halomovie.estranky.cz Open in urlscan Pro
81.0.226.241 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44#mail-list
Effective URL:
https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Submission: On May 04 via manual (May 4th 2021, 9:25:29 am UTC) from IN

Summary HTTP 179 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 48 IPs in 9 countries across 42 domains to perform 179 HTTP transactions. The main IP is 81.0.226.241, located in Czech Republic and belongs to CASABLANCA-AS Internet & Collocation Provider, CZ. The main domain is halomovie.estranky.cz.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on March 15th 2021. Valid for: a year.

This is the only time halomovie.estranky.cz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	81.0.226.241 81.0.226.241	15685 (CASABLANC...) (CASABLANCA-AS Internet & Collocation Provider)
19	81.0.235.96 81.0.235.96	15685 (CASABLANC...) (CASABLANCA-AS Internet & Collocation Provider)
3	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a02:26f0:6c0... 2a02:26f0:6c00:299::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	192.155.108.156 192.155.108.156	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
4	2a00:1ed0:45::c 2a00:1ed0:45::c	43541 (VSHOSTING) (VSHOSTING)
1 2	162.241.226.124 162.241.226.124	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	38.99.77.16 38.99.77.16	36323 (EZRI-36323) (EZRI-36323)
1	185.25.185.10 185.25.185.10	24971 (MASTER-AS...) (MASTER-AS Czech Republic / www.master.cz)
4 20	54.230.183.36 54.230.183.36	16509 (AMAZON-02) (AMAZON-02)
6 6	143.204.202.115 143.204.202.115	16509 (AMAZON-02) (AMAZON-02)
6 6	143.204.202.122 143.204.202.122	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1 3	65.9.84.119 65.9.84.119	16509 (AMAZON-02) (AMAZON-02)
1 4	137.74.0.151 137.74.0.151	16276 (OVH) (OVH)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	195.191.205.110 195.191.205.110	50695 (VLP-AS) (VLP-AS)
3 6	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
6	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
6 15	52.50.94.149 52.50.94.149	16509 (AMAZON-02) (AMAZON-02)
3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
7	77.75.78.101 77.75.78.101	43037 (SEZNAM-) (SEZNAM-)
9	77.75.77.9 77.75.77.9	43037 (SEZNAM-) (SEZNAM-)
2 7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
9 10	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
1	184.30.25.69 184.30.25.69	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:6ea0:c70... 2a02:6ea0:c700::3	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	77.75.76.101 77.75.76.101	43037 (SEZNAM-) (SEZNAM-)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
6	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	54.154.97.212 54.154.97.212	16509 (AMAZON-02) (AMAZON-02)
1 2	72.21.206.140 72.21.206.140	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.135.227 185.29.135.227	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	185.183.112.155 185.183.112.155	60350 (VP) (VP)
1	35.241.40.233 35.241.40.233	15169 (GOOGLE) (GOOGLE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a02:598:2::60 2a02:598:2::60	43037 (SEZNAM-) (SEZNAM-)
2	2a02:598:6666... 2a02:598:6666:1:14::4	43037 (SEZNAM-) (SEZNAM-)
2	2a02:598:a::7... 2a02:598:a::78:74	43037 (SEZNAM-) (SEZNAM-)
14	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
179	48

4 81.0.226.241 (Czech Republic) 1 redirects

ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ)
PTR: userwww003.websitemaster.com

www.halomovie.estranky.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
halomovie.estranky.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 81.0.235.96 (Czech Republic)

ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ)
PTR: www.estranky.cz

s3a.estranky.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s3c.estranky.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:299::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.155.108.156 (Miami, United States)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

img.20dollars2surf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1ed0:45::c (Czech Republic)

ASN43541 (VSHOSTING, CZ)

www.blueboard.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blueboard.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.241.226.124 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5343.bluehost.com

www.smileyshut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
smileyshut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

t0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.99.77.16 (United States)

ASN36323 (EZRI-36323, US)
PTR: imagizer-cv.imageshack.us

img101.imageshack.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.25.185.10 (Czech Republic)

ASN24971 (MASTER-AS Czech Republic / www.master.cz, CZ)
PTR: 185-25-185-10.static.netio.cz

upload.svetobrazku.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 54.230.183.36 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-36.ham50.r.cloudfront.net

i47.tinypic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tinypic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.202.115 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-115.fra53.r.cloudfront.net

i48.tinypic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i46.tinypic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.202.122 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-122.fra53.r.cloudfront.net

i45.tinypic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i50.tinypic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.84.119 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 137.74.0.151 (Warsaw, Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: ovhpl2.host.hit.gemius.pl

gacz.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.191.205.110 (Neratovice, Czech Republic)

ASN50695 (VLP-AS, CZ)
PTR: web-front-03.vlp.cz

a.adactive.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.79.143.124 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.50.94.149 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-94-149.eu-west-1.compute.amazonaws.com

a.denik.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.centrum.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.1gr.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.csfd.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.slunecnice.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 77.75.78.101 (Prague, Czech Republic)

ASN43037 (SEZNAM-, CZ)
PTR: ssp.seznam.cz

ssp.imedia.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssp.seznam.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 77.75.77.9 (Prague, Czech Republic)

ASN43037 (SEZNAM-, CZ)
PTR: h.imedia.cz

h.seznam.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.252.172.37 (Frankfurt am Main, Germany) 9 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.25.69 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-69.deploy.static.akamaitechnologies.com

content.aimatch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::3 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

cdn.cpex.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.75.76.101 (Prague, Czech Republic)

ASN43037 (SEZNAM-, CZ)
PTR: ssp.seznam.cz

ssp.seznam.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.97.212 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-97-212.eu-west-1.compute.amazonaws.com

a.iprima.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.206.140 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.227 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.155 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:598:2::60 (Czech Republic)

ASN43037 (SEZNAM-, CZ)

c-ng.seznam.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:598:6666:1:14::4 (Czech Republic)

ASN43037 (SEZNAM-, CZ)

d49-a.sdn.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:598:a::78:74 (Czech Republic)

ASN43037 (SEZNAM-, CZ)

fimg-resp.seznam.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	tinypic.com 16 redirects i47.tinypic.com tinypic.com i48.tinypic.com i45.tinypic.com i46.tinypic.com i50.tinypic.com	253 KB
23	estranky.cz 1 redirects www.halomovie.estranky.cz halomovie.estranky.cz s3a.estranky.cz s3c.estranky.cz	209 KB
22	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	290 KB
21	rubiconproject.com 3 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel-eu.rubiconproject.com	38 KB
20	seznam.cz h.seznam.cz ssp.seznam.cz c-ng.seznam.cz fimg-resp.seznam.cz	39 KB
10	adnxs.com 9 redirects secure.adnxs.com	8 KB
9	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	38 KB
7	casalemedia.com 2 redirects ssum.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	8 KB
7	denik.cz 2 redirects a.denik.cz	7 KB
5	pubmatic.com ads.pubmatic.com image6.pubmatic.com	35 KB
5	google.com 1 redirects www.google.com adservice.google.com	1018 B
4	gemius.pl 1 redirects gacz.hit.gemius.pl	12 KB
4	blueboard.cz www.blueboard.cz blueboard.cz
3	google.de www.google.de adservice.google.de	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	jquery.com code.jquery.com	215 KB
2	sdn.cz d49-a.sdn.cz	24 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	961 B
2	iprima.cz 1 redirects a.iprima.cz	1000 B
2	slunecnice.cz 1 redirects a.slunecnice.cz	1012 B
2	csfd.cz 1 redirects a.csfd.cz	987 B
2	1gr.cz 1 redirects a.1gr.cz	986 B
2	centrum.cz 1 redirects a.centrum.cz	997 B
2	googletagservices.com www.googletagservices.com	63 KB
2	googleadservices.com www.googleadservices.com partner.googleadservices.com	15 KB
2	smileyshut.com 1 redirects www.smileyshut.com smileyshut.com	234 B
2	adobedtm.com assets.adobedtm.com	23 KB
1	brand-display.com dmp.brand-display.com	253 B
1	adotmob.com 1 redirects sync.adotmob.com	689 B
1	mathtag.com 1 redirects sync.mathtag.com	638 B
1	adsrvr.org match.adsrvr.org	265 B
1	cpex.cz cdn.cpex.cz	728 B
1	aimatch.com content.aimatch.com	55 KB
1	imedia.cz ssp.imedia.cz	38 KB
1	adactive.cz a.adactive.cz	17 KB
1	googletagmanager.com www.googletagmanager.com	41 KB
1	svetobrazku.cz upload.svetobrazku.cz
1	imageshack.us img101.imageshack.us	11 KB
1	gstatic.com t0.gstatic.com	6 KB
1	20dollars2surf.com img.20dollars2surf.com
0	bungie.cz Failed bungie.cz Failed
179	42

	Domain	Requested by
18	s3a.estranky.cz	halomovie.estranky.cz s3a.estranky.cz
16	tinypic.com	halomovie.estranky.cz
14	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
10	secure.adnxs.com	9 redirects ssum.casalemedia.com
9	h.seznam.cz	ssp.imedia.cz h.seznam.cz halomovie.estranky.cz
8	ssp.seznam.cz	ssp.imedia.cz ssp.seznam.cz halomovie.estranky.cz
8	pagead2.googlesyndication.com	a.adactive.cz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	a.denik.cz	2 redirects halomovie.estranky.cz cdn.cpex.cz ssum.casalemedia.com
6	pixel-eu.rubiconproject.com	cdn.cpex.cz
6	googleads.g.doubleclick.net	www.googleadservices.com pagead2.googlesyndication.com googleads.g.doubleclick.net
6	eus.rubiconproject.com	secure-assets.rubiconproject.com eus.rubiconproject.com
6	secure-assets.rubiconproject.com	3 redirects assets.adobedtm.com a.adactive.cz cdn.cpex.cz
5	i46.tinypic.com	5 redirects
4	dsum-sec.casalemedia.com	1 redirects ssum.casalemedia.com
4	ads.pubmatic.com	a.adactive.cz ssp.imedia.cz ads.pubmatic.com
4	www.google.com	1 redirects halomovie.estranky.cz googleads.g.doubleclick.net
4	gacz.hit.gemius.pl	1 redirects halomovie.estranky.cz gacz.hit.gemius.pl
4	i47.tinypic.com	4 redirects
3	token.rubiconproject.com	eus.rubiconproject.com
3	sb.scorecardresearch.com	1 redirects halomovie.estranky.cz
3	www.google-analytics.com	halomovie.estranky.cz www.google-analytics.com
3	blueboard.cz	halomovie.estranky.cz
3	i50.tinypic.com	3 redirects
3	i45.tinypic.com	3 redirects
3	code.jquery.com	halomovie.estranky.cz
3	halomovie.estranky.cz	halomovie.estranky.cz
2	fimg-resp.seznam.cz	c-ng.seznam.cz
2	d49-a.sdn.cz	c-ng.seznam.cz
2	cm.g.doubleclick.net	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum.casalemedia.com
2	a.iprima.cz	1 redirects cdn.cpex.cz
2	a.slunecnice.cz	1 redirects cdn.cpex.cz
2	a.csfd.cz	1 redirects cdn.cpex.cz
2	a.1gr.cz	1 redirects cdn.cpex.cz
2	a.centrum.cz	1 redirects cdn.cpex.cz
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	ssum.casalemedia.com	1 redirects a.adactive.cz
2	www.google.de	halomovie.estranky.cz
2	assets.adobedtm.com	halomovie.estranky.cz assets.adobedtm.com
1	c-ng.seznam.cz	ssp.imedia.cz
1	image6.pubmatic.com	ads.pubmatic.com
1	dmp.brand-display.com	ssum.casalemedia.com
1	sync.adotmob.com	1 redirects
1	sync.mathtag.com	1 redirects
1	match.adsrvr.org	ssum.casalemedia.com
1	ssum-sec.casalemedia.com	ssum.casalemedia.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.cpex.cz	a.adactive.cz
1	content.aimatch.com	halomovie.estranky.cz
1	ssp.imedia.cz	a.adactive.cz
1	stats.g.doubleclick.net	www.google-analytics.com
1	a.adactive.cz	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	halomovie.estranky.cz
1	i48.tinypic.com	1 redirects
1	upload.svetobrazku.cz	halomovie.estranky.cz
1	img101.imageshack.us	halomovie.estranky.cz
1	t0.gstatic.com	halomovie.estranky.cz
1	smileyshut.com	halomovie.estranky.cz
1	www.smileyshut.com	1 redirects
1	www.blueboard.cz	halomovie.estranky.cz
1	img.20dollars2surf.com	halomovie.estranky.cz
1	s3c.estranky.cz	halomovie.estranky.cz
1	www.halomovie.estranky.cz	1 redirects
0	bungie.cz Failed	halomovie.estranky.cz
179	67

This site contains links to these domains. Also see Links.

Domain
www.halomovie.estranky.cz
en.20dollars2surf.com
www.blueboard.cz
hercak.wbs.cz
bungie.cz
blueboard.cz
a.denik.cz
www.estranky.cz

Subject Issuer	Validity	Valid
*.estranky.cz RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-15` - `2022-04-15`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
img.20dollars2surf.com R3	`2021-04-22` - `2021-07-21`	3 months	crt.sh
*.blueboard.cz AlphaSSL CA - SHA256 - G2	`2020-02-17` - `2022-03-22`	2 years	crt.sh
cpcontacts.amani-tours.com R3	`2021-04-29` - `2021-07-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.imageshack.us Go Daddy Secure Certificate Authority - G2	`2019-12-30` - `2022-02-28`	2 years	crt.sh
vm1807.cust.netio.cz NETIO Root CA	`2020-10-20` - `2040-10-20`	20 years	crt.sh
tinypic.com Amazon	`2020-08-22` - `2021-09-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
a.adactive.cz R3	`2021-03-25` - `2021-06-23`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tier1-euw1.ireland.delivery.aimatch.net Amazon	`2021-04-27` - `2022-05-26`	a year	crt.sh
ssp.seznam.cz R3	`2021-04-12` - `2021-07-11`	3 months	crt.sh
h.imedia.cz R3	`2021-02-22` - `2021-05-23`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
content.aimatch.com R3	`2021-04-14` - `2021-07-13`	3 months	crt.sh
1341732386.rsc.cdn77.org R3	`2021-02-24` - `2021-05-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
iprima-tier1.ireland.delivery.aimatch.net Amazon	`2021-04-27` - `2022-05-26`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.brand-display.com GeoTrust RSA CA 2018	`2020-06-24` - `2022-06-24`	2 years	crt.sh
c-ngko.seznam.cz R3	`2021-03-22` - `2021-06-20`	3 months	crt.sh
*.sdn.cz R3	`2021-04-04` - `2021-07-03`	3 months	crt.sh
fimg-resp.seznam.cz R3	`2021-04-04` - `2021-07-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Frame ID: E4DA4CDB1D3D71F7A27026DEE5155998
Requests: 102 HTTP requests in this frame

Frame: https://assets.adobedtm.com/4beaca54604aa1db7a7d9296a08d83bee398e7fd/scripts/satellite-5a9ec52464746d27a9005e4a.html
Frame ID: E54252CE31970E396405E534044DB07F
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?region=EU&country=CZ&endpoint=eu&p=cpexvlm&
Frame ID: 958B2237DA80CED082AE4DD9B38F1DF9
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=189795&cb=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DCASALE%2Fvalue%3D&C=1
Frame ID: 4D5D113638FADBE1AFBFAF118DCB51CA
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DPUBMATIC%2Fvalue%3D
Frame ID: DD8E3A289132D62E77913ECD4EF928A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/zrt_lookup.html
Frame ID: 6A831694F138CF20D410F9FEE5FC5593
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cpex.cz/user/sync.html
Frame ID: 9C2CB9C9098A4B97A1FD791837684E7A
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=49307&predirect=%2F%2Fssp.seznam.cz%2Fstatic%2Fhtml%2Fsync%2Fpub_sync.html%3FpmId%3D
Frame ID: F28BAD6D050050E385BCF214864C28BB
Requests: 1 HTTP requests in this frame

Frame: https://ssp.seznam.cz/static/html/sync/apn_sync.html?uid=8744422011914918744
Frame ID: 0AA9288AADD89FF8E5B6A6BCFDBA345C
Requests: 2 HTTP requests in this frame

Frame: https://h.seznam.cz/html/adform_sync.html
Frame ID: DF6856FFC77CC7EF14DED0D33D40B278
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 36BC47B97DC762B9C65CB66B306C7A5B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7349691528422556&output=html&h=600&slotname=7661597236&adk=849360679&adf=3631241403&pi=t.ma~as.7661597236&w=300&lmt=1620120295&psa=0&format=300x600&url=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620120295704&bpp=6&bdt=1376&idt=113&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6003058413602&frm=20&pv=2&ga_vid=1631859808.1620120295&ga_sid=1620120296&ga_hid=659141618&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1300&ady=715&biw=1600&bih=1200&scr_x=0&scr_y=715&oid=3&pvsid=3966906287212697&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=51BmvPpE4h&p=https%3A//halomovie.estranky.cz&dtd=132
Frame ID: 30C2E51A6645788AD82F7435B0FB34EF
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7349691528422556&output=html&adk=1812271804&adf=3025194257&lmt=1620120295&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620120295711&bpp=3&bdt=1384&idt=134&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=6003058413602&frm=20&pv=1&ga_vid=1631859808.1620120295&ga_sid=1620120296&ga_hid=659141618&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=715&oid=3&pvsid=3966906287212697&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=141
Frame ID: 6CB60F77448B061A68E8D1332B53B6C5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: FF350A6F036123A4F14392BBC0BBEC8D
Requests: 1 HTTP requests in this frame

Frame: https://ssp.seznam.cz/static/html/cmp.html
Frame ID: BCCCCCFDC1866FF8D13EC5DBB6561E27
Requests: 2 HTTP requests in this frame

Frame: https://c-ng.seznam.cz/sklik/imp?k=630ef9e0-5242-478e-9cbc-23837cdbd417&pssp1=AZXgYzPxxufN5tnCatKiq4BxD6SuMeMP7K33z-JOEpvZb1c28zR7
Frame ID: D0E459831F5E36C8E48F65C85C7338D7
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?region=EU&country=CZ&endpoint=eu&p=cpex&
Frame ID: 1D7307A7AC575D488896F0BD7CB8648A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/index.html
Frame ID: EA0C9E0667B582F4BA2E321B8C4FB412
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 12F8DFB87BD6AB7B56FA0E85E98527B8
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?region=EU&country=NL&endpoint=eu&p=cpexvlm&
Frame ID: 4BBF98383A4E7BB556A7ED37B1AFBD58
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 185914D664184771C720964407C9F0BC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44 HTTP 301
https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44 Page URL

Page Statistics

179
Requests

94 %
HTTPS

35 %
IPv6

42
Domains

67
Subdomains

48
IPs

9
Countries

1456 kB
Transfer

3419 kB
Size

0
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.halomovie.estranky.cz/
Title: HALO MOVIE

Search URL Search Domain Scan URL

URL: http://en.20dollars2surf.com/?ref=392948

Search URL Search Domain Scan URL

URL: http://www.blueboard.cz/
Title: Spartan

Search URL Search Domain Scan URL

URL: http://hercak.wbs.cz/

Search URL Search Domain Scan URL

URL: http://bungie.cz/wp-content/uploads/2010/01/halo_201483b.jpg

Search URL Search Domain Scan URL

URL: http://bungie.cz/wp-content/uploads/2010/01/halo_201482b.jpg

Search URL Search Domain Scan URL

URL: http://bungie.cz/wp-content/uploads/2010/01/halo_201481b.jpg

Search URL Search Domain Scan URL

URL: http://bungie.cz/wp-content/uploads/2010/01/gamereactorspelarhalo_201516b.jpg
Title:

