecko%20zgin%C4%99%C5%82o%20pod%20ko%C5%82ami%20auta!%20Drastyczne%20nagranie!!%20%5B%2B18%5D%22&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2063&pdt=19&dns=0&rrt=28&srt=131&tcp=0&dit=624&clt=635&_gst=602&_gbt=896&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=1175976220.1702598565&tid=UA-185009127-1&_gid=77651866.1702598565&gtm=45He3bt0n81W7QXJVRv836505734&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=360749094
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odzyskanerzeczy.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 21:10:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
10339
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 56FB
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
X-Goog-Request-Time
1702598567597
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/5eCk-BTyot4?rel=1&controls=0&autoplay=0&mute=0&start=0
X-YouTube-Client-Version
1.20231212.01.00
X-YouTube-Time-Zone
Europe/Amsterdam
X-Goog-Visitor-Id
Cgs4cjFlRXducURkbyikr-6rBjIKCgJOTBIEEgAgDg%3D%3D
X-YouTube-Ad-Signals
dt=1702598565014&flash=0&frm=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKr_MBqYCdpnoh_b5EwLfz2LMZhnivDFUqWkUVFbQvVpwkM_46xXYJtU5xWKVMifRIrsac4TyuZsD6ZhAun8NG4nW3F9yQ

Response headers

date
Fri, 15 Dec 2023 00:02:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Fri, 15 Dec 2023 00:02:47 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| dataLayer object| WebFont object| __WEBFLOW_CURRENCY_SETTINGS function| gtag function| $ function| jQuery object| google_tag_manager object| google_tag_data function| tram object| Webflow function| objectFitPolyfill string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| google_conversion_id object| google_conversion_label object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| goadservicesq object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData

14 Cookies

Domain/Path Name / Value
.odzyskanerzeczy.click/ Name: __cf_mw_byp
Value: 1QXXhn5E8ZAumB9AE9LLq1Dlu3iJEQyAyLAxfoVPMw8-1702598559-0-/
.youtube.com/ Name: YSC
Value: AJUT1I-Gdpo
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 8r1eEwnqDdo
.odzyskanerzeczy.click/ Name: _gcl_au
Value: 1.1.572841475.1702598565
.odzyskanerzeczy.click/ Name: _ga_15N31ETXG9
Value: GS1.1.1702598564.1.0.1702598564.0.0.0
.odzyskanerzeczy.click/ Name: _gid
Value: GA1.2.77651866.1702598565
.odzyskanerzeczy.click/ Name: _gat_gtag_UA_16797240_28
Value: 1
.odzyskanerzeczy.click/ Name: _gat_UA-15952150-9
Value: 1
.odzyskanerzeczy.click/ Name: _gat_UA-185009127-1
Value: 1
.odzyskanerzeczy.click/ Name: _ga_MC0J8CRL5T
Value: GS1.1.1702598565.1.0.1702598565.60.0.0
.odzyskanerzeczy.click/ Name: _ga
Value: GA1.1.1175976220.1702598565
.doubleclick.net/ Name: IDE
Value: AHWqTUm8dKWjcbnGYV5oKejHQ36Tnl8B86PpSNXnYDmOFHmlYVaz1LX9Q4txk_-92po
.odzyskanerzeczy.click/ Name: _fbp
Value: fb.1.1702598565715.1913975549
.odzyskanerzeczy.click/ Name: _ga_N0WGMNV8JE
Value: GS1.2.1702598565.1.0.1702598565.60.0.0

