januszspiewa.prv.pl Open in urlscan Pro
37.59.49.187 Public Scan

URL:
http://januszspiewa.prv.pl/
Submission: On April 21 via manual (April 21st 2021, 8:26:05 pm UTC) from PL

Summary HTTP 198 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 62 IPs in 14 countries across 78 domains to perform 198 HTTP transactions. The main IP is 37.59.49.187, located in France and belongs to OVH, FR. The main domain is januszspiewa.prv.pl.

This is the only time januszspiewa.prv.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	37.59.49.187 37.59.49.187	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
5	176.31.240.87 176.31.240.87	16276 (OVH) (OVH)
6	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
6	188.165.206.157 188.165.206.157	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
8	87.98.238.81 87.98.238.81	16276 (OVH) (OVH)
20	164.132.7.102 164.132.7.102	16276 (OVH) (OVH)
6 11	185.11.128.207 185.11.128.207	50599 (Autonomou...) (Autonomous System for Data Space Sp. z o.o.)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 22	37.157.6.251 37.157.6.251	198622 (ADFORM) (ADFORM)
1	35.227.247.230 35.227.247.230	15169 (GOOGLE) (GOOGLE)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	213.19.162.61 213.19.162.61	3356 (LEVEL3) (LEVEL3)
1	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3 7	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
8 12	85.194.243.83 85.194.243.83	57367 (ECO-ATMAN...) (ECO-ATMAN-PL ECO-ATMAN-)
4 4	85.194.243.82 85.194.243.82	57367 (ECO-ATMAN...) (ECO-ATMAN-PL ECO-ATMAN-)
2 9	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
12	37.157.5.72 37.157.5.72	198622 (ADFORM) (ADFORM)
2	212.48.120.130 212.48.120.130	8893 (ARTFILES-...) (ARTFILES-AS Artfiles New Media GmbH)
3	104.108.144.214 104.108.144.214	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.3.108.247 23.3.108.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	51.178.130.209 51.178.130.209	16276 (OVH) (OVH)
1 2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12 12	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1 23	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
4 4	99.81.54.149 99.81.54.149	16509 (AMAZON-02) (AMAZON-02)
1	51.68.117.182 51.68.117.182	16276 (OVH) (OVH)
1	80.158.66.20 80.158.66.20	34086 (SCZN-AS) (SCZN-AS)
2	52.218.101.18 52.218.101.18	16509 (AMAZON-02) (AMAZON-02)
2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
8 8	18.184.169.195 18.184.169.195	16509 (AMAZON-02) (AMAZON-02)
2 2	18.159.17.140 18.159.17.140	16509 (AMAZON-02) (AMAZON-02)
2 2	193.232.148.143 193.232.148.143	48061 (UMA-TECH-AS) (UMA-TECH-AS)
13 13	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	151.236.71.146 151.236.71.146	204720 (CDNETWORKS) (CDNETWORKS)
2 2	213.155.156.185 213.155.156.185	1299 (TELIANET ...) (TELIANET Telia Carrier)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 3	54.171.41.106 54.171.41.106	16509 (AMAZON-02) (AMAZON-02)
1 1	94.23.73.243 94.23.73.243	16276 (OVH) (OVH)
1	173.231.181.122 173.231.181.122	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	2606:4700:303... 2606:4700:3039::6815:c02e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 1	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.29.132.69 185.29.132.69	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	35.210.215.44 35.210.215.44	19527 (GOOGLE-2) (GOOGLE-2)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1 1	159.65.196.12 159.65.196.12	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
1 1	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	34.255.242.137 34.255.242.137	16509 (AMAZON-02) (AMAZON-02)
1 1	146.0.227.110 146.0.227.110	20773 (GODADDY) (GODADDY)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
1 3	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1 1	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	88.99.149.88 88.99.149.88	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
1	94.130.66.43 94.130.66.43	24940 (HETZNER-AS) (HETZNER-AS)
1 1	212.8.250.228 212.8.250.228	49981 (WORLDSTREAM) (WORLDSTREAM)
4 4	185.180.223.221 185.180.223.221	49981 (WORLDSTREAM) (WORLDSTREAM)
1 2	212.8.250.83 212.8.250.83	49981 (WORLDSTREAM) (WORLDSTREAM)
1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1	2a0c:5c81:513... 2a0c:5c81:5139::2	55081 (24SHELLS) (24SHELLS)
198	62

10 37.59.49.187 (France)

ASN16276 (OVH, FR)
PTR: prv-hosting1.grupapino.pl

januszspiewa.prv.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hostinga.htw.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 176.31.240.87 (France)

ASN16276 (OVH, FR)
PTR: biz.os.pl

webstat.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.165.206.157 (France)

ASN16276 (OVH, FR)
PTR: prv.grupapino.pl

stats.grupapino.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.prv.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
komentarze.prv.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 87.98.238.81 (Wroclaw, Poland)

ASN16276 (OVH, FR)

ox2.sterta.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 164.132.7.102 (France)

ASN16276 (OVH, FR)

a.spolecznosci.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
spolecznosci.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.11.128.207 (Poland) 6 redirects

ASN50599 (Autonomous System for Data Space Sp. z o.o., PL)
PTR: host-185-11-128-207.dataspace.pl

goldbach.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 37.157.6.251 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.247.230 (Kansas City, United States)

ASN15169 (GOOGLE, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.61 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.89 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 85.194.243.83 (Warsaw, Poland) 8 redirects

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)

gpl.adocean.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 85.194.243.82 (Warsaw, Poland) 4 redirects

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)

gpladpl.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.48.120.130 (Hamburg, Germany)

ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE)
PTR: lb.usemaxserver.de

www.usemax.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.108.144.214 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.3.108.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)

aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.178.130.209 (France) 2 redirects

ASN16276 (OVH, FR)

tracking.mlsat02.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creative.mlsat02.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.23.98 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.81.54.149 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.117.182 (France)

ASN16276 (OVH, FR)

aaa.artefact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.158.66.20 (Germany)

ASN34086 (SCZN-AS, DE)

ebs08.telekom.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.101.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

rechtstexte.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.184.169.195 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.17.140 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.143 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 31.172.81.158 (Germany) 13 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.71.146 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.171.41.106 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-41-106.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.73.243 (Lisbon, Portugal) 1 redirects

ASN16276 (OVH, FR)

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c02e (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.137.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.69 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.215.44 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)

ads.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.107.212 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.240 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.242.137 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.110 (Ascension Island) 1 redirects

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.76 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.149.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: dmc-test-dn3

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.66.43 (Asel, Germany)

ASN24940 (HETZNER-AS, DE)

api.rees46.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.8.250.228 (Rotterdam, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: 212-8-250-228.hosted-by-worldstream.net

ad.mox.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.180.223.221 (Helmond, Netherlands) 4 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-221.hosted-by-worldstream.net

ad.mediawayss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.outstream.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.adopx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.invamia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.8.250.83 (Rotterdam, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)

ad.vidverto.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.vidver.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	pubmatic.com 1 redirects hbopenbid.pubmatic.com ads.pubmatic.com aktrack.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com simage4.pubmatic.com aud.pubmatic.com image4.pubmatic.com	68 KB
34	adform.net 3 redirects adx.adform.net track.adform.net s1.adform.net c1.adform.net	281 KB
20	spolecznosci.net a.spolecznosci.net spolecznosci.net	551 KB
15	gemius.pl 10 redirects goldbach.hit.gemius.pl gpladpl.hit.gemius.pl	17 KB
14	prv.pl januszspiewa.prv.pl ad.prv.pl komentarze.prv.pl	362 KB
13	doubleclick.net 12 redirects stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
12	adocean.pl 8 redirects gpl.adocean.pl	3 KB
10	betweendigital.com 2 redirects ads.betweendigital.com cache.betweendigital.com	5 KB
9	adnxs.com 4 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	25 KB
8	bumlam.com 8 redirects sync.bumlam.com	5 KB
8	bidswitch.net 8 redirects x.bidswitch.net	2 KB
8	rubiconproject.com 1 redirects fastlane.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com secure-assets.rubiconproject.com	23 KB
8	criteo.com 1 redirects gum.criteo.com mug.criteo.com bidder.criteo.com dis.criteo.com	2 KB
8	sterta.pl ox2.sterta.pl	14 KB
6	google-analytics.com www.google-analytics.com	58 KB
5	webstat.pl webstat.pl	68 KB
4	adsniper.ru 4 redirects sync3.adsniper.ru	2 KB
4	adsrvr.org 4 redirects match.adsrvr.org	2 KB
3	yandex.ru 1 redirects an.yandex.ru	841 B
3	yahoo.com 2 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	2 KB
3	bidr.io 2 redirects match.prod.bidr.io	2 KB
3	googletagmanager.com www.googletagmanager.com	98 KB
2	tns-counter.ru 1 redirects www.tns-counter.ru	705 B
2	1dmp.io 1 redirects sync.1dmp.io	788 B
2	aidata.io 2 redirects x01.aidata.io	1003 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	744 B
2	programattik.com 2 redirects ads.programattik.com	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	994 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	tapad.com 1 redirects pixel.tapad.com	616 B
2	taboola.com 1 redirects trc.taboola.com match.taboola.com	655 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	adhigh.net 2 redirects px.adhigh.net	821 B
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	amazonaws.com rechtstexte.s3.amazonaws.com	86 KB
2	simpli.fi um.simpli.fi	1 KB
2	criteo.net static.criteo.net	51 KB
2	awin1.com 1 redirects www.awin1.com	707 B
2	mlsat02.de 2 redirects tracking.mlsat02.de creative.mlsat02.de	2 KB
2	usemax.de www.usemax.de	4 KB
1	adtelligent.com s.adtelligent.com
1	onetag-sys.com onetag-sys.com	818 B
1	vidver.to ad.vidver.to	431 B
1	vidverto.io 1 redirects ad.vidverto.io	494 B
1	invamia.com 1 redirects ad.invamia.com	509 B
1	adopx.net 1 redirects ad.adopx.net	525 B
1	outstream.today 1 redirects ad.outstream.today	539 B
1	mediawayss.com 1 redirects ad.mediawayss.com	560 B
1	mox.tv 1 redirects ad.mox.tv	490 B
1	rees46.com api.rees46.com	158 B
1	sniperlog.ru 1 redirects sync3.sniperlog.ru	297 B
1	admixer.net 1 redirects inv-nets.admixer.net	557 B
1	gumgum.com 1 redirects rtb.gumgum.com	336 B
1	playground.xyz 1 redirects ads.playground.xyz	487 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	337 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	turn.com 1 redirects ad.turn.com	518 B
1	quantserve.com 1 redirects pixel.quantserve.com	541 B
1	mathtag.com 1 redirects sync.mathtag.com	680 B
1	zeotap.com mwzeom.zeotap.com	597 B
1	deepintent.com match.deepintent.com	44 B
1	contextweb.com 1 redirects bh.contextweb.com	462 B
1	ad4m.at ad4m.at	1 KB
1	adgrx.com cm.adgrx.com	408 B
1	erne.co 1 redirects green.erne.co	327 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	telekom.de ebs08.telekom.de	719 B
1	artefact.com aaa.artefact.com	1 KB
1	creativecdn.com prebid-eu.creativecdn.com	180 B
1	4dex.io mp.4dex.io	1 KB
1	google.de www.google.de	107 B
1	google.com www.google.com	117 B
1	googleapis.com ajax.googleapis.com	92 KB
1	grupapino.pl stats.grupapino.pl	338 B
1	htw.pl hostinga.htw.pl	10 KB
198	78

	Domain	Requested by
17	track.adform.net	spolecznosci.net s1.adform.net januszspiewa.prv.pl www.usemax.de
14	simage2.pubmatic.com	1 redirects ads.pubmatic.com
14	spolecznosci.net	a.spolecznosci.net spolecznosci.net
12	cm.g.doubleclick.net	12 redirects
12	s1.adform.net	spolecznosci.net track.adform.net s1.adform.net tracking.mlsat02.de januszspiewa.prv.pl
12	gpl.adocean.pl	8 redirects januszspiewa.prv.pl
11	goldbach.hit.gemius.pl	6 redirects januszspiewa.prv.pl
9	image2.pubmatic.com	ads.pubmatic.com
9	ads.betweendigital.com	2 redirects spolecznosci.net ads.betweendigital.com
9	januszspiewa.prv.pl	januszspiewa.prv.pl
8	sync.bumlam.com	8 redirects
8	x.bidswitch.net	8 redirects
8	ox2.sterta.pl	januszspiewa.prv.pl
7	ib.adnxs.com	3 redirects spolecznosci.net acdn.adnxs.com
6	a.spolecznosci.net	januszspiewa.prv.pl spolecznosci.net
6	www.google-analytics.com	januszspiewa.prv.pl www.google-analytics.com www.googletagmanager.com
5	webstat.pl	januszspiewa.prv.pl webstat.pl
4	sync3.adsniper.ru	4 redirects
4	eus.rubiconproject.com	spolecznosci.net eus.rubiconproject.com cache.betweendigital.com
4	match.adsrvr.org	4 redirects
4	gpladpl.hit.gemius.pl	4 redirects
4	ad.prv.pl	januszspiewa.prv.pl
3	an.yandex.ru	1 redirects
3	match.prod.bidr.io	2 redirects ads.pubmatic.com
3	c1.adform.net	3 redirects
3	ads.pubmatic.com	januszspiewa.prv.pl spolecznosci.net ads.pubmatic.com
3	gum.criteo.com	1 redirects static.criteo.net
3	www.googletagmanager.com	januszspiewa.prv.pl
2	www.tns-counter.ru	1 redirects
2	sync.1dmp.io	1 redirects
2	x01.aidata.io	2 redirects
2	token.rubiconproject.com	eus.rubiconproject.com
2	sync-tm.everesttech.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ads.programattik.com	2 redirects
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	pixel.tapad.com	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	ap.lijit.com	2 redirects
2	px.adhigh.net	2 redirects
2	a.sportradarserving.com	2 redirects
2	simage4.pubmatic.com	ads.pubmatic.com
2	rechtstexte.s3.amazonaws.com	www.usemax.de
2	um.simpli.fi	ads.pubmatic.com
2	dis.criteo.com	ads.pubmatic.com
2	static.criteo.net	spolecznosci.net static.criteo.net
2	image6.pubmatic.com	ads.pubmatic.com
2	www.awin1.com	1 redirects www.usemax.de
2	www.usemax.de	s1.adform.net www.usemax.de
2	adx.adform.net	spolecznosci.net s1.adform.net
2	mug.criteo.com	januszspiewa.prv.pl
1	s.adtelligent.com
1	onetag-sys.com	cache.betweendigital.com
1	ad.vidver.to
1	ad.vidverto.io	1 redirects
1	ad.invamia.com	1 redirects
1	ad.adopx.net	1 redirects
1	ad.outstream.today	1 redirects
1	ad.mediawayss.com	1 redirects
1	ad.mox.tv	1 redirects
1	api.rees46.com
1	secure-assets.rubiconproject.com	1 redirects
1	sync3.sniperlog.ru	1 redirects
1	inv-nets.admixer.net	1 redirects
1	rtb.gumgum.com	1 redirects
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	pixel-sync.sitescout.com	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	ad.turn.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	match.deepintent.com	ads.pubmatic.com
1	match.taboola.com	ads.pubmatic.com
1	trc.taboola.com	1 redirects
1	bh.contextweb.com	1 redirects
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	ad4m.at	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	green.erne.co	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	cache.betweendigital.com	ads.betweendigital.com
1	acdn.adnxs.com	spolecznosci.net
1	ebs08.telekom.de	www.usemax.de
1	creative.mlsat02.de	1 redirects
1	aaa.artefact.com	www.usemax.de
1	tracking.mlsat02.de	1 redirects
1	aktrack.pubmatic.com	januszspiewa.prv.pl
1	hbopenbid.pubmatic.com	spolecznosci.net
1	prebid-eu.creativecdn.com	spolecznosci.net
1	fastlane.rubiconproject.com	spolecznosci.net
1	bidder.criteo.com	spolecznosci.net
1	mp.4dex.io	spolecznosci.net
1	www.google.de	januszspiewa.prv.pl
1	www.google.com	januszspiewa.prv.pl
1	stats.g.doubleclick.net	www.google-analytics.com
1	komentarze.prv.pl	januszspiewa.prv.pl
1	ajax.googleapis.com	januszspiewa.prv.pl
1	stats.grupapino.pl	januszspiewa.prv.pl
1	hostinga.htw.pl	januszspiewa.prv.pl
198	107

This site contains links to these domains. Also see Links.

Domain
www.prv.pl
a.spolecznosci.net
github.com
www.januszspiewa.prv.pl
januszspiewa-forum.prv.pl
bramka.pirc.pl
rollercoin.com
webstat.pl
grupapino.pl

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
webstat.pl R3	`2021-03-27` - `2021-06-25`	3 months	crt.sh
spolecznosci.net R3	`2021-03-18` - `2021-06-16`	3 months	crt.sh
prv.pl R3	`2021-02-09` - `2021-05-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
mp.4dex.io GTS CA 1D2	`2021-03-18` - `2021-06-16`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.adocean.pl Sectigo ECC Domain Validation Secure Server CA	`2020-01-27` - `2022-02-05`	2 years	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
usemax.de Sectigo RSA Domain Validation Secure Server CA	`2019-11-04` - `2021-11-07`	2 years	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
aaa.artefact.com R3	`2021-03-29` - `2021-06-27`	3 months	crt.sh
ebs08.telekom.de TeleSec ServerPass Class 2 CA	`2021-01-11` - `2022-01-16`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-16` - `2022-03-17`	a year	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-08` - `2022-02-05`	2 years	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-08` - `2021-08-08`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
bs.yandex.ru Yandex CA	`2020-12-17` - `2021-06-17`	6 months	crt.sh
sync.1dmp.io R3	`2021-03-27` - `2021-06-25`	3 months	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2020-11-10` - `2021-12-12`	a year	crt.sh
api.rees46.com R3	`2021-03-23` - `2021-06-21`	3 months	crt.sh
ad.vidver.to R3	`2021-04-04` - `2021-07-03`	3 months	crt.sh
onetag-sys.com R3	`2021-03-16` - `2021-06-14`	3 months	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-04-07` - `2021-07-06`	3 months	crt.sh

This page contains 35 frames:

Primary Page: http://januszspiewa.prv.pl/
Frame ID: 36FDE2CCB1E16984039AB1503D49C5C1
Requests: 65 HTTP requests in this frame

Frame: http://januszspiewa.prv.pl/prv_billboard_iefix.html?cat=komputery_i_internet&sub=oprogramowanie&site=januszspiewa.prv.pl&adult=0
Frame ID: 090A99062C0C305B96D026D60D323B43
Requests: 1 HTTP requests in this frame

Frame: http://januszspiewa.prv.pl/prv_billboard_iefix.html?cat=komputery_i_internet&sub=oprogramowanie&site=januszspiewa.prv.pl&adult=0
Frame ID: 1077F56BA53CDAF494BFF03BF650DC46
Requests: 11 HTTP requests in this frame

Frame: http://ad.prv.pl/server.php?type=bill&source=januszspiewa.prv.pl&medium=hosting-billboard-content
Frame ID: EA830E4AE94B418C3A32C3B8D7385CB2
Requests: 1 HTTP requests in this frame

Frame: https://webstat.pl/rkm336.php
Frame ID: 8F7B498DB95044C2AFA25E01902C6479
Requests: 2 HTTP requests in this frame

Frame: https://spolecznosci.net/files/data.17.htm?Ho_januszspiewa.prv.pl/Spfp_db6011ae48907c10ad9aa6f93e0b9fb6
Frame ID: B647F704A76820E451B751F8705FB9E8
Requests: 3 HTTP requests in this frame

Frame: https://spolecznosci.net/files/data.17.htm?Ho_januszspiewa.prv.pl/Spfp_db6011ae48907c10ad9aa6f93e0b9fb6
Frame ID: 481BE604021D3F46A91E31A61D34D177
Requests: 2 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=35871864;rtbwp=0.173172;rtbdata=qv4_SXKLksHq0a-tjvq4z_pVX_Q3T_3R6McBP4ZyGSMs50KmFkCjRIdXyCnm7KWzEdnwTYRAmhR-jiFEtOsuktG7yWO3f_hAkvZj6sNWVNm4OCqoCoFZo2RNhzVTVFuyrLXWmVhV5NDFEzYSZNQgd8GvrpqdQ5-G2mmOssiaPuGIBt2tE7rbj8Jx1pgvOtdZonybdOv0z95unVQqRJ4g0hJgRq5nal3JZPSVCRcBPzE1
Frame ID: 7958FF3A0F98A7534F446494A607DD6D
Requests: 7 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=45021679;rtbwp=jBGkJuzGaz68O6DqB5FI-KzboUFQG3yp0;rtbdata=dXdMGxpDTSTKtDjOSjMOyQlAkxx7eV9fdH1sTssKcN2lyUV6egrjI1iUvI3qLTOGKMwZJ9uzlXQwsWEsnnPHYYvnj-ALKl4efrKtRFTZ4jL6MRflRfo-ap3K1TPVhTUNnwnCre4Zgn885T6KfIbG6U9_GGRSLoCpgTKg2KSceCK5A-hS4CSjibJxYiOvA0g6Qbfc4QmQQz1bjM_ACf0GpFuSOpMYV0JJQC2n6z-NKiUb1e3OZG6TQaPfEVvpSB9twDD2dX5Wk4Jr9J0xTVWEHUfoGngp_zqZXhQRTKv3aAn8UcluC-I_uMCSW04gY7MBuVjCKAgTY901;csid=5646;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=6UKz9PN8HS142u1ywTJ-2om2wRyy1gce3X8Tu6XlsmYblZiIXeiH45G4dWAZeGGw7-ItQUX26WQOQaoW9LGqOqxsidzrXduDQdiOsEljuKhqyUYVqQPz9EB1kEb32rqWKMwZJ9uzlXQwsWEsnnPHYYvnj-ALKl4ez0kIEo362VqiuQ8Zp4vrxwFn_yLVCW9QuHZKearjb4nC8IjRrXi9Sg2;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEXZCxotub-7yXRkSIXkWOhegIgWD03s4eqgC571bojUIT1Xu4Wv32D96vWmW1dlSa0;
Frame ID: 85A2125EDF7A8F83ADFE866998FE138E
Requests: 13 HTTP requests in this frame

Frame: https://www.usemax.de/cm.php?w=99883&t=0&wf_h=600&wf_w=160&subid=3974131&rd=&ref=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&um_vars=0&iframe=1&campaign_o=33601&click_enc_enc=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D35871864%3Bcrtbwp%3D0.173172%3Bcrtbdata%3Dqv4_SXKLksHq0a-tjvq4z_pVX_Q3T_3R6McBP4ZyGSMs50KmFkCjRIdXyCnm7KWzEdnwTYRAmhR-jiFEtOsuktG7yWO3f_hAkvZj6sNWVNm4OCqoCoFZo2RNhzVTVFuyrLXWmVhV5NDFEzYSZNQgd8GvrpqdQ5-G2mmOssiaPuGIBt2tE7rbj8Jx1pgvOtdZonybdOv0z95unVQqRJ4g0hJgRq5nal3JZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DESoMWYiZI8k2DkF8LY58e5L2Y-rDVlTZrCGHKI0xk24f1abQAnM38LpK3o3GXdWrK9mEQGQcj9yMUWKK4VFt23tt2n4OwTFixfgN7wWhehOzIYW675trIK_fiuC7IRoZmbFHWzttLaYPUposxpxyhMOO_SeixY-H4RVeP0ucXr9PuDAuPMtxzA2%3B%3BCREFURL%3Dhttp%253a%252f%252fjanuszspiewa.prv.pl%252f%3BC%3D1%3Bcpdir%3D
Frame ID: F6DBA2D9C7DF4266F6E56D3D3A0A6F8E
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 08BFD556B7702BE27BD8E519147B426A
Requests: 8 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156036&siteId=175140&adId=911840&adType=10&adServerId=243&kefact=0.200000&kaxefact=0.200000&kadNetFrequecy=0&kadwidth=160&kadheight=600&kadsizeid=10&kltstamp=1619036743&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.173172&dcId=3&tldId=33705808&passback=0&svr=BID22418U&adsver=_714195044&adsabzcid=0&ekefact=R4qAYPuMCwB3JOZgH5hFWKlPv1KBFmnCbZFFDQvwtdrpqlGY&ekaxefact=R4qAYAmNCwCUN5oDy8WORFQDSjxMMEvqQ_aGhVEsBiEVjOTH&ekpbmtpfact=R4qAYBWNCwA6XLCNXGiPCE5fJ-Nxy5p_19U_Qu1mclqNibCU&pfi=1&dc=AMS&pubBuyId=6299&crID=35871864&lpu=telekom.de&ucrid=14132061622174862984&campaignId=22924&creativeId=0&pctr=0.000000&wDSPByrId=1467&wDspId=391&wbId=2&wrId=1991536&wAdvID=2356&wDspCampId=1353694&isRTB=1&rtbId=1A8107B3-EBEF-42E0-A394-582BCDBD7195&imprId=F049CB7B-A612-46D6-85A7-4C230D24BA4E&oid=F049CB7B-A612-46D6-85A7-4C230D24BA4E&cntryId=58&domain=januszspiewa.prv.pl&pageURL=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&sec=1&pAuSt=3
Frame ID: 7AA87D8DB5CFCEFFCCE517D66DEBA017
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 089445B3970217AF7DBBD20F73232134
Requests: 1 HTTP requests in this frame