Search URL Search Domain Scan URL

URL: http://bungie.cz/wp-content/uploads/2010/01/gamereactorspelarhalo_201491b.jpg

Search URL Search Domain Scan URL

URL: http://bungie.cz/wp-content/uploads/2010/01/gamereactorspelarhalo_201497b.jpg

Search URL Search Domain Scan URL

URL: http://blueboard.cz/
Title: BlueBoard.cz

Search URL Search Domain Scan URL

URL: http://www.blueboard.cz/chatboard-ontario.php?id=240349
Title: Chat

Search URL Search Domain Scan URL

URL: https://a.denik.cz/vlm/adclick/FCID=56631/random=87193521/viewid=88590242/site=estranky/loc=cz/dev_display_width=1600/dev_display_height=1200/ab=a/safety=undefined/size=300x250,300x300,336x280/pos=square-1

Search URL Search Domain Scan URL

URL: https://www.estranky.cz/
Title: Tvorba webových stránek

Search URL Search Domain Scan URL

URL: https://www.estranky.cz/abuse/?logname=halomovie
Title: Závadný obsah?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44 HTTP 301
https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://www.smileyshut.com/smileys/new/Battle/sniper.gif HTTP 301
https://smileyshut.com/smileys/new/Battle/sniper.gif

Request Chain 12

https://i47.tinypic.com/9temb6.jpg HTTP 301
https://tinypic.com/images/goodbye.jpg

Request Chain 13

https://i48.tinypic.com/1z2fwja.jpg HTTP 301
https://tinypic.com/images/goodbye.jpg

Request Chain 14

https://i47.tinypic.com/2hqgqag.jpg HTTP 301
https://tinypic.com/images/goodbye.jpg

Request Chain 15

https://i45.tinypic.com/2zspglk.jpg HTTP 301
https://tinypic.com/images/goodbye.jpg

Request Chain 16

https://i45.tinypic.com/wsqsrp.jpg HTTP 301
https://tinypic.com/images/goodbye.jpg

Request Chain 17

https://i46.tinypic.com/2yx16k3.jpg HTTP 301
https://tinypic.com/images/goodbye.jpg

Request Chain 18

https://i46.tinypic.com/5mifb4.jpg HTTP 301
https://tinypic.com/images/goodbye.jpg

Request Chain 19

https://i47.tinypic.com/2cxjcqp.jpg HTTP 301
https://tinypic.com/images/goodbye.jpg

Request Chain 20

https://i45.tinypic.com/rm62pv.jpg HTTP 301
https://tinypic.com/images/goodbye.jpg

Request Chain 21

https://i47.tinypic.com/vcx5hk.jpg HTTP 301
https://tinypic.com/images/goodbye.jpg

Request Chain 22

https://i50.tinypic.com/29zvfaf.jpg HTTP 301
https://tinypic.com/images/goodbye.jpg

Request Chain 23

https://i46.tinypic.com/zwdf08.jpg HTTP 301
https://tinypic.com/images/goodbye.jpg

Request Chain 24

https://i46.tinypic.com/6gwpi9.jpg HTTP 301
https://tinypic.com/images/goodbye.jpg

Request Chain 25

https://i50.tinypic.com/nycyg0.jpg HTTP 301
https://tinypic.com/images/goodbye.jpg

Request Chain 26

https://i50.tinypic.com/f208i1.jpg HTTP 301
https://tinypic.com/images/goodbye.jpg

Request Chain 27

https://i46.tinypic.com/8vqnnl.jpg HTTP 301
https://tinypic.com/images/goodbye.jpg

Request Chain 64

https://sb.scorecardresearch.com/b?c1=2&c2=9867152&ns__t=1620120294680&ns_c=UTF-8&cv=3.5&c8=HALO%20MOVIE&c7=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=9867152&ns__t=1620120294680&ns_c=UTF-8&cv=3.5&c8=HALO%20MOVIE&c7=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&c9=

Request Chain 71

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?region=EU&country=CZ&endpoint=eu&p=cpexvlm& HTTP 301
https://eus.rubiconproject.com/usync.html?region=EU&country=CZ&endpoint=eu&p=cpexvlm&

Request Chain 75

https://a.denik.cz/vlm/bserver/ball/random=87193521/viewid=88590242/site=estranky/loc=cz/dev_display_width=1600/dev_display_height=1200/ab=a/safety=undefined/b1/size=728x90,970x90,970x210,1000x200/pos=leaderboard-top/b2/size=300x250,300x300,336x280/pos=square-1/b3/size=160x600/pos=skyscraper-1 HTTP 302
https://a.denik.cz/vlm/lserver/bserver/ball/random=87193521/viewid=88590242/site=estranky/loc=cz/dev_display_width=1600/dev_display_height=1200/ab=a/safety=undefined/b1/size=728x90,970x90,970x210,1000x200/pos=leaderboard-top/b2/size=300x250,300x300,336x280/pos=square-1/b3/size=160x600/pos=skyscraper-1

Request Chain 76

https://gacz.hit.gemius.pl/_1620120294833/rexdot.js?l=100&id=ctTgJA_KmwA3MTtBLKW3F4ZQ7KSF1OxF_.4EOLt5qFn.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Tv6xbjHUjEtPbjQE.vxt4myxVtrJSYs2TF8f01p_t6f.p7&vis=1 HTTP 301
https://gacz.hit.gemius.pl/__/_1620120294833/rexdot.js?l=100&id=ctTgJA_KmwA3MTtBLKW3F4ZQ7KSF1OxF_.4EOLt5qFn.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Tv6xbjHUjEtPbjQE.vxt4myxVtrJSYs2TF8f01p_t6f.p7&vis=1

Request Chain 84

https://a.denik.cz/vlm/getid/MID=5197103461302743573/external=CASALE HTTP 302
https://ssum.casalemedia.com/usermatch?s=189795&cb=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DCASALE%2Fvalue%3D HTTP 302
https://ssum.casalemedia.com/usermatch?s=189795&cb=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DCASALE%2Fvalue%3D&C=1

Request Chain 87

https://secure.adnxs.com/getuid?https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DAPPNEXUS%2Fvalue%3D$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa%252Edenik%252Ecz%252Fvlm%252Fsetid%252FMID%253D5197103461302743573%252Fexternal%253DAPPNEXUS%252Fvalue%253D%24UID HTTP 302
https://a.denik.cz/vlm/setid/MID=5197103461302743573/external=APPNEXUS/value=8744422011914918744

Request Chain 95

https://secure.adnxs.com/getuid?//ssp.seznam.cz/static/html/sync/apn_sync.html?uid=$UID HTTP 302
https://ssp.seznam.cz/static/html/sync/apn_sync.html?uid=8744422011914918744

Request Chain 116

https://secure.adnxs.com/getuid?https%3A%2F%2Fa%2Ecentrum%2Ecz%2Fcent%2Fsetid%2Fexternal%3DAPPNEXUS%2Fvalue%3D$UID HTTP 302
https://a.centrum.cz/cent/setid/external=APPNEXUS/value=8744422011914918744 HTTP 302
https://a.centrum.cz/cent/lserver/setid/external=APPNEXUS/value=8744422011914918744

Request Chain 117

https://secure.adnxs.com/getuid?https%3A%2F%2Fa%2E1gr%2Ecz%2Fmafra%2Fsetid%2Fexternal%3DAPPNEXUS%2Fvalue%3D$UID HTTP 302
https://a.1gr.cz/mafra/setid/external=APPNEXUS/value=8744422011914918744 HTTP 302
https://a.1gr.cz/mafra/lserver/setid/external=APPNEXUS/value=8744422011914918744

Request Chain 118

https://secure.adnxs.com/getuid?https%3A%2F%2Fa%2Ecsfd%2Ecz%2Fcsfd%2Fsetid%2Fexternal%3DAPPNEXUS%2Fvalue%3D$UID HTTP 302
https://a.csfd.cz/csfd/setid/external=APPNEXUS/value=8744422011914918744 HTTP 302
https://a.csfd.cz/csfd/lserver/setid/external=APPNEXUS/value=8744422011914918744

Request Chain 119

https://secure.adnxs.com/getuid?https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2Fexternal%3DAPPNEXUS%2Fvalue%3D$UID HTTP 302
https://a.denik.cz/vlm/setid/external=APPNEXUS/value=8744422011914918744

Request Chain 120

https://secure.adnxs.com/getuid?https%3A%2F%2Fa%2Eslunecnice%2Ecz%2Fslunecnice%2Fsetid%2Fexternal%3DAPPNEXUS%2Fvalue%3D$UID HTTP 302
https://a.slunecnice.cz/slunecnice/setid/external=APPNEXUS/value=8744422011914918744 HTTP 302
https://a.slunecnice.cz/slunecnice/lserver/setid/external=APPNEXUS/value=8744422011914918744

Request Chain 121

https://secure.adnxs.com/getuid?https%3A%2F%2Fa%2Eiprima%2Ecz%2Fiprima%2Fsetid%2Fexternal%3DAPPNEXUS%2Fvalue%3D$UID HTTP 302
https://a.iprima.cz/iprima/setid/external=APPNEXUS/value=8744422011914918744 HTTP 302
https://a.iprima.cz/iprima/lserver/setid/external=APPNEXUS/value=8744422011914918744

Request Chain 125

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJES5wNgCZwq-wHvWHMaVQAABIAAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJES5wNgCZwq-wHvWHMaVQAABIAAAAIB&dcc=t

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJES5wNgCZwq-wHvWHMaVQAABIAAAAIB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEMP4r0hnwJUpfIo97Xyc2Zw&google_cver=1

Request Chain 128

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJES5wNgCZwq.wHvWHMaVQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAJDUM7ijatF4EKta8TFLh4&google_cver=1&google_hm=2

Request Chain 129

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=48596091-12e8-4800-ae20-fcbc35b6eb99&gdpr=1&gdpr_consent=

Request Chain 131

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06302204007dbddd2775d60f&expiration=[EXPIRATION]&gdpr=1

Request Chain 143

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?region=EU&country=CZ&endpoint=eu&p=cpex& HTTP 301
https://eus.rubiconproject.com/usync.html?region=EU&country=CZ&endpoint=eu&p=cpex&

Request Chain 158

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 166

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?region=EU&country=NL&endpoint=eu&p=cpexvlm& HTTP 301
https://eus.rubiconproject.com/usync.html?region=EU&country=NL&endpoint=eu&p=cpexvlm&

179 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
halomovie.estranky.cz/
Redirect Chain

http://www.halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44

38 KB
9 KB

282ms
201ms

Document
text/html

81.0.226.241
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to

Full URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.226.241 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: userwww003.websitemaster.com
Software: nginx /
Resource Hash: ae5b1317228a549703fa7ad5dba1d81ed3c0d440a3e9763d73b3ceb39bed8d97

Request headers

Host: halomovie.estranky.cz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Tue, 04 May 2021 09:24:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Host
Set-Cookie: 0b7d5ae2e9917c8b6cfa9786f0725f37=1620120294; expires=Tue, 04-May-2021 10:24:55 GMT; Max-Age=3601 0b7d5ae2e9917c8b6cfa9786f0725f37=1620120294; expires=Tue, 04-May-2021 11:24:54 GMT; Max-Age=7200; path=/
Cache-Control: public
Content-Encoding: gzip

Redirect headers

Date: Tue, 04 May 2021 09:24:54 GMT
Vary: Host
Set-Cookie: 0b7d5ae2e9917c8b6cfa9786f0725f37=1620120294; expires=Tue, 04-May-2021 10:24:55 GMT; Max-Age=3601 0b7d5ae2e9917c8b6cfa9786f0725f37=1620120294; expires=Tue, 04-May-2021 11:24:54 GMT; Max-Age=7200; path=/
Location: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Cache-Control: public
Content-Length: 0
Connection: close
Content-Type: text/html

GET
H/1.1 200
OK d1000000004.css
s3a.estranky.cz/css/ 87 KB
17 KB 184ms
67ms Stylesheet
text/css 81.0.235.96
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.235.96 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: www.estranky.cz
Software: nginx /
Resource Hash: b9550f0316ad203af34bd203fda15602c2dbd108b4558f6efee2f9820a045d08

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 08:46:01 GMT
Server: nginx
ETag: "608920c9-4457"
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 17495
Expires: Tue, 04 May 2021 21:24:54 GMT

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 35 KB
8 KB 26ms
7ms Stylesheet
text/css 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:54 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
etag: W/"57d97c08-8c85"
vary: Accept-Encoding
x-hw: 1620120294.dop132.fr8.t,1620120294.cds261.fr8.hn,1620120294.cds272.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 8323

GET
H2 200 jquery-1.12.4.js Show response
code.jquery.com/ 287 KB
85 KB 26ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.js
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:54 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 17:18:54 GMT
server: nginx
etag: W/"573f46fe-47a36"
vary: Accept-Encoding
x-hw: 1620120294.dop132.fr8.t,1620120294.cds261.fr8.hn,1620120294.cds227.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 87176

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.12.1/ 509 KB
122 KB 36ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:54 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
etag: W/"57d97c08-7f20a"
vary: Accept-Encoding
x-hw: 1620120294.dop132.fr8.t,1620120294.cds261.fr8.hn,1620120294.cds269.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 124434

GET
H/1.1 200
OK ui.js Show response
s3c.estranky.cz/js/ 211 KB
38 KB 183ms
45ms Script
application/x-javascript 81.0.235.96
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3c.estranky.cz/js/ui.js?nc=1
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.235.96 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: www.estranky.cz
Software: nginx /
Resource Hash: f087be50dd1d6a616363fab339fc303f359beb62a2f51b14811a34d145faa47c

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Feb 2021 09:53:03 GMT
Server: nginx
ETag: "6017cf7f-94b2"
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 38066
Expires: Tue, 04 May 2021 21:24:54 GMT

GET
H2 200 satelliteLib-d510f92ab8572ae6ef088c26133f8079a7f09323.js Show response
assets.adobedtm.com/4beaca54604aa1db7a7d9296a08d83bee398e7fd/ 72 KB
23 KB 22ms
6ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/4beaca54604aa1db7a7d9296a08d83bee398e7fd/satelliteLib-d510f92ab8572ae6ef088c26133f8079a7f09323.js
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a85dc1545bbd07579e7e3bb7310acc44f99b700ce16ac0392a148578d54e4f3f

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:54 GMT
content-encoding: gzip
last-modified: Tue, 02 Jul 2019 11:37:54 GMT
server: AkamaiNetStorage
etag: "3ff18a4220d2275b8d0267a280de5a1c:1562067474"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://halomovie.estranky.cz
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 22730
expires: Tue, 04 May 2021 10:24:54 GMT

GET
H2 200 ban_en_72890_392948.gif
img.20dollars2surf.com/ 0
0 715ms
208ms Image
text/html 192.155.108.156
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.20dollars2surf.com/ban_en_72890_392948.gif
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.155.108.156 Miami, United States, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 1.gif
www.blueboard.cz/counters/greenplastic/ 0
0 33ms
10ms Image
text/html 2a00:1ed0:45::c
VSHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueboard.cz/counters/greenplastic/1.gif
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:1ed0:45::c , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

404

sniper.gif
smileyshut.com/smileys/new/Battle/
Redirect Chain

https://www.smileyshut.com/smileys/new/Battle/sniper.gif
https://smileyshut.com/smileys/new/Battle/sniper.gif

0
0

1051ms
1050ms

Image
text/html

162.241.226.124
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smileyshut.com/smileys/new/Battle/sniper.gif
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.226.124 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5343.bluehost.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://stopbadbots.com

Redirect headers

date: Tue, 04 May 2021 09:24:54 GMT
server: Apache
access-control-allow-origin: https://stopbadbots.com
x-redirect-by: WordPress
content-type: text/html; charset=UTF-8
location: https://smileyshut.com/smileys/new/Battle/sniper.gif
cache-control: no-cache, must-revalidate, max-age=0
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 0
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 images
t0.gstatic.com/ 5 KB
6 KB 41ms
14ms Image
image/jpeg 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/images?q=tbn:yp2YlkrB7g33xM:http://www.buckledcranium.com/images/articles/halo/halo_small.jpg

Requested by

Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5238b526974d054069609e16ee1d810c08b67f9ffc74ec6bb226bb28c094fdcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 03 Feb 2019 19:41:50 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5347
x-xss-protection: 0
expires: Wed, 04 May 2022 09:24:54 GMT

GET
H/1.1 200
OK 6110045fe6f22e0m3.jpg
img101.imageshack.us/img101/2076/ 9 KB
11 KB 951ms
165ms Image
image/jpeg 38.99.77.16
EZRI-36323

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img101.imageshack.us/img101/2076/6110045fe6f22e0m3.jpg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.99.77.16 , United States, ASN36323 (EZRI-36323, US),
Reverse DNS: imagizer-cv.imageshack.us
Software: nginx/1.2.8 /
Resource Hash: 697664790a08ee8c46384f946cce22d9df110c32ddd66eac540d134e7da849dc

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Ops: {"quality":80,"dpr":1}
Date: Tue, 04 May 2021 09:24:55 GMT
Via: 1.1 varnish
xkey: imageshack.imagizer.com
Age: 1885804
Accept-Ranges: bytes
X-Varnish-Port: 17001
X-Original-Filesize: 31035
X-Original-Quality: 100
X-Cache-Hits: 0
X-Original-Response-Code: 200
Connection: keep-alive
Content-Length: 9292
X-Varnish-IP: 38.99.77.69
X-Varnish: 4044434226 4008998719
S3-Cache-Processed: MISS:imageshack.imagizer.com/processed/8362a4a34d33571b93e0420be9a848e2
Server: nginx/1.2.8
X-Origin-Fetch-Time: 59
ETag: c4ca4238a0b923820dcc509a6f75849b
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
X-Imagizer-Host: imageshack.imagizer.com
Access-Control-Allow-Origin: *, imageshack.com
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
Cache-Control: max-age=2592000, public
Access-Control-Allow-Credentials: true
X-Original-Resolution: 400x80
X-Varnish-Hits: 5
Content-Type: image/jpeg
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Expires: Thu, 03 Jun 2021 09:24:55 GMT

GET
H2 404 jdv1272471625g.gif
upload.svetobrazku.cz/thumbs/ 0
0 127ms
34ms Image
text/html 185.25.185.10
MASTER-AS Czech R...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upload.svetobrazku.cz/thumbs/jdv1272471625g.gif
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.25.185.10 , Czech Republic, ASN24971 (MASTER-AS Czech Republic / www.master.cz, CZ),
Reverse DNS: 185-25-185-10.static.netio.cz
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

goodbye.jpg
tinypic.com/images/
Redirect Chain

https://i47.tinypic.com/9temb6.jpg
https://tinypic.com/images/goodbye.jpg

15 KB
16 KB

58ms
55ms

Image
image/jpeg

54.230.183.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinypic.com/images/goodbye.jpg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:54:26 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 21:23:53 GMT
server: AmazonS3
age: 32827
etag: "32af06ac4b80d728f7e4c8780eb6b6d7"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: HAM50-C3
content-length: 15616
x-amz-cf-id: noCCXbtyJyrw8H0DJmnVh7BoY4F2ESWVW2pBh2De85JcIkI_qWqZfA==

Redirect headers

date: Tue, 04 May 2021 09:23:20 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
server: AmazonS3
age: 95
x-cache: Hit from cloudfront
location: http://tinypic.com/images/goodbye.jpg
x-amz-cf-pop: HAM50-C3
content-length: 0
x-amz-cf-id: 2XC5Zpw8FyZ-nd_bXazsGfPwJVcNewrjvJ_P9ZCzPG8w4BaRbwQAKA==