6 Console Messages

Source Level URL
Text
network error URL: https://www.pizzadominium.pl/public/resources/style/packed/40f51bac67bbf527dc16315c49927b14.css
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.pizzadominium.pl/public/resources/javascript/packed/c6eee5fe262225c62db5effc6ceab34a.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://script.crazyegg.com/pages/scripts/0092/7476.js
Message:
Failed to load resource: the server responded with a status of 410 ()
network error URL: https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6203e0436049057f524f4f33_M%C3%B3j%20film%2020-poster-00001.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6203e0436049057f524f4f33_M%C3%B3j%20film%2020-transcode.mp4
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://assets-global.website-files.com/6164835fc4bcb2f391412e0b/6203e0436049057f524f4f33_M%C3%B3j%20film%2020-transcode.webm
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10121152.fls.doubleclick.net
10902911.fls.doubleclick.net
adservice.google.com
ajax.googleapis.com
assets-global.website-files.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
odzyskanerzeczy.click
region1.analytics.google.com
region1.google-analytics.com
script.crazyegg.com
static.doubleclick.net
stats.g.doubleclick.net
t.goadservices.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.pizzadominium.pl
www.youtube.com
142.250.184.195
172.217.18.100
195.177.217.192
2001:4860:4802:34::36
216.58.206.38
216.58.212.130
2600:9000:2260:3800:12:9e5f:cac0:93a1
2606:4700::6813:9308
2a00:1450:4001:800::200a
2a00:1450:4001:80e::2016
2a00:1450:4001:810::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3121::3
52.222.232.47
62.129.206.181
00d81dafc011e03ba8baf67dae78378c972fc09753c8ad984a1fe532269ad143
00f0ca5978af7f577f3bb245b52f5b98546fca77cbf7b2b42838fddc2b53cd59
032f267eb36c48ede506c34c14540eaf21230b18e251544273c71d4c462a4c57
07526484281d3d0f81f439fe386563a1782196975c45bffd65d3e29a609331be
0839015dbcb753263378540185981c0193c6c6690db71d77cecd9147c340bcbf
0bc0006195d427cbb9b6868cf90f4636db5ac22072c0794b1a43a2924758bb66
0c71106628b235959659a80caca8df6f9e8dfc9eac825605e79d2738726f287d
0e5f743d2d3bcf91d3441ef7474c3d89cd24b4c9acc8abf1425ca7bd9f55bf92
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
17f00be1c4c68d813046ea5753614cf87d10678c3d86efce874f291ab8da59be
1fc7a0261fb63d87bd87974820f99961617e50047cdab1b8a1aaa4ddafeba648
21f41df2a26506eef0ad92690a596cf18028083bbf3a8d450e507ff0fe02de5a
281044515f7d2f9beefca9b2c9f887d23160c7b132b1e4deba887b8fad4edbb0
2e67ed6358a4d4ac2d7d776c10a5711c1600eb3cd5d94c6b5c6f23ea8f7023fb
30c0870eff53c9d135b8e23c5c9479c49e80a6b3987440950a44378847f4af81
31a281c02422893c5201eda9023b931aa81315277d485c2d12ca79c2fe68c82c
3b5d273f7a523874109abdc195ca8d6194c4732820fef8c63390402dd5cc7b93
3c018d3f1f24df6bb8ab56b28cd17451289bde5ffa2776353c2b5bf6f4e5d136
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
427813d281697a29d440ade1dac4ed02a9dd9dfa7b51c12cb845a11e7aa1e3a3
44bf5af608a0b37256b8696feb23905d6f53803a7ba9a5a9731292eacf8327a3
45a857b1c92bcca4b15e9d2316f6f953bfabdf082da7bbd633d9cfded15acf5b
48a3fb42b4179a24fa50c6eabaa509e7a54b6da6db26eca6b8f8a4f9b6405027
498e6aa98fdcf4d022d5ad8edbbb293168d0d6ce020c6833e0107db2322461c6
4e65e6fe85ba8c8de263d964c8985e013ee346d6f8316f6f4e016c6cc65786cb
4fd5c17700bbb0c944a3f0a7d78d4710533bf1b6ade33d89790ecb7bb46aed6b
5287a128f9cca2dac491034a4e9cce2291f206a949c0447112515a8b7a9cf3e4
575aa07d01b981ab29e48d0a33e613df8e5ddaef7945b8ce75f825ec1ddaf5e1
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d221f8b4caa3a0f867a2c61407ce13d65c991f5abc4fb0059c4c885e079b5a6
64993c732f6b857fd515bbb5f8cb264489a669eb56bf634931bf12898fe98417
693b660b1d5accf956686b51dc9cce252f1784748a9c58a78a58ac4ef2a07ad6
6af16ddf9ed2c663f775214c673a0ba8f977ebd04d764849af97b5bb2d9583ea