Frame: https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-MzM0MzExNDQ7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfMzAwNjI3XzE2MTkwMzY3NDRfOw..&target=https%3A%2F%2Ftracking.mlsat02.de%2Fonepixel.gif
Frame ID: 28EDDA0BE2BC594238C63F68AD76CD0C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=januszspiewa.prv.pl
Frame ID: 6C11E8AD5822DBB9B351D792845CFDD9
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/14736/9467975/9467975.js?ADFassetID=9467975&bv=514
Frame ID: 0DFC8B45249E2187D368EAC2FA327DBA
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 51A7F9E06535E2F954C7B146CA041958
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Frame ID: 40D740775FA68B08DEB205EA7ED63712
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DE848A842B4061C91535069E301A6E35
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 218D2A432B537B2D950AEE1FF382AF5E
Requests: 25 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=f36a224e-f6bb-526f-aea8-fc7ece287633&CACHEBUSTER=581118
Frame ID: 19B62F58C94A2F2C51FB85B23D6E6232
Requests: 9 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 7A9983A5A8DF8A9BB341F9B29E61CC63
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1608670524759528914
Frame ID: 3AA6BD25DDE9ED98F3678621AA353C7D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6953709887984564371
Frame ID: 1B4AB28E849D51073FEC0F33975DA456
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 80E4ABC28E34CC1CC516832D27E06614
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=yCOb3KhmYxWnpmRaSTKDWrjJ
Frame ID: 7BCB470CD1991A782108544CC7D83E71
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 4905195C4EE96C3109BE60D0F4F1E27E
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: BAB96F03C3AFAC761B6FF6639E1191AE
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 96C09AB7C5DB8151F721184B20C5A6F3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=0FHP8gOYYWDl&pid=557219
Frame ID: 1D31F033536B20D5F963D563BE11C687
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5808768f-b966-421f-8aca-e3ca864d760d-tuct77a0fcd&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 053FDB136C96B11353273CFAB870637E
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Frame ID: 9A40D5FB989F147771DEEB6D727068DA
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: DE88ECA0CCE58A78B1D08612C312FBE7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 869328460007822C7FCC16B6270870EA
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: ADA36A1D073460133785B646F29E9449
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

198
Requests

85 %
HTTPS

20 %
IPv6

78
Domains

107
Subdomains

62
IPs

14
Countries

1816 kB
Transfer

3975 kB
Size

18
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://www.prv.pl/info/domena,januszspiewa.prv.pl

Search URL Search Domain Scan URL

URL: https://www.prv.pl/
Title: Darmowy hosting

Search URL Search Domain Scan URL

URL: https://a.spolecznosci.net/ac/597070/123/?go=https://tri-table.com/?utm_source=139&utm_medium=1888&utm_campaign=tritable_autopromo
Title: Ads bytri-table

Search URL Search Domain Scan URL

URL: https://a.spolecznosci.net/ac/597070/123/?go=https://tri-table.com/?utm_source=139&utm_medium=421&utm_campaign=tritable_autopromo
Title: Ads bytri-table

Search URL Search Domain Scan URL

URL: https://github.com/JanuszSpiewa/Archiwum-Polskiego-Phreakingu

Search URL Search Domain Scan URL

URL: http://www.januszspiewa.prv.pl/blog/blog.html

Search URL Search Domain Scan URL

URL: https://github.com/JanuszSpiewa/

Search URL Search Domain Scan URL

URL: http://januszspiewa-forum.prv.pl/

Search URL Search Domain Scan URL

URL: https://bramka.pirc.pl/bramka/phreaking
Title: skorzystaj z bramki

Search URL Search Domain Scan URL

URL: https://rollercoin.com/?r=k6dqvt3d

Search URL Search Domain Scan URL

URL: https://webstat.pl/

Search URL Search Domain Scan URL

URL: http://grupapino.pl/pages-polityka/
Title: Politykę prywatności

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 13

http://www.googletagmanager.com/gtm.js?id=GTM-K2DLWR HTTP 307
https://www.googletagmanager.com/gtm.js?id=GTM-K2DLWR

Request Chain 39

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 45

http://goldbach.hit.gemius.pl/fpdata.js?href=januszspiewa.prv.pl HTTP 301
https://goldbach.hit.gemius.pl/_sslredir/fpdata.js?href=januszspiewa.prv.pl

Request Chain 55

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&domain=januszspiewa.prv.pl&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=ODOGfXxOdEMrbzFrRUdUeERkNzJVandTMW42WFNvWGMvYStENFgvRDdWMkRWZnpGbjYwbnlXbExKbXF5MTdadzIrUk5GUSs0MCt1cEtDQTIzZjdObjdIUWxWUS9Mc2JKOEppVjc3djZCZ1NtV05yWEEwQWdIU3RwNHJYS1o2YUl5dGVIZDBsSnd0WFlYWmhvOWxWcUkzZGNFdFMyMGd1NENtZG1SWnBpQlc1SGxoMllFNGwraFRvbkJ3UzkxODR6eWdUMFZidEpwcFJlK0FXbXdSTU5HVXNRa3Y4RG1LTmxvbmxkd1dxMTRkcWpESE44PXw&cppv=2

Request Chain 62

https://gpl.adocean.pl/_533129670592845/ad.json?id=vXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J..F7&aosspsizes=gplrdgkbirhkn~160x600 HTTP 301
https://gpl.adocean.pl/__/_533129670592845/ad.json?id=vXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J..F7&aosspsizes=gplrdgkbirhkn~160x600 HTTP 301
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1619036743%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DvXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J..F7%26aosspsizes%3Dgplrdgkbirhkn%7E160x600 HTTP 301
https://gpl.adocean.pl/__/_1619036743/ad.json?hclsdata=&hcudata=fEkXTc8mm2neAJXckiqfy6HLW0bjL6Tz67wZXlS23UX.s7&id=vXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J..F7&aosspsizes=gplrdgkbirhkn~160x600

Request Chain 63

https://gpl.adocean.pl/_8404514426931187/ad.json?id=qBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb.L7&aosspsizes=gpllfehiserpd~120x600 HTTP 301
https://gpl.adocean.pl/__/_8404514426931187/ad.json?id=qBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb.L7&aosspsizes=gpllfehiserpd~120x600 HTTP 301
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1619036743%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DqBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb.L7%26aosspsizes%3Dgpllfehiserpd%7E120x600 HTTP 301
https://gpl.adocean.pl/__/_1619036743/ad.json?hclsdata=&hcudata=fOOxUUUYoIfWwRbylqU4LYIQ_zcNHITrgOVJi23_jdL.e7&id=qBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb.L7&aosspsizes=gpllfehiserpd~120x600

Request Chain 64

https://gpl.adocean.pl/_7779309267546666/ad.json?id=.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj.A7&aosspsizes=gplnakqdtjfqd~160x600 HTTP 301
https://gpl.adocean.pl/__/_7779309267546666/ad.json?id=.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj.A7&aosspsizes=gplnakqdtjfqd~160x600 HTTP 301
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1619036743%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj.A7%26aosspsizes%3Dgplnakqdtjfqd%7E160x600 HTTP 301
https://gpl.adocean.pl/__/_1619036743/ad.json?hclsdata=&hcudata=IkMRs5YbumEqhFjFp4vS.WCyW2bjw7cnmusx5s9dTIP.a7&id=.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj.A7&aosspsizes=gplnakqdtjfqd~160x600

Request Chain 65

https://gpl.adocean.pl/_6708569208802193/ad.json?id=Og9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf.y7&aosspsizes=gplxbinknnokt~120x600 HTTP 301
https://gpl.adocean.pl/__/_6708569208802193/ad.json?id=Og9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf.y7&aosspsizes=gplxbinknnokt~120x600 HTTP 301
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1619036743%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DOg9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf.y7%26aosspsizes%3Dgplxbinknnokt%7E120x600 HTTP 301
https://gpl.adocean.pl/__/_1619036743/ad.json?hclsdata=&hcudata=fOmx88_ceu80cjOd2t0vo4JwW2cNDKUZgF_z_m6adcz.u7&id=Og9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf.y7&aosspsizes=gplxbinknnokt~120x600

Request Chain 72

http://goldbach.hit.gemius.pl/_1619036743681/rexdot.js?l=100&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Vyu8FuqFfhZV_IBGzwoLh1BfGqwi0pG._LIQY9kxTw3.37&vis=1 HTTP 301
https://goldbach.hit.gemius.pl/_sslredir/_1619036743681/rexdot.js?l=100&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Vyu8FuqFfhZV_IBGzwoLh1BfGqwi0pG._LIQY9kxTw3.37&vis=1 HTTP 301
https://goldbach.hit.gemius.pl/__/_sslredir/_1619036743681/rexdot.js?l=100&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Vyu8FuqFfhZV_IBGzwoLh1BfGqwi0pG._LIQY9kxTw3.37&vis=1

Request Chain 97

https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=30417981&partnerid=300627&page=http://www.awin1.com/awclick.php?mid=11430&id=300627&gid=361931&linkid=2417248&p=https%3A%2F%2Fwww.usemax.de%2Fclick.php%3Fsp%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D35871864%3Bcrtbwp%3D0.173172%3Bcrtbdata%3Dqv4_SXKLksHq0a-tjvq4z_pVX_Q3T_3R6McBP4ZyGSMs50KmFkCjRIdXyCnm7KWzEdnwTYRAmhR-jiFEtOsuktG7yWO3f_hAkvZj6sNWVNm4OCqoCoFZo2RNhzVTVFuyrLXWmVhV5NDFEzYSZNQgd8GvrpqdQ5-G2mmOssiaPuGIBt2tE7rbj8Jx1pgvOtdZonybdOv0z95unVQqRJ4g0hJgRq5nal3JZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DESoMWYiZI8k2DkF8LY58e5L2Y-rDVlTZrCGHKI0xk24f1abQAnM38LpK3o3GXdWrK9mEQGQcj9yMUWKK4VFt23tt2n4OwTFixfgN7wWhehOzIYW675trIK_fiuC7IRoZmbFHWzttLaYPUposxpxyhMOO_SeixY-H4RVeP0ucXr9PuDAuPMtxzA2%3B%3BCREFURL%3Dhttp%3A%2F%2Fjanuszspiewa.prv.pl%2F%3BC%3D1%3Bcpdir%3Dhttps%253A%252F%252Fwww.usemax.de%252Fcm.php%253Fc%253D33601%2526w%253D99883%2526wf%253D827%2526a%253Dclick%2526subid%253D3974131%2526uc%253Dclear%2526sp%253D%255Bum_c%255DUSEMAXRDhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&clicktag= HTTP 301
https://track.adform.net/adfscript/?bn=30417981;extVars=468753|1|affiliate%20postview;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=300627&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=300627&gid=361931&linkid=2417248&p=https%3A%2F%2Fwww.usemax.de%2Fclick.php%3Fsp%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D35871864%3Bcrtbwp%3D0.173172%3Bcrtbdata%3Dqv4_SXKLksHq0a-tjvq4z_pVX_Q3T_3R6McBP4ZyGSMs50KmFkCjRIdXyCnm7KWzEdnwTYRAmhR-jiFEtOsuktG7yWO3f_hAkvZj6sNWVNm4OCqoCoFZo2RNhzVTVFuyrLXWmVhV5NDFEzYSZNQgd8GvrpqdQ5-G2mmOssiaPuGIBt2tE7rbj8Jx1pgvOtdZonybdOv0z95unVQqRJ4g0hJgRq5nal3JZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DESoMWYiZI8k2DkF8LY58e5L2Y-rDVlTZrCGHKI0xk24f1abQAnM38LpK3o3GXdWrK9mEQGQcj9yMUWKK4VFt23tt2n4OwTFixfgN7wWhehOzIYW675trIK_fiuC7IRoZmbFHWzttLaYPUposxpxyhMOO_SeixY-H4RVeP0ucXr9PuDAuPMtxzA2%3B%3BCREFURL%3Dhttp%3A%2F%2Fjanuszspiewa.prv.pl%2F%3BC%3D1%3Bcpdir%3Dhttps%253A%252F%252Fwww.usemax.de%252Fcm.php%253Fc%253D33601%2526w%253D99883%2526wf%253D827%2526a%253Dclick%2526subid%253D3974131%2526uc%253Dclear%2526sp%253D%255Bum_c%255DUSEMAXRDhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&clicktag=&tg=__ADFBANGROUP1__

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzM3OTA3ODAtOTRGRC00QUExLUIyQTQtNDUwQTU0Q0E4ODI1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzM3OTA3ODAtOTRGRC00QUExLUIyQTQtNDUwQTU0Q0E4ODI1&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENhJjGQtDCQ0OcptORbv4v4&google_cver=1

Request Chain 109

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d7829b2e-5c27-423c-a880-b87921149135

Request Chain 110

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=340566514271255656

Request Chain 112

https://www.awin1.com/cshow.php?s=2419055&v=11430&q=366416&r=300627 HTTP 302
https://creative.mlsat02.de/telekom/aff/ads_media.php?b=1&pvfn=1&dlid=2055&partnerid=300627&zanpid=11430_300627_1619036744_&cachebuster=1619036744&awv=11430_300627_1619036744_ HTTP 301
https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-MzM0MzExNDQ7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfMzAwNjI3XzE2MTkwMzY3NDRfOw..&target=https%3A%2F%2Ftracking.mlsat02.de%2Fonepixel.gif

Request Chain 131

https://ads.betweendigital.com/sspmatch-iframe HTTP 302
https://ads.betweendigital.com/sspmatch-iframe?crf=1

Request Chain 135

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=between HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=10a6a141-53b2-4ec6-9cf3-cf9fe02e831d&ssp=between HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=fe446982-4e76-4012-a960-6d4596935b88

Request Chain 136

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=6IwBbg9sXhP.AikABlF49hw-Ow

Request Chain 137

https://sync.bumlam.com/?src=bw1&uid=f36a224e-f6bb-526f-aea8-fc7ece287633 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjNlIKEBlIFvp7KygpiJGYzNmEyMjRlLWY2YmItNTI2Zi1hZWE4LWZjN2VjZTI4NzYzMw** HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjNlIKEBlIFvp7KygpiJGYzNmEyMjRlLWY2YmItNTI2Zi1hZWE4LWZjN2VjZTI4NzYzM6IBEMLC4fai3xHrilMMxHptL-8* HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQABjNlIKEBmIkZjM2YTIyNGUtZjZiYi01MjZmLWFlYTgtZmM3ZWNlMjg3NjMzogEQwsLh9qLfEeuKUwzEem0v7w** HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQARjNlIKEBmIkZjM2YTIyNGUtZjZiYi01MjZmLWFlYTgtZmM3ZWNlMjg3NjMzogEQwsLh9qLfEeuKUwzEem0v7w** HTTP 302
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=c2c2e1f6-a2df-11eb-8a53-0cc47a6d2fef

Request Chain 138

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=c06bd1910ea9ca9687af21f7

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOnKImXqmpOqqgLZ4kHOZnI&google_cver=1

Request Chain 143

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8e18ec1f-77db-41f6-84b4-fb3284f7ae47

Request Chain 144

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4503138501922225968

Request Chain 145

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1608670524759528914

Request Chain 146

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6953709887984564371

Request Chain 147

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDUUMwN0JBUlVBQURTRnNYNmRhQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 148

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=yCOb3KhmYxWnpmRaSTKDWrjJ

Request Chain 151

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 152

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=0FHP8gOYYWDl&pid=557219

Request Chain 153

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5808768f-b966-421f-8aca-e3ca864d760d-tuct77a0fcd&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 155

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Request Chain 156

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Odw2N7gfRKacKLGq7RVeZA%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Odw2N7gfRKacKLGq7RVeZA%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 158

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=39DC3637-B81F-44A6-9C28-B1AAED155E64&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=39DC3637-B81F-44A6-9C28-B1AAED155E64&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 159

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=39DC3637-B81F-44A6-9C28-B1AAED155E64&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=39DC3637-B81F-44A6-9C28-B1AAED155E64&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=39DC3637-B81F-44A6-9C28-B1AAED155E64&addseg=19,36,42

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzlEQzM2MzctQjgxRi00NEE2LTlDMjgtQjFBQUVEMTU1RTY0&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzlEQzM2MzctQjgxRi00NEE2LTlDMjgtQjFBQUVEMTU1RTY0&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 161

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:fb186080-8a4c-4600-af50-0240b7a09d57&gdpr=0&gdpr_consent=

Request Chain 162

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1769243001712638409&gdpr=0&gdpr_consent=

Request Chain 163

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=63c95d51-c66b-476b-85c4-9a00d4e72c4c&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fe446982-4e76-4012-a960-6d4596935b88&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 165

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=39DC3637-B81F-44A6-9C28-B1AAED155E64&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=39DC3637-B81F-44A6-9C28-B1AAED155E64&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5q.U1tRE2uXTe2oeJMfzmDoIbFxvg.4-~A&gdpr=0&gdpr_consent=

Request Chain 166

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cuyh7Hy9rbhp6aG-J7i073Tl_epp66q4IeuqVOhy

Request Chain 167

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2350995209000641933&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 168

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YICKTQAAXoQhIQA4 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YICKTQAAXoQhIQA4&gdpr=0&gdpr_consent=&_test=YICKTQAAXoQhIQA4

Request Chain 169

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:f6268fe4-2a56-453b-ac4b-7dfe2a3d4f0e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 170

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 172

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1769243001712638409

Request Chain 173

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_bcc8bb61-f2cc-4669-b0e6-6fcf0e84592e

Request Chain 175

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetween%26bsw_param%3Dfe446982-4e76-4012-a960-6d4596935b88%26gdpr%3D%26consent%3D%26gdpr_pd%3D HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=32030e2190ad4bc1a1751392f295a2bc&ssp=between&bsw_param=fe446982-4e76-4012-a960-6d4596935b88&gdpr=&consent=&gdpr_pd= HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=fe446982-4e76-4012-a960-6d4596935b88

Request Chain 177

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 178

https://sync.bumlam.com/?src=aid0 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjNlIKEBlIFl4XSlAY* HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjNlIKEBlIFl4XSlAaiARDCxhrOot8R66DXACWQ5Fw4 HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQABjNlIKEBqIBEMLGGs6i3xHroNcAJZDkXDg* HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQARjNlIKEBqIBEMLGGs6i3xHroNcAJZDkXDg* HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=c2c61ace-a2df-11eb-a0d7-002590e45c38 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=c2c61ace-a2df-11eb-a0d7-002590e45c38&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=piYRP49HvcXMAou0YEesKg& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=piYRP49HvcXMAou0YEesKg&extra2=aidata HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=piYRP49HvcXMAou0YEesKg&extra2=aidata&google_gid=CAESEEu1y1W4KvLhkElp73OSc7U&google_cver=1 HTTP 301
https://sync.bumlam.com/?src=ggl&extra1=piYRP49HvcXMAou0YEesKg&extra2=aidata&google_gid=CAESEEu1y1W4KvLhkElp73OSc7U&google_cver=1 HTTP 302
https://an.yandex.ru/setud/adsniper/5BB19D419EB90A37?sign=1574588587 HTTP 302
https://an.yandex.ru/setud/adsniper/5BB19D419EB90A37?redir-setuniq=1&sign=1574588587

Request Chain 181

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 184

https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=f36a224e-f6bb-526f-aea8-fc7ece287633 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=f36a224e-f6bb-526f-aea8-fc7ece287633&cs=1

Request Chain 186

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/581118 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/581118

Request Chain 188

https://x.bidswitch.net/sync?dsp_id=429&user_id=f36a224e-f6bb-526f-aea8-fc7ece287633&expires=30 HTTP 302
https://ad.mox.tv/delivery/sync?userid=fe446982-4e76-4012-a960-6d4596935b88 HTTP 302
https://ad.mediawayss.com/delivery/sync?userid=fe446982-4e76-4012-a960-6d4596935b88&inner_redirect=1&inner_uuid=84c119a2-edfe-4595-80dc-2d8a32a02155&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkLmFkb3B4Lm5ldCxhZC5pbnZhbWlhLmNvbSxhZC52aWR2ZXJ0by5pbyxhZC52aWR2ZXIudG8= HTTP 302
https://ad.outstream.today/delivery/sync?userid=fe446982-4e76-4012-a960-6d4596935b88&inner_redirect=1&inner_uuid=84c119a2-edfe-4595-80dc-2d8a32a02155&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFtaWEuY29tLGFkLnZpZHZlcnRvLmlvLGFkLnZpZHZlci50bw== HTTP 302
https://ad.adopx.net/delivery/sync?userid=fe446982-4e76-4012-a960-6d4596935b88&inner_redirect=1&inner_uuid=84c119a2-edfe-4595-80dc-2d8a32a02155&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
https://ad.invamia.com/delivery/sync?userid=fe446982-4e76-4012-a960-6d4596935b88&inner_redirect=1&inner_uuid=84c119a2-edfe-4595-80dc-2d8a32a02155&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
https://ad.vidverto.io/delivery/sync?userid=fe446982-4e76-4012-a960-6d4596935b88&inner_redirect=1&inner_uuid=84c119a2-edfe-4595-80dc-2d8a32a02155&redirect_host_list=YWQudmlkdmVyLnRv HTTP 302
https://ad.vidver.to/delivery/sync?userid=fe446982-4e76-4012-a960-6d4596935b88&inner_redirect=1&inner_uuid=84c119a2-edfe-4595-80dc-2d8a32a02155&redirect_host_list=

Request Chain 190

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Ff36a224e-f6bb-526f-aea8-fc7ece287633 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/f36a224e-f6bb-526f-aea8-fc7ece287633

Request Chain 193

http://goldbach.hit.gemius.pl/_1619036757893/redot.js?l=109&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1619036743&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Vyu8FuqFfhZV_IBGzwoLh1BfGqwi0pG._LIQY9kxTw3.37&vis=1 HTTP 301
https://goldbach.hit.gemius.pl/_sslredir/_1619036757893/redot.js?l=109&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1619036743&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Vyu8FuqFfhZV_IBGzwoLh1BfGqwi0pG._LIQY9kxTw3.37&vis=1 HTTP 301
https://goldbach.hit.gemius.pl/__/_sslredir/_1619036757893/redot.js?l=109&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1619036743&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Vyu8FuqFfhZV_IBGzwoLh1BfGqwi0pG._LIQY9kxTw3.37&vis=1

Request Chain 194

http://goldbach.hit.gemius.pl/_1619036759893/redot.js?l=109&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1619036743&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Vyu8FuqFfhZV_IBGzwoLh1BfGqwi0pG._LIQY9kxTw3.37&vis=1 HTTP 301
https://goldbach.hit.gemius.pl/_sslredir/_1619036759893/redot.js?l=109&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1619036743&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Vyu8FuqFfhZV_IBGzwoLh1BfGqwi0pG._LIQY9kxTw3.37&vis=1

198 HTTP transactions
-2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
januszspiewa.prv.pl/ 5 KB
2 KB 148ms
125ms Document
text/html 37.59.49.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 37.59.49.187 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting1.grupapino.pl
Software: nginx /
Resource Hash: 730a0865576eaa6767c9383a76180f4b241c0dc659bc118d78b7e1d66ee1c089

Request headers

Host: januszspiewa.prv.pl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Wed, 21 Apr 2021 20:25:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Cache-Status: MISS
Content-Encoding: gzip

GET
H/1.1 200
OK prv_site_config_values.js Show response
januszspiewa.prv.pl/ 434 B
598 B 25ms
25ms Script
application/x-javascript 37.59.49.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://januszspiewa.prv.pl/prv_site_config_values.js
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 37.59.49.187 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting1.grupapino.pl
Software: nginx /
Resource Hash: c477268b497a5138e28ca44c2c3b9914d14c565d31ad8bea80fc9103dcaeb0d6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: januszspiewa.prv.pl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://januszspiewa.prv.pl/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:40 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Apr 2021 12:37:49 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK prv_hosting_footer.js Show response
hostinga.htw.pl/ 22 KB
10 KB 48ms
22ms Script
application/x-javascript 37.59.49.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://hostinga.htw.pl/prv_hosting_footer.js
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 37.59.49.187 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting1.grupapino.pl
Software: nginx /
Resource Hash: 585efad8df049217e69499bfef32cb47523a4b6b16febfeeba4020a05b699c7e

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Feb 2021 09:30:30 GMT
Server: nginx
ETag: W/"602a3f36-597a"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: keep-alive

GET
H/1.1 200
OK JanuszLogo.jpg
januszspiewa.prv.pl/ 39 KB
39 KB 108ms
101ms Image
image/jpeg 37.59.49.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://januszspiewa.prv.pl/JanuszLogo.jpg
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 37.59.49.187 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting1.grupapino.pl
Software: nginx /
Resource Hash: 3dcea292627e30bab6fd6ab6c9d9f07a55e6eca4693be4c3ea9ab2bb89ab42d6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: januszspiewa.prv.pl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://januszspiewa.prv.pl/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:41 GMT
Last-Modified: Wed, 19 Aug 2020 17:24:19 GMT
Server: nginx
ETag: "9c8b-5ad3e461656c0"
X-Cache-Status: MISS
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40075
Expires: Fri, 21 May 2021 20:25:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 38ms
36ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-167603030-1

Requested by

Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee2640c3528b59332b055fd02b83d5fb8bce93d3c03fd5083ba39eeb1b6b592b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37433
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 18:24:16 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Apr 2021 20:25:43 GMT

GET
H/1.1 200
OK archiwum_button.jpg
januszspiewa.prv.pl/ 94 KB
95 KB 102ms
95ms Image
image/jpeg 37.59.49.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://januszspiewa.prv.pl/archiwum_button.jpg
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 37.59.49.187 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting1.grupapino.pl
Software: nginx /
Resource Hash: a26e916c9fb7fb3ad7b7c4ad4a548f26a0ce23a60175c659f9627d3c3a064ae5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: januszspiewa.prv.pl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://januszspiewa.prv.pl/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:41 GMT
Last-Modified: Wed, 19 Aug 2020 17:23:43 GMT
Server: nginx
ETag: "17941-5ad3e43f105c0"
X-Cache-Status: MISS
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96577
Expires: Fri, 21 May 2021 20:25:40 GMT

GET
H/1.1 200
OK blog_button.jpg
januszspiewa.prv.pl/ 57 KB
57 KB 68ms
61ms Image
image/jpeg 37.59.49.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://januszspiewa.prv.pl/blog_button.jpg
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 37.59.49.187 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting1.grupapino.pl
Software: nginx /
Resource Hash: b8c1ad487927155e27c8922614bda50816c6d222154851c05b731ea07c73bcab