GET
H2

200

goodbye.jpg
tinypic.com/images/
Redirect Chain

https://i48.tinypic.com/1z2fwja.jpg
https://tinypic.com/images/goodbye.jpg

15 KB
16 KB

34ms
30ms

Image
image/jpeg

54.230.183.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinypic.com/images/goodbye.jpg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:54:26 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 21:23:53 GMT
server: AmazonS3
age: 32827
etag: "32af06ac4b80d728f7e4c8780eb6b6d7"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: HAM50-C3
content-length: 15616
x-amz-cf-id: 45u_yhtA-eemhm3pZjfSnAAnI0wVbYXotSoQZZl9VMvAr1yoxkp0hA==

Redirect headers

date: Tue, 04 May 2021 09:23:20 GMT
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
server: AmazonS3
age: 95
x-cache: Hit from cloudfront
location: http://tinypic.com/images/goodbye.jpg
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: 5uIe3FKZqHddBuh_n_G5aZb-hynO2uwEnGgtltVKIDu3dPxAbbqB2A==

GET
H2

200

goodbye.jpg
tinypic.com/images/
Redirect Chain

https://i47.tinypic.com/2hqgqag.jpg
https://tinypic.com/images/goodbye.jpg

15 KB
16 KB

63ms
60ms

Image
image/jpeg

54.230.183.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinypic.com/images/goodbye.jpg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:54:26 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 21:23:53 GMT
server: AmazonS3
age: 32827
etag: "32af06ac4b80d728f7e4c8780eb6b6d7"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: HAM50-C3
content-length: 15616
x-amz-cf-id: Vhag4PLWoiw7ElS7e1eho8bzOna2jaZ9YhlEgi4kTta2Zmzt9lUN1A==

Redirect headers

date: Tue, 04 May 2021 09:23:20 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
server: AmazonS3
age: 95
x-cache: Hit from cloudfront
location: http://tinypic.com/images/goodbye.jpg
x-amz-cf-pop: HAM50-C3
content-length: 0
x-amz-cf-id: D-xevO87RauqLSgvWqmAhPY7I6l6avKJB69dUbhzMrrQp_09rP2m9Q==

GET
H2

200

goodbye.jpg
tinypic.com/images/
Redirect Chain

https://i45.tinypic.com/2zspglk.jpg
https://tinypic.com/images/goodbye.jpg

15 KB
16 KB

55ms
54ms

Image
image/jpeg

54.230.183.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinypic.com/images/goodbye.jpg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:54:26 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 21:23:53 GMT
server: AmazonS3
age: 32827
etag: "32af06ac4b80d728f7e4c8780eb6b6d7"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: HAM50-C3
content-length: 15616
x-amz-cf-id: gVwc6vphVJZvawS4RZ2E6eFRT7BZ-8o58bwZldOH2Qbl2XRd4Zidug==

Redirect headers

date: Tue, 04 May 2021 09:24:03 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
server: AmazonS3
age: 52
x-cache: Hit from cloudfront
location: http://tinypic.com/images/goodbye.jpg
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: 7m0V7GMQvOpnLFE8cE6oy9Me-YMgudtZ9YBDvBLjuma617F5R0F6rA==

GET
H2

200

goodbye.jpg
tinypic.com/images/
Redirect Chain

https://i45.tinypic.com/wsqsrp.jpg
https://tinypic.com/images/goodbye.jpg

15 KB
16 KB

54ms
54ms

Image
image/jpeg

54.230.183.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinypic.com/images/goodbye.jpg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:54:26 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 21:23:53 GMT
server: AmazonS3
age: 32827
etag: "32af06ac4b80d728f7e4c8780eb6b6d7"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: HAM50-C3
content-length: 15616
x-amz-cf-id: T0oz5liMvbF7JrrWQP4gbq4JVRiewEUhWwjxaQLx16_soDR5-yk_1w==

Redirect headers

date: Tue, 04 May 2021 09:24:03 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
server: AmazonS3
age: 52
x-cache: Hit from cloudfront
location: http://tinypic.com/images/goodbye.jpg
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: 38ntYbkBEh205Z93-vPQlESnrPkudBcYP_RyJEAlgK5Fwj1LpdECkg==

GET
H2

200

goodbye.jpg
tinypic.com/images/
Redirect Chain

https://i46.tinypic.com/2yx16k3.jpg
https://tinypic.com/images/goodbye.jpg

15 KB
16 KB

49ms
46ms

Image
image/jpeg

54.230.183.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinypic.com/images/goodbye.jpg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:54:26 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 21:23:53 GMT
server: AmazonS3
age: 32827
etag: "32af06ac4b80d728f7e4c8780eb6b6d7"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: HAM50-C3
content-length: 15616
x-amz-cf-id: mjQnLRzbZW6yYyHNNCVPjhWi9jsYFX6rh0AweMJsTXJSkGrv09XpvA==

Redirect headers

date: Tue, 04 May 2021 09:23:20 GMT
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
server: AmazonS3
age: 95
x-cache: Hit from cloudfront
location: http://tinypic.com/images/goodbye.jpg
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: p4e4ynPT7_XcaVMqA0AsdOu5UMElQk8FasQbyuzzK_Dsttj_jUCGpA==

GET
H2

200

goodbye.jpg
tinypic.com/images/
Redirect Chain

https://i46.tinypic.com/5mifb4.jpg
https://tinypic.com/images/goodbye.jpg

15 KB
16 KB

31ms
30ms

Image
image/jpeg

54.230.183.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinypic.com/images/goodbye.jpg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:54:26 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 21:23:53 GMT
server: AmazonS3
age: 32827
etag: "32af06ac4b80d728f7e4c8780eb6b6d7"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: HAM50-C3
content-length: 15616
x-amz-cf-id: zpPgCIJz5ultGJ2zPWC98S85zZO_bFS4USmV7NMpKi19r3t_6EPlSA==

Redirect headers

date: Tue, 04 May 2021 09:23:20 GMT
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
server: AmazonS3
age: 95
x-cache: Hit from cloudfront
location: http://tinypic.com/images/goodbye.jpg
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: sw1QZ6dhlfQ9auo8561NQGgyiIogzUT1otHEOPMZ7zJSYny-RwXstg==

GET
H2

200

goodbye.jpg
tinypic.com/images/
Redirect Chain

https://i47.tinypic.com/2cxjcqp.jpg
https://tinypic.com/images/goodbye.jpg

15 KB
16 KB

56ms
53ms

Image
image/jpeg

54.230.183.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinypic.com/images/goodbye.jpg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:54:26 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 21:23:53 GMT
server: AmazonS3
age: 32827
etag: "32af06ac4b80d728f7e4c8780eb6b6d7"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: HAM50-C3
content-length: 15616
x-amz-cf-id: SPixVAKiyCkjBRNFzhPgBEHIqGKLUZwY7OjXYdOMTOa-ClGamdIDWQ==

Redirect headers

date: Tue, 04 May 2021 09:23:20 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
server: AmazonS3
age: 95
x-cache: Hit from cloudfront
location: http://tinypic.com/images/goodbye.jpg
x-amz-cf-pop: HAM50-C3
content-length: 0
x-amz-cf-id: ZaYD6xPQ0IKEEl4dhs07h82ykR05As_geRv1Qp8C51SgRQP5BnLmew==

GET
H2

200

goodbye.jpg
tinypic.com/images/
Redirect Chain

https://i45.tinypic.com/rm62pv.jpg
https://tinypic.com/images/goodbye.jpg

15 KB
16 KB

54ms
54ms

Image
image/jpeg

54.230.183.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinypic.com/images/goodbye.jpg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:54:26 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 21:23:53 GMT
server: AmazonS3
age: 32827
etag: "32af06ac4b80d728f7e4c8780eb6b6d7"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: HAM50-C3
content-length: 15616
x-amz-cf-id: b55xfmdhDU9H32lp-429tItdGUuHnk6VKd5Kfiy8Pjf8b2UTH8o9Hw==

Redirect headers

date: Tue, 04 May 2021 09:24:03 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
server: AmazonS3
age: 52
x-cache: Hit from cloudfront
location: http://tinypic.com/images/goodbye.jpg
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: vmhPCk12-CgjwhLLkRCErQtmeUPx63ZJDLIjYXd3Omc2MZP9_UtNvA==

GET
H2

200

goodbye.jpg
tinypic.com/images/
Redirect Chain

https://i47.tinypic.com/vcx5hk.jpg
https://tinypic.com/images/goodbye.jpg

15 KB
16 KB

63ms
60ms

Image
image/jpeg

54.230.183.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinypic.com/images/goodbye.jpg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:54:26 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 21:23:53 GMT
server: AmazonS3
age: 32827
etag: "32af06ac4b80d728f7e4c8780eb6b6d7"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: HAM50-C3
content-length: 15616
x-amz-cf-id: uOkB7QMP1zommoYd30KdFc_578RzqS2IhsG4OrO4-hgJ00ujHOVRMw==

Redirect headers

date: Tue, 04 May 2021 09:23:20 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
server: AmazonS3
age: 95
x-cache: Hit from cloudfront
location: http://tinypic.com/images/goodbye.jpg
x-amz-cf-pop: HAM50-C3
content-length: 0
x-amz-cf-id: r6hQFBkkvf8mS29Gr0V3YrKpZ036UNZRzjmZNGlfuaWyq5t-rDRRlA==

GET
H2

200

goodbye.jpg
tinypic.com/images/
Redirect Chain

https://i50.tinypic.com/29zvfaf.jpg
https://tinypic.com/images/goodbye.jpg

15 KB
16 KB

30ms
30ms

Image
image/jpeg

54.230.183.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinypic.com/images/goodbye.jpg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:54:26 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 21:23:53 GMT
server: AmazonS3
age: 32827
etag: "32af06ac4b80d728f7e4c8780eb6b6d7"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: HAM50-C3
content-length: 15616
x-amz-cf-id: WYiPFUlH87EaxIakqeEoVk8nB7I2VYtlIIR79zigDTG5A_JvWU4jjg==

Redirect headers

date: Tue, 04 May 2021 09:23:20 GMT
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
server: AmazonS3
age: 95
x-cache: Hit from cloudfront
location: http://tinypic.com/images/goodbye.jpg
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: cjwlHWGu7HB32JYV4gkI9q4ZCvZ6rOk-VtiqiaTtdt5tAivwe7isYw==

GET
H2

200

goodbye.jpg
tinypic.com/images/
Redirect Chain

https://i46.tinypic.com/zwdf08.jpg
https://tinypic.com/images/goodbye.jpg

15 KB
16 KB

55ms
53ms

Image
image/jpeg

54.230.183.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinypic.com/images/goodbye.jpg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:54:26 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 21:23:53 GMT
server: AmazonS3
age: 32827
etag: "32af06ac4b80d728f7e4c8780eb6b6d7"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: HAM50-C3
content-length: 15616
x-amz-cf-id: tcJ5vcKgeU_Pagq1Gyt03WOm_MpIvEuR4t5SFl_B67xk3B87Eg2wZg==

Redirect headers

date: Tue, 04 May 2021 09:23:20 GMT
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
server: AmazonS3
age: 95
x-cache: Hit from cloudfront
location: http://tinypic.com/images/goodbye.jpg
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: -42J3mVylxpaybTQopvVKRk0YH5SlIzOuDgq3w7FU6t2smp3bC1xuQ==

GET
H2

200

goodbye.jpg
tinypic.com/images/
Redirect Chain

https://i46.tinypic.com/6gwpi9.jpg
https://tinypic.com/images/goodbye.jpg

15 KB
16 KB

34ms
30ms

Image
image/jpeg

54.230.183.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinypic.com/images/goodbye.jpg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:54:26 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 21:23:53 GMT
server: AmazonS3
age: 32827
etag: "32af06ac4b80d728f7e4c8780eb6b6d7"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: HAM50-C3
content-length: 15616
x-amz-cf-id: 4tkpM8WjOiVZ-G0UEYgFU4XYOsANgPjf__rB6DHHJc7vIzyqLv-x2w==

Redirect headers

date: Tue, 04 May 2021 09:23:20 GMT
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
server: AmazonS3
age: 95
x-cache: Hit from cloudfront
location: http://tinypic.com/images/goodbye.jpg
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: -pP9cd5q-5C2wvCqcrXb5Pzn3MaIbdcdfNMqSEJWQ1RRzkOfywZ7jQ==

GET
H2

200

goodbye.jpg
tinypic.com/images/
Redirect Chain

https://i50.tinypic.com/nycyg0.jpg
https://tinypic.com/images/goodbye.jpg

15 KB
16 KB

30ms
30ms

Image
image/jpeg

54.230.183.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinypic.com/images/goodbye.jpg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:54:26 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 21:23:53 GMT
server: AmazonS3
age: 32827
etag: "32af06ac4b80d728f7e4c8780eb6b6d7"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: HAM50-C3
content-length: 15616
x-amz-cf-id: gneqplYKEGWyKQhhMLtMLWEFRFMalqo-aGHs7lHGNzSsKYAafp4noQ==

Redirect headers

date: Tue, 04 May 2021 09:23:20 GMT
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
server: AmazonS3
age: 95
x-cache: Hit from cloudfront
location: http://tinypic.com/images/goodbye.jpg
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: n0Ye577ig3wGt4a21hcKbeJm2YOPOGSKA8zpHHeAFQTjfFRVf8eSGg==

GET
H2

200

goodbye.jpg
tinypic.com/images/
Redirect Chain

https://i50.tinypic.com/f208i1.jpg
https://tinypic.com/images/goodbye.jpg

15 KB
16 KB

30ms
30ms

Image
image/jpeg

54.230.183.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinypic.com/images/goodbye.jpg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:54:26 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 21:23:53 GMT
server: AmazonS3
age: 32827
etag: "32af06ac4b80d728f7e4c8780eb6b6d7"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: HAM50-C3
content-length: 15616
x-amz-cf-id: QDOa05LvYMT-YkIfG8J9eStdNlIwqO7zz1Ndh7N8zBq4FBYpqxmpww==

Redirect headers

date: Tue, 04 May 2021 09:23:20 GMT
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
server: AmazonS3
age: 95
x-cache: Hit from cloudfront
location: http://tinypic.com/images/goodbye.jpg
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: 5lQR1ep84Cxspc6g_y_7lu_SWaWd46aKjjIwf9z5xnmXSJ5QX9MEzA==

GET
H2

200

goodbye.jpg
tinypic.com/images/
Redirect Chain

https://i46.tinypic.com/8vqnnl.jpg
https://tinypic.com/images/goodbye.jpg

15 KB
16 KB

34ms
30ms

Image
image/jpeg

54.230.183.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinypic.com/images/goodbye.jpg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:54:26 GMT
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 21:23:53 GMT
server: AmazonS3
age: 32827
etag: "32af06ac4b80d728f7e4c8780eb6b6d7"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: HAM50-C3
content-length: 15616
x-amz-cf-id: 3tx52eKwS3Q3o0HuTBjDGzGkENpnHDvCDfW8PMXeeayPBfdfG_3Vug==

Redirect headers

date: Tue, 04 May 2021 09:23:20 GMT
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
server: AmazonS3
age: 95
x-cache: Hit from cloudfront
location: http://tinypic.com/images/goodbye.jpg
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: P8frVi6Yoze4vu1hZeaGYug2DYt5uVWGIzXWq6Us5vOVu5P3aJo-qg==

GET halo_201483b-150x150.jpg
bungie.cz/wp-content/uploads/2010/01/ 0
0

GET halo_201482b-150x150.jpg
bungie.cz/wp-content/uploads/2010/01/ 0
0

GET halo_201481b-150x150.jpg
bungie.cz/wp-content/uploads/2010/01/ 0
0

GET gamereactorspelarhalo_201516b-150x150.jpg
bungie.cz/wp-content/uploads/2010/01/ 0
0

GET gamereactorspelarhalo_201491b-150x150.jpg
bungie.cz/wp-content/uploads/2010/01/ 0
0

GET gamereactorspelarhalo_201497b-150x150.jpg
bungie.cz/wp-content/uploads/2010/01/ 0
0

GET
H2 404 0331.gif
blueboard.cz/sloupce/ 0
0 19ms
10ms Image
text/html 2a00:1ed0:45::c
VSHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blueboard.cz/sloupce/0331.gif
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:1ed0:45::c , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 0332.gif
blueboard.cz/sloupce/ 0
0 20ms
11ms Image
text/html 2a00:1ed0:45::c
VSHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blueboard.cz/sloupce/0332.gif
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:1ed0:45::c , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 0333.gif
blueboard.cz/sloupce/ 0
0 19ms
10ms Image
text/html 2a00:1ed0:45::c
VSHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blueboard.cz/sloupce/0333.gif
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:1ed0:45::c , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK portrait.1.1276765739.jpg
halomovie.estranky.cz/img/ 5 KB
5 KB 155ms
89ms Image
image/jpeg 81.0.226.241
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://halomovie.estranky.cz/img/portrait.1.1276765739.jpg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.226.241 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: userwww003.websitemaster.com
Software: nginx /
Resource Hash: 8130b4b4cc01dcf4f708bd1eb849f935ef07328fcf62cd5218a00eb7c4e23cc9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: halomovie.estranky.cz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Cookie: 0b7d5ae2e9917c8b6cfa9786f0725f37=1620120294
Connection: keep-alive
Referer: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Last-Modified: Thu, 17 Jun 2010 09:08:59 GMT
Server: nginx
ETag: "56ec049b-1271-489363055a0c0"
Vary: Host
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4721

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6259
date: Tue, 04 May 2021 07:40:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 04 May 2021 09:40:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 113 KB
41 KB 18ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KHXLQN

Requested by

Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebd3c7700bfc43abbe2b5f90e219670055ce54da48d704afeb717ea7b24dcbc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42243
x-xss-protection: 0
last-modified: Tue, 04 May 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 May 2021 09:24:54 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 54ms
15ms Script
application/javascript 65.9.84.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:18:23 GMT
via: 1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 391
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: dVHEg5AbbgSLUf5N8w5OyvDfkv4BZBn23IvlgUk-EHovEGwVsdIaug==

GET
H/1.1 200
OK bg2.jpg
s3a.estranky.cz/img/d/1000000004/ 73 KB
59 KB 118ms
59ms Image
image/jpeg 81.0.235.96
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3a.estranky.cz/img/d/1000000004/bg2.jpg
Requested by: Host: s3a.estranky.cz
URL: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.235.96 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: www.estranky.cz
Software: nginx /
Resource Hash: 5127c3ba789e90f1daaad9b823d90c592ea03e1bd177f0960563bb2a61762fbd

Request headers

Referer: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 14:12:45 GMT
Server: nginx
ETag: "5b17ebdd-eb45"
Content-Type: image/jpeg
Cache-Control: max-age=43200
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 60229
Expires: Tue, 04 May 2021 21:24:54 GMT

GET
H/1.1 200
OK bg-body.gif
s3a.estranky.cz/img/d/1000000004/ 165 B
514 B 121ms
31ms Image
image/gif 81.0.235.96
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3a.estranky.cz/img/d/1000000004/bg-body.gif
Requested by: Host: s3a.estranky.cz
URL: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.235.96 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: www.estranky.cz
Software: nginx /
Resource Hash: 3a9d2c38e81f7c55f33e5431477724aed2e1f2b865cedca9bd67ba9b53bb84f0

Request headers

Referer: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 14:12:44 GMT
Server: nginx
ETag: "5b17ebdc-bc"
Content-Type: image/gif
Cache-Control: max-age=43200
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 188
Expires: Tue, 04 May 2021 21:24:54 GMT