6b0c02e4cc8d666fd1d7c4797b1d9f0931f1a7709a4507ab89b3633590de7f3a
6b27c4b31af098d27b6f5321554f930ce039314e746073323b8a914aa989ed33
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d9e43ce1538a763aa4ac11b5540e6c061ebdbd52d39fb02e60ebd16b8c4c850
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
72222fcb90ca1f4445b7f1e3f395919fa02fbaf636875518be6b52b28310b0d3
7487dabe3b3ccff82b7a64265a3207a7a646d15b2b52346efe5ced83817e4afc
756cca29e306e66f94e7b705c45bb0bc0315d7e745c159971cbecc65e62e7d3f
75cdd9f894b79772dab799da50ef58dd62bfc66f56ac741c8147d8ba3ebcd77b
7b11b45ff021b16c5f2ba8e8cf2aa516bf18bf78cacc06d9e169635ab1a90b8c
804241f377e97c7991d9554a39358d5ad2b77878b13bff743ae42e9f2a38d8a6
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8441ffbdc8d58a74570a929de17ffe1c3f1b177d36ed7f79b17fe079137d0522
84fd3fb787381a09f372a2085dddf1b6ba1831f0452a9e3438b0380f00f8ff0e
867621cda0c590864f15da3e7bf3593d1794e6cb265ae4f0cf1da1a81c2e76f2
8e0a49263e79dfb673c05436c5f64b6f4683cade7afe74a7ea8c824327ab2cfa
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
98ffcd7d8a55a7b090184f3e86dc25249b20c783fd98e7dc1654b70bb3372fca
9a35c795237d4fb54f56edc0d2a38dbcab417da765da3fe2c9e05437e2f3aa67
9ff93e515bc7c3fbc74e42ecb2860852af567be2d3775ba66b327b9cbea974c0
a7bd7a128b34e719fc2c759b6134526912f5dc3d18c9f0b56f4e1d63062d3660
a86f41d620c41e5e9c457a272b3260764cd3ccb057c7c278ba8fde4e9c7b7371
ab7c9b16f2d5bab8c846cc9e453e05b55d8eee7cf8647d671e14e7d7e9e955c5
acb92e398a8bd8e660758749ec8971e1253eadfd8ba27a65552e777b06d15724
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b373f45b1aa342a995d904cee5a55c06ab20c5e303d8136180bfd780a5ee45e4
b58b3bc64ddbf8a1b7a0e6760c945ffe02abd5bda03c9759b91bf7c8213a220a
ba02ee4060c212891f426a2fd8280161411a31c1658b19582c9690308c2668ad
ba28801deddb3ad3edddbf2905e189240614d82538f8adda05f385f1a4052493
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bc87bbc39a4fb4f0f5abe0ba3227acaa1f58a20ed83ec606d59811e141c1ba55
c0166c3747b83b0c930891d7708ed53b27ec34103b1db04365fe5b6c67df152b
c01d332da6049e77e8ecc38d5be136a559ba07c594a49282ad1037c0375c11f3
c39cb7336bbfc97d0e82ea58fa5d96d88c5e744a0b3f7c7ebc15c60d56c68143
c3b935e66e5f677a136ff588c4e9ae6d85b9dc9022f0c93f5074d27a2f79f609
ccc2b6b6bfdfff89f91ffefd8038a166bb67ee73dbc8a9ac34c4b9a65e3ab832
d2bbbafc9a0ce6b1046d841e958f05a7ed5177a8a79583870a701576eecbbd1c
d7cd2b6845750f7aab225e349b3708f6f91e682b6137834eb621d2c7cef27be2
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9c317746b56e3e39a8eab4fee70a2613feb1e3c8d4b1f25d582d533385d7bde
dd05be4936f9a120bdd40d23d6e507ad514496d5012c507650e803ffea90334d
ddaaebeef7015bba09ad0bad33d9af21664074c2e84738cfb28861789b00b7fa
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e33a95a24e9b305b0c512e5fbf2f5883f3f2447793f12fbdbd3155d52311282e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ff3a40f414fcb5a5408cacc563ba3dcac9870c9b2fd9bef02497c9585d9279
e55bf6bf7e8528bd8ee50a181e8f9a7bd68047aea7f148ad7e6d767d747ac90a
e5dd45d0942a7f429508cb20f66072de90b8950935e1c15534cbb72a52f87176
ea61599e69c89e0ed7d385b0363698ce8faf328971341fd58308adeb4e05cdb3
ebc0e9789e727166ecc9bcc0e0105a060c2523c070541a6dc138b908e5759f57
ebe87934784059762886e5c50c81c4739c799c7f2ceac4bc5fa874328309b85c
ee11928e9a31b92c22b88f0c49dae1f791043fe071dacf46b848efe85254c003
eea67cec0cd2e7df898a0d03744d7f53e68fde8e943867c7d75f98a107ba4784
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efce6cb168c19988f7d503d29d8b375356f16c2d0ca7627bf5539103440500d4
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f4b82875b938162f04a9a00ba534fff0523a0f16d8de7f64905fa6b5e8010329
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa428a99fcb64116fc9e5795eaf30d52e0e3e3f9f61886100e88fac6e4d98b5e
ffaac4e5bb197eb4ce8d16da142fe4e056de0d17d63ae7a67db426e8ae7978b1