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: januszspiewa.prv.pl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://januszspiewa.prv.pl/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:41 GMT
Last-Modified: Wed, 19 Aug 2020 17:23:53 GMT
Server: nginx
ETag: "e3cc-5ad3e44899c40"
X-Cache-Status: MISS
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58316
Expires: Fri, 21 May 2021 20:25:40 GMT

GET
H/1.1 200
OK github_button.jpg
januszspiewa.prv.pl/ 59 KB
59 KB 127ms
121ms Image
image/jpeg 37.59.49.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://januszspiewa.prv.pl/github_button.jpg
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 37.59.49.187 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting1.grupapino.pl
Software: nginx /
Resource Hash: 456e6dca205094a54f9d11e125792bea04cddf332e35429d696eef7858141839

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: januszspiewa.prv.pl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://januszspiewa.prv.pl/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:41 GMT
Last-Modified: Wed, 19 Aug 2020 17:24:08 GMT
Server: nginx
ETag: "eba2-5ad3e456e7e00"
X-Cache-Status: MISS
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60322
Expires: Fri, 21 May 2021 20:25:40 GMT

GET
H/1.1 200
OK forum_button.jpg
januszspiewa.prv.pl/ 33 KB
33 KB 83ms
77ms Image
image/jpeg 37.59.49.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://januszspiewa.prv.pl/forum_button.jpg
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 37.59.49.187 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting1.grupapino.pl
Software: nginx /
Resource Hash: 74c6a5ad4dac820d647273287bcc2134f0d9972edc76d98a3c82e01eb3e1e23d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: januszspiewa.prv.pl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://januszspiewa.prv.pl/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:41 GMT
Last-Modified: Sun, 04 Apr 2021 18:30:38 GMT
Server: nginx
ETag: "82f6-5bf29c7128f80"
X-Cache-Status: MISS
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33526
Expires: Fri, 21 May 2021 20:25:40 GMT

GET
H/1.1 200
OK crypto.gif
januszspiewa.prv.pl/ 66 KB
67 KB 57ms
57ms Image
image/gif 37.59.49.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://januszspiewa.prv.pl/crypto.gif
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 37.59.49.187 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting1.grupapino.pl
Software: nginx /
Resource Hash: cbe2f192eba633f88505cc59a033a391ab828510d37a1817cebf937eb9d164f1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: januszspiewa.prv.pl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://januszspiewa.prv.pl/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:41 GMT
Last-Modified: Wed, 07 Apr 2021 17:29:46 GMT
Server: nginx
ETag: "108cd-5bf6546eb9680"
X-Cache-Status: MISS
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67789
Expires: Fri, 21 May 2021 20:25:40 GMT

GET
H2 200 jscb.php Show response
webstat.pl/ 4 KB
2 KB 107ms
23ms Script
text/html 176.31.240.87
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://webstat.pl/jscb.php
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.31.240.87 , France, ASN16276 (OVH, FR),
Reverse DNS: biz.os.pl
Software: nginx /
Resource Hash: dbdddd64683f212724513d6d8d3238e53bb8708548c458e1071707382320acfe

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
cache-control: public, max-age=7200
server: nginx
content-encoding: gzip
content-type: text/html

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 73 KB
29 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NX38JP5

Requested by

Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff2dc5fe17d95bb49cc8e3e8051ea886c85a11989e1b6942626e66bfebf3a929

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29515
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 18:24:16 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Apr 2021 20:25:43 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
19 KB

9ms
7ms

Script
text/javascript

2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3125
date: Wed, 21 Apr 2021 19:33:38 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 21 Apr 2021 21:33:38 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK stats.php Show response
stats.grupapino.pl/ 18 B
338 B 842ms
35ms Script
text/javascript 188.165.206.157
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://stats.grupapino.pl/stats.php?url=januszspiewa.prv.pl&t=hw&extra=file.js
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 188.165.206.157 , France, ASN16276 (OVH, FR),
Reverse DNS: prv.grupapino.pl
Software: nginx /
Resource Hash: 85b188d753e191ad4c8b58c3af7c7a8792991f627efaaf9ed407b0b3adf72e8e

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:43 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H3-29

200

gtm.js Show response
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/gtm.js?id=GTM-K2DLWR
https://www.googletagmanager.com/gtm.js?id=GTM-K2DLWR

103 KB
32 KB

49ms
47ms

Script
application/javascript

2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2DLWR

Requested by

Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa935cc7a61a9661e4a3ff39925b70e0cbf1134b7a7e53e7d6de2898434f73f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33111
x-xss-protection: 0
expires: Wed, 21 Apr 2021 20:25:43 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtm.js?id=GTM-K2DLWR
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
92 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 21 Apr 2021 14:02:29 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Age: 22994
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 93435
X-XSS-Protection: 0
Expires: Thu, 21 Apr 2022 14:02:29 GMT

GET
H/1.1 200
OK ajs.php Show response
ox2.sterta.pl/www/delivery/ 4 KB
5 KB 35ms
28ms Script
text/javascript 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://ox2.sterta.pl/www/delivery/ajs.php?zoneid=81&cat=komputery_i_internet&sub=oprogramowanie&adult=0&cb=41149250600&charset=UTF-8&loc=http%3A//januszspiewa.prv.pl/
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 64459a29e56e1628c1b595e465a30ebf29f5129c030ccd779c9fb87ce05ad474

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 20:25:42 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ajs.php Show response
ox2.sterta.pl/www/delivery/ 4 KB
5 KB 35ms
28ms Script
text/javascript 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://ox2.sterta.pl/www/delivery/ajs.php?zoneid=82&cat=komputery_i_internet&sub=oprogramowanie&adult=0&cb=52232608502&charset=UTF-8&loc=http%3A//januszspiewa.prv.pl/
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: c535015e54235a0fc56e36ebae6a71f8491c2bef2112a7e1dab111b777145ba3

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 20:25:42 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ajs.php Show response
ox2.sterta.pl/www/delivery/ 417 B
953 B 34ms
27ms Script
text/javascript 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://ox2.sterta.pl/www/delivery/ajs.php?zoneid=44&cat=komputery_i_internet&sub=oprogramowanie&adult=0&cb=55203001279&charset=UTF-8&loc=http%3A//januszspiewa.prv.pl/
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 804dc27006ad8cee4d5764592e7991ea1f8dedfd8ee618e44969557698bbeec4

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 20:25:42 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK rodo.js Show response
ad.prv.pl/ 9 KB
3 KB 50ms
19ms Script
application/javascript 188.165.206.157
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.prv.pl/rodo.js
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 188.165.206.157 , France, ASN16276 (OVH, FR),
Reverse DNS: prv.grupapino.pl
Software: nginx /
Resource Hash: 16971da05aae9bc069b1731d95206049d75b03e60bce5113fb913b5e1d7d7dad

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jun 2018 09:59:14 GMT
Server: nginx
ETag: W/"5b28d3f2-25d4"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK button_comment.png
komentarze.prv.pl/img/ 1 KB
1 KB 56ms
23ms Image
image/png 188.165.206.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://komentarze.prv.pl/img/button_comment.png
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 188.165.206.157 , France, ASN16276 (OVH, FR),
Reverse DNS: prv.grupapino.pl
Software: nginx /
Resource Hash: 0dff70386ce467674d303b4ad7741efbdd4b47adadfd338c129cdccb7a42d7d9

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:42 GMT
Last-Modified: Tue, 10 Jan 2017 10:40:56 GMT
Server: nginx
ETag: "5874ba38-4b2"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1202
Expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 27ms
26ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1672905135&t=pageview&_s=1&dl=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&ul=en-us&de=UTF-8&dt=JanuszSpiewa%20~I%27m%20abuser&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1689577012&gjid=510890547&cid=629110262.1619036743&tid=UA-480911-15&_gid=293034825.1619036743&_r=1&_slc=1&z=1558405060

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://januszspiewa.prv.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.js Show response
a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/ 63 KB
19 KB 54ms
16ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Requested by

Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

2083bc94ca09560380c3aea0e04b7436b1aa9b0f0febd113b87ca2b828937830

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300
strict-transport-security: max-age=31536000
expires: Wed, 21 Apr 2021 20:29:25 GMT

GET
H/1.1 200
OK lg.php
ox2.sterta.pl/www/delivery/ 43 B
546 B 19ms
18ms Image
image/gif 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ox2.sterta.pl/www/delivery/lg.php?bannerid=901&campaignid=194&zoneid=81&loc=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&cb=576841ee17
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 20:25:42 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Type: image/gif
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 close_x.png
ad.prv.pl/img/ 620 B
796 B 46ms
13ms Image
image/png 188.165.206.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.prv.pl/img/close_x.png
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.206.157 , France, ASN16276 (OVH, FR),
Reverse DNS: prv.grupapino.pl
Software: nginx /
Resource Hash: d44fe33544eb7000a4be897820643c827d44076217f2ca3376bf3134409bb9fb

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:42 GMT
last-modified: Wed, 02 Sep 2015 06:40:12 GMT
server: nginx
etag: "55e699cc-26c"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 620
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK lg.php
ox2.sterta.pl/www/delivery/ 43 B
546 B 19ms
18ms Image
image/gif 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ox2.sterta.pl/www/delivery/lg.php?bannerid=707&campaignid=194&zoneid=82&loc=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&cb=132ce2d619
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 20:25:42 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Type: image/gif
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK lg.php
ox2.sterta.pl/www/delivery/ 43 B
546 B 19ms
18ms Image
image/gif 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ox2.sterta.pl/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=44&loc=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&cb=b30075f4a3
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 20:25:42 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Type: image/gif
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET prv_billboard_iefix.html
januszspiewa.prv.pl/ Frame 090A 0
0

GET
H/1.1 200
OK prv_billboard_iefix.html Show response
januszspiewa.prv.pl/ Frame 1077 2 KB
2 KB 14ms
14ms Document
text/html 37.59.49.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://januszspiewa.prv.pl/prv_billboard_iefix.html?cat=komputery_i_internet&sub=oprogramowanie&site=januszspiewa.prv.pl&adult=0
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 37.59.49.187 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting1.grupapino.pl
Software: nginx /
Resource Hash: 54773ec8f0523a46104738d5e7f4867bfbd0ed5e14d284c72bede25ea8d49056

Request headers

Host: januszspiewa.prv.pl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://januszspiewa.prv.pl/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: _ga=GA1.2.629110262.1619036743; _gid=GA1.2.293034825.1619036743; _gat=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://januszspiewa.prv.pl/

Response headers

Server: nginx
Date: Wed, 21 Apr 2021 20:25:41 GMT
Content-Type: text/html
Last-Modified: Mon, 23 Oct 2017 10:53:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"59edca38-9c3"
Content-Encoding: gzip

GET
H/1.1 200
OK server.php Show response
ad.prv.pl/ Frame EA83 1 KB
900 B 28ms
23ms Document
text/html 188.165.206.157
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.prv.pl/server.php?type=bill&source=januszspiewa.prv.pl&medium=hosting-billboard-content
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 188.165.206.157 , France, ASN16276 (OVH, FR),
Reverse DNS: prv.grupapino.pl
Software: nginx /
Resource Hash: a656b4cab74124ed71ca6a3294a917fb01f1ab7244e9ee3224385a76a4b2b5c4

Request headers

Host: ad.prv.pl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://januszspiewa.prv.pl/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: _ga=GA1.2.629110262.1619036743; _gid=GA1.2.293034825.1619036743; _gat=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://januszspiewa.prv.pl/

Response headers

Server: nginx
Date: Wed, 21 Apr 2021 20:25:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

GET
H/1.1 200
OK close_x.png
ad.prv.pl/img/ 620 B
925 B 14ms
13ms Image
image/png 188.165.206.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ad.prv.pl/img/close_x.png
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 188.165.206.157 , France, ASN16276 (OVH, FR),
Reverse DNS: prv.grupapino.pl
Software: nginx /
Resource Hash: d44fe33544eb7000a4be897820643c827d44076217f2ca3376bf3134409bb9fb

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:42 GMT
Last-Modified: Wed, 02 Sep 2015 06:40:12 GMT
Server: nginx
ETag: "55e699cc-26c"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 620
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK xgemius.js Show response
goldbach.hit.gemius.pl/ 39 KB
11 KB 84ms
69ms Script
application/x-javascript 185.11.128.207
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: http://goldbach.hit.gemius.pl/xgemius.js
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 185.11.128.207 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-207.dataspace.pl
Software: GHC /
Resource Hash: 4cc4a2977a39f727036eb7c3d7655a530ccd02699044b68996584c39972f106c

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Mar 2021 11:13:20 GMT
Server: GHC
Vary: Accept-Encoding,Origin
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: none
Content-Type: application/x-javascript
Keep-Alive: timeout=10
Content-Length: 10552
Expires: Thu, 22 Apr 2021 08:25:43 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 18ms
17ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-480911-15&cid=629110262.1619036743&jid=1689577012&gjid=510890547&_gid=293034825.1619036743&_u=IEBAAEAAAAAAAC~&z=892594847

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 21 Apr 2021 20:25:43 GMT
content-type: text/plain
access-control-allow-origin: http://januszspiewa.prv.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rkm336.php Show response
webstat.pl/ Frame 8F7B 170 B
240 B 57ms
57ms Document
text/html 176.31.240.87
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://webstat.pl/rkm336.php
Requested by: Host: webstat.pl
URL: https://webstat.pl/jscb.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.31.240.87 , France, ASN16276 (OVH, FR),
Reverse DNS: biz.os.pl
Software: nginx /
Resource Hash: 49ef96f326e441c19170fe2ed4a58be326926c6b59d8f0ed8f970ca966df79fd

Request headers

:method: GET
:authority: webstat.pl
:scheme: https
:path: /rkm336.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://januszspiewa.prv.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://januszspiewa.prv.pl/

Response headers

server: nginx
date: Wed, 21 Apr 2021 20:25:43 GMT
content-type: text/html
content-encoding: gzip

GET
H2 200 wsimg.php
webstat.pl/ 69 B
289 B 48ms
48ms Image
image/png 176.31.240.87
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webstat.pl/wsimg.php?w=6458&p=7708&u=1&ua=1&o=1&r=&l=http://januszspiewa.prv.pl/&c=24&x=1600&y=1200&k=1&q=
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.31.240.87 , France, ASN16276 (OVH, FR),
Reverse DNS: biz.os.pl
Software: nginx /
Resource Hash: 126a629b1a5b11de957e290957f73e9bf7abf7cf63eb0ddb7eb5db95edfdff2a

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:43 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Wed, 21 Apr 2021 20:25:43 GMT
server: nginx
content-type: image/png

GET
H2 200 counterb.php
webstat.pl/ 149 B
360 B 22ms
21ms Image
image/png 176.31.240.87
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webstat.pl/counterb.php?w=6458&p=7708
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.31.240.87 , France, ASN16276 (OVH, FR),
Reverse DNS: biz.os.pl
Software: nginx /
Resource Hash: df4163856210708618de447a46ce56755595283328dff369a2ccc3e9dd052fca

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:43 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Wed, 21 Apr 2021 20:25:43 GMT
server: nginx
content-type: image/png

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
28ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1672905135&t=pageview&_s=1&dl=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&ul=en-us&de=UTF-8&dt=JanuszSpiewa%20~I%27m%20abuser&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUABAAAAAC~&jid=790532729&gjid=586954122&cid=629110262.1619036743&tid=UA-167603030-1&_gid=293034825.1619036743&_r=1&gtm=2ou472&z=2085857168

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://januszspiewa.prv.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-167603030-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3125
date: Wed, 21 Apr 2021 19:33:38 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 21 Apr 2021 21:33:38 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
117 B 34ms
34ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-480911-15&cid=629110262.1619036743&jid=1689577012&_u=IEBAAEAAAAAAAC~&z=1791296898

Requested by

Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 35ms
35ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-480911-15&cid=629110262.1619036743&jid=1689577012&_u=IEBAAEAAAAAAAC~&z=1791296898

Requested by

Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

analytics.js Show response
www.google-analytics.com/ Frame 1077
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
19 KB

8ms
7ms

Script
text/javascript

2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/prv_billboard_iefix.html?cat=komputery_i_internet&sub=oprogramowanie&site=januszspiewa.prv.pl&adult=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3125
date: Wed, 21 Apr 2021 19:33:38 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 21 Apr 2021 21:33:38 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK ajs.php Show response
ox2.sterta.pl/www/delivery/ Frame 1077 1 KB
2 KB 19ms
18ms Script
text/javascript 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://ox2.sterta.pl/www/delivery/ajs.php?zoneid=43&cat=komputery_i_internet&sub=oprogramowanie&adult=0&cb=56996660855&charset=UTF-8&loc=http%3A//januszspiewa.prv.pl/prv_billboard_iefix.html%3Fcat%3Dkomputery_i_internet%26sub%3Doprogramowanie%26site%3Djanuszspiewa.prv.pl%26adult%3D0&referer=http%3A//januszspiewa.prv.pl/
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6aec921df67d37c33f5745245eba2482f586a8ac453ea354da455318b7896722

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 20:25:42 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 rn.js Show response
spolecznosci.net/js/modules/ 201 KB
69 KB 25ms
17ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/rn.js?h=dce8ff46a7b182f20694

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

8da190f1aac81835acd7cdb1dbebb700a733974543e0ce8b8df9f0f280278716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
content-encoding: gzip
last-modified: Mon, 29 Mar 2021 06:37:26 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Thu, 21 Apr 2022 20:25:43 GMT

GET
H2 200 webklatka_da_-50.jpg
webstat.pl/rkm/ Frame 8F7B 66 KB
66 KB 23ms
22ms Image
image/jpeg 176.31.240.87
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webstat.pl/rkm/webklatka_da_-50.jpg
Requested by: Host: webstat.pl
URL: https://webstat.pl/rkm336.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.31.240.87 , France, ASN16276 (OVH, FR),
Reverse DNS: biz.os.pl
Software: nginx /
Resource Hash: e212ad536e148368978ece4afe62ad5a1135b3a712a2f8f3e383e9486488c215

Request headers

Referer: https://webstat.pl/rkm336.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
last-modified: Wed, 09 Dec 2020 08:04:56 GMT
server: nginx
etag: "5fd08528-1067c"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 67196

GET
H2 200 main.js Show response
a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/ Frame 1077 63 KB
19 KB 23ms
22ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Requested by

Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

2083bc94ca09560380c3aea0e04b7436b1aa9b0f0febd113b87ca2b828937830

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300
strict-transport-security: max-age=31536000
expires: Wed, 21 Apr 2021 20:29:25 GMT

GET
H/1.1 200
OK lg.php
ox2.sterta.pl/www/delivery/ Frame 1077 43 B
546 B 18ms
17ms Image
image/gif 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ox2.sterta.pl/www/delivery/lg.php?bannerid=624&campaignid=194&zoneid=43&loc=http%3A%2F%2Fjanuszspiewa.prv.pl%2Fprv_billboard_iefix.html%3Fcat%3Dkomputery_i_internet%26sub%3Doprogramowanie%26site%3Djanuszspiewa.prv.pl%26adult%3D0&referer=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&cb=6693910374
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/prv_billboard_iefix.html?cat=komputery_i_internet&sub=oprogramowanie&site=januszspiewa.prv.pl&adult=0
Protocol: HTTP/1.1
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 20:25:42 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Type: image/gif
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

fpdata.js Show response
goldbach.hit.gemius.pl/_sslredir/
Redirect Chain

http://goldbach.hit.gemius.pl/fpdata.js?href=januszspiewa.prv.pl
https://goldbach.hit.gemius.pl/_sslredir/fpdata.js?href=januszspiewa.prv.pl

275 B
474 B

155ms
72ms

Script
application/x-javascript

185.11.128.207
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://goldbach.hit.gemius.pl/_sslredir/fpdata.js?href=januszspiewa.prv.pl
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.207 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-207.dataspace.pl
Software: GHC /
Resource Hash: 89d88a0a6557a254d3b4b4680213e4f2d5143c4980823b053fdd732a2a546366

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
accept-ranges: none
content-type: application/x-javascript
content-length: 275
expires: Fri, 21 May 2021 20:25:43 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 20:25:43 GMT
Server: GHC
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Location: https://goldbach.hit.gemius.pl/_sslredir/fpdata.js?href=januszspiewa.prv.pl
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Accept-Ranges: none
Keep-Alive: timeout=10
Content-Length: 0
Expires: Tue, 20 Apr 2021 20:25:43 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame 1077 2 B
22 B 26ms
26ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=132232874&t=pageview&_s=1&dl=http%3A%2F%2Fjanuszspiewa.prv.pl%2Fprv_billboard_iefix.html%3Fcat%3Dkomputery_i_internet%26sub%3Doprogramowanie%26site%3Djanuszspiewa.prv.pl%26adult%3D0&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=750x200&je=0&_u=AACAAEABAAAAAC~&jid=&gjid=&cid=629110262.1619036743&tid=UA-480911-15&_gid=293034825.1619036743&_slc=1&z=1531976674

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://januszspiewa.prv.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a.js Show response
spolecznosci.net/js/modules/ 76 KB
13 KB 16ms
15ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/a.js?h=1aac4ab039cb3cf6a650

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

7a10794dbcfc266390ebf771db25804dcfac2555abd239f648b3a1039d665271

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 19:29:36 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Thu, 21 Apr 2022 20:25:43 GMT

GET
H2 200 hb.js Show response
spolecznosci.net/js/modules/ 573 KB
152 KB 17ms
16ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/hb.js?h=8784a48c045389e40ff3

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

664692175c417848e41aebe21c7e7be9b281ea09f31bd3808a4c4fbcf361a439

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 12:13:10 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Thu, 21 Apr 2022 20:25:43 GMT

GET
H2 200 au.js Show response
spolecznosci.net/js/modules/ 9 KB
2 KB 16ms
16ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/au.js?h=09e965cf4a5b4fdcb719

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

5ccbdf5d86e1ea9e3ce8f6e5f58a243245ed1c1db5da26be3d57ff37e2296d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 19:29:36 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Thu, 21 Apr 2022 20:25:43 GMT

GET
H2 200 geo_eu Show response
a.spolecznosci.net/ 34 B
227 B 46ms
15ms XHR
application/json 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/geo_eu

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/rn.js?h=dce8ff46a7b182f20694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

efa2505c6f92532a87016f22c8c1ebccf158e00abc3bbe9beb4ef1353792ce91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
server: nginx
strict-transport-security: max-age=31536000
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
content-length: 34
expires: Thu, 22 Apr 2021 20:25:43 GMT

GET
H2 200 rn.js Show response
spolecznosci.net/js/modules/ Frame 1077 201 KB
69 KB 18ms
17ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/rn.js?h=dce8ff46a7b182f20694

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

8da190f1aac81835acd7cdb1dbebb700a733974543e0ce8b8df9f0f280278716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
content-encoding: gzip
last-modified: Mon, 29 Mar 2021 06:37:26 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Thu, 21 Apr 2022 20:25:43 GMT

GET
H2 200 pr.js Show response
spolecznosci.net/js/modules/ 1 KB
934 B 15ms
15ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/pr.js?h=f7bf8ea63107d9683a3e

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

989e1f778b2b37ef61248011421bfca5c456464fc4c0db4de5f5b466779ff22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 19:29:36 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Thu, 21 Apr 2022 20:25:43 GMT

GET
H2 200 data.17.htm Show response
spolecznosci.net/files/ Frame B647 49 KB
17 KB 15ms
15ms Document
text/html 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/files/data.17.htm?Ho_januszspiewa.prv.pl/Spfp_db6011ae48907c10ad9aa6f93e0b9fb6

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/rn.js?h=dce8ff46a7b182f20694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

3fa018f2bc3517b45657677a9237162cf6531be769e7c104d0848465dd99ed78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: spolecznosci.net
:scheme: https
:path: /files/data.17.htm?Ho_januszspiewa.prv.pl/Spfp_db6011ae48907c10ad9aa6f93e0b9fb6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://januszspiewa.prv.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://januszspiewa.prv.pl/

Response headers

server: nginx
date: Wed, 21 Apr 2021 20:25:43 GMT
content-type: text/html
last-modified: Thu, 11 Mar 2021 19:29:36 GMT
vary: Accept-Encoding
expires: Thu, 21 Apr 2022 20:25:43 GMT
cache-control: max-age=31536000 public
content-encoding: gzip
strict-transport-security: max-age=31536000

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 136ms
92ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&domain=januszspiewa.prv.pl&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: http://januszspiewa.prv.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: http://januszspiewa.prv.pl
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 2938
date: Wed, 21 Apr 2021 20:25:42 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&domain=januszspiewa.prv.pl&cw=1
https://mug.criteo.com/sid?cpp=ODOGfXxOdEMrbzFrRUdUeERkNzJVandTMW42WFNvWGMvYStENFgvRDdWMkRWZnpGbjYwbnlXbExKbXF5MTdadzIrUk5GUSs0MCt1cEtDQTIzZjdObjdIUWxWUS9Mc2JKOEppVjc3djZCZ1NtV05yWEEwQWdIU3RwNHJYS1...