GET
H/1.1 200
OK bg-header-rside.jpg
s3a.estranky.cz/img/d/1000000004/ 1 KB
2 KB 105ms
29ms Image
image/jpeg 81.0.235.96
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3a.estranky.cz/img/d/1000000004/bg-header-rside.jpg
Requested by: Host: s3a.estranky.cz
URL: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.235.96 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: www.estranky.cz
Software: nginx /
Resource Hash: 80e99628fc3524cf82992ef2c6172a7d9a6be9a2452e7a3bab0a2ec92d7bf000

Request headers

Referer: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 14:12:45 GMT
Server: nginx
ETag: "5b17ebdd-4e6"
Content-Type: image/jpeg
Cache-Control: max-age=43200
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 1254
Expires: Tue, 04 May 2021 21:24:54 GMT

GET
H/1.1 200
OK ulogo.952289.jpeg
halomovie.estranky.cz/img/ 12 KB
12 KB 120ms
118ms Image
image/jpeg 81.0.226.241
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://halomovie.estranky.cz/img/ulogo.952289.jpeg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.226.241 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: userwww003.websitemaster.com
Software: nginx /
Resource Hash: 7adeef63a9fbede957d562c51917fb5cb44509b48b4a45e4b749a09a773132a8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: halomovie.estranky.cz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Cookie: 0b7d5ae2e9917c8b6cfa9786f0725f37=1620120294
Connection: keep-alive
Referer: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Last-Modified: Tue, 10 Aug 2010 05:38:17 GMT
Server: nginx
ETag: "56ec049d-2ffd-48d718a3e4440"
Vary: Host
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12285

GET
H/1.1 200
OK bg-header.jpg
s3a.estranky.cz/img/d/1000000004/ 4 KB
4 KB 88ms
29ms Image
image/jpeg 81.0.235.96
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3a.estranky.cz/img/d/1000000004/bg-header.jpg
Requested by: Host: s3a.estranky.cz
URL: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.235.96 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: www.estranky.cz
Software: nginx /
Resource Hash: 71183678c929802170ba76f82a2caf675d528d6ac1528923b529238e05d83794

Request headers

Referer: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 14:12:44 GMT
Server: nginx
ETag: "5b17ebdc-1036"
Content-Type: image/jpeg
Cache-Control: max-age=43200
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 4150
Expires: Tue, 04 May 2021 21:24:54 GMT

GET
H/1.1 200
OK bg-menu-first.gif
s3a.estranky.cz/img/d/1000000004/ 4 KB
4 KB 118ms
29ms Image
image/gif 81.0.235.96
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3a.estranky.cz/img/d/1000000004/bg-menu-first.gif
Requested by: Host: s3a.estranky.cz
URL: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.235.96 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: www.estranky.cz
Software: nginx /
Resource Hash: 4e0552d02bac9f20fea4498434bbd4f6c5ad36ef83ea6f2fd76b223834b439e3

Request headers

Referer: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 14:12:46 GMT
Server: nginx
ETag: "5b17ebde-f6a"
Content-Type: image/gif
Cache-Control: max-age=43200
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 3946
Expires: Tue, 04 May 2021 21:24:54 GMT

GET
H/1.1 200
OK bg-menu.gif
s3a.estranky.cz/img/d/1000000004/ 3 KB
4 KB 76ms
29ms Image
image/gif 81.0.235.96
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3a.estranky.cz/img/d/1000000004/bg-menu.gif
Requested by: Host: s3a.estranky.cz
URL: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.235.96 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: www.estranky.cz
Software: nginx /
Resource Hash: 1c3cac6ea5cea787148995dba59f7953f6d68ca49f80ecbb338fe6a8a023d499

Request headers

Referer: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 14:12:46 GMT
Server: nginx
ETag: "5b17ebde-ced"
Content-Type: image/gif
Cache-Control: max-age=43200
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 3309
Expires: Tue, 04 May 2021 21:24:54 GMT

GET
H/1.1 200
OK bg-content.jpg
s3a.estranky.cz/img/d/1000000004/ 3 KB
954 B 87ms
29ms Image
image/jpeg 81.0.235.96
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3a.estranky.cz/img/d/1000000004/bg-content.jpg
Requested by: Host: s3a.estranky.cz
URL: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.235.96 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: www.estranky.cz
Software: nginx /
Resource Hash: e6112f21183cd4cf72360443410d0a78021b845191d272e95809645bd1e89105

Request headers

Referer: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 14:12:46 GMT
Server: nginx
ETag: "5b17ebde-272"
Content-Type: image/jpeg
Cache-Control: max-age=43200
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 626
Expires: Tue, 04 May 2021 21:24:54 GMT

GET
H/1.1 200
OK bg-breadcrumb.jpg
s3a.estranky.cz/img/d/1000000004/ 7 KB
4 KB 88ms
29ms Image
image/jpeg 81.0.235.96
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3a.estranky.cz/img/d/1000000004/bg-breadcrumb.jpg
Requested by: Host: s3a.estranky.cz
URL: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.235.96 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: www.estranky.cz
Software: nginx /
Resource Hash: db4a73af0ad0b5323413d017d9024a5342f1b9c84f678fb94b0dc27a456098fd

Request headers

Referer: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 14:12:44 GMT
Server: nginx
ETag: "5b17ebdc-1060"
Content-Type: image/jpeg
Cache-Control: max-age=43200
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 4192
Expires: Tue, 04 May 2021 21:24:54 GMT

GET
H/1.1 200
OK bg-perex.jpg
s3a.estranky.cz/img/d/1000000004/ 16 KB
15 KB 47ms
44ms Image
image/jpeg 81.0.235.96
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3a.estranky.cz/img/d/1000000004/bg-perex.jpg
Requested by: Host: s3a.estranky.cz
URL: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.235.96 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: www.estranky.cz
Software: nginx /
Resource Hash: 093f42ee37f2dd4fd0b60427a227236aacff8a5e616e0bd3cedad7597d5ef593

Request headers

Referer: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 14:12:44 GMT
Server: nginx
ETag: "5b17ebdc-3a18"
Content-Type: image/jpeg
Cache-Control: max-age=43200
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 14872
Expires: Tue, 04 May 2021 21:24:54 GMT

GET
H/1.1 200
OK bg-perex-bot.gif
s3a.estranky.cz/img/d/1000000004/ 131 B
475 B 87ms
28ms Image
image/gif 81.0.235.96
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3a.estranky.cz/img/d/1000000004/bg-perex-bot.gif
Requested by: Host: s3a.estranky.cz
URL: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.235.96 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: www.estranky.cz
Software: nginx /
Resource Hash: 4f6df5fe08ebbc26c5a3219a3bef57a46202a0b0f2a85266ede361868c03df05

Request headers

Referer: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 14:12:45 GMT
Server: nginx
ETag: "5b17ebdd-95"
Content-Type: image/gif
Cache-Control: max-age=43200
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 149
Expires: Tue, 04 May 2021 21:24:54 GMT

GET widget-anketa-902246
blueboard.cz/ 0
0

GET widget-chatboard-240349
blueboard.cz/ 0
0

GET
H2 200 xgemius.js Show response
gacz.hit.gemius.pl/ 39 KB
10 KB 134ms
43ms Script
application/x-javascript 137.74.0.151
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gacz.hit.gemius.pl/xgemius.js
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 137.74.0.151 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: ovhpl2.host.hit.gemius.pl
Software: GHC /
Resource Hash: 7ea6d3a98b3f4ffa31cf79cbf065a61512a60bd5b20da5eac96f5c496b6938da

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:54 GMT
content-encoding: gzip
last-modified: Wed, 17 Mar 2021 11:13:20 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
accept-ranges: none
content-type: application/x-javascript
content-length: 10549
expires: Tue, 04 May 2021 21:24:54 GMT

GET
H/1.1 200
OK bg-section-all.gif
s3a.estranky.cz/img/d/1000000004/ 24 KB
25 KB 101ms
62ms Image
image/gif 81.0.235.96
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3a.estranky.cz/img/d/1000000004/bg-section-all.gif
Requested by: Host: s3a.estranky.cz
URL: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.235.96 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: www.estranky.cz
Software: nginx /
Resource Hash: b0440f9a1e4184d7aaa9c18241971006b72677b01619afd5288630239d642f1f

Request headers

Referer: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 14:12:44 GMT
Server: nginx
ETag: "5b17ebdc-60d9"
Content-Type: image/gif
Cache-Control: max-age=43200
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 24793
Expires: Tue, 04 May 2021 21:24:54 GMT

GET
H/1.1 200
OK bg-column.jpg
s3a.estranky.cz/img/d/1000000004/ 4 KB
2 KB 97ms
29ms Image
image/jpeg 81.0.235.96
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3a.estranky.cz/img/d/1000000004/bg-column.jpg
Requested by: Host: s3a.estranky.cz
URL: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.235.96 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: www.estranky.cz
Software: nginx /
Resource Hash: e2c790428aa4ecd8b5490512259621ebb9bc4af8eb6c652af7c4ca05060b5be2

Request headers

Referer: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 14:12:44 GMT
Server: nginx
ETag: "5b17ebdc-635"
Content-Type: image/jpeg
Cache-Control: max-age=43200
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 1589
Expires: Tue, 04 May 2021 21:24:54 GMT

GET
H/1.1 200
OK bg-section-inner.gif
s3a.estranky.cz/img/d/1000000004/ 162 B
511 B 102ms
29ms Image
image/gif 81.0.235.96
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3a.estranky.cz/img/d/1000000004/bg-section-inner.gif
Requested by: Host: s3a.estranky.cz
URL: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.235.96 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: www.estranky.cz
Software: nginx /
Resource Hash: 12438e1cc54b6500fcbad87fbe57f0cfed9b8b2e3b9efb43c8b00573a0502199

Request headers

Referer: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 14:12:45 GMT
Server: nginx
ETag: "5b17ebdd-b9"
Content-Type: image/gif
Cache-Control: max-age=43200
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 185
Expires: Tue, 04 May 2021 21:24:54 GMT

GET
H/1.1 200
OK bg-search.jpg
s3a.estranky.cz/img/d/1000000004/ 2 KB
2 KB 70ms
31ms Image
image/jpeg 81.0.235.96
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3a.estranky.cz/img/d/1000000004/bg-search.jpg
Requested by: Host: s3a.estranky.cz
URL: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.235.96 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: www.estranky.cz
Software: nginx /
Resource Hash: e47f5d46018c6a13d5c7c4607e9025f99441c702bf13b94f4d23448d50f6eff4

Request headers

Referer: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 14:12:46 GMT
Server: nginx
ETag: "5b17ebde-6f0"
Content-Type: image/jpeg
Cache-Control: max-age=43200
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 1776
Expires: Tue, 04 May 2021 21:24:54 GMT

GET
H/1.1 200
OK bg-search-key.gif
s3a.estranky.cz/img/d/1000000004/ 252 B
557 B 85ms
28ms Image
image/gif 81.0.235.96
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3a.estranky.cz/img/d/1000000004/bg-search-key.gif
Requested by: Host: s3a.estranky.cz
URL: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.235.96 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: www.estranky.cz
Software: nginx /
Resource Hash: 57b7e1e0a4d05577081bcfe2fc09da16f8e65d939b35eef7cb30f097b9d3d307

Request headers

Referer: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 14:12:45 GMT
Server: nginx
ETag: "5b17ebdd-e7"
Content-Type: image/gif
Cache-Control: max-age=43200
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 231
Expires: Tue, 04 May 2021 21:24:54 GMT

GET
H/1.1 200
OK bg-footer.jpg
s3a.estranky.cz/img/d/1000000004/ 4 KB
3 KB 29ms
29ms Image
image/jpeg 81.0.235.96
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3a.estranky.cz/img/d/1000000004/bg-footer.jpg
Requested by: Host: s3a.estranky.cz
URL: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.235.96 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: www.estranky.cz
Software: nginx /
Resource Hash: d58ad3cf16c164146f765f0917541ecdbe5e8442429ac563978bd3a33a85db18

Request headers

Referer: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 14:12:46 GMT
Server: nginx
ETag: "5b17ebde-92f"
Content-Type: image/jpeg
Cache-Control: max-age=43200
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 2351
Expires: Tue, 04 May 2021 21:24:54 GMT

GET
H/1.1 200
OK promolink-free.png
s3a.estranky.cz/img/u/footer/ 959 B
1 KB 29ms
28ms Image
image/png 81.0.235.96
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3a.estranky.cz/img/u/footer/promolink-free.png
Requested by: Host: s3a.estranky.cz
URL: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.0.235.96 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: www.estranky.cz
Software: nginx /
Resource Hash: 4c66f174f7d10b5044d5fc674f468b5eb5883b9b9686654ef7bf38280804a419

Request headers

Referer: https://s3a.estranky.cz/css/d1000000004.css?nc=372017117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 14:09:00 GMT
Server: nginx
ETag: "5b17eafc-3d6"
Content-Type: image/png
Cache-Control: max-age=43200
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 982
Expires: Tue, 04 May 2021 21:24:54 GMT

GET
H2 200 satellite-5a9ec52464746d27a9005e4a.html Show response
assets.adobedtm.com/4beaca54604aa1db7a7d9296a08d83bee398e7fd/scripts/ Frame E542 1 KB
865 B 8ms
7ms Document
text/html 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/4beaca54604aa1db7a7d9296a08d83bee398e7fd/scripts/satellite-5a9ec52464746d27a9005e4a.html
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/4beaca54604aa1db7a7d9296a08d83bee398e7fd/satelliteLib-d510f92ab8572ae6ef088c26133f8079a7f09323.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d331bc9ab3dc987b8d25c3a02cb504223810734edca5159f6d859fd5e165b464

Request headers

:method: GET
:authority: assets.adobedtm.com
:scheme: https
:path: /4beaca54604aa1db7a7d9296a08d83bee398e7fd/scripts/satellite-5a9ec52464746d27a9005e4a.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://halomovie.estranky.cz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://halomovie.estranky.cz/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "eda95b820628eaa7b1af52b3f51706fa:1562067475"
last-modified: Tue, 02 Jul 2019 11:37:55 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 612
cache-control: max-age=3600
expires: Tue, 04 May 2021 10:24:54 GMT
date: Tue, 04 May 2021 09:24:54 GMT
access-control-allow-origin: https://halomovie.estranky.cz
timing-allow-origin: *

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=659141618&t=pageview&_s=1&dl=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44&ul=en-us&de=UTF-8&dt=HALO%20MOVIE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=139791650&gjid=2048931242&cid=1631859808.1620120295&tid=UA-87180-1&_gid=1056443949.1620120295&_r=1&_slc=1&cd1=free&z=1522943505

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://halomovie.estranky.cz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=9867152&ns__t=1620120294680&ns_c=UTF-8&cv=3.5&c8=HALO%20MOVIE&c7=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53e...
https://sb.scorecardresearch.com/b2?c1=2&c2=9867152&ns__t=1620120294680&ns_c=UTF-8&cv=3.5&c8=HALO%20MOVIE&c7=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53...

64 B
330 B

24ms
24ms

Image
image/gif

65.9.84.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=9867152&ns__t=1620120294680&ns_c=UTF-8&cv=3.5&c8=HALO%20MOVIE&c7=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&c9=
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:54 GMT
via: 1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: jEGSpINM7J6WvC6vk2IbYIgHXWyF07Du7bWzVAYlavV2LJLOauyKuA==

Redirect headers

date: Tue, 04 May 2021 09:24:54 GMT
via: 1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=9867152&ns__t=1620120294680&ns_c=UTF-8&cv=3.5&c8=HALO%20MOVIE&c7=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&c9=
content-length: 245
x-amz-cf-id: RD8tMB1lx2Zj68Phvdt-23gbIPL5QVuYlJE4Jxfo9N8sQ5CHfiKiuw==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=659141618&t=pageview&_s=1&dl=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44&ul=en-us&de=UTF-8&dt=HALO%20MOVIE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=1421000728&gjid=539978571&cid=1631859808.1620120295&tid=UA-26083415-15&_gid=1056443949.1620120295&_r=1&gtm=2wg4l3KHXLQN&z=1788850585

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://halomovie.estranky.cz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 91ms
33ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHXLQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

c322060c87967c74e8e1469862cab247ad7aa0c66e35918333904a125edcf3b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13927
x-xss-protection: 0
server: cafe
etag: 12538688089800269211
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:24:54 GMT

GET
H2 200 all.js Show response
a.adactive.cz/ 85 KB
17 KB 107ms
34ms Script
application/javascript 195.191.205.110
VLP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.adactive.cz/all.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHXLQN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.191.205.110 Neratovice, Czech Republic, ASN50695 (VLP-AS, CZ),
Reverse DNS: web-front-03.vlp.cz
Software: nginx /
Resource Hash: 29e60d214884396814d3f2fc305a58eade83111a92ca289a189962d2613149ca

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:54 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 07:29:18 GMT
server: nginx
etag: W/"606eb0ce-154bc"
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK multi-sync.js Show response
secure-assets.rubiconproject.com/utils/xapi/ Frame E542 2 KB
1 KB 74ms
22ms Script
text/javascript 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/4beaca54604aa1db7a7d9296a08d83bee398e7fd/scripts/satellite-5a9ec52464746d27a9005e4a.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f809626173382537067bd8301068f7ff69070531e9a7fd74688ff04400de2d8c

Request headers

Referer: https://assets.adobedtm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Sep 2020 05:29:25 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10148
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Tue, 04 May 2021 12:14:02 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 113ms
37ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-26083415-15&cid=1631859808.1620120295&jid=1421000728&gjid=539978571&_gid=1056443949.1620120295&_u=aEDAAEABAAAAAC~&z=1885585673

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 04 May 2021 09:24:54 GMT
content-type: text/plain
access-control-allow-origin: https://halomovie.estranky.cz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fpdata.js Show response
gacz.hit.gemius.pl/ 280 B
392 B 42ms
42ms Script
application/x-javascript 137.74.0.151
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gacz.hit.gemius.pl/fpdata.js?href=halomovie.estranky.cz
Requested by: Host: gacz.hit.gemius.pl
URL: https://gacz.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 137.74.0.151 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: ovhpl2.host.hit.gemius.pl
Software: GHC /
Resource Hash: c16d99c7b7024a7aaac8364b6dbdddc494f19020852180e8a3060d6044df9db7

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:54 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
accept-ranges: none
content-type: application/x-javascript
content-length: 280
expires: Thu, 03 Jun 2021 09:24:54 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 958B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?region=EU&country=CZ&endpoint=eu&p=cpexvlm&
https://eus.rubiconproject.com/usync.html?region=EU&country=CZ&endpoint=eu&p=cpexvlm&

281 B
554 B

70ms
22ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?region=EU&country=CZ&endpoint=eu&p=cpexvlm&
Requested by: Host: secure-assets.rubiconproject.com
URL: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://assets.adobedtm.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://assets.adobedtm.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 04 May 2021 09:24:54 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?region=EU&country=CZ&endpoint=eu&p=cpexvlm&
Date: Tue, 04 May 2021 09:24:54 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/964295547/ 2 KB
2 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964295547/?random=1620120294790&cv=9&fst=1620120294790&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4l3&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44&tiba=HALO%20MOVIE&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89d9ef9876dcf3abb48ba26100d01b8c72b5c3da5c3b3e59849fd212ee86779b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1050
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 18ms
18ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-26083415-15&cid=1631859808.1620120295&jid=1421000728&_u=aEDAAEABAAAAAC~&z=720110837

Requested by

Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 40ms
18ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-26083415-15&cid=1631859808.1620120295&jid=1421000728&_u=aEDAAEABAAAAAC~&z=720110837

Requested by

Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pos=skyscraper-1 Show response
a.denik.cz/vlm/lserver/bserver/ball/random=87193521/viewid=88590242/site=estranky/loc=cz/dev_display_width=1600/dev_display_height=1200/ab=a/safety=undefined/b1/size=728x90,970x90,970x210,1000x200/...
Redirect Chain

https://a.denik.cz/vlm/bserver/ball/random=87193521/viewid=88590242/site=estranky/loc=cz/dev_display_width=1600/dev_display_height=1200/ab=a/safety=undefined/b1/size=728x90,970x90,970x210,1000x200/...
https://a.denik.cz/vlm/lserver/bserver/ball/random=87193521/viewid=88590242/site=estranky/loc=cz/dev_display_width=1600/dev_display_height=1200/ab=a/safety=undefined/b1/size=728x90,970x90,970x210,1...

3 KB
4 KB

480ms
480ms

XHR
application/x-javascript

52.50.94.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.denik.cz/vlm/lserver/bserver/ball/random=87193521/viewid=88590242/site=estranky/loc=cz/dev_display_width=1600/dev_display_height=1200/ab=a/safety=undefined/b1/size=728x90,970x90,970x210,1000x200/pos=leaderboard-top/b2/size=300x250,300x300,336x280/pos=square-1/b3/size=160x600/pos=skyscraper-1
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.94.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-94-149.eu-west-1.compute.amazonaws.com
Software: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0dcdd53cd04d2da41) /
Resource Hash: fa7afea4537d8d155cba0f870de6a9cf6444fbff887d66fe2bc95aa9c264ffc3

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:55 GMT
server: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0dcdd53cd04d2da41)
access-control-max-age: 600
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
access-control-allow-origin: https://halomovie.estranky.cz
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-type: application/x-javascript; charset=UTF-8
access-control-allow-headers: X-Requested-With, origin, content-type, accept, accept-encoding, accept-language, cache-control, dnt
content-length: 3537
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:54 GMT
server: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0dcdd53cd04d2da41)
location: https://a.denik.cz/vlm/lserver/bserver/ball/random=87193521/viewid=88590242/site=estranky/loc=cz/dev_display_width=1600/dev_display_height=1200/ab=a/safety=undefined/b1/size=728x90,970x90,970x210,1000x200/pos=leaderboard-top/b2/size=300x250,300x300,336x280/pos=square-1/b3/size=160x600/pos=skyscraper-1
access-control-max-age: 600
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
access-control-allow-origin: https://halomovie.estranky.cz
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, origin, content-type, accept, accept-encoding, accept-language, cache-control, dnt
content-length: 0
expires: -1

GET
H2

200

rexdot.js Show response
gacz.hit.gemius.pl/__/_1620120294833/
Redirect Chain

https://gacz.hit.gemius.pl/_1620120294833/rexdot.js?l=100&id=ctTgJA_KmwA3MTtBLKW3F4ZQ7KSF1OxF_.4EOLt5qFn.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fhalomovi...
https://gacz.hit.gemius.pl/__/_1620120294833/rexdot.js?l=100&id=ctTgJA_KmwA3MTtBLKW3F4ZQ7KSF1OxF_.4EOLt5qFn.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fhalom...

169 B
427 B

114ms
113ms

Script
application/x-javascript

137.74.0.151
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gacz.hit.gemius.pl/__/_1620120294833/rexdot.js?l=100&id=ctTgJA_KmwA3MTtBLKW3F4ZQ7KSF1OxF_.4EOLt5qFn.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Tv6xbjHUjEtPbjQE.vxt4myxVtrJSYs2TF8f01p_t6f.p7&vis=1
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 137.74.0.151 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: ovhpl2.host.hit.gemius.pl
Software: GHC /
Resource Hash: 638e43bdc9ab087038147dbab420b87f65941ec7e556b0bcc20e19f3e7e7485e

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:54 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Mon, 03 May 2021 09:24:54 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:54 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1620120294833/rexdot.js?l=100&id=ctTgJA_KmwA3MTtBLKW3F4ZQ7KSF1OxF_.4EOLt5qFn.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Tv6xbjHUjEtPbjQE.vxt4myxVtrJSYs2TF8f01p_t6f.p7&vis=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Mon, 03 May 2021 09:24:54 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/964295547/ 42 B
154 B 26ms
25ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/964295547/?random=1620120294790&cv=9&fst=1620118800000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4l3&sendb=1&frm=0&url=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44&tiba=HALO%20MOVIE&async=1&fmt=3&is_vtc=1&random=1162665473&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/964295547/ 42 B
154 B 30ms
22ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/964295547/?random=1620120294790&cv=9&fst=1620118800000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4l3&sendb=1&frm=0&url=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44&tiba=HALO%20MOVIE&async=1&fmt=3&is_vtc=1&random=1162665473&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 958B 30 KB
9 KB 25ms
24ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?region=EU&country=CZ&endpoint=eu&p=cpexvlm&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer: https://eus.rubiconproject.com/usync.html?region=EU&country=CZ&endpoint=eu&p=cpexvlm&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 21:43:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17603
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9235
Expires: Tue, 04 May 2021 14:18:17 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 958B 284 B
536 B 94ms
24ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?region=EU&country=CZ&endpoint=eu&p=cpexvlm&
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H2 200 ssp.js Show response
ssp.imedia.cz/static/js/ 126 KB
38 KB 145ms
64ms Script
application/javascript 77.75.78.101
SEZNAM-

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.imedia.cz/static/js/ssp.js
Requested by: Host: a.adactive.cz
URL: https://a.adactive.cz/all.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.75.78.101 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS: ssp.seznam.cz
Software: envoy /
Resource Hash: cc025feabc7dd9cc0dac9eaf1784844f833386a3a6eee0f7712f12c36faf183a

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:55 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: envoy
etag: W/"1dc09d84-1f997"
vary: Accept-Encoding
p3p: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: no-cache
x-envoy-upstream-service-time: 14
content-type: application/javascript
expires: Tue, 04 May 2021 09:24:54 GMT

GET
H2 200 dot-small.js Show response
h.seznam.cz/js/ 20 KB
7 KB 100ms
28ms Script
application/javascript 77.75.77.9
SEZNAM-

General

Check archive.org

Show headers Download Go to

Full URL: https://h.seznam.cz/js/dot-small.js
Requested by: Host: ssp.imedia.cz
URL: https://ssp.imedia.cz/static/js/ssp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.75.77.9 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS: h.imedia.cz
Software: nginx/1.18.0 /
Resource Hash: 26154284be3de87efc13608bfa0e986f88a7509ad08e0c360f19118056dc5ee1

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:55 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 08:00:00 GMT
server: nginx/1.18.0
etag: W/"60891600-5033"
p3p: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
access-control-allow-origin: *
cache-control: max-age=86400
content-type: application/javascript
expires: Wed, 05 May 2021 09:24:55 GMT

GET
H/1.1 200
OK multi-sync.js Show response
secure-assets.rubiconproject.com/utils/xapi/ 2 KB
1 KB 22ms
22ms Script
text/javascript 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.js
Requested by: Host: a.adactive.cz
URL: https://a.adactive.cz/all.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f809626173382537067bd8301068f7ff69070531e9a7fd74688ff04400de2d8c

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Sep 2020 05:29:25 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10147
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Tue, 04 May 2021 12:14:02 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum.casalemedia.com/ Frame 4D5D
Redirect Chain

https://a.denik.cz/vlm/getid/MID=5197103461302743573/external=CASALE
https://ssum.casalemedia.com/usermatch?s=189795&cb=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DCASALE%2Fvalue%3D
https://ssum.casalemedia.com/usermatch?s=189795&cb=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DCASALE%2Fvalue%3D&C=1

2 KB
3 KB

37ms
36ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?s=189795&cb=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DCASALE%2Fvalue%3D&C=1
Requested by: Host: a.adactive.cz
URL: https://a.adactive.cz/all.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ebf66d0f5abf5b982694cbf3cb5a68a5c05121ef2c96fe7468ccc49fec417877

Request headers

Host: ssum.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://halomovie.estranky.cz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YJES5wNgCZwq.wHvWHMaVQAA; CMPS=3164
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://halomovie.estranky.cz/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|39|45|3|46|13|191
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1957
Expires: Tue, 04 May 2021 09:24:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 04 May 2021 09:24:55 GMT
Connection: keep-alive
Set-Cookie: CMID=YJES5wNgCZwq.wHvWHMaVQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 May 2022 09:24:55 GMT CMPS=3164;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 02 Aug 2021 09:24:55 GMT CMPRO=1152;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 02 Aug 2021 09:24:55 GMT CMST=YJES52CREucA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 05 May 2021 09:24:55 GMT CMRUM3=2e609112e705a0&e6609112e727600&0d609112e705a0&27609112e70b40&2d609112e705a0&03609112e705a0&bf609112e705a0&f1609112e705a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 May 2022 09:24:55 GMT

Redirect headers

Server: Apache
Content-Length: 348
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum.casalemedia.com/usermatch?s=189795&cb=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DCASALE%2Fvalue%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 04 May 2021 09:24:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 04 May 2021 09:24:55 GMT
Connection: keep-alive
Set-Cookie: CMID=YJES5wNgCZwq.wHvWHMaVQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 May 2022 09:24:55 GMT CMPS=3164;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 02 Aug 2021 09:24:55 GMT

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame DD8E 8 KB
3 KB 70ms
23ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DPUBMATIC%2Fvalue%3D
Requested by: Host: a.adactive.cz
URL: https://a.adactive.cz/all.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://halomovie.estranky.cz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://halomovie.estranky.cz/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=27328
Expires: Tue, 04 May 2021 17:00:23 GMT
Date: Tue, 04 May 2021 09:24:55 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 48ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: a.adactive.cz
URL: https://a.adactive.cz/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d931393ae1a1c0b3d4126858ea4a15442f1e094f07420283272902e1a878c0cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47791
x-xss-protection: 0
server: cafe
etag: 12720787893023158812
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:24:55 GMT

GET
H2

200

value=8744422011914918744
a.denik.cz/vlm/setid/MID=5197103461302743573/external=APPNEXUS/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DAPPNEXUS%2Fvalue%3D$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa%252Edenik%252Ecz%252Fvlm%252Fsetid%252FMID%253D5197103461302743573%252Fexternal%253DAPPNEXUS%252Fvalue%253D%24UID
https://a.denik.cz/vlm/setid/MID=5197103461302743573/external=APPNEXUS/value=8744422011914918744

43 B
398 B

37ms
37ms

Image
image/gif

52.50.94.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.denik.cz/vlm/setid/MID=5197103461302743573/external=APPNEXUS/value=8744422011914918744
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.94.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-94-149.eu-west-1.compute.amazonaws.com
Software: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0287e8e3992fb5c0f) /
Resource Hash: 82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:55 GMT
server: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0287e8e3992fb5c0f)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:24:55 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.206:80
AN-X-Request-Uuid: db87883d-442d-4408-9776-7d26563e5183
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a.denik.cz/vlm/setid/MID=5197103461302743573/external=APPNEXUS/value=8744422011914918744
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 2021-duben-NG_Swiss_bannery_300x300.jpg
content.aimatch.com/vlm/1921/ 54 KB
55 KB 79ms
23ms Image
image/jpeg 184.30.25.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.aimatch.com/vlm/1921/2021-duben-NG_Swiss_bannery_300x300.jpg
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-69.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0a38b2b55100ff605df22ae177413820f086f2a0460778f6f273af77a78e0450

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: Fnj4.ZpTebcaMmTYNQpCft4O49.SkwmW
last-modified: Thu, 22 Apr 2021 19:25:43 GMT
server: AmazonS3
x-amz-request-id: 9EBCFHKQM4EZ2CKY
etag: "80fa5871a6112137f7e8557230acca42"
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=60
date: Tue, 04 May 2021 09:24:55 GMT
x-amz-replication-status: FAILED
accept-ranges: bytes
content-length: 55453
x-amz-id-2: /J9MeL4COsOMvWdPP9DPlw226ADYRuyB8DSLsbNU3kGXjqORcz9cHCMcGorpYSSRC4j6/bTR99Q=
expires: Tue, 04 May 2021 09:25:55 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/ 223 KB
82 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7349691528422556&plah=halomovie.estranky.cz&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8efe3e24fbff7b370d1d24175f1de783017859e0fe80d2e0f08e22b8e1c0c08a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84200
x-xss-protection: 0
server: cafe
etag: 1635929098252524918
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:24:55 GMT

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/ Frame 6A83 10 KB
5 KB 20ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210429/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://halomovie.estranky.cz/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://halomovie.estranky.cz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 03 May 2021 22:09:39 GMT
expires: Mon, 17 May 2021 22:09:39 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 40516
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sync.html Show response
cdn.cpex.cz/user/ Frame 9C2C 2 KB
728 B 30ms
6ms Document
text/html 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cpex.cz/user/sync.html
Requested by: Host: a.adactive.cz
URL: https://a.adactive.cz/all.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: db1f6aa6cfdfc1cc3a526fb0de7c48b5226ad568a91f0a94e255aabd4013415a

Request headers

:method: GET
:authority: cdn.cpex.cz
:scheme: https
:path: /user/sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://halomovie.estranky.cz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://halomovie.estranky.cz/

Response headers

date: Tue, 04 May 2021 09:24:55 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding Accept-Encoding
last-modified: Mon, 08 Mar 2021 15:08:36 GMT
etag: W/"60463df4-6b8"
cache-conrol: public
cache-control: max-age=259200
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AcO1rzJBSRPvZaMDAA==
x-77-nzt-ray: P++P+p48Vlk=
x-cache: HIT
x-age: 238437
x-77-pop: frankfurtDE
x-77-cache: HIT
content-encoding: br

GET
H2 200 usersynced=1
a.denik.cz/vlm/SETSV/TTL=21600/ 43 B
369 B 44ms
44ms Image
image/gif 52.50.94.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.denik.cz/vlm/SETSV/TTL=21600/usersynced=1
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.94.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-94-149.eu-west-1.compute.amazonaws.com
Software: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0e7bf04be84fdab5f) /
Resource Hash: 82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:55 GMT
server: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0e7bf04be84fdab5f)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: image/gif
content-length: 43
expires: -1

POST
H2 200 sid Show response
h.seznam.cz/ 118 B
546 B 37ms
36ms XHR
application/json 77.75.77.9
SEZNAM-

General

Check archive.org

Show headers Download Go to

Full URL: https://h.seznam.cz/sid
Requested by: Host: h.seznam.cz
URL: https://h.seznam.cz/js/dot-small.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.75.77.9 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS: h.imedia.cz
Software: nginx/1.18.0 /
Resource Hash: 3bd9d95d0976c8d68b87296831ce4aaa2daf37b3362dff0d1a94fa130445a8c3

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 04 May 2021 09:24:55 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
access-control-allow-origin: https://halomovie.estranky.cz
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type
content-length: 118

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F28B 8 KB
3 KB 32ms
32ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=49307&predirect=%2F%2Fssp.seznam.cz%2Fstatic%2Fhtml%2Fsync%2Fpub_sync.html%3FpmId%3D
Requested by: Host: ssp.imedia.cz
URL: https://ssp.imedia.cz/static/js/ssp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://halomovie.estranky.cz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://halomovie.estranky.cz/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=27328
Expires: Tue, 04 May 2021 17:00:23 GMT
Date: Tue, 04 May 2021 09:24:55 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

apn_sync.html Show response
ssp.seznam.cz/static/html/sync/ Frame 0AA9
Redirect Chain

https://secure.adnxs.com/getuid?//ssp.seznam.cz/static/html/sync/apn_sync.html?uid=$UID
https://ssp.seznam.cz/static/html/sync/apn_sync.html?uid=8744422011914918744

419 B
493 B

36ms
32ms

Document
text/html

77.75.78.101
SEZNAM-

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.seznam.cz/static/html/sync/apn_sync.html?uid=8744422011914918744
Requested by: Host: ssp.imedia.cz
URL: https://ssp.imedia.cz/static/js/ssp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.75.78.101 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS: ssp.seznam.cz
Software: envoy /
Resource Hash: 2cf26672b5c14a47b090d5f9bf3b3a65425aec7f27427a42063cddbec96486ac

Request headers

:method: GET
:authority: ssp.seznam.cz
:scheme: https
:path: /static/html/sync/apn_sync.html?uid=8744422011914918744
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://halomovie.estranky.cz/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sid=id=16047704751665763111|t=1620120295.754|te=1620120295.754|c=FC508D9E954BF9939D045058468B6DC1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://halomovie.estranky.cz/

Response headers

server: envoy
date: Tue, 04 May 2021 09:24:55 GMT
content-type: text/html
content-length: 419
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-1a3"
p3p: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
access-control-allow-origin: *
expires: Tue, 04 May 2021 09:24:54 GMT
cache-control: no-cache
accept-ranges: bytes
x-envoy-upstream-service-time: 1

Redirect headers

Server: nginx/1.17.9
Date: Tue, 04 May 2021 09:24:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: //ssp.seznam.cz/static/html/sync/apn_sync.html?uid=8744422011914918744
AN-X-Request-Uuid: 58a9ee25-0b1a-42ea-96bf-997209ccaebd
Set-Cookie: uuid2=8744422011914918744; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 02-Aug-2021 09:24:55 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.40:80

GET
H2 200 adform_sync.html Show response
h.seznam.cz/html/ Frame DF68 3 KB
1 KB 31ms
30ms Document
text/html 77.75.77.9
SEZNAM-

General

Check archive.org

Show headers Download Go to

Full URL: https://h.seznam.cz/html/adform_sync.html
Requested by: Host: ssp.imedia.cz
URL: https://ssp.imedia.cz/static/js/ssp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.75.77.9 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS: h.imedia.cz
Software: nginx/1.18.0 /
Resource Hash: 9ecb33a9da6b4e5e056dcbc7088d4d6d16bf86310eaf46f11456559d9a93dc1d

Request headers

:method: GET
:authority: h.seznam.cz
:scheme: https
:path: /html/adform_sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://halomovie.estranky.cz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://halomovie.estranky.cz/

Response headers

server: nginx/1.18.0
date: Tue, 04 May 2021 09:24:55 GMT
content-type: text/html
last-modified: Wed, 28 Apr 2021 08:00:00 GMT
etag: W/"60891600-bc4"
p3p: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
access-control-allow-origin: *
expires: Wed, 05 May 2021 09:24:55 GMT
cache-control: max-age=86400
content-encoding: gzip

OPTIONS
H2 204 xhr
ssp.seznam.cz/v1/ Frame 0
0 101ms
30ms Preflight 77.75.76.101
SEZNAM-

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.seznam.cz/v1/xhr
Protocol: H2
Server: 77.75.76.101 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS: ssp.seznam.cz
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://halomovie.estranky.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: envoy
date: Tue, 04 May 2021 09:24:55 GMT
p3p: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
vary: Origin
access-control-allow-origin: https://halomovie.estranky.cz
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
cache-control: private, max-age=0, no-cache, no-store, no-transform, must-revalidate
access-control-max-age: 1728000
x-envoy-upstream-service-time: 1

GET
H2 200 cmp Show response
ssp.seznam.cz/ 119 B
411 B 116ms
33ms XHR
application/json 77.75.76.101
SEZNAM-

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.seznam.cz/cmp?zoneId=67158
Requested by: Host: ssp.imedia.cz
URL: https://ssp.imedia.cz/static/js/ssp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.75.76.101 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS: ssp.seznam.cz
Software: envoy /
Resource Hash: e16c19fa9b71cfd44f87dc293f554321dcd974a2d39d77a13e599b71a43f2a4e

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:55 GMT
server: envoy
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
access-control-allow-origin: https://halomovie.estranky.cz
cache-control: private, max-age=0, no-cache, no-store, no-transform, must-revalidate
x-envoy-upstream-service-time: 4
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type
content-length: 119