331 B
618 B

63ms
21ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ODOGfXxOdEMrbzFrRUdUeERkNzJVandTMW42WFNvWGMvYStENFgvRDdWMkRWZnpGbjYwbnlXbExKbXF5MTdadzIrUk5GUSs0MCt1cEtDQTIzZjdObjdIUWxWUS9Mc2JKOEppVjc3djZCZ1NtV05yWEEwQWdIU3RwNHJYS1o2YUl5dGVIZDBsSnd0WFlYWmhvOWxWcUkzZGNFdFMyMGd1NENtZG1SWnBpQlc1SGxoMllFNGwraFRvbkJ3UzkxODR6eWdUMFZidEpwcFJlK0FXbXdSTU5HVXNRa3Y4RG1LTmxvbmxkd1dxMTRkcWpESE44PXw&cppv=2

Requested by

Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

29c68064fe9bdf057615fc18d213c9d6f030ec24d052d36e2f33baeb4d43634c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 21 Apr 2021 20:25:43 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1765
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 21 Apr 2021 20:25:42 GMT
location: https://mug.criteo.com/sid?cpp=ODOGfXxOdEMrbzFrRUdUeERkNzJVandTMW42WFNvWGMvYStENFgvRDdWMkRWZnpGbjYwbnlXbExKbXF5MTdadzIrUk5GUSs0MCt1cEtDQTIzZjdObjdIUWxWUS9Mc2JKOEppVjc3djZCZ1NtV05yWEEwQWdIU3RwNHJYS1o2YUl5dGVIZDBsSnd0WFlYWmhvOWxWcUkzZGNFdFMyMGd1NENtZG1SWnBpQlc1SGxoMllFNGwraFRvbkJ3UzkxODR6eWdUMFZidEpwcFJlK0FXbXdSTU5HVXNRa3Y4RG1LTmxvbmxkd1dxMTRkcWpESE44PXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: http://januszspiewa.prv.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1726
content-length: 482
expires: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 2 KB
2 KB 211ms
140ms XHR
application/json 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTUyODU4MSZ0cmFuc2FjdGlvbklkPTE1MDY1NDgyLTljMTktNDExNi1hYzEzLTNkZDBjZmU1NGMwYyZyY3VyPVBMTg%3D%3D&bWlkPTE0NzA3NiZ0cmFuc2FjdGlvbklkPWFiNmVkMGI5LTlmN2ItNDQ2ZC05OTE2LWZhZmJlYzFjZmM5OSZyY3VyPVBMTg%3D%3D&pt=gross&stid=447c1190-7d07-47f4-8c32-d6282e87a59a&fd=1&eids=eyJwdWJjaWQub3JnIjp7ImZhM2ZhOTQyLTU4MDAtNDUyMi05YjYzLThjZDJhZGVkZWZkOCI6WzFdfX0%3D

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8784a48c045389e40ff3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

aea1d04e964e02f52f3af3271228c21b1bb2cd62daea9cc7de3aa96b2c51b5ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:43 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://januszspiewa.prv.pl
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 prebid Show response
mp.4dex.io/ 2 KB
1 KB 59ms
42ms XHR
application/json 35.227.247.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8784a48c045389e40ff3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.247.230 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 788babd55e5658abb5a11316ceccef3d6bd7f532ecb38249868246be9ef61405

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
x-err: Validating the prebid AdRequest adunits. Sampled or No valid non-debug AdUnits
content-encoding: gzip
x-openrtb-version: 2.5
date: Wed, 21 Apr 2021 20:25:43 GMT
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://januszspiewa.prv.pl
no-bid: true
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 650
via: 1.1 google
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
148 B 76ms
29ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.25.0&cb=70660830924
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8784a48c045389e40ff3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://januszspiewa.prv.pl
date: Wed, 21 Apr 2021 20:25:43 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 258 B
2 KB 257ms
164ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17256&site_id=163612&zone_id=784946&size_id=9&alt_size_ids=8&p_pos=btf&rp_schain=1.0,1!spolecznosci.pl,4796,1,,,&eid_pubcid.org=fa3fa942-5800-4522-9b63-8cd2adedefd8%5E1&rf=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&tk_flint=pbjs_lite_v4.25.0&x_source.tid=59c27139-520c-4663-9713-0908174c666e&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.9268164087923392
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8784a48c045389e40ff3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3482f5ef38d6ea9a60e7d77c0e1180d970f057220ca1e0f7cd9a97c7f45cf951

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 20:25:43 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://januszspiewa.prv.pl
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 258
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
180 B 67ms
33ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8784a48c045389e40ff3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://januszspiewa.prv.pl
date: Wed, 21 Apr 2021 20:25:43 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 260 B
1 KB 175ms
139ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8784a48c045389e40ff3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

9f45eea0aa51eba208b906cfeabe0c382fdc84e0244232641e8e21f551a25c39

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 20:25:43 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.179:80
AN-X-Request-Uuid: 77960892-a444-4240-baa3-47b4e8949aa4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://januszspiewa.prv.pl
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 260
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ad.json Show response
gpl.adocean.pl/__/_1619036743/
Redirect Chain

https://gpl.adocean.pl/_533129670592845/ad.json?id=vXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J..F7&aosspsizes=gplrdgkbirhkn~160x600
https://gpl.adocean.pl/__/_533129670592845/ad.json?id=vXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J..F7&aosspsizes=gplrdgkbirhkn~160x600
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1619036743%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DvXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J.....
https://gpl.adocean.pl/__/_1619036743/ad.json?hclsdata=&hcudata=fEkXTc8mm2neAJXckiqfy6HLW0bjL6Tz67wZXlS23UX.s7&id=vXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J..F7&aosspsizes=gplrdgkbirhkn~160x600

60 B
246 B

206ms
206ms

XHR
text/json

85.194.243.83
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/_1619036743/ad.json?hclsdata=&hcudata=fEkXTc8mm2neAJXckiqfy6HLW0bjL6Tz67wZXlS23UX.s7&id=vXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J..F7&aosspsizes=gplrdgkbirhkn~160x600
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.83 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
Software: GAD /
Resource Hash: ebc4630cd9254c69deb4a342db24b7d118cadce3e3f22e2339dd4270a2a1297b

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:43 GMT
server: GAD
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-type: text/json
content-length: 60
expires: Tue, 20 Apr 2021 20:25:43 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:43 GMT
server: GHC
access-control-allow-origin: null
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://gpl.adocean.pl/__/_1619036743/ad.json?hclsdata=&hcudata=fEkXTc8mm2neAJXckiqfy6HLW0bjL6Tz67wZXlS23UX.s7&id=vXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J..F7&aosspsizes=gplrdgkbirhkn~160x600
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Tue, 20 Apr 2021 20:25:43 GMT

GET
H2

200

ad.json Show response
gpl.adocean.pl/__/_1619036743/
Redirect Chain

https://gpl.adocean.pl/_8404514426931187/ad.json?id=qBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb.L7&aosspsizes=gpllfehiserpd~120x600
https://gpl.adocean.pl/__/_8404514426931187/ad.json?id=qBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb.L7&aosspsizes=gpllfehiserpd~120x600
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1619036743%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DqBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb....
https://gpl.adocean.pl/__/_1619036743/ad.json?hclsdata=&hcudata=fOOxUUUYoIfWwRbylqU4LYIQ_zcNHITrgOVJi23_jdL.e7&id=qBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb.L7&aosspsizes=gpllfehiserpd~120x600

60 B
262 B

112ms
111ms

XHR
text/json

85.194.243.83
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/_1619036743/ad.json?hclsdata=&hcudata=fOOxUUUYoIfWwRbylqU4LYIQ_zcNHITrgOVJi23_jdL.e7&id=qBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb.L7&aosspsizes=gpllfehiserpd~120x600
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.83 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
Software: GAD /
Resource Hash: 79026558a34822dc06c3b5c47ea13057fd3f235296610974d6c97e67471665db

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:43 GMT
server: GAD
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-type: text/json
content-length: 60
expires: Tue, 20 Apr 2021 20:25:43 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:43 GMT
server: GHC
access-control-allow-origin: null
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://gpl.adocean.pl/__/_1619036743/ad.json?hclsdata=&hcudata=fOOxUUUYoIfWwRbylqU4LYIQ_zcNHITrgOVJi23_jdL.e7&id=qBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb.L7&aosspsizes=gpllfehiserpd~120x600
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Tue, 20 Apr 2021 20:25:43 GMT

GET
H2

200

ad.json Show response
gpl.adocean.pl/__/_1619036743/
Redirect Chain

https://gpl.adocean.pl/_7779309267546666/ad.json?id=.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj.A7&aosspsizes=gplnakqdtjfqd~160x600
https://gpl.adocean.pl/__/_7779309267546666/ad.json?id=.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj.A7&aosspsizes=gplnakqdtjfqd~160x600
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1619036743%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj....
https://gpl.adocean.pl/__/_1619036743/ad.json?hclsdata=&hcudata=IkMRs5YbumEqhFjFp4vS.WCyW2bjw7cnmusx5s9dTIP.a7&id=.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj.A7&aosspsizes=gplnakqdtjfqd~160x600

60 B
246 B

190ms
190ms

XHR
text/json

85.194.243.83
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/_1619036743/ad.json?hclsdata=&hcudata=IkMRs5YbumEqhFjFp4vS.WCyW2bjw7cnmusx5s9dTIP.a7&id=.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj.A7&aosspsizes=gplnakqdtjfqd~160x600
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.83 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
Software: GAD /
Resource Hash: f584b9d8d1efc5b95fabd3eecb68727a44484c2bce6a16924c58bdd8ecdad427

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:43 GMT
server: GAD
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-type: text/json
content-length: 60
expires: Tue, 20 Apr 2021 20:25:43 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:43 GMT
server: GHC
access-control-allow-origin: null
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://gpl.adocean.pl/__/_1619036743/ad.json?hclsdata=&hcudata=IkMRs5YbumEqhFjFp4vS.WCyW2bjw7cnmusx5s9dTIP.a7&id=.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj.A7&aosspsizes=gplnakqdtjfqd~160x600
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Tue, 20 Apr 2021 20:25:43 GMT

GET
H2

200

ad.json Show response
gpl.adocean.pl/__/_1619036743/
Redirect Chain

https://gpl.adocean.pl/_6708569208802193/ad.json?id=Og9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf.y7&aosspsizes=gplxbinknnokt~120x600
https://gpl.adocean.pl/__/_6708569208802193/ad.json?id=Og9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf.y7&aosspsizes=gplxbinknnokt~120x600
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1619036743%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DOg9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf....
https://gpl.adocean.pl/__/_1619036743/ad.json?hclsdata=&hcudata=fOmx88_ceu80cjOd2t0vo4JwW2cNDKUZgF_z_m6adcz.u7&id=Og9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf.y7&aosspsizes=gplxbinknnokt~120x600

60 B
246 B

314ms
314ms

XHR
text/json

85.194.243.83
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/_1619036743/ad.json?hclsdata=&hcudata=fOmx88_ceu80cjOd2t0vo4JwW2cNDKUZgF_z_m6adcz.u7&id=Og9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf.y7&aosspsizes=gplxbinknnokt~120x600
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.83 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
Software: GAD /
Resource Hash: e428854f4607fbc8e99c64f4eac50fad7911242de9842c23d03a2bce44e7d7ec

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:43 GMT
server: GAD
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-type: text/json
content-length: 60
expires: Tue, 20 Apr 2021 20:25:43 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:43 GMT
server: GHC
access-control-allow-origin: null
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://gpl.adocean.pl/__/_1619036743/ad.json?hclsdata=&hcudata=fOmx88_ceu80cjOd2t0vo4JwW2cNDKUZgF_z_m6adcz.u7&id=Og9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf.y7&aosspsizes=gplxbinknnokt~120x600
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Tue, 20 Apr 2021 20:25:43 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
919 B 66ms
28ms XHR
application/json 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8784a48c045389e40ff3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://januszspiewa.prv.pl
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 261 B
1 KB 86ms
51ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8784a48c045389e40ff3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a566a2afe30443e5c55766281a3ae52c419085d855b1a3c8a821d3693062ed32

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 20:25:43 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.112:80
AN-X-Request-Uuid: 65d602b6-abd6-47b2-af83-18d7414eff64
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://januszspiewa.prv.pl
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 261
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 5 KB
6 KB 103ms
67ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8784a48c045389e40ff3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 9b2711d32a132a2207eb852d41e42775173715a32ad4bcdfb6dba4b976271b4c

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://januszspiewa.prv.pl
date: Wed, 21 Apr 2021 20:25:42 GMT
cache-control: no-cache, no-store, must-revalidate
x-openrtb-version: 2.3
access-control-allow-credentials: true
content-type: application/json

GET
H2 200 a.js Show response
spolecznosci.net/js/modules/ Frame 1077 76 KB
13 KB 24ms
21ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/a.js?h=1aac4ab039cb3cf6a650

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

7a10794dbcfc266390ebf771db25804dcfac2555abd239f648b3a1039d665271

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 19:29:36 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Thu, 21 Apr 2022 20:25:43 GMT

GET
H2 200 hb.js Show response
spolecznosci.net/js/modules/ Frame 1077 573 KB
152 KB 24ms
22ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/hb.js?h=8784a48c045389e40ff3

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

664692175c417848e41aebe21c7e7be9b281ea09f31bd3808a4c4fbcf361a439

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 12:13:10 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Thu, 21 Apr 2022 20:25:43 GMT

GET
H2 200 au.js Show response
spolecznosci.net/js/modules/ Frame 1077 9 KB
2 KB 45ms
44ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/au.js?h=09e965cf4a5b4fdcb719

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

5ccbdf5d86e1ea9e3ce8f6e5f58a243245ed1c1db5da26be3d57ff37e2296d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 19:29:36 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Thu, 21 Apr 2022 20:25:43 GMT

GET
H2

200

rexdot.js Show response
goldbach.hit.gemius.pl/__/_sslredir/_1619036743681/
Redirect Chain

http://goldbach.hit.gemius.pl/_1619036743681/rexdot.js?l=100&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fjanusz...
https://goldbach.hit.gemius.pl/_sslredir/_1619036743681/rexdot.js?l=100&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%...
https://goldbach.hit.gemius.pl/__/_sslredir/_1619036743681/rexdot.js?l=100&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%...

167 B
425 B

122ms
121ms

Script
application/x-javascript

185.11.128.207
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://goldbach.hit.gemius.pl/__/_sslredir/_1619036743681/rexdot.js?l=100&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Vyu8FuqFfhZV_IBGzwoLh1BfGqwi0pG._LIQY9kxTw3.37&vis=1
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.207 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-207.dataspace.pl
Software: GHC /
Resource Hash: 3f382bcda88755760aa60861b3d5053fbcae7bb448c4e7df2731aa5254bd0b23

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:43 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: application/x-javascript
content-length: 167
expires: Tue, 20 Apr 2021 20:25:43 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:43 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_sslredir/_1619036743681/rexdot.js?l=100&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Vyu8FuqFfhZV_IBGzwoLh1BfGqwi0pG._LIQY9kxTw3.37&vis=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Tue, 20 Apr 2021 20:25:43 GMT

GET
H2 200 geo_snet Show response
a.spolecznosci.net/ Frame B647 158 B
354 B 26ms
26ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/geo_snet?cb=extraDataCached&di={%22width%22:1200,%22height%22:1600,%22ratio%22:1}

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/files/data.17.htm?Ho_januszspiewa.prv.pl/Spfp_db6011ae48907c10ad9aa6f93e0b9fb6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

dd76128f0531e9806e2001e8975586544e5c454efe39ee318699ad6027930ac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spolecznosci.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
server: nginx
strict-transport-security: max-age=31536000
x-cache: MISS
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=3600
content-length: 158
expires: Wed, 21 Apr 2021 21:25:43 GMT

GET
H2 200 index.php Show response
spolecznosci.net/save/ Frame B647 2 B
235 B 22ms
21ms XHR
text/html 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/save/index.php?spfp=db6011ae48907c10ad9aa6f93e0b9fb6&x=Wo.55~Kr.DE~Re.2950159~Ad.0~Os.WINDOWS%2010-0~Ua.CHROME-89~Isp.OTHER&attr=%7B%22januszspiewa.prv.pl%22%3A%7B%22pv%22%3A0%2C%22last%22%3A%222021-04-21T20%3A25%3A43.699Z%22%7D%7D

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/files/data.17.htm?Ho_januszspiewa.prv.pl/Spfp_db6011ae48907c10ad9aa6f93e0b9fb6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spolecznosci.net/files/data.17.htm?Ho_januszspiewa.prv.pl/Spfp_db6011ae48907c10ad9aa6f93e0b9fb6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://spolecznosci.net
access-control-allow-credentials: true
strict-transport-security: max-age=31536000

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 69ms
22ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1042
date: Wed, 21 Apr 2021 20:25:43 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 pr.js Show response
spolecznosci.net/js/modules/ Frame 1077 1 KB
934 B 20ms
15ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/pr.js?h=f7bf8ea63107d9683a3e

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

989e1f778b2b37ef61248011421bfca5c456464fc4c0db4de5f5b466779ff22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 19:29:36 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Thu, 21 Apr 2022 20:25:43 GMT

GET
H2 200 data.17.htm Show response
spolecznosci.net/files/ Frame 481B 49 KB
17 KB 16ms
15ms Document
text/html 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/files/data.17.htm?Ho_januszspiewa.prv.pl/Spfp_db6011ae48907c10ad9aa6f93e0b9fb6

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/rn.js?h=dce8ff46a7b182f20694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

3fa018f2bc3517b45657677a9237162cf6531be769e7c104d0848465dd99ed78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: spolecznosci.net
:scheme: https
:path: /files/data.17.htm?Ho_januszspiewa.prv.pl/Spfp_db6011ae48907c10ad9aa6f93e0b9fb6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://januszspiewa.prv.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: lsccs1_currentVersion=w%2501i%2503%25C3%258F%25C2%25AE*%2504%2560%253A%25C2%2590%25C3%259A%25C2%25A9%2516%25C3%2586W%25C2%25A8%25C3%25865; lsccs1_currentMain=%253C%2502j%251F%25C2%2582%25C3%25B8!%2512v8%25C3%2593%25C2%258B%25C2%259D%2516%25C3%258A%2503%25C2%25A3%25C3%2587'u*%25C2%258D%25C3%25B0%25C3%258E%2510%25C2%25AAgc%2511%25C3%259B%25C2%25A9%25C3%25B4k%251D%25C2%2596%25C3%25B0n%257B%25C2%258Er9%25C3%25AB%25C3%25A8O%25C2%25A0%253A%255C3%25C2%25BEX%25C3%25B4%253F%252F%255E%25C3%259E%25C3%25B6%25C3%25BC%251F%25C2%25B2KBf4W8%2505%257C%25C2%2589%257B%25C2%2580%2523%25C3%25BF%25C3%2584atzA*%25C3%2597%2525%25C3%2586%25C2%25AF%25C2%25B0I%25C3%2593%2522XV%2519Z%25C3%258A%2505%2504_%25C3%25AA%25C3%2585%25C3%25BEc%253D%25C3%2580%25C2%259C%250B%2519y%25C3%2595%2560x%25C2%25B4%25C3%25A1%25C3%2592%25C2%25B1%25C2%25ABX%25C2%2595%25C2%25A3%25C2%258Ah%2502T%25C2%258E%25C3%2593%25C3%2596V5%25C2%2597%2513~%25C3%25B9%25C3%258B%25037%25C3%259B3%25C2%25BF%2518%25C2%2580%2519%252B%2512X%25C3%25A5%25C2%258F%2515%25C3%25AD%25C3%25A5%25C2%2599%25C3%2587%25C2%25A5%2522%25C3%2581%25C2%2580c%25C2%25A7)%2517%25C3%2582%25C2%259D~%25C2%25A5%2510%25C2%25BB%2519%2525D%25C2%25B5!%25C2%259Bf%25C2%25B2mzM%25C2%259Dz%25C3%2585X%2508%251C%2509; tgx=v%3A1%7CWo%3A55%7CKr%3ADE%7CRe%3A2950159%7CAd%3A0%7CSw%3A1600%7COs%3AWINDOWS%2010-0%7CUa%3ACHROME-89%7CCt%3ARESIDENTIAL%7CIsp%3AOTHER; lsccs1_currentStats=%253C%2502H%2516%25C3%2586%25C2%2586.%2513%257Fv%25C3%2585%25C2%258B%25C3%25B8O%25C3%259A%2508%25C3%25A0%25C2%2582%257F44%25C2%259E%25C3%25B3%25C2%2593%2502%25C2%25AA%2560c%2507%25C3%258D%25C3%2591%25C2%25A8%257F%251E%25C2%258D%25C3%25AE%2509u%25C2%2580%253C%250A%25C3%25BD%25C2%25BE!%25C3%25B0i%250Bu%25C3%25A3%2500%25C2%25B2ud%251D%25C2%2592%25C2%2595%25C2%25A2%251F%25C2%25BAK%255CuJ%2510.%2512%257F%25C2%258E%251F%25C2%2582%253F%25C3%25A7%25C2%25A3%2520lt%251Cq%25C2%258Dp%25C3%2592%25C3%2597%25C3%259D%2516%25C3%2593n%2513r9%2560%25C3%25BDhiw%25C3%25A8%25C2%25A0%25C2%25A1*l%25C2%259B%25C2%2592%2513%25266%25C2%259D%253Bx%25C2%25B4%25C3%25BE%25C3%2584%25C3%25AE%25C3%25B9d%25C2%2591%25C3%25B6%25C3%2591d1n%25C2%25AA%25C2%25B2%25C3%25AB%257F%253A%25C2%2595%251B!%25C3%25B9%25C3%258B%25236%25C2%258B%257B%25C3%25B8%2524%25C2%25B1%251D%25073v%25C2%2589%25C3%25A1'%25C2%258E%25C3%2583%25C3%259A%25C2%2585%25C3%25B2%2518%25C3%2588%25C2%25831%25C3%25B4n%252F%25C3%25B7%25C3%25BBK%25C2%2585D%25C3%25A8H%251A%2516%25C3%25A0%257C%25C2%2583)%25C3%25AA%2560%2560L%25C2%258Cv%25C2%2585B%2520%2507%2519%25C2%259C%25C2%25A9%25C2%25BF%2515%25C2%259C%25C2%25B3%25C2%258E%25C3%25A5%25C2%258F%25C3%25BA5Ly%25C3%259DX%2508%25C3%2597%25C3%25A7%2512%25C3%258F%2520%25C3%25A3q%25C3%259D%25C2%25A1%2518%25C3%25B8%252B%25C2%25A39%25C3%2588%25C3%2587n%2517%25C2%25BE%25C2%2596%25C3%25B8%25C2%25B6%25C3%25A2%2503%25C2%25ACH%25C3%25B7%25C2%25BF2%25C2%2598)c!%25C3%25B2%25C3%25A6%25C3%258B%2503%25C2%258Bn%25C2%25953Eu%25C2%2594%25C3%2591%25C2%25A8%25C2%25A7%2518%25C3%25B0%25C2%2583%255B%251B%25C3%25AB%25C2%25B5%25C3%25BF%25C3%2586%25C3%25ADN%25C3%25AE!%2515%25C3%25B3%251C%25C3%25AC%25C3%258D%25C3%2583%2507%252Fo%25C2%2599%2525%253BZH%25C3%25B0%251D%2512P%25C2%259E%25C3%25BA4O%25C2%25B2%25C3%25A6z%25C2%258E%255B%25C2%2593j%25C3%258D%25C2%25BAl%2507%251F5'%25C3%25A7%25C2%25A9%25C3%25AD%25C2%2584I%25C3%25BC%2560v%25C3%2595%25C2%25B6%25C3%2584%25C2%25B5%25C3%2589%2505-%2517%25C2%259A%2520u%25C3%25B6%25C3%25B2%25C3%25B3%25C3%25AE%25C2%2589%2517%25C3%25A8%25C2%2592%25C2%2588Q%2522%25C3%25BB%25C2%2596%25C2%258B%2509%2511%25C2%25A7%25C3%259EI%25C3%25B7%2525X%253Af%25C2%25B3%25C3%2595%2522%25C3%2584WZ%2500%2518-%2504%253A%25C2%25A9%25C2%258C%252F%25C2%259FQ%253A%25C2%258DK%25C3%25BA%25C3%2597%25C3%25A5M%2513%255D%2500%250C%25C2%25B1y%2526%25C3%25B8%253B%25C2%258E*%25C2%25A9%25C3%25A8%25C2%25BA%25C3%25A0%257C%251CD
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://januszspiewa.prv.pl/

Response headers

server: nginx
date: Wed, 21 Apr 2021 20:25:43 GMT
content-type: text/html
last-modified: Thu, 11 Mar 2021 19:29:36 GMT
vary: Accept-Encoding
expires: Thu, 21 Apr 2022 20:25:43 GMT
cache-control: max-age=31536000 public
content-encoding: gzip
strict-transport-security: max-age=31536000

GET
H2 200 geo_snet Show response
a.spolecznosci.net/ Frame 481B 158 B
354 B 15ms
15ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/geo_snet?cb=extraDataCached&di={%22width%22:1200,%22height%22:1600,%22ratio%22:1}

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/files/data.17.htm?Ho_januszspiewa.prv.pl/Spfp_db6011ae48907c10ad9aa6f93e0b9fb6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

dd76128f0531e9806e2001e8975586544e5c454efe39ee318699ad6027930ac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spolecznosci.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:43 GMT
server: nginx
strict-transport-security: max-age=31536000
x-cache: MISS
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=3600
content-length: 158
expires: Wed, 21 Apr 2021 21:25:43 GMT

POST
H2 200 pet Show response
a.spolecznosci.net/ 6 KB
2 KB 18ms
17ms XHR
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/pet?x=1888%2C421&uu=null&cpmc=true&safe=1&ut=&cb=5394961808&uq=166168743326.670871&ref=http%253A%252F%252Fjanuszspiewa.prv.pl%252F&n=0.7246961593003114&bw=1600&bh=1200&spfp=db6011ae48907c10ad9aa6f93e0b9fb6

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/a.js?h=1aac4ab039cb3cf6a650

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

6bed9f4c6b5b0da7b052a8423d03f33c385b2c19aa15e29b4439821cb4cf779b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 21 Apr 2021 20:25:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: http://januszspiewa.prv.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 l.js Show response
spolecznosci.net/js/modules/ 2 KB
2 KB 15ms
15ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/l.js?h=95634d441ebf1065ce7c

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

cb28fc8822220023495cab439d75ed1a50be08683c9cea5be6323c3b641394b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:44 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 19:29:36 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Thu, 21 Apr 2022 20:25:44 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 7958 963 B
1 KB 31ms
28ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=35871864;rtbwp=0.173172;rtbdata=qv4_SXKLksHq0a-tjvq4z_pVX_Q3T_3R6McBP4ZyGSMs50KmFkCjRIdXyCnm7KWzEdnwTYRAmhR-jiFEtOsuktG7yWO3f_hAkvZj6sNWVNm4OCqoCoFZo2RNhzVTVFuyrLXWmVhV5NDFEzYSZNQgd8GvrpqdQ5-G2mmOssiaPuGIBt2tE7rbj8Jx1pgvOtdZonybdOv0z95unVQqRJ4g0hJgRq5nal3JZPSVCRcBPzE1