GET
H2 200 /
h.seznam.cz/hit/ 43 B
446 B 31ms
30ms Image
image/gif 77.75.77.9
SEZNAM-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.seznam.cz/hit/?d=%7B%22adId%22%3A%22iwnwdkwv1b7xpuov8g7fi7b2wga1ss301ofz4lshuq150j0hb1%22%2C%22timeFromInit%22%3A126.04999914765358%7D&a=adload&s=sklikp&lsid=&id=16201202957220.020577041047478817&v=2.11&r=0.29767299708559114&rus=&ri=&los=&pvid=&spa=false&u=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&lses=1620120295722&ab=&serviceVariant=&ptitle=HALO%20MOVIE
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.75.77.9 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS: h.imedia.cz
Software: nginx/1.18.0 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:55 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: content-type
content-length: 43

GET
H2 200 /
h.seznam.cz/hit/ 43 B
446 B 31ms
31ms Image
image/gif 77.75.77.9
SEZNAM-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.seznam.cz/hit/?d=%7B%22zones%22%3A%2267158%22%7D&a=ad&s=sklikp&lsid=&id=16201202957220.020577041047478817&v=2.11&r=0.8724557748862409&rus=&ri=&los=&pvid=&spa=false&u=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&lses=1620120295722&ab=&serviceVariant=&ptitle=HALO%20MOVIE
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.75.77.9 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS: h.imedia.cz
Software: nginx/1.18.0 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:55 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: content-type
content-length: 43

POST
H2 200 xhr Show response
ssp.seznam.cz/v1/ 750 B
1 KB 93ms
89ms XHR
application/json 77.75.78.101
SEZNAM-

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.seznam.cz/v1/xhr
Requested by: Host: ssp.imedia.cz
URL: https://ssp.imedia.cz/static/js/ssp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.75.78.101 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS: ssp.seznam.cz
Software: envoy /
Resource Hash: e165166388bc1b2440241742131ed0670b20156857366d81e13bdcf9e0816969

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 04 May 2021 09:24:55 GMT
server: envoy
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
access-control-allow-origin: https://halomovie.estranky.cz
cache-control: private, max-age=0, no-cache, no-store, no-transform, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 58
content-type: application/json
access-control-allow-headers: content-type
content-length: 750

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 36BC 38 KB
14 KB 27ms
26ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DPUBMATIC%2Fvalue%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DPUBMATIC%2Fvalue%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DPUBMATIC%2Fvalue%3D

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=103405
Expires: Wed, 05 May 2021 14:08:20 GMT
Date: Tue, 04 May 2021 09:24:55 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 /
h.seznam.cz/hit/ 43 B
446 B 30ms
29ms Image
image/gif 77.75.77.9
SEZNAM-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.seznam.cz/hit/?q=&d=%7B%22tid%22%3A%2216201202957220.35728127260018683%22%2C%22referer%22%3A%22%22%2C%22path%22%3A%22%22%2C%22scroll%22%3A%220%2C715%22%2C%22port%22%3A%221600%2C1200%22%2C%22page%22%3A%221300%2C7733%22%2C%22screen%22%3A%221600%2C1200%2C24%22%7D&a=impress&s=sklikp&lsid=&id=16201202957220.020577041047478817&v=2.11&r=0.6188009588338999&rus=&ri=&los=&pvid=&spa=false&dsid=id%3D14432022634760743651%7Ct%3D1620120295.737%7Cte%3D1620120295.737%7Cc%3D8E4B20E9EE6A81F9422CC03AAD6414D5&u=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&lses=1620120295722&ab=&serviceVariant=&ptitle=HALO%20MOVIE
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.75.77.9 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS: h.imedia.cz
Software: nginx/1.18.0 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:55 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: content-type
content-length: 43

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
640 B 85ms
31ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=halomovie.estranky.cz&callback=_gfp_s_&client=ca-pub-7349691528422556

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7349691528422556&plah=halomovie.estranky.cz&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

afd2e8f23e43c57e15c59ee70acfe65f9a3d2470cd3390d8d8f371f1146bbd56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 36ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=halomovie.estranky.cz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 09:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 36ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=halomovie.estranky.cz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 09:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 30C2 85 KB
31 KB 395ms
394ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7349691528422556&output=html&h=600&slotname=7661597236&adk=849360679&adf=3631241403&pi=t.ma~as.7661597236&w=300&lmt=1620120295&psa=0&format=300x600&url=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620120295704&bpp=6&bdt=1376&idt=113&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6003058413602&frm=20&pv=2&ga_vid=1631859808.1620120295&ga_sid=1620120296&ga_hid=659141618&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1300&ady=715&biw=1600&bih=1200&scr_x=0&scr_y=715&oid=3&pvsid=3966906287212697&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=51BmvPpE4h&p=https%3A//halomovie.estranky.cz&dtd=132

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c23bf7f64972ba7ba4119b8ba7ded541a8194af2a2577cce70e0f83c81534f0a

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL2Z6bXar_ACFRT2dwodha8G_w&gqi=5xKRYPnSM6OQ4gGj6LeoAw&layout=/sadbundle/%24csp%253Der3%24/16073489184916735929/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7349691528422556&output=html&h=600&slotname=7661597236&adk=849360679&adf=3631241403&pi=t.ma~as.7661597236&w=300&lmt=1620120295&psa=0&format=300x600&url=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620120295704&bpp=6&bdt=1376&idt=113&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6003058413602&frm=20&pv=2&ga_vid=1631859808.1620120295&ga_sid=1620120296&ga_hid=659141618&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1300&ady=715&biw=1600&bih=1200&scr_x=0&scr_y=715&oid=3&pvsid=3966906287212697&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=51BmvPpE4h&p=https%3A//halomovie.estranky.cz&dtd=132
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://halomovie.estranky.cz/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://halomovie.estranky.cz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL2Z6bXar_ACFRT2dwodha8G_w&gqi=5xKRYPnSM6OQ4gGj6LeoAw&layout=/sadbundle/%24csp%253Der3%24/16073489184916735929/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 04 May 2021 09:24:56 GMT
server: cafe
content-length: 31571
x-xss-protection: 0
set-cookie: IDE=AHWqTUlV4vWa56Wo-euQJI-ScM9v2fEkTcaEwvqU0JEYcOK3RqXR4eoUcrjbpzKIuTw; expires=Sun, 29-May-2022 09:24:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 May 2021 09:24:56 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056503243602"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Tue, 04 May 2021 09:24:55 GMT

GET
H/1.1 200
OK multi-sync.js Show response
secure-assets.rubiconproject.com/utils/xapi/ Frame 9C2C 2 KB
1 KB 27ms
23ms Script
text/javascript 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.js
Requested by: Host: cdn.cpex.cz
URL: https://cdn.cpex.cz/user/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f809626173382537067bd8301068f7ff69070531e9a7fd74688ff04400de2d8c

Request headers

Referer: https://cdn.cpex.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Sep 2020 05:29:25 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10147
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Tue, 04 May 2021 12:14:02 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 9C2C 0
239 B 97ms
24ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=cpex
Requested by: Host: cdn.cpex.cz
URL: https://cdn.cpex.cz/user/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.cpex.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 9C2C 0
239 B 105ms
32ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=cpexmafra
Requested by: Host: cdn.cpex.cz
URL: https://cdn.cpex.cz/user/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.cpex.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 9C2C 0
239 B 108ms
34ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=cpexcsfd
Requested by: Host: cdn.cpex.cz
URL: https://cdn.cpex.cz/user/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.cpex.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 9C2C 0
239 B 107ms
29ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=cpexvlm
Requested by: Host: cdn.cpex.cz
URL: https://cdn.cpex.cz/user/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.cpex.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 9C2C 0
239 B 114ms
32ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=cpexiinfo
Requested by: Host: cdn.cpex.cz
URL: https://cdn.cpex.cz/user/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.cpex.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 9C2C 0
239 B 113ms
29ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=cpexiprima
Requested by: Host: cdn.cpex.cz
URL: https://cdn.cpex.cz/user/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.cpex.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

GET
H2

200

value=8744422011914918744
a.centrum.cz/cent/lserver/setid/external=APPNEXUS/ Frame 9C2C
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fa%2Ecentrum%2Ecz%2Fcent%2Fsetid%2Fexternal%3DAPPNEXUS%2Fvalue%3D$UID
https://a.centrum.cz/cent/setid/external=APPNEXUS/value=8744422011914918744
https://a.centrum.cz/cent/lserver/setid/external=APPNEXUS/value=8744422011914918744

43 B
509 B

35ms
35ms

Image
image/gif

52.50.94.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.centrum.cz/cent/lserver/setid/external=APPNEXUS/value=8744422011914918744
Requested by: Host: cdn.cpex.cz
URL: https://cdn.cpex.cz/user/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.94.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-94-149.eu-west-1.compute.amazonaws.com
Software: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0832b35d888b7baa4) /
Resource Hash: 82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

Referer: https://cdn.cpex.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:55 GMT
server: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0832b35d888b7baa4)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:55 GMT
server: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0e7bf04be84fdab5f)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
location: https://a.centrum.cz/cent/lserver/setid/external=APPNEXUS/value=8744422011914918744
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
expires: -1

GET
H2

200

value=8744422011914918744
a.1gr.cz/mafra/lserver/setid/external=APPNEXUS/ Frame 9C2C
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fa%2E1gr%2Ecz%2Fmafra%2Fsetid%2Fexternal%3DAPPNEXUS%2Fvalue%3D$UID
https://a.1gr.cz/mafra/setid/external=APPNEXUS/value=8744422011914918744
https://a.1gr.cz/mafra/lserver/setid/external=APPNEXUS/value=8744422011914918744

43 B
504 B

34ms
33ms

Image
image/gif

52.50.94.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.1gr.cz/mafra/lserver/setid/external=APPNEXUS/value=8744422011914918744
Requested by: Host: cdn.cpex.cz
URL: https://cdn.cpex.cz/user/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.94.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-94-149.eu-west-1.compute.amazonaws.com
Software: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0e93c3f50904531b7) /
Resource Hash: 82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

Referer: https://cdn.cpex.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:55 GMT
server: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0e93c3f50904531b7)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:55 GMT
server: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0aeecfef5c1e30e44)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
location: https://a.1gr.cz/mafra/lserver/setid/external=APPNEXUS/value=8744422011914918744
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
expires: -1

GET
H2

200

value=8744422011914918744
a.csfd.cz/csfd/lserver/setid/external=APPNEXUS/ Frame 9C2C
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fa%2Ecsfd%2Ecz%2Fcsfd%2Fsetid%2Fexternal%3DAPPNEXUS%2Fvalue%3D$UID
https://a.csfd.cz/csfd/setid/external=APPNEXUS/value=8744422011914918744
https://a.csfd.cz/csfd/lserver/setid/external=APPNEXUS/value=8744422011914918744

43 B
504 B

35ms
34ms

Image
image/gif

52.50.94.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.csfd.cz/csfd/lserver/setid/external=APPNEXUS/value=8744422011914918744
Requested by: Host: cdn.cpex.cz
URL: https://cdn.cpex.cz/user/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.94.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-94-149.eu-west-1.compute.amazonaws.com
Software: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0b32150bc9006c06d) /
Resource Hash: 82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

Referer: https://cdn.cpex.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:56 GMT
server: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0b32150bc9006c06d)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:55 GMT
server: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0e93c3f50904531b7)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
location: https://a.csfd.cz/csfd/lserver/setid/external=APPNEXUS/value=8744422011914918744
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
expires: -1

GET
H2

200

value=8744422011914918744
a.denik.cz/vlm/setid/external=APPNEXUS/ Frame 9C2C
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2Fexternal%3DAPPNEXUS%2Fvalue%3D$UID
https://a.denik.cz/vlm/setid/external=APPNEXUS/value=8744422011914918744

43 B
544 B

34ms
34ms

Image
image/gif

52.50.94.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.denik.cz/vlm/setid/external=APPNEXUS/value=8744422011914918744
Requested by: Host: cdn.cpex.cz
URL: https://cdn.cpex.cz/user/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.94.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-94-149.eu-west-1.compute.amazonaws.com
Software: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0dcdd53cd04d2da41) /
Resource Hash: 82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

Referer: https://cdn.cpex.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:55 GMT
server: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0dcdd53cd04d2da41)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:24:55 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.76:80
AN-X-Request-Uuid: 9bd81df7-0767-46e0-9a27-45cd58de15aa
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a.denik.cz/vlm/setid/external=APPNEXUS/value=8744422011914918744
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

value=8744422011914918744
a.slunecnice.cz/slunecnice/lserver/setid/external=APPNEXUS/ Frame 9C2C
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fa%2Eslunecnice%2Ecz%2Fslunecnice%2Fsetid%2Fexternal%3DAPPNEXUS%2Fvalue%3D$UID
https://a.slunecnice.cz/slunecnice/setid/external=APPNEXUS/value=8744422011914918744
https://a.slunecnice.cz/slunecnice/lserver/setid/external=APPNEXUS/value=8744422011914918744

43 B
513 B

36ms
35ms

Image
image/gif

52.50.94.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.slunecnice.cz/slunecnice/lserver/setid/external=APPNEXUS/value=8744422011914918744
Requested by: Host: cdn.cpex.cz
URL: https://cdn.cpex.cz/user/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.94.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-94-149.eu-west-1.compute.amazonaws.com
Software: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0aeecfef5c1e30e44) /
Resource Hash: 82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

Referer: https://cdn.cpex.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:56 GMT
server: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0aeecfef5c1e30e44)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:55 GMT
server: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0e7bf04be84fdab5f)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
location: https://a.slunecnice.cz/slunecnice/lserver/setid/external=APPNEXUS/value=8744422011914918744
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
expires: -1

GET
H2

200

value=8744422011914918744
a.iprima.cz/iprima/lserver/setid/external=APPNEXUS/ Frame 9C2C
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fa%2Eiprima%2Ecz%2Fiprima%2Fsetid%2Fexternal%3DAPPNEXUS%2Fvalue%3D$UID
https://a.iprima.cz/iprima/setid/external=APPNEXUS/value=8744422011914918744
https://a.iprima.cz/iprima/lserver/setid/external=APPNEXUS/value=8744422011914918744

43 B
510 B

32ms
32ms

Image
image/gif

54.154.97.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.iprima.cz/iprima/lserver/setid/external=APPNEXUS/value=8744422011914918744
Requested by: Host: cdn.cpex.cz
URL: https://cdn.cpex.cz/user/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.97.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-97-212.eu-west-1.compute.amazonaws.com
Software: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0f2cd89d918672678) /
Resource Hash: 82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

Referer: https://cdn.cpex.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:56 GMT
server: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0f2cd89d918672678)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:56 GMT
server: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-026d2aa46842493a8)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
location: https://a.iprima.cz/iprima/lserver/setid/external=APPNEXUS/value=8744422011914918744
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
expires: -1

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6CB6 0
20 B 16ms
15ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7349691528422556&output=html&adk=1812271804&adf=3025194257&lmt=1620120295&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620120295711&bpp=3&bdt=1384&idt=134&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=6003058413602&frm=20&pv=1&ga_vid=1631859808.1620120295&ga_sid=1620120296&ga_hid=659141618&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=715&oid=3&pvsid=3966906287212697&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=141

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7349691528422556&output=html&adk=1812271804&adf=3025194257&lmt=1620120295&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620120295711&bpp=3&bdt=1384&idt=134&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=6003058413602&frm=20&pv=1&ga_vid=1631859808.1620120295&ga_sid=1620120296&ga_hid=659141618&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=715&oid=3&pvsid=3966906287212697&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=141
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://halomovie.estranky.cz/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://halomovie.estranky.cz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 04 May 2021 09:24:55 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUkqIfPt-cZYjJuZ7GbbnrnNg6tnyYCq4toL1QEDQ0Ei4tFgtKaWfKkiqeAG; expires=Sun, 29-May-2022 09:24:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 May 2021 09:24:55 GMT
cache-control: private

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame FF35 38 KB
14 KB 29ms
27ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=49307&predirect=%2F%2Fssp.seznam.cz%2Fstatic%2Fhtml%2Fsync%2Fpub_sync.html%3FpmId%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=49307&predirect=%2F%2Fssp.seznam.cz%2Fstatic%2Fhtml%2Fsync%2Fpub_sync.html%3FpmId%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=49307&predirect=%2F%2Fssp.seznam.cz%2Fstatic%2Fhtml%2Fsync%2Fpub_sync.html%3FpmId%3D

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=103405
Expires: Wed, 05 May 2021 14:08:20 GMT
Date: Tue, 04 May 2021 09:24:55 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 cmp.html Show response
ssp.seznam.cz/static/html/ Frame BCCC 414 B
474 B 33ms
32ms Document
text/html 77.75.78.101
SEZNAM-

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.seznam.cz/static/html/cmp.html
Requested by: Host: ssp.imedia.cz
URL: https://ssp.imedia.cz/static/js/ssp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.75.78.101 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS: ssp.seznam.cz
Software: envoy /
Resource Hash: 66942c9396e5ab334c33ea37c0145332d21a0d1d068021d9f3d245f25c35e73a

Request headers

:method: GET
:authority: ssp.seznam.cz
:scheme: https
:path: /static/html/cmp.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://halomovie.estranky.cz/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sid=id=16047704751665763111|t=1620120295.754|te=1620120295.812|c=F6BC0AD7050D0EB1C423E76D718FE651
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://halomovie.estranky.cz/

Response headers

server: envoy
date: Tue, 04 May 2021 09:24:55 GMT
content-type: text/html
content-length: 414
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-19e"
p3p: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
access-control-allow-origin: *
expires: Tue, 04 May 2021 09:24:54 GMT
cache-control: no-cache
accept-ranges: bytes
x-envoy-upstream-service-time: 0

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 4D5D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJES5wNgCZwq-wHvWHMaVQAABIAAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJES5wNgCZwq-wHvWHMaVQAABIAAAAIB&dcc=t

43 B
433 B

103ms
103ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJES5wNgCZwq-wHvWHMaVQAABIAAAAIB&dcc=t
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=189795&cb=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DCASALE%2Fvalue%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:24:56 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:24:56 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJES5wNgCZwq-wHvWHMaVQAABIAAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 4D5D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJES5wNgCZwq-wHvWHMaVQAABIAAAAIB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEMP4r0hnwJUpfIo97Xyc2Zw&google_cver=1

43 B
315 B

78ms
28ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEMP4r0hnwJUpfIo97Xyc2Zw&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=189795&cb=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DCASALE%2Fvalue%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:24:55 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 04 May 2021 09:24:55 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEMP4r0hnwJUpfIo97Xyc2Zw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 4D5D 70 B
265 B 357ms
34ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YJES5wNgCZwq.wHvWHMaVQAA&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=189795&cb=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DCASALE%2Fvalue%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4D5D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJES5wNgCZwq.wHvWHMaVQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAJDUM7ijatF4EKta8TFLh4&google_cver=1&google_hm=2

43 B
1000 B

30ms
30ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAJDUM7ijatF4EKta8TFLh4&google_cver=1&google_hm=2
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=189795&cb=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DCASALE%2Fvalue%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:24:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 04 May 2021 09:24:56 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAJDUM7ijatF4EKta8TFLh4&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4D5D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=48596091-12e8-4800-ae20-fcbc35b6eb99&gdpr=1&gdpr_consent=

43 B
1 KB

31ms
30ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=48596091-12e8-4800-ae20-fcbc35b6eb99&gdpr=1&gdpr_consent=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=189795&cb=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DCASALE%2Fvalue%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:24:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 04 May 2021 09:24:56 GMT

Redirect headers

Date: Tue, 04 May 2021 09:26:10 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=48596091-12e8-4800-ae20-fcbc35b6eb99&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 04 May 2021 09:26:09 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 4D5D 0
0 59ms
36ms Image
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=189795&cb=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DCASALE%2Fvalue%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4D5D
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06302204007dbddd2775d60f&expiration=[EXPIRATION]&gdpr=1