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8784a48c045389e40ff3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

fa14db52cf261082272462590ec8674daee2c742ac0905bb29180819191bfb43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 824
expires: -1

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 85A2 1 KB
2 KB 31ms
29ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=45021679;rtbwp=jBGkJuzGaz68O6DqB5FI-KzboUFQG3yp0;rtbdata=dXdMGxpDTSTKtDjOSjMOyQlAkxx7eV9fdH1sTssKcN2lyUV6egrjI1iUvI3qLTOGKMwZJ9uzlXQwsWEsnnPHYYvnj-ALKl4efrKtRFTZ4jL6MRflRfo-ap3K1TPVhTUNnwnCre4Zgn885T6KfIbG6U9_GGRSLoCpgTKg2KSceCK5A-hS4CSjibJxYiOvA0g6Qbfc4QmQQz1bjM_ACf0GpFuSOpMYV0JJQC2n6z-NKiUb1e3OZG6TQaPfEVvpSB9twDD2dX5Wk4Jr9J0xTVWEHUfoGngp_zqZXhQRTKv3aAn8UcluC-I_uMCSW04gY7MBuVjCKAgTY901;csid=5646;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=6UKz9PN8HS142u1ywTJ-2om2wRyy1gce3X8Tu6XlsmYblZiIXeiH45G4dWAZeGGw7-ItQUX26WQOQaoW9LGqOqxsidzrXduDQdiOsEljuKhqyUYVqQPz9EB1kEb32rqWKMwZJ9uzlXQwsWEsnnPHYYvnj-ALKl4ez0kIEo362VqiuQ8Zp4vrxwFn_yLVCW9QuHZKearjb4nC8IjRrXi9Sg2;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEXZCxotub-7yXRkSIXkWOhegIgWD03s4eqgC571bojUIT1Xu4Wv32D96vWmW1dlSa0;

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8784a48c045389e40ff3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

141391e77e707b4ef3462b643078503d1a4bd556b2233d90c26254381d040a05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1295
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 85A2 58 KB
24 KB 88ms
27ms Script
application/x-javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8784a48c045389e40ff3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 339915a320943d2d72b50b87a44a03dd5945df0e720619199ec003af5a7a82a9

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:44 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 09:07:43 GMT
server: nginx
etag: W/"60585e5f-e7c1"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
DATA 200
OK truncated
/ 462 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f316fbd86438f25c90ca4a161b69ebddadbdbccc57713bee4d5a4f43a0d70e97

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/622/s1.adform.net/ Frame 7958 35 KB
16 KB 87ms
60ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=35871864;rtbwp=0.173172;rtbdata=qv4_SXKLksHq0a-tjvq4z_pVX_Q3T_3R6McBP4ZyGSMs50KmFkCjRIdXyCnm7KWzEdnwTYRAmhR-jiFEtOsuktG7yWO3f_hAkvZj6sNWVNm4OCqoCoFZo2RNhzVTVFuyrLXWmVhV5NDFEzYSZNQgd8GvrpqdQ5-G2mmOssiaPuGIBt2tE7rbj8Jx1pgvOtdZonybdOv0z95unVQqRJ4g0hJgRq5nal3JZPSVCRcBPzE1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2a7a5a103d7d2d395f95fabbcbce1e975df8fee2226795a2a9880d99a3cf6cbe

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:44 GMT
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 09:15:30 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 23 Apr 2021 00:11:03 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/622/s1.adform.net/ Frame 85A2 35 KB
16 KB 96ms
70ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=45021679;rtbwp=jBGkJuzGaz68O6DqB5FI-KzboUFQG3yp0;rtbdata=dXdMGxpDTSTKtDjOSjMOyQlAkxx7eV9fdH1sTssKcN2lyUV6egrjI1iUvI3qLTOGKMwZJ9uzlXQwsWEsnnPHYYvnj-ALKl4efrKtRFTZ4jL6MRflRfo-ap3K1TPVhTUNnwnCre4Zgn885T6KfIbG6U9_GGRSLoCpgTKg2KSceCK5A-hS4CSjibJxYiOvA0g6Qbfc4QmQQz1bjM_ACf0GpFuSOpMYV0JJQC2n6z-NKiUb1e3OZG6TQaPfEVvpSB9twDD2dX5Wk4Jr9J0xTVWEHUfoGngp_zqZXhQRTKv3aAn8UcluC-I_uMCSW04gY7MBuVjCKAgTY901;csid=5646;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=6UKz9PN8HS142u1ywTJ-2om2wRyy1gce3X8Tu6XlsmYblZiIXeiH45G4dWAZeGGw7-ItQUX26WQOQaoW9LGqOqxsidzrXduDQdiOsEljuKhqyUYVqQPz9EB1kEb32rqWKMwZJ9uzlXQwsWEsnnPHYYvnj-ALKl4ez0kIEo362VqiuQ8Zp4vrxwFn_yLVCW9QuHZKearjb4nC8IjRrXi9Sg2;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEXZCxotub-7yXRkSIXkWOhegIgWD03s4eqgC571bojUIT1Xu4Wv32D96vWmW1dlSa0;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2a7a5a103d7d2d395f95fabbcbce1e975df8fee2226795a2a9880d99a3cf6cbe

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:44 GMT
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 09:15:30 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 23 Apr 2021 00:11:03 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 7958 5 KB
3 KB 30ms
30ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=35871864;rtbwp=0.173172;rtbdata=qv4_SXKLksHq0a-tjvq4z_pVX_Q3T_3R6McBP4ZyGSMs50KmFkCjRIdXyCnm7KWzEdnwTYRAmhR-jiFEtOsuktG7yWO3f_hAkvZj6sNWVNm4OCqoCoFZo2RNhzVTVFuyrLXWmVhV5NDFEzYSZNQgd8GvrpqdQ5-G2mmOssiaPuGIBt2tE7rbj8Jx1pgvOtdZonybdOv0z95unVQqRJ4g0hJgRq5nal3JZPSVCRcBPzE1;js=1;adfxid=1x;3810;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|0|0;fd=0|2&CREFURL=http%3A%2F%2Fjanuszspiewa.prv.pl%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

4afa95e1d40fa144d345cbbd550ef2cae0f938102aa4bb54e0222a50c98e6fae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2367
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 85A2 7 KB
4 KB 29ms
29ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=45021679;rtbwp=jBGkJuzGaz68O6DqB5FI-KzboUFQG3yp0;rtbdata=dXdMGxpDTSTKtDjOSjMOyQlAkxx7eV9fdH1sTssKcN2lyUV6egrjI1iUvI3qLTOGKMwZJ9uzlXQwsWEsnnPHYYvnj-ALKl4efrKtRFTZ4jL6MRflRfo-ap3K1TPVhTUNnwnCre4Zgn885T6KfIbG6U9_GGRSLoCpgTKg2KSceCK5A-hS4CSjibJxYiOvA0g6Qbfc4QmQQz1bjM_ACf0GpFuSOpMYV0JJQC2n6z-NKiUb1e3OZG6TQaPfEVvpSB9twDD2dX5Wk4Jr9J0xTVWEHUfoGngp_zqZXhQRTKv3aAn8UcluC-I_uMCSW04gY7MBuVjCKAgTY901;csid=5646;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=6UKz9PN8HS142u1ywTJ-2om2wRyy1gce3X8Tu6XlsmYblZiIXeiH45G4dWAZeGGw7-ItQUX26WQOQaoW9LGqOqxsidzrXduDQdiOsEljuKhqyUYVqQPz9EB1kEb32rqWKMwZJ9uzlXQwsWEsnnPHYYvnj-ALKl4ez0kIEo362VqiuQ8Zp4vrxwFn_yLVCW9QuHZKearjb4nC8IjRrXi9Sg2;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEXZCxotub-7yXRkSIXkWOhegIgWD03s4eqgC571bojUIT1Xu4Wv32D96vWmW1dlSa0;;js=1;adfxid=2x;10842;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|0|0;fd=0|2&CREFURL=http%3A%2F%2Fjanuszspiewa.prv.pl%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

5e42f4e2e242c30046a5559511c5b0a7b86b051ceb062045c64fccbdd3640984

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3581
expires: -1

GET
H/1.1 200
OK ad.php Show response
www.usemax.de/ Frame 7958 4 KB
2 KB 45ms
15ms Script
text/html 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemax.de/ad.php?w=99883&wf=6&campaign_o=33601&iframe=1&subid=3974131&cachebuster=1&click_c_enc=https://track.adform.net/C/?bn=35871864;crtbwp=0.173172;crtbdata=qv4_SXKLksHq0a-tjvq4z_pVX_Q3T_3R6McBP4ZyGSMs50KmFkCjRIdXyCnm7KWzEdnwTYRAmhR-jiFEtOsuktG7yWO3f_hAkvZj6sNWVNm4OCqoCoFZo2RNhzVTVFuyrLXWmVhV5NDFEzYSZNQgd8GvrpqdQ5-G2mmOssiaPuGIBt2tE7rbj8Jx1pgvOtdZonybdOv0z95unVQqRJ4g0hJgRq5nal3JZPSVCRcBPzE1;adfibeg=0;cdata=ESoMWYiZI8k2DkF8LY58e5L2Y-rDVlTZrCGHKI0xk24f1abQAnM38LpK3o3GXdWrK9mEQGQcj9yMUWKK4VFt23tt2n4OwTFixfgN7wWhehOzIYW675trIK_fiuC7IRoZmbFHWzttLaYPUposxpxyhMOO_SeixY-H4RVeP0ucXr9PuDAuPMtxzA2;;CREFURL=http%3a%2f%2fjanuszspiewa.prv.pl%2f;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.48.120.130 Hamburg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4.25 (Debian) / PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Resource Hash: 511d67b65d58132cd2e0b40ebb8ae9b34f2b7bfff04aeb472b65566c4300fc62

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:44 GMT
Content-Encoding: gzip
Server: Apache/2.4.25 (Debian)
X-Powered-By: PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Vary: Accept-Encoding
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Connection: Keep-Alive
Content-Type: text/html
Keep-Alive: timeout=3, max=70
Content-Length: 1708
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 7958 35 B
472 B 29ms
28ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=35871864&csi=Vaxq3xqDb7bl02OgAHr5TtW1-qbdvTLRwP0MH0ehkkLrygPkIxxfk9tENUnPLlfSDYSTXs_hK-mkDHr5HOk0AlPrCnuGEhx-AredxgaeTPwDvP-67D9Y4w2

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:44 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://januszspiewa.prv.pl
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/jsmetrics/ Frame 85A2 43 B
208 B 27ms
27ms Image
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/jsmetrics/?adfserve=33&asset=97&sid=276&rid=10383&cid=1739

Requested by

Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:44 GMT
last-modified: Tue, 12 Jul 2016 13:47:50 GMT
server: nginx
etag: "5784f506-2b"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H/1.1 200
OK cm.php Show response
www.usemax.de/ Frame F6DB 2 KB
1 KB 16ms
16ms Document
text/html 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemax.de/cm.php?w=99883&t=0&wf_h=600&wf_w=160&subid=3974131&rd=&ref=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&um_vars=0&iframe=1&campaign_o=33601&click_enc_enc=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D35871864%3Bcrtbwp%3D0.173172%3Bcrtbdata%3Dqv4_SXKLksHq0a-tjvq4z_pVX_Q3T_3R6McBP4ZyGSMs50KmFkCjRIdXyCnm7KWzEdnwTYRAmhR-jiFEtOsuktG7yWO3f_hAkvZj6sNWVNm4OCqoCoFZo2RNhzVTVFuyrLXWmVhV5NDFEzYSZNQgd8GvrpqdQ5-G2mmOssiaPuGIBt2tE7rbj8Jx1pgvOtdZonybdOv0z95unVQqRJ4g0hJgRq5nal3JZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DESoMWYiZI8k2DkF8LY58e5L2Y-rDVlTZrCGHKI0xk24f1abQAnM38LpK3o3GXdWrK9mEQGQcj9yMUWKK4VFt23tt2n4OwTFixfgN7wWhehOzIYW675trIK_fiuC7IRoZmbFHWzttLaYPUposxpxyhMOO_SeixY-H4RVeP0ucXr9PuDAuPMtxzA2%3B%3BCREFURL%3Dhttp%253a%252f%252fjanuszspiewa.prv.pl%252f%3BC%3D1%3Bcpdir%3D
Requested by: Host: www.usemax.de
URL: https://www.usemax.de/ad.php?w=99883&wf=6&campaign_o=33601&iframe=1&subid=3974131&cachebuster=1&click_c_enc=https://track.adform.net/C/?bn=35871864;crtbwp=0.173172;crtbdata=qv4_SXKLksHq0a-tjvq4z_pVX_Q3T_3R6McBP4ZyGSMs50KmFkCjRIdXyCnm7KWzEdnwTYRAmhR-jiFEtOsuktG7yWO3f_hAkvZj6sNWVNm4OCqoCoFZo2RNhzVTVFuyrLXWmVhV5NDFEzYSZNQgd8GvrpqdQ5-G2mmOssiaPuGIBt2tE7rbj8Jx1pgvOtdZonybdOv0z95unVQqRJ4g0hJgRq5nal3JZPSVCRcBPzE1;adfibeg=0;cdata=ESoMWYiZI8k2DkF8LY58e5L2Y-rDVlTZrCGHKI0xk24f1abQAnM38LpK3o3GXdWrK9mEQGQcj9yMUWKK4VFt23tt2n4OwTFixfgN7wWhehOzIYW675trIK_fiuC7IRoZmbFHWzttLaYPUposxpxyhMOO_SeixY-H4RVeP0ucXr9PuDAuPMtxzA2;;CREFURL=http%3a%2f%2fjanuszspiewa.prv.pl%2f;C=1;cpdir=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.48.120.130 Hamburg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4.25 (Debian) / PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Resource Hash: 6adb150e973daa804a13a8869ef173ddebaefc42b118662d50e72d70c3e287ae

Request headers

Host: www.usemax.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://januszspiewa.prv.pl/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: last_visit=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://januszspiewa.prv.pl/

Response headers

Date: Wed, 21 Apr 2021 20:25:44 GMT
Server: Apache/2.4.25 (Debian)
X-Powered-By: PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1004
Keep-Alive: timeout=3, max=69
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 08BF 38 KB
14 KB 47ms
16ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://januszspiewa.prv.pl/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://januszspiewa.prv.pl/

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=150060
Expires: Fri, 23 Apr 2021 14:06:44 GMT
Date: Wed, 21 Apr 2021 20:25:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK AdDisplayTrackerServlet Show response
aktrack.pubmatic.com/AdServer/ Frame 7AA8 0
124 B 78ms
24ms Document
text/html 23.3.108.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156036&siteId=175140&adId=911840&adType=10&adServerId=243&kefact=0.200000&kaxefact=0.200000&kadNetFrequecy=0&kadwidth=160&kadheight=600&kadsizeid=10&kltstamp=1619036743&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.173172&dcId=3&tldId=33705808&passback=0&svr=BID22418U&adsver=_714195044&adsabzcid=0&ekefact=R4qAYPuMCwB3JOZgH5hFWKlPv1KBFmnCbZFFDQvwtdrpqlGY&ekaxefact=R4qAYAmNCwCUN5oDy8WORFQDSjxMMEvqQ_aGhVEsBiEVjOTH&ekpbmtpfact=R4qAYBWNCwA6XLCNXGiPCE5fJ-Nxy5p_19U_Qu1mclqNibCU&pfi=1&dc=AMS&pubBuyId=6299&crID=35871864&lpu=telekom.de&ucrid=14132061622174862984&campaignId=22924&creativeId=0&pctr=0.000000&wDSPByrId=1467&wDspId=391&wbId=2&wrId=1991536&wAdvID=2356&wDspCampId=1353694&isRTB=1&rtbId=1A8107B3-EBEF-42E0-A394-582BCDBD7195&imprId=F049CB7B-A612-46D6-85A7-4C230D24BA4E&oid=F049CB7B-A612-46D6-85A7-4C230D24BA4E&cntryId=58&domain=januszspiewa.prv.pl&pageURL=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&sec=1&pAuSt=3
Requested by: Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.3.108.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: aktrack.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://januszspiewa.prv.pl/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://januszspiewa.prv.pl/

Response headers

Content-Type: text/html
Content-Length: 0
Date: Wed, 21 Apr 2021 20:25:44 GMT
Connection: keep-alive

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:types/ Frame 7958 34 KB
15 KB 33ms
32ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f644111d79c25160befe025154fc7d8edb57ebcda35b0a2df2c413405a408d2b

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:44 GMT
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 09:15:30 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 22 Apr 2021 23:29:27 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 85A2 86 KB
37 KB 35ms
35ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8696cee86999f6d03320e995abc00d260687ca83684f05c6c212a47456fe629d

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:44 GMT
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 09:15:30 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 22 Apr 2021 23:13:16 GMT

GET
H2

200

/ Show response
track.adform.net/adfscript/ Frame F6DB
Redirect Chain

https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=30417981&partnerid=300627&page=http://www.awin1.com/awclick.php?mid=11430&id=300627&gid=361931&linkid=2417248&p=https%3A%2F%2Fw...
https://track.adform.net/adfscript/?bn=30417981;extVars=468753|1|affiliate%20postview;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=300627&b=1&no=...

2 KB
2 KB

30ms
29ms

Script
text/javascript

37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=30417981;extVars=468753|1|affiliate%20postview;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=300627&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=300627&gid=361931&linkid=2417248&p=https%3A%2F%2Fwww.usemax.de%2Fclick.php%3Fsp%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D35871864%3Bcrtbwp%3D0.173172%3Bcrtbdata%3Dqv4_SXKLksHq0a-tjvq4z_pVX_Q3T_3R6McBP4ZyGSMs50KmFkCjRIdXyCnm7KWzEdnwTYRAmhR-jiFEtOsuktG7yWO3f_hAkvZj6sNWVNm4OCqoCoFZo2RNhzVTVFuyrLXWmVhV5NDFEzYSZNQgd8GvrpqdQ5-G2mmOssiaPuGIBt2tE7rbj8Jx1pgvOtdZonybdOv0z95unVQqRJ4g0hJgRq5nal3JZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DESoMWYiZI8k2DkF8LY58e5L2Y-rDVlTZrCGHKI0xk24f1abQAnM38LpK3o3GXdWrK9mEQGQcj9yMUWKK4VFt23tt2n4OwTFixfgN7wWhehOzIYW675trIK_fiuC7IRoZmbFHWzttLaYPUposxpxyhMOO_SeixY-H4RVeP0ucXr9PuDAuPMtxzA2%3B%3BCREFURL%3Dhttp%3A%2F%2Fjanuszspiewa.prv.pl%2F%3BC%3D1%3Bcpdir%3Dhttps%253A%252F%252Fwww.usemax.de%252Fcm.php%253Fc%253D33601%2526w%253D99883%2526wf%253D827%2526a%253Dclick%2526subid%253D3974131%2526uc%253Dclear%2526sp%253D%255Bum_c%255DUSEMAXRDhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&clicktag=&tg=__ADFBANGROUP1__

Requested by

Host: www.usemax.de
URL: https://www.usemax.de/cm.php?w=99883&t=0&wf_h=600&wf_w=160&subid=3974131&rd=&ref=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&um_vars=0&iframe=1&campaign_o=33601&click_enc_enc=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D35871864%3Bcrtbwp%3D0.173172%3Bcrtbdata%3Dqv4_SXKLksHq0a-tjvq4z_pVX_Q3T_3R6McBP4ZyGSMs50KmFkCjRIdXyCnm7KWzEdnwTYRAmhR-jiFEtOsuktG7yWO3f_hAkvZj6sNWVNm4OCqoCoFZo2RNhzVTVFuyrLXWmVhV5NDFEzYSZNQgd8GvrpqdQ5-G2mmOssiaPuGIBt2tE7rbj8Jx1pgvOtdZonybdOv0z95unVQqRJ4g0hJgRq5nal3JZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DESoMWYiZI8k2DkF8LY58e5L2Y-rDVlTZrCGHKI0xk24f1abQAnM38LpK3o3GXdWrK9mEQGQcj9yMUWKK4VFt23tt2n4OwTFixfgN7wWhehOzIYW675trIK_fiuC7IRoZmbFHWzttLaYPUposxpxyhMOO_SeixY-H4RVeP0ucXr9PuDAuPMtxzA2%3B%3BCREFURL%3Dhttp%253a%252f%252fjanuszspiewa.prv.pl%252f%3BC%3D1%3Bcpdir%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

3505f6bd7e0e4d719b459e84c843fb11d32b55203329b05dcad2fac45554ad9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.usemax.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1502
expires: -1

Redirect headers

location: https://track.adform.net/adfscript/?bn=30417981;extVars=468753|1|affiliate%20postview;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=300627&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=300627&gid=361931&linkid=2417248&p=https%3A%2F%2Fwww.usemax.de%2Fclick.php%3Fsp%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D35871864%3Bcrtbwp%3D0.173172%3Bcrtbdata%3Dqv4_SXKLksHq0a-tjvq4z_pVX_Q3T_3R6McBP4ZyGSMs50KmFkCjRIdXyCnm7KWzEdnwTYRAmhR-jiFEtOsuktG7yWO3f_hAkvZj6sNWVNm4OCqoCoFZo2RNhzVTVFuyrLXWmVhV5NDFEzYSZNQgd8GvrpqdQ5-G2mmOssiaPuGIBt2tE7rbj8Jx1pgvOtdZonybdOv0z95unVQqRJ4g0hJgRq5nal3JZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DESoMWYiZI8k2DkF8LY58e5L2Y-rDVlTZrCGHKI0xk24f1abQAnM38LpK3o3GXdWrK9mEQGQcj9yMUWKK4VFt23tt2n4OwTFixfgN7wWhehOzIYW675trIK_fiuC7IRoZmbFHWzttLaYPUposxpxyhMOO_SeixY-H4RVeP0ucXr9PuDAuPMtxzA2%3B%3BCREFURL%3Dhttp%3A%2F%2Fjanuszspiewa.prv.pl%2F%3BC%3D1%3Bcpdir%3Dhttps%253A%252F%252Fwww.usemax.de%252Fcm.php%253Fc%253D33601%2526w%253D99883%2526wf%253D827%2526a%253Dclick%2526subid%253D3974131%2526uc%253Dclear%2526sp%253D%255Bum_c%255DUSEMAXRDhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&clicktag=&tg=__ADFBANGROUP1__
pragma: no-cache
date: Wed, 21 Apr 2021 20:25:44 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame F6DB 0
0 125ms
40ms Image
text/html 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.awin1.com/cshow.php?s=2417248&v=11430&q=361931&r=300627
Requested by: Host: www.usemax.de
URL: https://www.usemax.de/cm.php?w=99883&t=0&wf_h=600&wf_w=160&subid=3974131&rd=&ref=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&um_vars=0&iframe=1&campaign_o=33601&click_enc_enc=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D35871864%3Bcrtbwp%3D0.173172%3Bcrtbdata%3Dqv4_SXKLksHq0a-tjvq4z_pVX_Q3T_3R6McBP4ZyGSMs50KmFkCjRIdXyCnm7KWzEdnwTYRAmhR-jiFEtOsuktG7yWO3f_hAkvZj6sNWVNm4OCqoCoFZo2RNhzVTVFuyrLXWmVhV5NDFEzYSZNQgd8GvrpqdQ5-G2mmOssiaPuGIBt2tE7rbj8Jx1pgvOtdZonybdOv0z95unVQqRJ4g0hJgRq5nal3JZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DESoMWYiZI8k2DkF8LY58e5L2Y-rDVlTZrCGHKI0xk24f1abQAnM38LpK3o3GXdWrK9mEQGQcj9yMUWKK4VFt23tt2n4OwTFixfgN7wWhehOzIYW675trIK_fiuC7IRoZmbFHWzttLaYPUposxpxyhMOO_SeixY-H4RVeP0ucXr9PuDAuPMtxzA2%3B%3BCREFURL%3Dhttp%253a%252f%252fjanuszspiewa.prv.pl%252f%3BC%3D1%3Bcpdir%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-217.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.usemax.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 08BF 1 KB
2 KB 81ms
20ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=7917668&p=156036&s=175140&a=0&ptask=DSP&np=0&fp=1&mpc=6&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 09bf3ba1ecfc2d0c6835cace1dbdd94cf31c63f550043911a5dba06977dd6803

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:43 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 1178
Content-Type: text/html; charset=UTF-8

POST
H2 200 /
track.adform.net/csimpr/ Frame 85A2 35 B
472 B 28ms
27ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=45021679&csi=GeXAs6n_pnuUP3BMqy-5Uiynsa8F5e3-g_TgOlCVoZDrygPkIxxfk6dGhDfot75JCWNUB0LA-qg7QojK88JX7-LSFeXTyO4ccUAcIpDuM4RdkLGi25v7vJdGRIheRY6F6AiBYPTezh6qALnvVuiNQhPVe7ha_fYPU-sKe4YSHH4Ct53GBp5M_AO8_7rsP1jj0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:44 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://januszspiewa.prv.pl
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 44258969.gif
s1.adform.net/Banners/44258969/ Frame 85A2 45 KB
45 KB 31ms
30ms Image
image/gif 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/44258969/44258969.gif?bv=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6b2fa4204b8a396cd3e97d7d95e3ddafcdaa36fddee40c1d425a9f0d60e949bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:44 GMT
last-modified: Tue, 30 Mar 2021 14:04:37 GMT
server: nginx
etag: "60632ff5-b21c"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/gif
content-length: 45596

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/622/s1.adform.net/ Frame F6DB 35 KB
16 KB 32ms
32ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js
Requested by: Host: tracking.mlsat02.de
URL: https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=30417981&partnerid=300627&page=http://www.awin1.com/awclick.php?mid=11430&id=300627&gid=361931&linkid=2417248&p=https%3A%2F%2Fwww.usemax.de%2Fclick.php%3Fsp%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D35871864%3Bcrtbwp%3D0.173172%3Bcrtbdata%3Dqv4_SXKLksHq0a-tjvq4z_pVX_Q3T_3R6McBP4ZyGSMs50KmFkCjRIdXyCnm7KWzEdnwTYRAmhR-jiFEtOsuktG7yWO3f_hAkvZj6sNWVNm4OCqoCoFZo2RNhzVTVFuyrLXWmVhV5NDFEzYSZNQgd8GvrpqdQ5-G2mmOssiaPuGIBt2tE7rbj8Jx1pgvOtdZonybdOv0z95unVQqRJ4g0hJgRq5nal3JZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DESoMWYiZI8k2DkF8LY58e5L2Y-rDVlTZrCGHKI0xk24f1abQAnM38LpK3o3GXdWrK9mEQGQcj9yMUWKK4VFt23tt2n4OwTFixfgN7wWhehOzIYW675trIK_fiuC7IRoZmbFHWzttLaYPUposxpxyhMOO_SeixY-H4RVeP0ucXr9PuDAuPMtxzA2%3B%3BCREFURL%3Dhttp%3A%2F%2Fjanuszspiewa.prv.pl%2F%3BC%3D1%3Bcpdir%3Dhttps%253A%252F%252Fwww.usemax.de%252Fcm.php%253Fc%253D33601%2526w%253D99883%2526wf%253D827%2526a%253Dclick%2526subid%253D3974131%2526uc%253Dclear%2526sp%253D%255Bum_c%255DUSEMAXRDhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&clicktag=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2a7a5a103d7d2d395f95fabbcbce1e975df8fee2226795a2a9880d99a3cf6cbe

Request headers

Referer: https://www.usemax.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:44 GMT
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 09:15:30 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 23 Apr 2021 00:11:03 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 88ms
42ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8784a48c045389e40ff3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:44 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Thu, 22 Apr 2021 20:25:44 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame F6DB 13 KB
4 KB 30ms
30ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=30417981;extVars=468753|1|affiliate%20postview;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=300627&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=300627&gid=361931&linkid=2417248&p=https%3A%2F%2Fwww.usemax.de%2Fclick.php%3Fsp%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D35871864%3Bcrtbwp%3D0.173172%3Bcrtbdata%3Dqv4_SXKLksHq0a-tjvq4z_pVX_Q3T_3R6McBP4ZyGSMs50KmFkCjRIdXyCnm7KWzEdnwTYRAmhR-jiFEtOsuktG7yWO3f_hAkvZj6sNWVNm4OCqoCoFZo2RNhzVTVFuyrLXWmVhV5NDFEzYSZNQgd8GvrpqdQ5-G2mmOssiaPuGIBt2tE7rbj8Jx1pgvOtdZonybdOv0z95unVQqRJ4g0hJgRq5nal3JZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DESoMWYiZI8k2DkF8LY58e5L2Y-rDVlTZrCGHKI0xk24f1abQAnM38LpK3o3GXdWrK9mEQGQcj9yMUWKK4VFt23tt2n4OwTFixfgN7wWhehOzIYW675trIK_fiuC7IRoZmbFHWzttLaYPUposxpxyhMOO_SeixY-H4RVeP0ucXr9PuDAuPMtxzA2%3B%3BCREFURL%3Dhttp%3A%2F%2Fjanuszspiewa.prv.pl%2F%3BC%3D1%3Bcpdir%3Dhttps%253A%252F%252Fwww.usemax.de%252Fcm.php%253Fc%253D33601%2526w%253D99883%2526wf%253D827%2526a%253Dclick%2526subid%253D3974131%2526uc%253Dclear%2526sp%253D%255Bum_c%255DUSEMAXRDhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&clicktag=&tg=__ADFBANGROUP1__;js=1;adfxid=1x;3467;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=http%3A%2F%2Fjanuszspiewa.prv.pl

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

dfe27297d880df8f959e485da2211930ba8a2ebaa15a843ecf6317926e992ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.usemax.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3805
expires: -1

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 0894 43 B
304 B 71ms
24ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Wed, 21 Apr 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1557
date: Wed, 21 Apr 2021 20:25:43 GMT
content-length: 43

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 08BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzM3OTA3ODAtOTRGRC00QUExLUIyQTQtNDUwQTU0Q0E4ODI1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzM3OTA3ODAtOTRGRC00QUExLUIyQTQtNDUwQTU0Q0E4ODI1&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

80ms
20ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:44 GMT
X-lat: lhrpug012:0:386
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 08BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENhJjGQtDCQ0OcptORbv4v4&google_cver=1

42 B
855 B

102ms
21ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENhJjGQtDCQ0OcptORbv4v4&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:44 GMT
X-lat: lhrpug010:0:499
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENhJjGQtDCQ0OcptORbv4v4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 08BF 43 B
609 B 63ms
18ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:44 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 20 Apr 2021 20:25:44 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 08BF
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d7829b2e-5c27-423c-a880-b87921149135

42 B
882 B

25ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d7829b2e-5c27-423c-a880-b87921149135
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:44 GMT
X-lat: lhrpug010:0:469
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:44 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d7829b2e-5c27-423c-a880-b87921149135
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 08BF
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=340566514271255656

42 B
799 B

87ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=340566514271255656
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:44 GMT
X-lat: lhrpug008:0:307
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:44 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=340566514271255656
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK 908cbadb724971cc9012ced767276cc8
aaa.artefact.com/trck/eview/ Frame F6DB 0
1 KB 106ms
52ms Image
text/html 51.68.117.182
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=300627&b=1&no=1&ctid=44287814&tg=Triple%20Play&ckurl=1
Requested by: Host: www.usemax.de
URL: https://www.usemax.de/cm.php?w=99883&t=0&wf_h=600&wf_w=160&subid=3974131&rd=&ref=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&um_vars=0&iframe=1&campaign_o=33601&click_enc_enc=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D35871864%3Bcrtbwp%3D0.173172%3Bcrtbdata%3Dqv4_SXKLksHq0a-tjvq4z_pVX_Q3T_3R6McBP4ZyGSMs50KmFkCjRIdXyCnm7KWzEdnwTYRAmhR-jiFEtOsuktG7yWO3f_hAkvZj6sNWVNm4OCqoCoFZo2RNhzVTVFuyrLXWmVhV5NDFEzYSZNQgd8GvrpqdQ5-G2mmOssiaPuGIBt2tE7rbj8Jx1pgvOtdZonybdOv0z95unVQqRJ4g0hJgRq5nal3JZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DESoMWYiZI8k2DkF8LY58e5L2Y-rDVlTZrCGHKI0xk24f1abQAnM38LpK3o3GXdWrK9mEQGQcj9yMUWKK4VFt23tt2n4OwTFixfgN7wWhehOzIYW675trIK_fiuC7IRoZmbFHWzttLaYPUposxpxyhMOO_SeixY-H4RVeP0ucXr9PuDAuPMtxzA2%3B%3BCREFURL%3Dhttp%253a%252f%252fjanuszspiewa.prv.pl%252f%3BC%3D1%3Bcpdir%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.117.182 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.usemax.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 20:25:44 GMT
Server: nginx
X-IPLB-Request-ID: 59F940CB:1944_334475B6:01BB_60808A48_3D097B8:151AC
X-IPLB-Instance: 36559
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Keep-Alive: timeout=20
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

503
Service Unavailable

view.php Show response
ebs08.telekom.de/affiliates/ Frame 28ED
Redirect Chain

https://www.awin1.com/cshow.php?s=2419055&v=11430&q=366416&r=300627
https://creative.mlsat02.de/telekom/aff/ads_media.php?b=1&pvfn=1&dlid=2055&partnerid=300627&zanpid=11430_300627_1619036744_&cachebuster=1619036744&awv=11430_300627_1619036744_
https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-MzM0MzExNDQ7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfMzAwNjI3XzE2MTkwMzY3NDRfOw..&target=https%3A%2F%2Ftracking.mlsat02...

405 B
719 B

348ms
33ms

Document
text/html

80.158.66.20
SCZN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-MzM0MzExNDQ7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfMzAwNjI3XzE2MTkwMzY3NDRfOw..&target=https%3A%2F%2Ftracking.mlsat02.de%2Fonepixel.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.158.66.20 , Germany, ASN34086 (SCZN-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

c6100c279b023a4252d806603fc8e1001632c04b410e0392ab4a44d48fccce5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;

Request headers

Host: ebs08.telekom.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.usemax.de/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.usemax.de/

Response headers

Date: Wed, 21 Apr 2021 20:25:45 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Last-Modified: Mon, 11 May 2020 08:34:08 GMT
ETag: "195-5a55b35e98712"
Accept-Ranges: bytes
Content-Length: 405
Connection: close
Content-Type: text/html

Redirect headers

server: nginx
date: Wed, 21 Apr 2021 20:25:44 GMT
content-type: text/html; charset=UTF-8
location: https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-MzM0MzExNDQ7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfMzAwNjI3XzE2MTkwMzY3NDRfOw..&target=https%3A%2F%2Ftracking.mlsat02.de%2Fonepixel.gif
set-cookie: PHPSESSID=oijmfntuv58klsdrgcqov1kj11; path=/ ADMSESSID=e79854d25eabd76bdcb31e1de0f1ecb511d8e58d; path=/ trs=33431144%3B908cbadb724971cc9012ced767276cc8%3B11430_300627_1619036744_%3B; expires=Sun, 20-Jun-2021 20:25:44 GMT; Max-Age=5184000; path=/; samesite=none; domain=creative.mlsat02.de; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6C11 0
150 B 23ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=januszspiewa.prv.pl

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=januszspiewa.prv.pl
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://januszspiewa.prv.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://januszspiewa.prv.pl/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1944
date: Wed, 21 Apr 2021 20:25:44 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 67ms
24ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:44 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Thu, 22 Apr 2021 20:25:44 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame F6DB 90 KB
39 KB 34ms
34ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0537669aaa954e27dbb5ed8201e1369547377a96106027ed3bb356048665f672

Request headers

Referer: https://www.usemax.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:44 GMT
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 09:15:30 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 22 Apr 2021 23:17:25 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame F6DB 35 B
468 B 29ms
28ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=30417981&csi=dSMA1vYEWIZ6CzJEJVQnRfaTMg5VMEKZ_VdqSLjR5wwJDwKV3Zer3KdGhDfot75JL1vfXnzUmO4g9JaWyjySod6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.usemax.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:44 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.usemax.de
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 9467975.js Show response
s1.adform.net/Banners/Elements/Files/14736/9467975/ Frame 0DFC 31 KB
11 KB 29ms
28ms Script
application/x-javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/14736/9467975/9467975.js?ADFassetID=9467975&bv=514

Requested by

Host: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0e94bb95c21c72001b89d539919cff37bb8c5286b25da19c808a1e0cebb0deb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.usemax.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:44 GMT
content-encoding: gzip
last-modified: Wed, 31 Mar 2021 11:45:32 GMT
server: nginx
etag: W/"606460dc-7b0a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 0DFC 30 KB
13 KB 29ms
29ms Script
application/x-javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=622
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: d3759299ce00e3bac2782faf02d6f1962e5c88b04e9682224f5852d0c86b6480

Request headers

Referer: https://www.usemax.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:44 GMT
content-encoding: gzip
last-modified: Mon, 12 Oct 2020 12:12:05 GMT
server: nginx
etag: W/"5f844815-78ab"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 receiver.png
s1.adform.net/Banners/Elements/Files/14736/9467975/bvpath_514/ Frame 0DFC 6 KB
6 KB 30ms
29ms Image
image/png 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/14736/9467975/bvpath_514/receiver.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

34cfd6050edc69991e2c4b39e966a35820ea1b87e7da4caf8a66913ce3a5fb7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.usemax.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:44 GMT
last-modified: Wed, 31 Mar 2021 11:45:32 GMT
server: nginx
etag: "606460dc-162c"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 5676

GET
H2 200 tv.png
s1.adform.net/Banners/Elements/Files/14736/9467975/bvpath_514/ Frame 0DFC 19 KB
19 KB 33ms
33ms Image
image/png 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/14736/9467975/bvpath_514/tv.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9fe1cb7ac6b2f6d212aa8dc054a30f1cfe311b8ba8a4b532fa64f14f1f4799aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.usemax.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:44 GMT
last-modified: Wed, 31 Mar 2021 11:45:32 GMT
server: nginx
etag: "606460dc-4bd3"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 19411

GET
H/1.1 200
OK TeleNeoWeb-ExtraBold.woff
rechtstexte.s3.amazonaws.com/files/TeleNeo/ Frame 0DFC 43 KB
43 KB 132ms
43ms Font
application/font-woff 52.218.101.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rechtstexte.s3.amazonaws.com/files/TeleNeo/TeleNeoWeb-ExtraBold.woff
Requested by: Host: www.usemax.de
URL: https://www.usemax.de/cm.php?w=99883&t=0&wf_h=600&wf_w=160&subid=3974131&rd=&ref=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&um_vars=0&iframe=1&campaign_o=33601&click_enc_enc=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D35871864%3Bcrtbwp%3D0.173172%3Bcrtbdata%3Dqv4_SXKLksHq0a-tjvq4z_pVX_Q3T_3R6McBP4ZyGSMs50KmFkCjRIdXyCnm7KWzEdnwTYRAmhR-jiFEtOsuktG7yWO3f_hAkvZj6sNWVNm4OCqoCoFZo2RNhzVTVFuyrLXWmVhV5NDFEzYSZNQgd8GvrpqdQ5-G2mmOssiaPuGIBt2tE7rbj8Jx1pgvOtdZonybdOv0z95unVQqRJ4g0hJgRq5nal3JZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DESoMWYiZI8k2DkF8LY58e5L2Y-rDVlTZrCGHKI0xk24f1abQAnM38LpK3o3GXdWrK9mEQGQcj9yMUWKK4VFt23tt2n4OwTFixfgN7wWhehOzIYW675trIK_fiuC7IRoZmbFHWzttLaYPUposxpxyhMOO_SeixY-H4RVeP0ucXr9PuDAuPMtxzA2%3B%3BCREFURL%3Dhttp%253a%252f%252fjanuszspiewa.prv.pl%252f%3BC%3D1%3Bcpdir%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.101.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 287f314b8fb0641d8cc175a81e55f99fd27cd504babb7f9e03d86782ec12a4f9

Request headers

Origin: https://www.usemax.de
Referer: https://www.usemax.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:45 GMT
Last-Modified: Thu, 18 Jun 2020 07:55:49 GMT
Server: AmazonS3
x-amz-request-id: HMBEN82BWZ8CSYAX
ETag: "d7f0b1ef39025154e8517b4aa705d0bc"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43544
x-amz-id-2: a02hbQXXgjyvvjWKbG+wAwgGtIQDm7psHQTfdKux3eh7yzp0yszmEtWE6SLk82D7csXMNgIoTTY=

GET
H/1.1 200
OK TeleNeoWeb-Regular.woff
rechtstexte.s3.amazonaws.com/files/TeleNeo/ Frame 0DFC 42 KB
43 KB 132ms
43ms Font
application/font-woff 52.218.101.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rechtstexte.s3.amazonaws.com/files/TeleNeo/TeleNeoWeb-Regular.woff
Requested by: Host: www.usemax.de
URL: https://www.usemax.de/cm.php?w=99883&t=0&wf_h=600&wf_w=160&subid=3974131&rd=&ref=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&um_vars=0&iframe=1&campaign_o=33601&click_enc_enc=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D35871864%3Bcrtbwp%3D0.173172%3Bcrtbdata%3Dqv4_SXKLksHq0a-tjvq4z_pVX_Q3T_3R6McBP4ZyGSMs50KmFkCjRIdXyCnm7KWzEdnwTYRAmhR-jiFEtOsuktG7yWO3f_hAkvZj6sNWVNm4OCqoCoFZo2RNhzVTVFuyrLXWmVhV5NDFEzYSZNQgd8GvrpqdQ5-G2mmOssiaPuGIBt2tE7rbj8Jx1pgvOtdZonybdOv0z95unVQqRJ4g0hJgRq5nal3JZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DESoMWYiZI8k2DkF8LY58e5L2Y-rDVlTZrCGHKI0xk24f1abQAnM38LpK3o3GXdWrK9mEQGQcj9yMUWKK4VFt23tt2n4OwTFixfgN7wWhehOzIYW675trIK_fiuC7IRoZmbFHWzttLaYPUposxpxyhMOO_SeixY-H4RVeP0ucXr9PuDAuPMtxzA2%3B%3BCREFURL%3Dhttp%253a%252f%252fjanuszspiewa.prv.pl%252f%3BC%3D1%3Bcpdir%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.101.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d25a37b3070f33f86862bce97206a8f3f403e23ba39c7c8cd8c2f96266f19f03

Request headers

Origin: https://www.usemax.de
Referer: https://www.usemax.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:45 GMT
Last-Modified: Thu, 18 Jun 2020 07:55:53 GMT
Server: AmazonS3
x-amz-request-id: HMB5MZZ8SAECA47Q
ETag: "41b43bece8523c4d26acc3b30d11019f"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43468
x-amz-id-2: N4k9OhzLbsLRN2z+hxVwaKmR1qznU645Bg7Yt7KOycICLlPXxnon3Surl28IuIGBfG2VKcdWupM=

POST
H2 200 /
track.adform.net/serving/unload/ Frame 7958 35 B
463 B 31ms
31ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=2102328996339532325@@35871864,6915773840713603454,100|1100|0|0|0|0|0|0|0||55|0|84|1A8107B3-EBEF-42E0-A394-582BCDBD7195_1|||1|0|0|DiAu8Aimy-KzIYW675trIK_fiuC7IRoZmbFHWzttLaYPUposxpxyhMOO_SeixY-H4RVeP0ucXr9o4kOyoBiwbg2|||11|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:45 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://januszspiewa.prv.pl
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 85A2 35 B
472 B 29ms
29ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=9XpbVB6gw5J5yLGam5Qtx-5GAtnITMQvSE9tjMCFOCSDTgOGdHOi3JehgEEUUV_WCrFG8zpTYK7hd0yWIw4iWG5C4BBeX1DKnZeiWequW40lZIM639hsANR6UpLDRpufsDBL8qKa1RiLVQTF9LaaV_9E6ii9Lj56UKwoVy28tXfcZKwUHVFPPg2&unload=340566514271255656@@45021679,4966235289849348928,100|1200|0|0|0|0|0|0|0||60|0|589|a51a7297ec9f47089695bd18f4e1cbb3-1-589_0b379a6e3c6948ab9922502f5d99f2f7|||1|0|0|re_d2TrFzRlWgnf2ewtpCcamMbFFK3ZOINE7e5cbTYtPB4zhE6hKgSjivaaU6enIGk-HNGyCNOQ8x-C_srivypViHDhCJ7HN1xfGpIPUctxopMGed9x84fMYsnoYAyMWZQXoWo438XnhFV4_S5xev2jiQ7KgGLBu0|6UKz9PN8HS142u1ywTJ-2om2wRyy1gce3X8Tu6XlsmYblZiIXeiH45G4dWAZeGGw7-ItQUX26WQOQaoW9LGqOqxsidzrXduDQdiOsEljuKhqyUYVqQPz9EB1kEb32rqWKMwZJ9uzlXQwsWEsnnPHYYvnj-ALKl4ez0kIEo362VqiuQ8Zp4vrxwFn_yLVCW9QuHZKearjb4nC8IjRrXi9Sg2||11|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:46 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://januszspiewa.prv.pl
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 85A2 35 B
472 B 28ms
28ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=340566514271255656@@45021679,4966235289849348928,100|1200|0|0|0|0|0|0|0||60|0|589|a51a7297ec9f47089695bd18f4e1cbb3-1-589_0b379a6e3c6948ab9922502f5d99f2f7|||1|0|0|re_d2TrFzRlWgnf2ewtpCcamMbFFK3ZOINE7e5cbTYtPB4zhE6hKgSjivaaU6enIGk-HNGyCNOQ8x-C_srivypViHDhCJ7HN1xfGpIPUctxopMGed9x84fMYsnoYAyMWZQXoWo438XnhFV4_S5xev2jiQ7KgGLBu0|6UKz9PN8HS142u1ywTJ-2om2wRyy1gce3X8Tu6XlsmYblZiIXeiH45G4dWAZeGGw7-ItQUX26WQOQaoW9LGqOqxsidzrXduDQdiOsEljuKhqyUYVqQPz9EB1kEb32rqWKMwZJ9uzlXQwsWEsnnPHYYvnj-ALKl4ez0kIEo362VqiuQ8Zp4vrxwFn_yLVCW9QuHZKearjb4nC8IjRrXi9Sg2||01|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:46 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://januszspiewa.prv.pl
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/Serving/Event/ Frame 85A2 35 B
294 B 29ms
29ms Image
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/Event/?bn=45021679&event=178&time=2&baid=44258969&name=Viewable%20impressions&imprid=4966235289849348928&icid=340566514271255656&eData=GeXAs6n_pntyB7zEvbaKyiFIYnKJb6484fn4X_ACi5jkJNeGJGX6ddBEDUMIFev9GLplFYaEenogfQuHuRVUBSTvO_Fq2i9m7c-hTGBItxmSjMndd-H0XQRTVoJPpJgXYzPxXiHhkbw6_DS0KoxH_vCnuSMjUhsQM_EG65miY0k1&adxvars=6UKz9PN8HS142u1ywTJ-2om2wRyy1gce3X8Tu6XlsmYblZiIXeiH45G4dWAZeGGw7-ItQUX26WQOQaoW9LGqOqxsidzrXduDQdiOsEljuKhqyUYVqQPz9EB1kEb32rqWKMwZJ9uzlXQwsWEsnnPHYYvnj-ALKl4ez0kIEo362VqiuQ8Zp4vrxwFn_yLVCW9QuHZKearjb4nC8IjRrXi9Sg2&rtbdata=dXdMGxpDTSTKtDjOSjMOyQlAkxx7eV9fdH1sTssKcN2lyUV6egrjI1iUvI3qLTOGKMwZJ9uzlXQwsWEsnnPHYYvnj-ALKl4efrKtRFTZ4jL6MRflRfo-ap3K1TPVhTUNnwnCre4Zgn885T6KfIbG6U9_GGRSLoCpgTKg2KSceCK5A-hS4CSjibJxYiOvA0g6Qbfc4QmQQz1bjM_ACf0GpFuSOpMYV0JJQC2n6z-NKiUb1e3OZG6TQaPfEVvpSB9twDD2dX5Wk4Jr9J0xTVWEHUfoGngp_zqZXhQRTKv3aAn8UcluC-I_uMCSW04gY7MBuVjCKAgTY901&rtbwp=jBGkJuzGaz68O6DqB5FI-KzboUFQG3yp0&rnd=771321393

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:46 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 85A2 35 B
491 B 28ms
28ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1619036746203

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:46 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: http://januszspiewa.prv.pl
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame F6DB 35 B
459 B 31ms
31ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=340566514271255656@@30417981,5548704435069587289,100|1200|0|0|0|0|0|0|0||60|1|||||1|0|0|5Idc3j5dy17xBx_RTJEBJ8amMbFFK3ZONcjenufsFLsMtYD6RSsZtIm3nyX34Xgm0|||11|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.usemax.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:46 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.usemax.de
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame 08BF 0
418 B 72ms
15ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156036&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:45 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 51A7 281 B
554 B 65ms
25ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8784a48c045389e40ff3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://januszspiewa.prv.pl/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://januszspiewa.prv.pl/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 21 Apr 2021 20:25:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

sspmatch-iframe Show response
ads.betweendigital.com/ Frame 40D7
Redirect Chain

https://ads.betweendigital.com/sspmatch-iframe
https://ads.betweendigital.com/sspmatch-iframe?crf=1

658 B
750 B

17ms
17ms

Document
text/html

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8784a48c045389e40ff3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 63dd6be483a96f43f168e123984a9b7c8b1755192ef6a324e60c55dede4f84c0

Request headers

:method: GET
:authority: ads.betweendigital.com
:scheme: https
:path: /sspmatch-iframe?crf=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://januszspiewa.prv.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: dc=lux1; tuuid=f36a224e-f6bb-526f-aea8-fc7ece287633; ut=YICKTQADCVg-X7EjcTD_D-MH0MSWETNbedtW6Q==; ss=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://januszspiewa.prv.pl/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 658

Redirect headers

location: /sspmatch-iframe?crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=315360000; Expires=Sat, 19 Apr 2031 20:25:49 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure tuuid=f36a224e-f6bb-526f-aea8-fc7ece287633; Max-Age=315360000; Expires=Sat, 19 Apr 2031 20:25:49 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ut=YICKTQADCVg-X7EjcTD_D-MH0MSWETNbedtW6Q==; Max-Age=315360000; Expires=Sat, 19 Apr 2031 20:25:49 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ss=1; Max-Age=315360000; Expires=Sat, 19 Apr 2031 20:25:49 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure
content-length: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame DE84 52 KB
17 KB 100ms
30ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8784a48c045389e40ff3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://januszspiewa.prv.pl/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://januszspiewa.prv.pl/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sat, 17 Apr 2021 04:57:33 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 21 Apr 2021 20:25:49 GMT
Age: 55687
X-Served-By: cache-lga21957-LGA, cache-hhn4030-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 993231
X-Timer: S1619036749.270053,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 218D 38 KB
14 KB 16ms
16ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8784a48c045389e40ff3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://januszspiewa.prv.pl/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://januszspiewa.prv.pl/

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=150055
Expires: Fri, 23 Apr 2021 14:06:44 GMT
Date: Wed, 21 Apr 2021 20:25:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 218D 6 KB
7 KB 22ms
22ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=59946754&p=156036&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1b5b5d6cc9fa182ad58e568dd9a8095f6b9e07e32134bdc4176e74285c771252

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:48 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

match
ads.betweendigital.com/ Frame 40D7
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=between
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=10a6a141-53b2-4ec6-9cf3-cf9fe02e831d&ssp=between
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=fe446982-4e76-4012-a960-6d4596935b88

68 B
159 B

17ms
17ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=fe446982-4e76-4012-a960-6d4596935b88
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=fe446982-4e76-4012-a960-6d4596935b88
date: Wed, 21 Apr 2021 20:25:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 40D7
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=6IwBbg9sXhP.AikABlF49hw-Ow