43 B
1 KB

30ms
30ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06302204007dbddd2775d60f&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=189795&cb=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DCASALE%2Fvalue%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:24:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 04 May 2021 09:24:57 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06302204007dbddd2775d60f&expiration=[EXPIRATION]&gdpr=1
Date: Tue, 04 May 2021 09:24:56 GMT
Access-Control-Allow-Credentials: true
X-Powered-By: Express
Content-Length: 0
Vary: Origin

GET
H2 200 index
dmp.brand-display.com/cm/api/ Frame 4D5D 43 B
253 B 1169ms
121ms Image
image/gif 35.241.40.233
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=189795&cb=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DCASALE%2Fvalue%3D&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.40.241.35.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:56 GMT
via: 1.1 google
last-modified: Tue, 04 May 2021 09:24:56 GMT
server: nginx/1.20.0
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 43
expires: Tue, 04 May 2021 09:24:57 GMT

GET
H2 200 value=YJES5wNgCZwq.wHvWHMaVQAA%261152
a.denik.cz/vlm/setid/MID=5197103461302743573/external=CASALE/ Frame 4D5D 43 B
454 B 37ms
34ms Image
image/gif 52.50.94.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.denik.cz/vlm/setid/MID=5197103461302743573/external=CASALE/value=YJES5wNgCZwq.wHvWHMaVQAA%261152
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=189795&cb=https%3A%2F%2Fa%2Edenik%2Ecz%2Fvlm%2Fsetid%2FMID%3D5197103461302743573%2Fexternal%3DCASALE%2Fvalue%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.94.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-94-149.eu-west-1.compute.amazonaws.com
Software: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0e7bf04be84fdab5f) /
Resource Hash: 82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:55 GMT
server: Match/6567.03d4b8e0743cc41d6987820a90809d985d5bb40b (i-0e7bf04be84fdab5f)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: image/gif
content-length: 43
expires: -1

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 36BC 0
75 B 1099ms
22ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=79624283&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:56 GMT
Content-Length: 0

GET
H2 200 apn_sync.js Show response
ssp.seznam.cz/static/js/ Frame 0AA9 19 KB
6 KB 36ms
36ms Script
application/javascript 77.75.78.101
SEZNAM-

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.seznam.cz/static/js/apn_sync.js
Requested by: Host: ssp.seznam.cz
URL: https://ssp.seznam.cz/static/html/sync/apn_sync.html?uid=8744422011914918744
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.75.78.101 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS: ssp.seznam.cz
Software: envoy /
Resource Hash: 2bbcf956fd85b3c397da10dcf453e8c3fe6fdbd7b13b32495c04eb018c86a369

Request headers

Referer: https://ssp.seznam.cz/static/html/sync/apn_sync.html?uid=8744422011914918744
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:55 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: envoy
etag: W/"1dc09d84-4b74"
vary: Accept-Encoding
p3p: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: no-cache
x-envoy-upstream-service-time: 3
content-type: application/javascript
expires: Tue, 04 May 2021 09:24:54 GMT

GET
H2 200 cmp.js Show response
ssp.seznam.cz/static/js/ Frame BCCC 2 KB
893 B 33ms
33ms Script
application/javascript 77.75.78.101
SEZNAM-

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.seznam.cz/static/js/cmp.js
Requested by: Host: ssp.seznam.cz
URL: https://ssp.seznam.cz/static/html/cmp.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.75.78.101 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS: ssp.seznam.cz
Software: envoy /
Resource Hash: 98d0b39b1123b8388c923106696398f1505894bb29145c16ad75e7ee4edf506f

Request headers

Referer: https://ssp.seznam.cz/static/html/cmp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:55 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: envoy
etag: W/"1dc09d84-710"
vary: Accept-Encoding
p3p: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: no-cache
x-envoy-upstream-service-time: 1
content-type: application/javascript
expires: Tue, 04 May 2021 09:24:54 GMT

GET
H/1.1 200
OK Cookie set imp Show response
c-ng.seznam.cz/sklik/ Frame D0E4 43 KB
15 KB 65ms
26ms Document
text/html 2a02:598:2::60
SEZNAM-

General

Check archive.org

Show headers Download Go to

Full URL: https://c-ng.seznam.cz/sklik/imp?k=630ef9e0-5242-478e-9cbc-23837cdbd417&pssp1=AZXgYzPxxufN5tnCatKiq4BxD6SuMeMP7K33z-JOEpvZb1c28zR7
Requested by: Host: ssp.imedia.cz
URL: https://ssp.imedia.cz/static/js/ssp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:598:2::60 , Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 87e5392af4a6bb193d1fdb63a2e3d98a8ba24a3eb6a8f1cd500eddef33132888

Request headers

Host: c-ng.seznam.cz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://halomovie.estranky.cz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: APNUID=8744422011914918744; sid=id=16047704751665763111|t=1620120295.754|te=1620120295.860|c=26E7199B7ED99F32B95E37F2AD5C2B04
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://halomovie.estranky.cz/

Response headers

Server: nginx
Date: Tue, 04 May 2021 09:24:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: sid=id=16047704751665763111|t=1620120295.754|te=1620120295.991|c=D543BCDA117CE798B0B52289B4CAA20C; Domain=.seznam.cz; Path=/; SameSite=None; Secure; Expires=Thu, 03-Jun-2021 09:24:55 GMT
vary: Accept-Encoding
x-envoy-upstream-service-time: 1
P3P: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml" CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: content-type,x-openrtb-version
Access-Control-Allow-Credentials: true
Cache-Control: max-age=1800
Content-Encoding: gzip

GET
H2 200 impress
ssp.seznam.cz/v1/ 42 B
236 B 42ms
41ms Image
image/gif 77.75.78.101
SEZNAM-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.seznam.cz/v1/impress?r=8bdac2b1-acc8-4cba-93c3-98f1cda21ec4&z=67158&i=0&sid=16047704751665763111&s=hKLPEWAzefKqJxApjysb
Requested by: Host: halomovie.estranky.cz
URL: https://halomovie.estranky.cz/?mladdemail=92&code=2cc434a32fca410cca4a53eb9f50de44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.75.78.101 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS: ssp.seznam.cz
Software: envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:55 GMT
server: envoy
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache, no-store, no-transform, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-type: image/gif
access-control-allow-headers: content-type
content-length: 42

GET
H2 200 6mou.png
d49-a.sdn.cz/d_49/c_img_QP_Z/ Frame D0E4 7 KB
8 KB 79ms
35ms Image
image/jpeg 2a02:598:6666:1:14::4
SEZNAM-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d49-a.sdn.cz/d_49/c_img_QP_Z/6mou.png?fl=res,256,,1|jpg,90

Requested by

Host: c-ng.seznam.cz
URL: https://c-ng.seznam.cz/sklik/imp?k=630ef9e0-5242-478e-9cbc-23837cdbd417&pssp1=AZXgYzPxxufN5tnCatKiq4BxD6SuMeMP7K33z-JOEpvZb1c28zR7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:598:6666:1:14::4 , Czech Republic, ASN43037 (SEZNAM-, CZ),

Reverse DNS

Software

nginx /

Resource Hash

d7498fc9d077af84de60abb31fb478be1e43a85d38a10239dc5264365456c9c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://c-ng.seznam.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:56 GMT
x-openstack-request-id: tx462cf4121de04170b36e0-006090a376
x-varnish-age: 28529
x-trans-id: tx462cf4121de04170b36e0-006090a376
x-delete-at: 1620667765
accept-ranges: bytes
last-modified: Tue, 04 May 2021 01:24:11 GMT
server: nginx
etag: "ec58e2b244e0d020cea6f78e488c0eb8"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: HEAD, GET, OPTIONS
x-varnish: 1013519001 832693686
access-control-allow-origin: *
x-timestamp: 1620091450.28475
cache-control: public, max-age=86616
content-length: 7329
content-type: image/jpeg
access-control-allow-headers: Accept-Encoding, Accept-Language, Origin, DNT

GET
H2 200 LP4u4.jpeg
d49-a.sdn.cz/d_49/c_img_QQ_R/ Frame D0E4 16 KB
17 KB 88ms
45ms Image
image/jpeg 2a02:598:6666:1:14::4
SEZNAM-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d49-a.sdn.cz/d_49/c_img_QQ_R/LP4u4.jpeg?fl=res,256,,1|jpg,90

Requested by

Host: c-ng.seznam.cz
URL: https://c-ng.seznam.cz/sklik/imp?k=630ef9e0-5242-478e-9cbc-23837cdbd417&pssp1=AZXgYzPxxufN5tnCatKiq4BxD6SuMeMP7K33z-JOEpvZb1c28zR7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:598:6666:1:14::4 , Czech Republic, ASN43037 (SEZNAM-, CZ),

Reverse DNS

Software

nginx /

Resource Hash

87ef6b89d640dadd1ee25aa860d70a6ebc620dc3c926403836d97e51baf007e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://c-ng.seznam.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:56 GMT
x-openstack-request-id: tx8717ff76ed6d41fa8f0eb-00609101fa
x-varnish-age: 4333
x-trans-id: tx8717ff76ed6d41fa8f0eb-00609101fa
x-delete-at: 1620549203
accept-ranges: bytes
last-modified: Sun, 02 May 2021 16:30:33 GMT
server: nginx
etag: "4bf4be5f65c993b7aa8f1c28d3c1c193"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: HEAD, GET, OPTIONS
x-varnish: 1010706850 954028134
access-control-allow-origin: *
x-timestamp: 1619973032.08372
cache-control: public, max-age=94088
content-length: 16679
content-type: image/jpeg
access-control-allow-headers: Accept-Encoding, Accept-Language, Origin, DNT

GET
H2 200 https%3A%2F%2Fwww.scitani.cz%2F
fimg-resp.seznam.cz/thumbnail/v1.0/favicon16x16/ Frame D0E4 709 B
1000 B 60ms
16ms Image
image/jpeg 2a02:598:a::78:74
SEZNAM-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fimg-resp.seznam.cz/thumbnail/v1.0/favicon16x16/https%3A%2F%2Fwww.scitani.cz%2F
Requested by: Host: c-ng.seznam.cz
URL: https://c-ng.seznam.cz/sklik/imp?k=630ef9e0-5242-478e-9cbc-23837cdbd417&pssp1=AZXgYzPxxufN5tnCatKiq4BxD6SuMeMP7K33z-JOEpvZb1c28zR7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:598:a::78:74 , Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS
Software: envoy /
Resource Hash: 3578bb80f2655928f1c3f0903469e736a41b98c2d77dfce6c39d8207ce70d29f

Request headers

Referer: https://c-ng.seznam.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:56 GMT
last-modified: Tue, 06 Apr 2021 22:53:22 GMT
server: envoy
etag: eZZ-AFlMQqIMkHbxBCImqA
x-forwarded-for: 10.85.168.237
content-type: image/jpeg
content-size: 709
x-envoy-upstream-service-time: 5
x-envoy-internal: true
x-forwarded-proto: http
content-length: 709
x-request-id: f87bc101-e748-4417-93e3-63e018fc29ff
x-envoy-expected-rq-timeout-ms: 900000

GET
H2 200 https%3A%2F%2Fwww.usetreno.cz%2F
fimg-resp.seznam.cz/thumbnail/v1.0/favicon16x16/ Frame D0E4 728 B
853 B 61ms
18ms Image
image/jpeg 2a02:598:a::78:74
SEZNAM-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fimg-resp.seznam.cz/thumbnail/v1.0/favicon16x16/https%3A%2F%2Fwww.usetreno.cz%2F
Requested by: Host: c-ng.seznam.cz
URL: https://c-ng.seznam.cz/sklik/imp?k=630ef9e0-5242-478e-9cbc-23837cdbd417&pssp1=AZXgYzPxxufN5tnCatKiq4BxD6SuMeMP7K33z-JOEpvZb1c28zR7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:598:a::78:74 , Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS
Software: envoy /
Resource Hash: 30bfc81814b0a7ddc54416c70a813c2c443c7db13e4b41865803d54a264aa635

Request headers

Referer: https://c-ng.seznam.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:56 GMT
last-modified: Wed, 31 Mar 2021 17:42:51 GMT
server: envoy
etag: e3rs40_LElq57zMRARv2hw
x-forwarded-for: 10.85.168.237
content-type: image/jpeg
content-size: 728
x-envoy-upstream-service-time: 7
x-envoy-internal: true
x-forwarded-proto: http
content-length: 728
x-request-id: c9dfce33-6725-4ad3-bb9c-63f0fb466fdc
x-envoy-expected-rq-timeout-ms: 900000

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1D73
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?region=EU&country=CZ&endpoint=eu&p=cpex&
https://eus.rubiconproject.com/usync.html?region=EU&country=CZ&endpoint=eu&p=cpex&

281 B
554 B

22ms
22ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?region=EU&country=CZ&endpoint=eu&p=cpex&
Requested by: Host: secure-assets.rubiconproject.com
URL: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cdn.cpex.cz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.cpex.cz/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 04 May 2021 09:24:56 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?region=EU&country=CZ&endpoint=eu&p=cpex&
Date: Tue, 04 May 2021 09:24:56 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1D73 30 KB
9 KB 28ms
28ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?region=EU&country=CZ&endpoint=eu&p=cpex&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer: https://eus.rubiconproject.com/usync.html?region=EU&country=CZ&endpoint=eu&p=cpex&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 21:43:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17601
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9235
Expires: Tue, 04 May 2021 14:18:17 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 1D73 284 B
536 B 23ms
22ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/ Frame EA0C 10 KB
4 KB 32ms
11ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7349691528422556&output=html&h=600&slotname=7661597236&adk=849360679&adf=3631241403&pi=t.ma~as.7661597236&w=300&lmt=1620120295&psa=0&format=300x600&url=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620120295704&bpp=6&bdt=1376&idt=113&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6003058413602&frm=20&pv=2&ga_vid=1631859808.1620120295&ga_sid=1620120296&ga_hid=659141618&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1300&ady=715&biw=1600&bih=1200&scr_x=0&scr_y=715&oid=3&pvsid=3966906287212697&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=51BmvPpE4h&p=https%3A//halomovie.estranky.cz&dtd=132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5c277a90b319acc1436e190522aba9f3241ba75b86537acf9dba645da6d4904

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/16073489184916735929/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3169
date: Thu, 29 Apr 2021 02:10:29 GMT
expires: Fri, 29 Apr 2022 02:10:29 GMT
last-modified: Fri, 05 Feb 2021 15:19:30 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 458067
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/ Frame 30C2 17 KB
7 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b44de504fe9504ea2636b637f8fb3f2be8d29674c427654bdf78bceff624435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 16788430792231894627
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 09:24:23 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 30C2 2 KB
1 KB 29ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 09:24:19 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 30C2 116 KB
35 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Tue, 04 May 2021 09:24:56 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 30C2 13 KB
6 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 09:06:38 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 30C2 0
0 14ms
14ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRKiymnPQE8mdM3IrROrZbyH0uWuRdFUWFFmGRYXaLGS0NPufOl3TonKqs258NE-g13nuBJurkkGhLo4oL1u899kkp5fA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7349691528422556&output=html&h=600&slotname=7661597236&adk=849360679&adf=3631241403&pi=t.ma~as.7661597236&w=300&lmt=1620120295&psa=0&format=300x600&url=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620120295704&bpp=6&bdt=1376&idt=113&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6003058413602&frm=20&pv=2&ga_vid=1631859808.1620120295&ga_sid=1620120296&ga_hid=659141618&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1300&ady=715&biw=1600&bih=1200&scr_x=0&scr_y=715&oid=3&pvsid=3966906287212697&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=51BmvPpE4h&p=https%3A//halomovie.estranky.cz&dtd=132
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 12F8 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7349691528422556&output=html&h=600&slotname=7661597236&adk=849360679&adf=3631241403&pi=t.ma~as.7661597236&w=300&lmt=1620120295&psa=0&format=300x600&url=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620120295704&bpp=6&bdt=1376&idt=113&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6003058413602&frm=20&pv=2&ga_vid=1631859808.1620120295&ga_sid=1620120296&ga_hid=659141618&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1300&ady=715&biw=1600&bih=1200&scr_x=0&scr_y=715&oid=3&pvsid=3966906287212697&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=51BmvPpE4h&p=https%3A//halomovie.estranky.cz&dtd=132
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlV4vWa56Wo-euQJI-ScM9v2fEkTcaEwvqU0JEYcOK3RqXR4eoUcrjbpzKIuTw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7349691528422556&output=html&h=600&slotname=7661597236&adk=849360679&adf=3631241403&pi=t.ma~as.7661597236&w=300&lmt=1620120295&psa=0&format=300x600&url=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620120295704&bpp=6&bdt=1376&idt=113&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6003058413602&frm=20&pv=2&ga_vid=1631859808.1620120295&ga_sid=1620120296&ga_hid=659141618&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1300&ady=715&biw=1600&bih=1200&scr_x=0&scr_y=715&oid=3&pvsid=3966906287212697&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=51BmvPpE4h&p=https%3A//halomovie.estranky.cz&dtd=132

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 04 May 2021 08:56:55 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1681
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 30C2 0
20 B 55ms
41ms Other
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL2Z6bXar_ACFRT2dwodha8G_w&gqi=5xKRYPnSM6OQ4gGj6LeoAw&layout=/sadbundle/%24csp%253Der3%24/16073489184916735929/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 30C2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed15afa8023a83120fd7a9b4f574e24fae8db9f952d6f70c414892074c31ca00

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame EA0C 9 KB
3 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 03:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 05 May 2021 03:57:01 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EA0C 22 KB
9 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 18:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 04 May 2021 18:54:40 GMT

GET
H3-29 200 c7dacafa6023ba57a8f6a37ebd98063f.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/ Frame EA0C 69 KB
18 KB 22ms
7ms Script
application/x-javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/c7dacafa6023ba57a8f6a37ebd98063f.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e252bb2014a942541aaac1fef928976fc2268a72744e6557a756377fc8b569de

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 99431
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18494
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:30 GMT
server: sffe
date: Mon, 03 May 2021 05:47:45 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 May 2022 05:47:45 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 12F8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlV4vWa56Wo-euQJI-ScM9v2fEkTcaEwvqU0JEYcOK3RqXR4eoUcrjbpzKIuTw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 04 May 2021 09:24:56 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 04-May-2021 10:24:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 May 2021 09:24:56 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 04 May 2021 09:24:56 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 afd7d8950b49bd19d0eac2a332705285.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/media/ Frame EA0C 29 KB
29 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/media/afd7d8950b49bd19d0eac2a332705285.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7426120c1348476bb5dd9523107f70258ac8fa929884b9480d69be62da01496

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 9850
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29288
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:30 GMT
server: sffe
date: Tue, 04 May 2021 06:40:46 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 May 2022 06:40:46 GMT

GET
H3-29 200 adace9085412ed839f5f3d39b3e5db47.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/media/ Frame EA0C 10 KB
10 KB 8ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/media/adace9085412ed839f5f3d39b3e5db47.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63d0bbc55d990fec6e48615b095b47c8cb477fa695c350fee5e69bda28f6a1f9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 364382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10294
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:30 GMT
server: sffe
date: Fri, 30 Apr 2021 04:11:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 04:11:54 GMT

GET
H3-29 200 93fa650c3d79209197cb6da2e1b2bbba.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/media/ Frame EA0C 9 KB
2 KB 9ms
9ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/media/93fa650c3d79209197cb6da2e1b2bbba.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc05e0d988a201b2a2a2c70d1ed07c6bfe375ea68caf825ca7669c318e4a0f27

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 458067
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1951
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:30 GMT
server: sffe
date: Thu, 29 Apr 2021 02:10:29 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 02:10:29 GMT