68 B
159 B

20ms
19ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=6IwBbg9sXhP.AikABlF49hw-Ow
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:49 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f4-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=6IwBbg9sXhP.AikABlF49hw-Ow
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 40D7
Redirect Chain

https://sync.bumlam.com/?src=bw1&uid=f36a224e-f6bb-526f-aea8-fc7ece287633
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjNlIKEBlIFvp7KygpiJGYzNmEyMjRlLWY2YmItNTI2Zi1hZWE4LWZjN2VjZTI4NzYzMw**
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjNlIKEBlIFvp7KygpiJGYzNmEyMjRlLWY2YmItNTI2Zi1hZWE4LWZjN2VjZTI4NzYzM6IBEMLC4fai3xHrilMMxHptL-8*
https://sync.bumlam.com/?src=bw1&s_data=CAIQABjNlIKEBmIkZjM2YTIyNGUtZjZiYi01MjZmLWFlYTgtZmM3ZWNlMjg3NjMzogEQwsLh9qLfEeuKUwzEem0v7w**
https://sync.bumlam.com/?src=bw1&s_data=CAIQARjNlIKEBmIkZjM2YTIyNGUtZjZiYi01MjZmLWFlYTgtZmM3ZWNlMjg3NjMzogEQwsLh9qLfEeuKUwzEem0v7w**
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=c2c2e1f6-a2df-11eb-8a53-0cc47a6d2fef

68 B
159 B

18ms
17ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=c2c2e1f6-a2df-11eb-8a53-0cc47a6d2fef
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //ads.betweendigital.com/match?bidder_id=18&external_user_id=c2c2e1f6-a2df-11eb-8a53-0cc47a6d2fef
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 40D7
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=c06bd1910ea9ca9687af21f7

68 B
159 B

59ms
58ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=c06bd1910ea9ca9687af21f7
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
Server: nginx
Location: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=c06bd1910ea9ca9687af21f7
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame 19B6 4 KB
1 KB 47ms
13ms Document
text/html 151.236.71.146
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=f36a224e-f6bb-526f-aea8-fc7ece287633&CACHEBUSTER=581118
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.146 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: a1c68fd2bd2ee4b4f547e60af04ee988f48aade799a957f6c82720b347620ad7

Request headers

:method: GET
:authority: cache.betweendigital.com
:scheme: https
:path: /code/bidder_18.html?USER_ID=f36a224e-f6bb-526f-aea8-fc7ece287633&CACHEBUSTER=581118
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.betweendigital.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: dc=lux1; tuuid=f36a224e-f6bb-526f-aea8-fc7ece287633; ut=YICKTQADCVg-X7EjcTD_D-MH0MSWETNbedtW6Q==; ss=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.betweendigital.com/

Response headers

server: nginx
date: Wed, 21 Apr 2021 20:25:49 GMT
content-type: text/html
last-modified: Fri, 22 Jan 2021 13:30:11 GMT
etag: W/"600ad363-1003"
content-encoding: gzip

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 218D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOnKImXqmpOqqgLZ4kHOZnI&google_cver=1

42 B
855 B

21ms
21ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOnKImXqmpOqqgLZ4kHOZnI&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
X-lat: lhrpug010:0:746
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOnKImXqmpOqqgLZ4kHOZnI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 218D 43 B
609 B 18ms
18ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 20 Apr 2021 20:25:49 GMT

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 7A99 43 B
304 B 24ms
23ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Wed, 21 Apr 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1178
date: Wed, 21 Apr 2021 20:25:48 GMT
content-length: 43

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 218D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8e18ec1f-77db-41f6-84b4-fb3284f7ae47

42 B
882 B

49ms
20ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8e18ec1f-77db-41f6-84b4-fb3284f7ae47
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
X-lat: lhrpug001:0:430
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:49 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8e18ec1f-77db-41f6-84b4-fb3284f7ae47
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 218D
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4503138501922225968

42 B
801 B

29ms
21ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4503138501922225968
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
X-lat: lhrpug010:0:464
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:49 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4503138501922225968
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 3AA6
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1608670524759528914

42 B
769 B

22ms
21ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1608670524759528914
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=39DC3637-B81F-44A6-9C28-B1AAED155E64; chkChromeAb67Sec=1; DPSync3=1620172800%3A201_227_226_221; SyncRTB3=1620172800%3A222_78_13_81_176_220_71_88_166_56_8_165_230_231_21_22_189_7_161_3_54_55_204%7C1619568000%3A15_67_223_2%7C1621555200%3A203%7C1620259200%3A35%7C1619827200%3A63; PUBMDCID=3; KRTBCOOKIE_1101=23040-6953709887984564371; PugT=1619036749; KRTBCOOKIE_409=22966-yCOb3KhmYxWnpmRaSTKDWrjJ; KRTBCOOKIE_80=16514-CAESEOnKImXqmpOqqgLZ4kHOZnI&KRTB&22987-CAESEOnKImXqmpOqqgLZ4kHOZnI&KRTB&23025-CAESEOnKImXqmpOqqgLZ4kHOZnI; KRTBCOOKIE_391=22924-4503138501922225968&KRTB&23263-4503138501922225968; KRTBCOOKIE_377=6810-8e18ec1f-77db-41f6-84b4-fb3284f7ae47&KRTB&22918-8e18ec1f-77db-41f6-84b4-fb3284f7ae47&KRTB&23031-8e18ec1f-77db-41f6-84b4-fb3284f7ae47; KRTBCOOKIE_27=16735-uid:fb186080-8a4c-4600-af50-0240b7a09d57&KRTB&16736-uid:fb186080-8a4c-4600-af50-0240b7a09d57&KRTB&23019-uid:fb186080-8a4c-4600-af50-0240b7a09d57&KRTB&23114-uid:fb186080-8a4c-4600-af50-0240b7a09d57; KRTBCOOKIE_153=1923-cuyh7Hy9rbhp6aG-J7i073Tl_epp66q4IeuqVOhy&KRTB&19420-cuyh7Hy9rbhp6aG-J7i073Tl_epp66q4IeuqVOhy&KRTB&22979-cuyh7Hy9rbhp6aG-J7i073Tl_epp66q4IeuqVOhy; KRTBCOOKIE_22=14911-2350995209000641933
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Wed, 21 Apr 2021 20:25:49 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-1608670524759528914; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 21-May-2021 20:25:49 GMT; path=/ PugT=1619036749; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 21-May-2021 20:25:49 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 20-Jul-2021 20:25:49 GMT; path=/
X-lat: lhrpug015:0:487
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1608670524759528914
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1B4A
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6953709887984564371

42 B
771 B

21ms
21ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6953709887984564371
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=39DC3637-B81F-44A6-9C28-B1AAED155E64; chkChromeAb67Sec=1; DPSync3=1620172800%3A201_227_226_221; SyncRTB3=1620172800%3A222_78_13_81_176_220_71_88_166_56_8_165_230_231_21_22_189_7_161_3_54_55_204%7C1619568000%3A15_67_223_2%7C1621555200%3A203%7C1620259200%3A35%7C1619827200%3A63; PUBMDCID=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Wed, 21 Apr 2021 20:25:49 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_1101=23040-6953709887984564371; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 21-May-2021 20:25:49 GMT; path=/ PugT=1619036749; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 21-May-2021 20:25:49 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 20-Jul-2021 20:25:49 GMT; path=/
X-lat: lhrpug001:0:442
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Wed, 21 Apr 2021 20:25:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6953709887984564371; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6953709887984564371

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame 80E4
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDUUMwN0JBUlVBQURTRnNYNmRhQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

28ms
27ms

Document
image/gif

54.171.41.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.41.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-41-106.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bito=AACQC07BARUAADSFsX6daA; bitoIsSecure=ok
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Wed, 21 Apr 2021 20:25:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Wed, 21 Apr 2021 20:25:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 7BCB
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=yCOb3KhmYxWnpmRaSTKDWrjJ

42 B
776 B

21ms
21ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=yCOb3KhmYxWnpmRaSTKDWrjJ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=39DC3637-B81F-44A6-9C28-B1AAED155E64; chkChromeAb67Sec=1; DPSync3=1620172800%3A201_227_226_221; SyncRTB3=1620172800%3A222_78_13_81_176_220_71_88_166_56_8_165_230_231_21_22_189_7_161_3_54_55_204%7C1619568000%3A15_67_223_2%7C1621555200%3A203%7C1620259200%3A35%7C1619827200%3A63; PUBMDCID=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Wed, 21 Apr 2021 20:25:49 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_409=22966-yCOb3KhmYxWnpmRaSTKDWrjJ; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 21-May-2021 20:25:49 GMT; path=/ PugT=1619036749; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 21-May-2021 20:25:49 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 20-Jul-2021 20:25:49 GMT; path=/
X-lat: lhrpug002:0:1319
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: openresty
date: Wed, 21 Apr 2021 20:25:49 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=yCOb3KhmYxWnpmRaSTKDWrjJ; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=yCOb3KhmYxWnpmRaSTKDWrjJ
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 4905 43 B
408 B 50ms
15ms Document
image/gif 173.231.181.122
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-3
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame BAB9 42 B
1 KB 47ms
18ms Document
image/gif 2606:4700:3039::6815:c02e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c02e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 21 Apr 2021 20:25:49 GMT
content-type: image/gif
content-length: 42
set-cookie: __cfduid=d314b6a4c30ed605dfc5f3b3c5097c9311619036749; expires=Fri, 21-May-21 20:25:49 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7d3s
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0997b555e20000dfd76e08b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 643958030c76dfd7-FRA

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 96C0
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
441 B

172ms
171ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aXnoeUOZb3VxUEjUGuk9ZdZddTUnZdVrahsW91R2VqwS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 21 Apr 2021 20:25:49 GMT
content-type: image/gif; charset=utf-8
content-length: 43
set-cookie: __cfduid=d1f912c4fae668aeadb3dacc620ab2c111619036749; expires=Fri, 21-May-21 20:25:49 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aVnseFpyXagbqiVREFmvpZcFGUS2fEec8VdYVywfcZciJV36NUZbsZccKap2DegNulxmR73RjyULku1WJ9PR26LL; path=/; domain=.tribalfusion.com; expires=Tue, 20-Jul-2021 20:25:49 GMT; SameSite=None; Secure; ANON_ID_old=aVnseFpyXagbqiVREFmvpZcFGUS2fEec8VdYVywfcZciJV36NUZbsZccKap2DegNulxmR73RjyULku1WJ9PR26LL; path=/; domain=.tribalfusion.com; expires=Tue, 20-Jul-2021 20:25:49 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 0997b556900000975409ab8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6439580419e19754-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 21 Apr 2021 20:25:49 GMT
content-type: text/html
set-cookie: __cfduid=d1f912c4fae668aeadb3dacc620ab2c111619036749; expires=Fri, 21-May-21 20:25:49 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aXnoeUOZb3VxUEjUGuk9ZdZddTUnZdVrahsW91R2VqwS; path=/; domain=.tribalfusion.com; expires=Tue, 20-Jul-2021 20:25:49 GMT; SameSite=None; Secure; ANON_ID_old=aXnoeUOZb3VxUEjUGuk9ZdZddTUnZdVrahsW91R2VqwS; path=/; domain=.tribalfusion.com; expires=Tue, 20-Jul-2021 20:25:49 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 151
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 0997b555e30000975414041000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6439580309519754-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1D31
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=0FHP8gOYYWDl&pid=557219

1 B
463 B

23ms
23ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=0FHP8gOYYWDl&pid=557219
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=39DC3637-B81F-44A6-9C28-B1AAED155E64; chkChromeAb67Sec=1; DPSync3=1620172800%3A201_227_226_221; SyncRTB3=1620172800%3A222_78_13_81_176_220_71_88_166_56_8_165_230_231_21_22_189_7_161_3_54_55_204%7C1619568000%3A15_67_223_2%7C1621555200%3A203%7C1620259200%3A35%7C1619827200%3A63; PUBMDCID=3; KRTBCOOKIE_1101=23040-6953709887984564371; PugT=1619036749; KRTBCOOKIE_409=22966-yCOb3KhmYxWnpmRaSTKDWrjJ; KRTBCOOKIE_80=16514-CAESEOnKImXqmpOqqgLZ4kHOZnI&KRTB&22987-CAESEOnKImXqmpOqqgLZ4kHOZnI&KRTB&23025-CAESEOnKImXqmpOqqgLZ4kHOZnI; KRTBCOOKIE_391=22924-4503138501922225968&KRTB&23263-4503138501922225968; KRTBCOOKIE_377=6810-8e18ec1f-77db-41f6-84b4-fb3284f7ae47&KRTB&22918-8e18ec1f-77db-41f6-84b4-fb3284f7ae47&KRTB&23031-8e18ec1f-77db-41f6-84b4-fb3284f7ae47; KRTBCOOKIE_27=16735-uid:fb186080-8a4c-4600-af50-0240b7a09d57&KRTB&16736-uid:fb186080-8a4c-4600-af50-0240b7a09d57&KRTB&23019-uid:fb186080-8a4c-4600-af50-0240b7a09d57&KRTB&23114-uid:fb186080-8a4c-4600-af50-0240b7a09d57; KRTBCOOKIE_153=1923-cuyh7Hy9rbhp6aG-J7i073Tl_epp66q4IeuqVOhy&KRTB&19420-cuyh7Hy9rbhp6aG-J7i073Tl_epp66q4IeuqVOhy&KRTB&22979-cuyh7Hy9rbhp6aG-J7i073Tl_epp66q4IeuqVOhy; KRTBCOOKIE_22=14911-2350995209000641933; KRTBCOOKIE_57=22776-1769243001712638409; KRTBCOOKIE_336=5844-1608670524759528914; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_466=16530-fe446982-4e76-4012-a960-6d4596935b88; KRTBCOOKIE_218=22978-YICKTQAAXoQhIQA4&KRTB&23194-YICKTQAAXoQhIQA4&KRTB&23209-YICKTQAAXoQhIQA4&KRTB&23244-YICKTQAAXoQhIQA4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Wed, 21 Apr 2021 20:25:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 20-Jul-2021 20:25:49 GMT; path=/
X-lat: lhrpug011:0:862
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-7c488d4f5b-9df8z
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=0FHP8gOYYWDl&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=d4862e8f65fe5e05; path=/; HttpOnly; Secure; SameSite=None

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 053F
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5808768f-b966-421f-8aca-e3ca864d760d-tuct77a0fcd&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
147 B

1094ms
26ms

Document
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5808768f-b966-421f-8aca-e3ca864d760d-tuct77a0fcd&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5808768f-b966-421f-8aca-e3ca864d760d-tuct77a0fcd&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=5808768f-b966-421f-8aca-e3ca864d760d-tuct77a0fcd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Wed, 21 Apr 2021 20:25:50 GMT
via: 1.1 varnish
x-served-by: cache-fra19125-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1619036751.505746,VS0,VE9
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=5808768f-b966-421f-8aca-e3ca864d760d-tuct77a0fcd;Version=1;Path=/;Domain=.taboola.com;Expires=Thu, 21-Apr-2022 20:25:49 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5808768f-b966-421f-8aca-e3ca864d760d-tuct77a0fcd&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Wed, 21 Apr 2021 20:25:49 GMT
via: 1.1 varnish
x-served-by: cache-hhn11535-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1619036749.387213,VS0,VE10
x-vcl-time-ms: 10
content-length: 0

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 9A40 0
44 B 320ms
110ms Document
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.deepintent.com
:scheme: https
:path: /usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Wed, 21 Apr 2021 20:25:49 GMT
server: a

GET
H2

200

check Show response
pixel.tapad.com/idsync/ex/receive/ Frame DE88
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

95 B
165 B

22ms
22ms

Document
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pixel.tapad.com
:scheme: https
:path: /idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TapAd_TS=1619036749315; TapAd_DID=c2b79533-a2df-11eb-a57c-ee4330ad0bed
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 21 Apr 2021 20:25:49 GMT
strict-transport-security: max-age=31536000
content-type: image/png
content-length: 95
server: Jetty(9.4.28.v20200408)
via: 1.1 google
alt-svc: clear

Redirect headers

date: Wed, 21 Apr 2021 20:25:49 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1619036749315;Expires=Sun, 20 Jun 2021 20:25:49 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=c2b79533-a2df-11eb-a57c-ee4330ad0bed;Expires=Sun, 20 Jun 2021 20:25:49 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length: 0
server: Jetty(9.4.28.v20200408)
via: 1.1 google
alt-svc: clear

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 218D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Odw2N7gfRKacKLGq7RVeZA%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Odw2N7gfRKacKLGq7RVeZA%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

15ms
14ms

Image
text/html

104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=100353
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Fri, 23 Apr 2021 00:18:22 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 218D 95 B
597 B 64ms
36ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=39DC3637-B81F-44A6-9C28-B1AAED155E64
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:49 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6439580309de4abc-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0997b555e800004abc6d2e3000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 218D
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=39DC3637-B81F-44A6-9C28-B1AAED155E64&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=39DC3637-B81F-44A6-9C28-B1AAED155E64&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

31ms
31ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=39DC3637-B81F-44A6-9C28-B1AAED155E64&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:46 GMT
frontend-id: 5
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:46 GMT
frontend-id: 14
location: /pubmatic/1/info2?sType=sync&sExtCookieId=39DC3637-B81F-44A6-9C28-B1AAED155E64&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 218D
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=39DC3637-B81F-44A6-9C28-B1AAED155E64&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=39DC3637-B81F-44A6-9C28-B1AAED155E64&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=39DC3637-B81F-44A6-9C28-B1AAED155E64&addseg=19,36,42

7 B
147 B

52ms
17ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=39DC3637-B81F-44A6-9C28-B1AAED155E64&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Wed, 21 Apr 2021 20:25:49 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=39DC3637-B81F-44A6-9C28-B1AAED155E64&addseg=19,36,42
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 218D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzlEQzM2MzctQjgxRi00NEE2LTlDMjgtQjFBQUVEMTU1RTY0&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzlEQzM2MzctQjgxRi00NEE2LTlDMjgtQjFBQUVEMTU1RTY0&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

20ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
X-lat: lhrpug013:0:345
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 218D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:fb186080-8a4c-4600-af50-0240b7a09d57&gdpr=0&gdpr_consent=

42 B
946 B

21ms
20ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:fb186080-8a4c-4600-af50-0240b7a09d57&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
X-lat: lhrpug016:0:437
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
Server: MT3 3660 495c301 master zrh-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:fb186080-8a4c-4600-af50-0240b7a09d57&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 21 Apr 2021 20:25:48 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 218D
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1769243001712638409&gdpr=0&gdpr_consent=

42 B
769 B

21ms
20ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1769243001712638409&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
X-lat: lhrpug015:0:334
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 20:25:49 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.60:80
AN-X-Request-Uuid: bab47204-ca7f-4ecc-9217-5edb57210ec8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1769243001712638409&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 218D
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=63c95d51-c66b-476b-85c4-9a00d4e72c4c&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fe446982-4e76-4012-a960-6d4596935b88&gdpr=&gdpr_consent=&gdpr_pd=

1 B
745 B

21ms
20ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fe446982-4e76-4012-a960-6d4596935b88&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
X-lat: lhrpug004:0:558
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fe446982-4e76-4012-a960-6d4596935b88&gdpr=&gdpr_consent=&gdpr_pd=
date: Wed, 21 Apr 2021 20:25:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 39DC3637-B81F-44A6-9C28-B1AAED155E64
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 218D 43 B
839 B 103ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/39DC3637-B81F-44A6-9C28-B1AAED155E64?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:49 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame 218D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=39DC3637-B81F-44A6-9C28-B1AAED155E64&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=39DC3637-B81F-44A6-9C28-B1AAED155E64&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5q.U1tRE2uXTe2oeJMfzmDoIbFxvg.4-~A&gdpr=0&gdpr_consent=

0
418 B

1092ms
20ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5q.U1tRE2uXTe2oeJMfzmDoIbFxvg.4-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:50 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5q.U1tRE2uXTe2oeJMfzmDoIbFxvg.4-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 218D
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cuyh7Hy9rbhp6aG-J7i073Tl_epp66q4IeuqVOhy

42 B
894 B

20ms
20ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cuyh7Hy9rbhp6aG-J7i073Tl_epp66q4IeuqVOhy
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
X-lat: lhrpug004:0:617
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cuyh7Hy9rbhp6aG-J7i073Tl_epp66q4IeuqVOhy
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 218D
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2350995209000641933&gdpr=0&gdpr_consent=&us_privacy=

1 B
727 B

21ms
21ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2350995209000641933&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
X-lat: lhrpug010:0:402
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2350995209000641933&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 21 Apr 2021 20:25:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 218D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YICKTQAAXoQhIQA4&gdpr=0&gdpr_consent=&_test=YICKTQAAXoQhIQA4

1 B
809 B

21ms
21ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YICKTQAAXoQhIQA4&gdpr=0&gdpr_consent=&_test=YICKTQAAXoQhIQA4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
X-lat: lhrpug002:0:515
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1619036750.514717,VS0,VE0
x-served-by: cache-fra19134-FRA
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YICKTQAAXoQhIQA4&gdpr=0&gdpr_consent=&_test=YICKTQAAXoQhIQA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 218D
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:f6268fe4-2a56-453b-ac4b-7dfe2a3d4f0e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
505 B

26ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:f6268fe4-2a56-453b-ac4b-7dfe2a3d4f0e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
X-lat: lhrpug006:0:396
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:f6268fe4-2a56-453b-ac4b-7dfe2a3d4f0e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Wed, 21 Apr 2021 20:25:49 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 218D
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
760 B

21ms
20ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
X-lat: lhrpug012:0:470
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:48 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 218D 0
104 B 91ms
63ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=39DC3637-B81F-44A6-9C28-B1AAED155E64&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:49 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 218D
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1769243001712638409

42 B
505 B

23ms
22ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1769243001712638409
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:50 GMT
X-lat: lhrpug019:0:333
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 20:25:50 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.170:80
AN-X-Request-Uuid: fe75887d-b5a4-43e2-81f9-f5eb8dd3cca5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1769243001712638409
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 218D
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_bcc8bb61-f2cc-4669-b0e6-6fcf0e84592e

42 B
790 B

28ms
27ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_bcc8bb61-f2cc-4669-b0e6-6fcf0e84592e
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:50 GMT
X-lat: lhrpug004:0:841
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_bcc8bb61-f2cc-4669-b0e6-6fcf0e84592e
date: Wed, 21 Apr 2021 20:25:50 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 51A7 31 KB
9 KB 20ms
19ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: db49005f7798a8592e5ab69356cb11e3cac99eeec64a823974ea3a5c1bf83c18

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Apr 2021 20:33:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=60202
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9242
Expires: Thu, 22 Apr 2021 13:09:11 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 19B6
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetween%26bsw_param%...
https://x.bidswitch.net/sync?dsp_id=354&user_id=32030e2190ad4bc1a1751392f295a2bc&ssp=between&bsw_param=fe446982-4e76-4012-a960-6d4596935b88&gdpr=&consent=&gdpr_pd=
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=fe446982-4e76-4012-a960-6d4596935b88

68 B
159 B

16ms
16ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=fe446982-4e76-4012-a960-6d4596935b88
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=fe446982-4e76-4012-a960-6d4596935b88
date: Wed, 21 Apr 2021 20:25:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 51A7 284 B
536 B 88ms
22ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame DE84
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
813 B

14ms
13ms

Script
text/html

185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 20:25:49 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.7:80
AN-X-Request-Uuid: 3391d72d-9fd9-4a52-ba2c-a12a1dd2118c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 20:25:49 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.118:80
AN-X-Request-Uuid: 016bed1b-8b71-4b6a-ba35-91bdf0529810
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

404

5BB19D419EB90A37
an.yandex.ru/setud/adsniper/ Frame 19B6
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjNlIKEBlIFl4XSlAY*
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjNlIKEBlIFl4XSlAaiARDCxhrOot8R66DXACWQ5Fw4
https://sync.bumlam.com/?src=aid0&s_data=CAIQABjNlIKEBqIBEMLGGs6i3xHroNcAJZDkXDg*
https://sync.bumlam.com/?src=aid0&s_data=CAIQARjNlIKEBqIBEMLGGs6i3xHroNcAJZDkXDg*
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=c2c61ace-a2df-11eb-a0d7-002590e45c38
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=c2c61ace-a2df-11eb-a0d7-002590e45c38&bounce=1
https://sync.bumlam.com/?src=aid1&uid=piYRP49HvcXMAou0YEesKg&
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=piYRP49HvcXMAou0YEesKg&extra2=aidata
https://sync3.sniperlog.ru/?src=ggl&extra1=piYRP49HvcXMAou0YEesKg&extra2=aidata&google_gid=CAESEEu1y1W4KvLhkElp73OSc7U&google_cver=1
https://sync.bumlam.com/?src=ggl&extra1=piYRP49HvcXMAou0YEesKg&extra2=aidata&google_gid=CAESEEu1y1W4KvLhkElp73OSc7U&google_cver=1
https://an.yandex.ru/setud/adsniper/5BB19D419EB90A37?sign=1574588587
https://an.yandex.ru/setud/adsniper/5BB19D419EB90A37?redir-setuniq=1&sign=1574588587

43 B
113 B

53ms
53ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/adsniper/5BB19D419EB90A37?redir-setuniq=1&sign=1574588587