GET
H3-29 200 16fb75c5e31d6df58a77f2faa6e79911.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/media/ Frame EA0C 40 KB
40 KB 10ms
9ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/media/16fb75c5e31d6df58a77f2faa6e79911.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d5116000dd98bbd0aad3c756821612e4313baa311ed415fd0dbd25ca3a7c31

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 335773
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40688
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:30 GMT
server: sffe
date: Fri, 30 Apr 2021 12:08:43 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 12:08:43 GMT

GET
H3-29 200 7e68b075f5bc828881552b455aedc932.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/media/ Frame EA0C 4 KB
1 KB 6ms
6ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/media/7e68b075f5bc828881552b455aedc932.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16073489184916735929/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6040ab7bf4a094fd0566d185e75863d1f3918453faa04226c92060bfc5a5997

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 457897
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1263
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:30 GMT
server: sffe
date: Thu, 29 Apr 2021 02:13:19 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 02:13:19 GMT

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame EA0C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:08:41 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 975
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 09:08:41 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 30C2 42 B
64 B 48ms
47ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLjICHzZ1j8HTqN8YDfEQQMTpfrU8FkDjNsS-9rj1ewwXGt1EGfWPfdsrUsxYhs00C0cE8WcDnjeF5gUebhAvup3hiaHvuu7hJvDjTHnUMzgK4YCUPhfiyptyplQ&sai=AMfl-YTWX_ZDtHMvHi-do9RG8oDQXt4WgnSBfKDgNpmzvQiouR6z9TTRppuBl74yNBaGVACLRV_KGDLsbQGZdzVAYHM0XOXa-CMgU-I&sig=Cg0ArKJSzOpsp3nvJ3oIEAE&cid=CAASF-RoGFFm1SQngBXBKl1r3y6aEldeD_ue&id=lidar2&mcvt=1000&p=715,1300,1315,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210503&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=849360679&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620120295839&dlt=397&rpt=71&isd=715&msd=925&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 4BBF
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?region=EU&country=NL&endpoint=eu&p=cpexvlm&
https://eus.rubiconproject.com/usync.html?region=EU&country=NL&endpoint=eu&p=cpexvlm&

281 B
554 B

22ms
22ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?region=EU&country=NL&endpoint=eu&p=cpexvlm&
Requested by: Host: secure-assets.rubiconproject.com
URL: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://halomovie.estranky.cz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://halomovie.estranky.cz/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 04 May 2021 09:24:57 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?region=EU&country=NL&endpoint=eu&p=cpexvlm&
Date: Tue, 04 May 2021 09:24:57 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
7 KB 18ms
17ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210429&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7be51ab88ec27bf4699f18ba31baee029254b43f88135a3246020d3eb97e3611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 09:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7633
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 04 May 2021 09:24:57 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 1859 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://halomovie.estranky.cz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://halomovie.estranky.cz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 04 May 2021 09:22:42 GMT
expires: Wed, 04 May 2022 09:22:42 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 135
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4BBF 30 KB
9 KB 25ms
25ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?region=EU&country=NL&endpoint=eu&p=cpexvlm&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer: https://eus.rubiconproject.com/usync.html?region=EU&country=NL&endpoint=eu&p=cpexvlm&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:24:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 21:43:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17600
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9235
Expires: Tue, 04 May 2021 14:18:17 GMT

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame 1859 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:08:41 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 976
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 09:08:41 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 4BBF 284 B
536 B 25ms
24ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210429&jk=3966906287212697&bg=!1dal1pLNAAYXzPaOF8w7ACkAdvg8WkBiCxmun4J_99-IJ94D0u1MWa_WZXgmUNuizqmMqsIQO_1F5gIAAABPUgAAAAxoAQcKASsOF_khGS4IvgzwvvjJ9vYwR42VAkfjytQEcirxixb-5863R_kxP7izZHQEmqQthb-x_OYOBgcC_KDSggj07NCzEy1gaJO5mEN0ql1bxG4GM9bvs3MCSUDQ1U0TisM0lDeFUavHseOuY5YiaUEar2oYQqYN8sInmGF1c5Bo_MiYk1znTQqDjh2t6P4lwilsJ9ka_qUPWrH6u9YkMgvex8O1hPYjxVEYlPB2kI76ddSpi2VVTByxpy67coAeArYyWWYQ-YCF74aIfAvhu2Uw9JEGT6vrTwLICk4O8f4IGoPzorBI34hzY9Q1tD6JDp24Ot9w3-7ZBX2lBay2y7hGRnkOTmqTeZDLF82TT9f5SjoB-U_SoK2eHtnLQDR9fME5aNZJYaXHaGqMtltgQZkCVv4kNihlyqV3JfNHMImKyLjHl3GqJB8DCJok6Ch3JY-FzMJkTAZLS_iI0UEwHYIMy7dbKiA0IIzcNVJ53plmumFrSrzyKxFBLcfCtlAypCbLxTlZxwv_XXmuRooVZd8VNRdsi5NGACVRbiqfHkjgn9t_lhQdiMFYS9zbiyTrAXLOFX4WvFhBBT_-NBuHF6-u8f1tZ2CdVfHKU1hT8UvuJdM_MU7hnI4zvblzg1-Fu4yO-NNs8LALlU1Gx-gOQKyEfCazbhuiQW4Hgo0_bdP9ihLgtW6W5HRS8uVYbwryy5ao38KmOIFIgduepRtWHtTYJruLFbzYtcI1GzAFWSws5qHggwIeBFiUjIKrqDsV3ra3g1w65saK8AzPwPD9GsNGrXl2y0rhlHpV8FnQTYqVHr7fJXZp-2r99tsIIJ_PEi-LiQGD_b6QYyhgzOQUQfAQ7TmdccrQxWgcRPmS5Av37ulHPvzhJ4UIo8mTyWXhfuMCeCxR_Vy8NpgE658whiLoNjEk7QjgzIIpKpIXh4R9X6K4UY2Ac0ebloQF4EXh-MUaj6c0Ky4pN8wTOvdzfmqgnDsl_Jby6MX9Zq0h1xtWUH3hi5mvLCzvuKX9aRyyDP0QYdgY0oISdzbtBdtw--Mr5o_wZ2rnilbRzR67lR_IbJf3CJVeFyqK7rBpkZF_fcqnq7-ESuJ8isrg7tSlL4i7zYlrWs5v_r89Hzc9OCn3FARVGPubGqNg5E-3INjpiM3nUcvRIBbbeKmL_vzPEZVkFVSDopWL5WWkRFDk1yFVzfGIE5-AYnU

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:24:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
h.seznam.cz/hit/ 43 B
445 B 30ms
30ms Image
image/gif 77.75.77.9
SEZNAM-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.seznam.cz/hit/?d=%7B%22action%22%3A%22spenttime%22%2C%22time%22%3A5%7D&a=event&s=sklikp&lsid=&id=16201202957220.020577041047478817&v=2.11&r=0.5886230370279637&rus=&ri=&los=&pvid=&spa=false&dsid=id%3D14432022634760743651%7Ct%3D1620120295.737%7Cte%3D1620120295.737%7Cc%3D8E4B20E9EE6A81F9422CC03AAD6414D5&u=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&lses=1620120295722&ab=&serviceVariant=&ptitle=HALO%20MOVIE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.75.77.9 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS: h.imedia.cz
Software: nginx/1.18.0 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:25:00 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: content-type
content-length: 43

GET
H2 200 /
h.seznam.cz/hit/ 43 B
446 B 40ms
40ms Image
image/gif 77.75.77.9
SEZNAM-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.seznam.cz/hit/?d=%7B%22action%22%3A%22spenttime%22%2C%22time%22%3A10%7D&a=event&s=sklikp&lsid=&id=16201202957220.020577041047478817&v=2.11&r=0.7687747911566944&rus=&ri=&los=&pvid=&spa=false&u=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&lses=1620120295722&ab=&serviceVariant=&ptitle=HALO%20MOVIE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.75.77.9 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS: h.imedia.cz
Software: nginx/1.18.0 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:25:05 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: content-type
content-length: 43

GET
H2 200 /
h.seznam.cz/hit/ 43 B
444 B 30ms
30ms Image
image/gif 77.75.77.9
SEZNAM-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.seznam.cz/hit/?d=%7B%22action%22%3A%22spenttime%22%2C%22time%22%3A20%7D&a=event&s=sklikp&lsid=&id=16201202957220.020577041047478817&v=2.11&r=0.27672252061751923&rus=&ri=&los=&pvid=&spa=false&u=https%3A%2F%2Fhalomovie.estranky.cz%2F%3Fmladdemail%3D92%26code%3D2cc434a32fca410cca4a53eb9f50de44%23mail-list&lses=1620120295722&ab=&serviceVariant=&ptitle=HALO%20MOVIE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.75.77.9 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS: h.imedia.cz
Software: nginx/1.18.0 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Referer: https://halomovie.estranky.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:25:15 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: content-type
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bungie.cz
URL: https://bungie.cz/wp-content/uploads/2010/01/halo_201483b-150x150.jpg

Domain: bungie.cz
URL: https://bungie.cz/wp-content/uploads/2010/01/halo_201482b-150x150.jpg

Domain: bungie.cz
URL: https://bungie.cz/wp-content/uploads/2010/01/halo_201481b-150x150.jpg

Domain: bungie.cz
URL: https://bungie.cz/wp-content/uploads/2010/01/gamereactorspelarhalo_201516b-150x150.jpg

Domain: bungie.cz
URL: https://bungie.cz/wp-content/uploads/2010/01/gamereactorspelarhalo_201491b-150x150.jpg

Domain: bungie.cz
URL: https://bungie.cz/wp-content/uploads/2010/01/gamereactorspelarhalo_201497b-150x150.jpg

Domain: blueboard.cz
URL: http://blueboard.cz/widget-anketa-902246

Domain: blueboard.cz
URL: http://blueboard.cz/widget-chatboard-240349

Verdicts & Comments Add Verdict or Comment

211 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.1gr.cz
a.adactive.cz
a.centrum.cz
a.csfd.cz
a.denik.cz
a.iprima.cz
a.slunecnice.cz
ads.pubmatic.com
adservice.google.com
adservice.google.de
assets.adobedtm.com
blueboard.cz
bungie.cz
c-ng.seznam.cz
cdn.cpex.cz
cm.g.doubleclick.net
code.jquery.com
content.aimatch.com
d49-a.sdn.cz
dmp.brand-display.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fimg-resp.seznam.cz
gacz.hit.gemius.pl
googleads.g.doubleclick.net
h.seznam.cz
halomovie.estranky.cz
i45.tinypic.com
i46.tinypic.com
i47.tinypic.com
i48.tinypic.com
i50.tinypic.com
image6.pubmatic.com
img.20dollars2surf.com
img101.imageshack.us
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
s.amazon-adsystem.com
s3a.estranky.cz
s3c.estranky.cz
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
smileyshut.com
ssp.imedia.cz
ssp.seznam.cz
ssum-sec.casalemedia.com
ssum.casalemedia.com
stats.g.doubleclick.net
sync.adotmob.com
sync.mathtag.com
t0.gstatic.com
tinypic.com
token.rubiconproject.com
tpc.googlesyndication.com
upload.svetobrazku.cz
www.blueboard.cz
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.halomovie.estranky.cz
www.smileyshut.com
blueboard.cz
bungie.cz
104.111.230.142
137.74.0.151
142.250.185.162
142.250.185.66
143.204.202.115
143.204.202.122
162.241.226.124
172.217.23.98
184.30.25.69
185.183.112.155
185.25.185.10
185.29.135.227
185.64.190.78
192.155.108.156
195.191.205.110
2.18.233.180
2.18.234.21
2001:4de0:ac18::1:a:3a
23.79.143.124
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c08::9d
2a00:1ed0:45::c
2a02:26f0:6c00:299::1e80
2a02:598:2::60
2a02:598:6666:1:14::4
2a02:598:a::78:74
2a02:6ea0:c700::3
35.241.40.233
37.252.172.37
38.99.77.16
52.50.94.149
54.154.97.212
54.230.183.36
65.9.84.119
69.173.144.138
69.173.144.139
72.21.206.140
76.223.111.131
77.75.76.101
77.75.77.9
77.75.78.101
81.0.226.241
81.0.235.96
093f42ee37f2dd4fd0b60427a227236aacff8a5e616e0bd3cedad7597d5ef593
0a38b2b55100ff605df22ae177413820f086f2a0460778f6f273af77a78e0450
12438e1cc54b6500fcbad87fbe57f0cfed9b8b2e3b9efb43c8b00573a0502199
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c3cac6ea5cea787148995dba59f7953f6d68ca49f80ecbb338fe6a8a023d499
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
26154284be3de87efc13608bfa0e986f88a7509ad08e0c360f19118056dc5ee1
29e60d214884396814d3f2fc305a58eade83111a92ca289a189962d2613149ca
2bbcf956fd85b3c397da10dcf453e8c3fe6fdbd7b13b32495c04eb018c86a369
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cf26672b5c14a47b090d5f9bf3b3a65425aec7f27427a42063cddbec96486ac
30bfc81814b0a7ddc54416c70a813c2c443c7db13e4b41865803d54a264aa635
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3578bb80f2655928f1c3f0903469e736a41b98c2d77dfce6c39d8207ce70d29f
3a9d2c38e81f7c55f33e5431477724aed2e1f2b865cedca9bd67ba9b53bb84f0
3bd9d95d0976c8d68b87296831ce4aaa2daf37b3362dff0d1a94fa130445a8c3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c66f174f7d10b5044d5fc674f468b5eb5883b9b9686654ef7bf38280804a419
4e0552d02bac9f20fea4498434bbd4f6c5ad36ef83ea6f2fd76b223834b439e3
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
4f6df5fe08ebbc26c5a3219a3bef57a46202a0b0f2a85266ede361868c03df05
5127c3ba789e90f1daaad9b823d90c592ea03e1bd177f0960563bb2a61762fbd
5238b526974d054069609e16ee1d810c08b67f9ffc74ec6bb226bb28c094fdcc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57b7e1e0a4d05577081bcfe2fc09da16f8e65d939b35eef7cb30f097b9d3d307
5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b
638e43bdc9ab087038147dbab420b87f65941ec7e556b0bcc20e19f3e7e7485e
63d0bbc55d990fec6e48615b095b47c8cb477fa695c350fee5e69bda28f6a1f9
66942c9396e5ab334c33ea37c0145332d21a0d1d068021d9f3d245f25c35e73a
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
697664790a08ee8c46384f946cce22d9df110c32ddd66eac540d134e7da849dc
6b44de504fe9504ea2636b637f8fb3f2be8d29674c427654bdf78bceff624435
71183678c929802170ba76f82a2caf675d528d6ac1528923b529238e05d83794
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7adeef63a9fbede957d562c51917fb5cb44509b48b4a45e4b749a09a773132a8
7be51ab88ec27bf4699f18ba31baee029254b43f88135a3246020d3eb97e3611
7ea6d3a98b3f4ffa31cf79cbf065a61512a60bd5b20da5eac96f5c496b6938da
80e99628fc3524cf82992ef2c6172a7d9a6be9a2452e7a3bab0a2ec92d7bf000
8130b4b4cc01dcf4f708bd1eb849f935ef07328fcf62cd5218a00eb7c4e23cc9
82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87e5392af4a6bb193d1fdb63a2e3d98a8ba24a3eb6a8f1cd500eddef33132888
87ef6b89d640dadd1ee25aa860d70a6ebc620dc3c926403836d97e51baf007e2
89d9ef9876dcf3abb48ba26100d01b8c72b5c3da5c3b3e59849fd212ee86779b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8efe3e24fbff7b370d1d24175f1de783017859e0fe80d2e0f08e22b8e1c0c08a
94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af
98d0b39b1123b8388c923106696398f1505894bb29145c16ad75e7ee4edf506f
9ecb33a9da6b4e5e056dcbc7088d4d6d16bf86310eaf46f11456559d9a93dc1d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d5116000dd98bbd0aad3c756821612e4313baa311ed415fd0dbd25ca3a7c31
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a85dc1545bbd07579e7e3bb7310acc44f99b700ce16ac0392a148578d54e4f3f
ae5b1317228a549703fa7ad5dba1d81ed3c0d440a3e9763d73b3ceb39bed8d97
afd2e8f23e43c57e15c59ee70acfe65f9a3d2470cd3390d8d8f371f1146bbd56
b0440f9a1e4184d7aaa9c18241971006b72677b01619afd5288630239d642f1f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5c277a90b319acc1436e190522aba9f3241ba75b86537acf9dba645da6d4904
b9550f0316ad203af34bd203fda15602c2dbd108b4558f6efee2f9820a045d08
bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958
c16d99c7b7024a7aaac8364b6dbdddc494f19020852180e8a3060d6044df9db7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23bf7f64972ba7ba4119b8ba7ded541a8194af2a2577cce70e0f83c81534f0a
c322060c87967c74e8e1469862cab247ad7aa0c66e35918333904a125edcf3b3
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cc025feabc7dd9cc0dac9eaf1784844f833386a3a6eee0f7712f12c36faf183a
cc05e0d988a201b2a2a2c70d1ed07c6bfe375ea68caf825ca7669c318e4a0f27
d331bc9ab3dc987b8d25c3a02cb504223810734edca5159f6d859fd5e165b464
d58ad3cf16c164146f765f0917541ecdbe5e8442429ac563978bd3a33a85db18
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7498fc9d077af84de60abb31fb478be1e43a85d38a10239dc5264365456c9c4
d931393ae1a1c0b3d4126858ea4a15442f1e094f07420283272902e1a878c0cc
db1f6aa6cfdfc1cc3a526fb0de7c48b5226ad568a91f0a94e255aabd4013415a
db4a73af0ad0b5323413d017d9024a5342f1b9c84f678fb94b0dc27a456098fd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e165166388bc1b2440241742131ed0670b20156857366d81e13bdcf9e0816969
e16c19fa9b71cfd44f87dc293f554321dcd974a2d39d77a13e599b71a43f2a4e
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09
e252bb2014a942541aaac1fef928976fc2268a72744e6557a756377fc8b569de
e2c790428aa4ecd8b5490512259621ebb9bc4af8eb6c652af7c4ca05060b5be2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47f5d46018c6a13d5c7c4607e9025f99441c702bf13b94f4d23448d50f6eff4
e6040ab7bf4a094fd0566d185e75863d1f3918453faa04226c92060bfc5a5997
e6112f21183cd4cf72360443410d0a78021b845191d272e95809645bd1e89105
ebd3c7700bfc43abbe2b5f90e219670055ce54da48d704afeb717ea7b24dcbc1
ebf66d0f5abf5b982694cbf3cb5a68a5c05121ef2c96fe7468ccc49fec417877
ed15afa8023a83120fd7a9b4f574e24fae8db9f952d6f70c414892074c31ca00
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f087be50dd1d6a616363fab339fc303f359beb62a2f51b14811a34d145faa47c
f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053
f7426120c1348476bb5dd9523107f70258ac8fa929884b9480d69be62da01496
f809626173382537067bd8301068f7ff69070531e9a7fd74688ff04400de2d8c
fa7afea4537d8d155cba0f870de6a9cf6444fbff887d66fe2bc95aa9c264ffc3

halomovie.estranky.cz Open in urlscan Pro 81.0.226.241 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

179 Requests

94 %HTTPS

35 %IPv6

42 Domains

67 Subdomains

48 IPs

9 Countries

1456 kBTransfer

3419 kBSize

0 Cookies

15 Outgoing links

Page URL History

Redirected requests

179 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

halomovie.estranky.cz Open in urlscan Pro
81.0.226.241 Public Scan

Screenshot
Live screenshot

Full Image

179
Requests

94 %
HTTPS

35 %
IPv6

42
Domains

67
Subdomains

48
IPs

9
Countries

1456 kB
Transfer

3419 kB
Size

0
Cookies

179 HTTP transactions
-1 data transactions