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 20:25:50 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 21 Apr 2021 20:25:50 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 20:25:50 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/setud/adsniper/5BB19D419EB90A37?redir-setuniq=1&sign=1574588587
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 21 Apr 2021 20:25:50 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 85A2 35 B
463 B 32ms
31ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=340566514271255656@@35871864,6915773840713603454,100|4700|0|0|0|0|0|0|0||235|0|84|1A8107B3-EBEF-42E0-A394-582BCDBD7195_1|||1|0|0|DiAu8Aimy-KzIYW675trIK_fiuC7IRoZmbFHWzttLaYPUposxpxyhMOO_SeixY-H4RVeP0ucXr9o4kOyoBiwbg2|||01|0@@45021679,4966235289849348928,100|4699|0|0|0|0|0|0|0||235|0|589|a51a7297ec9f47089695bd18f4e1cbb3-1-589_0b379a6e3c6948ab9922502f5d99f2f7|||1|0|0|re_d2TrFzRlWgnf2ewtpCcamMbFFK3ZOINE7e5cbTYtPB4zhE6hKgSjivaaU6enIGk-HNGyCNOQ8x-C_srivypViHDhCJ7HN1xfGpIPUctxopMGed9x84fMYsnoYAyMWZQXoWo438XnhFV4_S5xev2jiQ7KgGLBu0|6UKz9PN8HS142u1ywTJ-2om2wRyy1gce3X8Tu6XlsmYblZiIXeiH45G4dWAZeGGw7-ItQUX26WQOQaoW9LGqOqxsidzrXduDQdiOsEljuKhqyUYVqQPz9EB1kEb32rqWKMwZJ9uzlXQwsWEsnnPHYYvnj-ALKl4ez0kIEo362VqiuQ8Zp4vrxwFn_yLVCW9QuHZKearjb4nC8IjRrXi9Sg2||01|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:49 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://januszspiewa.prv.pl
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame F6DB 35 B
459 B 29ms
29ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=340566514271255656@@30417981,5548704435069587289,100|4700|0|0|0|0|0|0|0||235|1|||||1|0|0|5Idc3j5dy17xBx_RTJEBJ8amMbFFK3ZONcjenufsFLsMtYD6RSsZtIm3nyX34Xgm0|||01|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.usemax.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:49 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.usemax.de
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 8693
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

18ms
18ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=f36a224e-f6bb-526f-aea8-fc7ece287633&CACHEBUSTER=581118
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cache.betweendigital.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 21 Apr 2021 20:25:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date: Wed, 21 Apr 2021 20:25:50 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8693 31 KB
9 KB 20ms
19ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: db49005f7798a8592e5ab69356cb11e3cac99eeec64a823974ea3a5c1bf83c18

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Apr 2021 20:33:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=60201
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9242
Expires: Thu, 22 Apr 2021 13:09:11 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 8693 284 B
536 B 23ms
22ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 19B6
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=f36a224e-f6bb-526f-aea8-fc7ece287633
https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=f36a224e-f6bb-526f-aea8-fc7ece287633&cs=1

35 B
376 B

11ms
11ms

Image
image/gif

88.99.149.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=f36a224e-f6bb-526f-aea8-fc7ece287633&cs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.149.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dmc-test-dn3
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:50 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=f36a224e-f6bb-526f-aea8-fc7ece287633&cs=1
date: Wed, 21 Apr 2021 20:25:50 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DE84 0
743 B 16ms
15ms Script
text/html 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 20:25:50 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.122:80
AN-X-Request-Uuid: 2c43d598-2f55-483d-83ed-607916437351
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

581118
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 19B6
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/581118
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/581118

43 B
297 B

41ms
41ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/581118
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: tns-counter-3.1.0/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:50 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:50 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/581118
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 betweendata
api.rees46.com/profile/ Frame 19B6 43 B
158 B 39ms
11ms Image
image/gif 94.130.66.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.rees46.com/profile/betweendata?rand=581118
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 94.130.66.43 Asel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:25:50 GMT
access-control-allow-credentials: true
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2

200

sync
ad.vidver.to/delivery/ Frame 19B6
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=f36a224e-f6bb-526f-aea8-fc7ece287633&expires=30
https://ad.mox.tv/delivery/sync?userid=fe446982-4e76-4012-a960-6d4596935b88
https://ad.mediawayss.com/delivery/sync?userid=fe446982-4e76-4012-a960-6d4596935b88&inner_redirect=1&inner_uuid=84c119a2-edfe-4595-80dc-2d8a32a02155&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkL...
https://ad.outstream.today/delivery/sync?userid=fe446982-4e76-4012-a960-6d4596935b88&inner_redirect=1&inner_uuid=84c119a2-edfe-4595-80dc-2d8a32a02155&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFt...
https://ad.adopx.net/delivery/sync?userid=fe446982-4e76-4012-a960-6d4596935b88&inner_redirect=1&inner_uuid=84c119a2-edfe-4595-80dc-2d8a32a02155&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG...
https://ad.invamia.com/delivery/sync?userid=fe446982-4e76-4012-a960-6d4596935b88&inner_redirect=1&inner_uuid=84c119a2-edfe-4595-80dc-2d8a32a02155&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVy...
https://ad.vidverto.io/delivery/sync?userid=fe446982-4e76-4012-a960-6d4596935b88&inner_redirect=1&inner_uuid=84c119a2-edfe-4595-80dc-2d8a32a02155&redirect_host_list=YWQudmlkdmVyLnRv
https://ad.vidver.to/delivery/sync?userid=fe446982-4e76-4012-a960-6d4596935b88&inner_redirect=1&inner_uuid=84c119a2-edfe-4595-80dc-2d8a32a02155&redirect_host_list=

0
431 B

58ms
19ms

Image
text/html

212.8.250.83
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidver.to/delivery/sync?userid=fe446982-4e76-4012-a960-6d4596935b88&inner_redirect=1&inner_uuid=84c119a2-edfe-4595-80dc-2d8a32a02155&redirect_host_list=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Apr 2021 20:25:51 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

Redirect headers

location: https://ad.vidver.to/delivery/sync?userid=fe446982-4e76-4012-a960-6d4596935b88&inner_redirect=1&inner_uuid=84c119a2-edfe-4595-80dc-2d8a32a02155&redirect_host_list=
date: Wed, 21 Apr 2021 20:25:51 GMT
server: nginx/1.14.0 (Ubuntu)
access-control-allow-origin: *
content-type: text/html; charset=UTF-8

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame ADA3 2 KB
818 B 24ms
7ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=f36a224e-f6bb-526f-aea8-fc7ece287633&CACHEBUSTER=581118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=5d1628750185ace
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cache.betweendigital.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cache.betweendigital.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2

200

f36a224e-f6bb-526f-aea8-fc7ece287633
an.yandex.ru/mapuid/betweendigitalis/ Frame 19B6
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Ff36a224e-f6bb-526f-aea8-fc7ece287633
https://an.yandex.ru/mapuid/betweendigitalis/f36a224e-f6bb-526f-aea8-fc7ece287633

43 B
171 B

48ms
48ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/f36a224e-f6bb-526f-aea8-fc7ece287633

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:51 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 20:25:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 21 Apr 2021 20:25:51 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/f36a224e-f6bb-526f-aea8-fc7ece287633
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 200
OK sync.html
s.adtelligent.com/ Frame 19B6 0
0 163ms
52ms Image
text/html 2a0c:5c81:5139::2
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adtelligent.com/sync.html?aid=582266
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cache.betweendigital.com
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame 218D 0
418 B 16ms
15ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156036&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 20:25:51 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

redot.js Show response
goldbach.hit.gemius.pl/__/_sslredir/_1619036757893/
Redirect Chain

http://goldbach.hit.gemius.pl/_1619036757893/redot.js?l=109&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1619036743&fr=1&tz=-120&fv=-&href=http%3A%2F...
https://goldbach.hit.gemius.pl/_sslredir/_1619036757893/redot.js?l=109&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1619036743&fr=1&tz=-120&fv=-&href...
https://goldbach.hit.gemius.pl/__/_sslredir/_1619036757893/redot.js?l=109&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1619036743&fr=1&tz=-120&fv=-&h...

2 B
233 B

39ms
39ms

Script
application/x-javascript

185.11.128.207
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://goldbach.hit.gemius.pl/__/_sslredir/_1619036757893/redot.js?l=109&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1619036743&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Vyu8FuqFfhZV_IBGzwoLh1BfGqwi0pG._LIQY9kxTw3.37&vis=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.207 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-207.dataspace.pl
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:58 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: application/x-javascript
content-length: 2
expires: Tue, 20 Apr 2021 20:25:58 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:57 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_sslredir/_1619036757893/redot.js?l=109&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1619036743&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Vyu8FuqFfhZV_IBGzwoLh1BfGqwi0pG._LIQY9kxTw3.37&vis=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Tue, 20 Apr 2021 20:25:57 GMT

GET
H2

200

redot.js Show response
goldbach.hit.gemius.pl/_sslredir/_1619036759893/
Redirect Chain

http://goldbach.hit.gemius.pl/_1619036759893/redot.js?l=109&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1619036743&fr=1&tz=-120&fv=-&href=http%3A%2F...
https://goldbach.hit.gemius.pl/_sslredir/_1619036759893/redot.js?l=109&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1619036743&fr=1&tz=-120&fv=-&href...

2 B
307 B

41ms
38ms

Script
application/x-javascript

185.11.128.207
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://goldbach.hit.gemius.pl/_sslredir/_1619036759893/redot.js?l=109&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1619036743&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Vyu8FuqFfhZV_IBGzwoLh1BfGqwi0pG._LIQY9kxTw3.37&vis=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.207 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-207.dataspace.pl
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer: http://januszspiewa.prv.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 20:25:59 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: application/x-javascript
content-length: 2
expires: Tue, 20 Apr 2021 20:25:59 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 20:25:59 GMT
Server: GHC
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Location: https://goldbach.hit.gemius.pl/_sslredir/_1619036759893/redot.js?l=109&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1619036743&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fjanuszspiewa.prv.pl%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Vyu8FuqFfhZV_IBGzwoLh1BfGqwi0pG._LIQY9kxTw3.37&vis=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Accept-Ranges: none
Keep-Alive: timeout=10
Content-Length: 0
Expires: Tue, 20 Apr 2021 20:25:59 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: januszspiewa.prv.pl
URL: http://januszspiewa.prv.pl/prv_billboard_iefix.html?cat=komputery_i_internet&sub=oprogramowanie&site=januszspiewa.prv.pl&adult=0

Verdicts & Comments Add Verdict or Comment

215 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.spolecznosci.net/	1970-01-20 02:30:59	Name: tgx Value: v%3A1%7CWo%3A55%7CKr%3ADE%7CRe%3A2950159%7CAd%3A0%7CSw%3A1600%7COs%3AWINDOWS%2010-0%7CUa%3ACHROME-89%7CCt%3ARESIDENTIAL%7CIsp%3AOTHER
.spolecznosci.net/	1970-01-20 02:30:59	Name: lsccs1_currentMain Value: %253C%2502j%251F%25C2%2582%25C3%25B8!%2512v8%25C3%2593%25C2%258B%25C2%259D%2516%25C3%258A%2503%25C2%25A3%25C3%2587'u%25C2%258D%25C3%25B0%25C3%258E%2510%25C2%25AAgc%2511%25C3%259B%25C2%25A9%25C3%25B4k%251D%25C2%2596%25C3%25B0n%257B%25C2%258Er9%25C3%25AB%25C3%25A8O%25C2%25A0%253A%255C3%25C2%25BEX%25C3%25B4%253F%252F%255E%25C3%259E%25C3%25B6%25C3%25BC%251F%25C2%25B2KBf4W8%2505%257C%25C2%2589%257B%25C2%2580%2523%25C3%25BF%25C3%2584atzA%25C3%2597%2525%25C3%2586%25C2%25AF%25C2%25B0I%25C3%2593%2522XV%2519Z%25C3%258A%2505%2504_%25C3%25AA%25C3%2585%25C3%25BEc%253D%25C3%2580%25C2%259C%250B%2519y%25C3%2595%2560x%25C2%25B4%25C3%25A1%25C3%2592%25C2%25B1%25C2%25ABX%25C2%2595%25C2%25A3%25C2%258Ah%2502T%25C2%258E%25C3%2593%25C3%2596V5%25C2%2597%2513~%25C3%25B9%25C3%258B%25037%25C3%259B3%25C2%25BF%2518%25C2%2580%2519%252B%2512X%25C3%25A5%25C2%258F%2515%25C3%25AD%25C3%25A5%25C2%2599%25C3%2587%25C2%25A5%2522%25C3%2581%25C2%2580c%25C2%25A7)%2517%25C3%2582%25C2%259D~%25C2%25A5%2510%25C2%25BB%2519%2525D%25C2%25B5!%25C2%259Bf%25C2%25B2mzM%25C2%259Dz%25C3%2585X%2508%251C%2509
.prv.pl/	1970-01-20 17:43:56	Name: __gfp_64b Value: Vyu8FuqFfhZV_IBGzwoLh1BfGqwi0pG._LIQY9kxTw3.37\|1619036743
.prv.pl/	1970-01-19 17:43:56	Name: _gat_gtag_UA_167603030_1 Value: 1
.prv.pl/	1970-01-19 22:03:08	Name: _pubcid Value: fa3fa942-5800-4522-9b63-8cd2adedefd8
januszspiewa.prv.pl/	1969-12-31 23:59:59	Name: t Value: 1
januszspiewa.prv.pl/	1970-01-19 17:44:13	Name: uniqued Value: true
.spolecznosci.net/	1970-01-20 02:30:59	Name: lsccs1_currentStats Value: %253C%2502H%2516%25C3%2586%25C2%2586.%2513%257Fv%25C3%2585%25C2%258B%25C3%25B8O%25C3%259A%2508%25C3%25A0%25C2%2582%257F44%25C2%259E%25C3%25B3%25C2%2593%2502%25C2%25AA%2560c%2507%25C3%258D%25C3%2591%25C2%25A8%257F%251E%25C2%258D%25C3%25AE%2509u%25C2%2580%253C%250A%25C3%25BD%25C2%25BE!%25C3%25B0i%250Bu%25C3%25A3%2500%25C2%25B2ud%251D%25C2%2592%25C2%2595%25C2%25A2%251F%25C2%25BAK%255CuJ%2510.%2512%257F%25C2%258E%251F%25C2%2582%253F%25C3%25A7%25C2%25A3%2520lt%251Cq%25C2%258Dp%25C3%2592%25C3%2597%25C3%259D%2516%25C3%2593n%2513r9%2560%25C3%25BDhiw%25C3%25A8%25C2%25A0%25C2%25A1l%25C2%259B%25C2%2592%2513%25266%25C2%259D%253Bx%25C2%25B4%25C3%25BE%25C3%2584%25C3%25AE%25C3%25B9d%25C2%2591%25C3%25B6%25C3%2591d1n%25C2%25AA%25C2%25B2%25C3%25AB%257F%253A%25C2%2595%251B!%25C3%25B9%25C3%258B%25236%25C2%258B%257B%25C3%25B8%2524%25C2%25B1%251D%25073v%25C2%2589%25C3%25A1'%25C2%258E%25C3%2583%25C3%259A%25C2%2585%25C3%25B2%2518%25C3%2588%25C2%25831%25C3%25B4n%252F%25C3%25B7%25C3%25BBK%25C2%2585D%25C3%25A8H%251A%2516%25C3%25A0%257C%25C2%2583)%25C3%25AA%2560%2560L%25C2%258Cv%25C2%2585B%2520%2507%2519%25C2%259C%25C2%25A9%25C2%25BF%2515%25C2%259C%25C2%25B3%25C2%258E%25C3%25A5%25C2%258F%25C3%25BA5Ly%25C3%259DX%2508%25C3%2597%25C3%25A7%2512%25C3%258F%2520%25C3%25A3q%25C3%259D%25C2%25A1%2518%25C3%25B8%252B%25C2%25A39%25C3%2588%25C3%2587n%2517%25C2%25BE%25C2%2596%25C3%25B8%25C2%25B6%25C3%25A2%2503%25C2%25ACH%25C3%25B7%25C2%25BF2%25C2%2598)c!%25C3%25B2%25C3%25A6%25C3%258B%2503%25C2%258Bn%25C2%25953Eu%25C2%2594%25C3%2591%25C2%25A8%25C2%25A7%2518%25C3%25B0%25C2%2583%255B%251B%25C3%25AB%25C2%25B5%25C3%25BF%25C3%2586%25C3%25ADN%25C3%25AE!%2515%25C3%25B3%251C%25C3%25AC%25C3%258D%25C3%2583%2507%252Fo%25C2%2599%2525%253BZH%25C3%25B0%251D%2512P%25C2%259E%25C3%25BA4O%25C2%25B2%25C3%25A6z%25C2%258E%255B%25C2%2593j%25C3%258D%25C2%25BAl%2507%251F5'%25C3%25A7%25C2%25A9%25C3%25AD%25C2%2584I%25C3%25BC%2560v%25C3%2595%25C2%25B6%25C3%2584%25C2%25B5%25C3%2589%2505-%2517%25C2%259A%2520u%25C3%25B6%25C3%25B2%25C3%25B3%25C3%25AE%25C2%2589%2517%25C3%25A8%25C2%2592%25C2%2588Q%2522%25C3%25BB%25C2%2596%25C2%258B%2509%2511%25C2%25A7%25C3%259EI%25C3%25B7%2525X%253Af%25C2%25B3%25C3%2595%2522%25C3%2584WZ%2500%2518-%2504%253A%25C2%25A9%25C2%258C%252F%25C2%259FQ%253A%25C2%258DK%25C3%25BA%25C3%2597%25C3%25A5M%2513%255D%2500%250C%25C2%25B1y%2526%25C3%25B8%253B%25C2%258E%25C2%25A9%25C3%25A8%25C2%25BA%25C3%25A0%257C%251CD
.prv.pl/	1970-01-20 11:15:08	Name: _ga Value: GA1.2.629110262.1619036743
januszspiewa.prv.pl/	1970-01-19 20:07:56	Name: uniqueall Value: true
januszspiewa.prv.pl/	1970-01-19 17:44:56	Name: unique Value: true
januszspiewa.prv.pl/	1970-01-19 18:27:08	Name: _pbjs_userid_consent_data Value: 3524755945110770
januszspiewa.prv.pl/	1970-01-19 17:43:57	Name: online Value: true
.prv.pl/	1970-01-19 18:27:08	Name: spfp Value: db6011ae48907c10ad9aa6f93e0b9fb6
.spolecznosci.net/	1970-01-20 02:30:59	Name: lsccs1_currentVersion Value: w%2501i%2503%25C3%258F%25C2%25AE*%2504%2560%253A%25C2%2590%25C3%259A%25C2%25A9%2516%25C3%2586W%25C2%25A8%25C3%25865
.prv.pl/	1970-01-19 17:43:56	Name: _gat Value: 1
.prv.pl/	1970-01-19 17:45:23	Name: spol_tg Value: eu%3Atrue%7Cip%3A89.249.64.203%7Cn%3Atrue
.prv.pl/	1970-01-19 17:45:23	Name: _gid Value: GA1.2.293034825.1619036743

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.spolecznosci.net
a.sportradarserving.com
a.tribalfusion.com
aaa.artefact.com
acdn.adnxs.com
ad.adopx.net
ad.invamia.com
ad.mediawayss.com
ad.mox.tv
ad.outstream.today
ad.prv.pl
ad.turn.com
ad.vidver.to
ad.vidverto.io
ad4m.at
ads.betweendigital.com
ads.playground.xyz
ads.programattik.com
ads.pubmatic.com
adx.adform.net
ajax.googleapis.com
aktrack.pubmatic.com
an.yandex.ru
ap.lijit.com
api.rees46.com
aud.pubmatic.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cache.betweendigital.com
cm.adgrx.com
cm.g.doubleclick.net
creative.mlsat02.de
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
ebs08.telekom.de
eus.rubiconproject.com
fastlane.rubiconproject.com
goldbach.hit.gemius.pl
gpl.adocean.pl
gpladpl.hit.gemius.pl
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
hostinga.htw.pl
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
inv-nets.admixer.net
januszspiewa.prv.pl
komentarze.prv.pl
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
ox2.sterta.pl
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
pubmatic-match.dotomi.com
px.adhigh.net
rechtstexte.s3.amazonaws.com
rtb.gumgum.com
s.adtelligent.com
s.tribalfusion.com
s1.adform.net
secure-assets.rubiconproject.com
secure.adnxs.com
simage2.pubmatic.com
simage4.pubmatic.com
spolecznosci.net
static.criteo.net
stats.g.doubleclick.net
stats.grupapino.pl
sync-tm.everesttech.net
sync.1dmp.io
sync.bumlam.com
sync.mathtag.com
sync3.adsniper.ru
sync3.sniperlog.ru
token.rubiconproject.com
track.adform.net
tracking.mlsat02.de
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
visitor.fiftyt.com
webstat.pl
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.tns-counter.ru
www.usemax.de
x.bidswitch.net
x01.aidata.io
januszspiewa.prv.pl
104.108.144.214
104.111.230.142
104.111.239.217
146.0.227.110
151.101.113.108
151.101.13.44
151.101.14.49
151.236.71.146
159.253.128.188
159.65.196.12
164.132.7.102
169.197.150.7
172.217.23.98
173.231.181.122
176.31.240.87
178.250.0.157
178.250.0.163
178.250.2.131
18.156.0.31
18.159.17.140
18.184.169.195
185.11.128.207
185.180.223.221
185.184.8.30
185.29.132.69
185.33.220.240
185.33.221.89
185.64.189.112
185.64.189.114
185.64.189.249
185.64.190.78
185.64.190.80
185.64.190.81
188.165.206.157
188.42.196.115
193.232.148.143
198.148.27.140
199.232.137.44
2001:678:cb4:bbbb::11
2001:6d0:4001::226
212.48.120.130
212.8.250.228
212.8.250.83
213.155.156.185
213.19.162.61
216.52.2.39
23.3.108.247
23.37.42.132
2606:4700:10::6816:1857
2606:4700:3039::6815:c02e
2606:4700::6812:c05
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:400c:c0a::9b
2a02:2638::1c
2a02:2638::3
2a02:6b8::90
2a02:fa8:8806:13::1400
2a0c:5c81:5139::2
31.172.81.158
34.255.242.137
34.98.107.212
35.201.96.126
35.210.215.44
35.227.247.230
35.227.248.159
37.157.5.72
37.157.6.251
37.59.49.187
51.178.130.209
51.38.120.206
51.68.117.182
52.218.101.18
54.171.41.106
66.155.71.25
69.173.144.165
77.243.60.138
80.158.66.20
85.114.159.118
85.194.243.82
85.194.243.83
87.98.238.81
88.99.149.88
89.108.120.76
94.130.66.43
94.23.73.243
99.81.54.149
0537669aaa954e27dbb5ed8201e1369547377a96106027ed3bb356048665f672
09bf3ba1ecfc2d0c6835cace1dbdd94cf31c63f550043911a5dba06977dd6803
0dff70386ce467674d303b4ad7741efbdd4b47adadfd338c129cdccb7a42d7d9
0e94bb95c21c72001b89d539919cff37bb8c5286b25da19c808a1e0cebb0deb9
126a629b1a5b11de957e290957f73e9bf7abf7cf63eb0ddb7eb5db95edfdff2a
141391e77e707b4ef3462b643078503d1a4bd556b2233d90c26254381d040a05
16971da05aae9bc069b1731d95206049d75b03e60bce5113fb913b5e1d7d7dad
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b5b5d6cc9fa182ad58e568dd9a8095f6b9e07e32134bdc4176e74285c771252
2083bc94ca09560380c3aea0e04b7436b1aa9b0f0febd113b87ca2b828937830
287f314b8fb0641d8cc175a81e55f99fd27cd504babb7f9e03d86782ec12a4f9
29c68064fe9bdf057615fc18d213c9d6f030ec24d052d36e2f33baeb4d43634c
2a7a5a103d7d2d395f95fabbcbce1e975df8fee2226795a2a9880d99a3cf6cbe
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
339915a320943d2d72b50b87a44a03dd5945df0e720619199ec003af5a7a82a9
3482f5ef38d6ea9a60e7d77c0e1180d970f057220ca1e0f7cd9a97c7f45cf951
34cfd6050edc69991e2c4b39e966a35820ea1b87e7da4caf8a66913ce3a5fb7a
3505f6bd7e0e4d719b459e84c843fb11d32b55203329b05dcad2fac45554ad9a
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dcea292627e30bab6fd6ab6c9d9f07a55e6eca4693be4c3ea9ab2bb89ab42d6
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f382bcda88755760aa60861b3d5053fbcae7bb448c4e7df2731aa5254bd0b23
3fa018f2bc3517b45657677a9237162cf6531be769e7c104d0848465dd99ed78
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
456e6dca205094a54f9d11e125792bea04cddf332e35429d696eef7858141839
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49ef96f326e441c19170fe2ed4a58be326926c6b59d8f0ed8f970ca966df79fd
4a6674619b5fc7121516968a7f14e9b10329804fcb91c708710ff94cb648da44
4afa95e1d40fa144d345cbbd550ef2cae0f938102aa4bb54e0222a50c98e6fae
4cc4a2977a39f727036eb7c3d7655a530ccd02699044b68996584c39972f106c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
511d67b65d58132cd2e0b40ebb8ae9b34f2b7bfff04aeb472b65566c4300fc62
54773ec8f0523a46104738d5e7f4867bfbd0ed5e14d284c72bede25ea8d49056
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
585efad8df049217e69499bfef32cb47523a4b6b16febfeeba4020a05b699c7e
5ccbdf5d86e1ea9e3ce8f6e5f58a243245ed1c1db5da26be3d57ff37e2296d93
5e42f4e2e242c30046a5559511c5b0a7b86b051ceb062045c64fccbdd3640984
63dd6be483a96f43f168e123984a9b7c8b1755192ef6a324e60c55dede4f84c0
64459a29e56e1628c1b595e465a30ebf29f5129c030ccd779c9fb87ce05ad474
664692175c417848e41aebe21c7e7be9b281ea09f31bd3808a4c4fbcf361a439
6adb150e973daa804a13a8869ef173ddebaefc42b118662d50e72d70c3e287ae
6aec921df67d37c33f5745245eba2482f586a8ac453ea354da455318b7896722
6b2fa4204b8a396cd3e97d7d95e3ddafcdaa36fddee40c1d425a9f0d60e949bf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bed9f4c6b5b0da7b052a8423d03f33c385b2c19aa15e29b4439821cb4cf779b
730a0865576eaa6767c9383a76180f4b241c0dc659bc118d78b7e1d66ee1c089
74c6a5ad4dac820d647273287bcc2134f0d9972edc76d98a3c82e01eb3e1e23d
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
788babd55e5658abb5a11316ceccef3d6bd7f532ecb38249868246be9ef61405
79026558a34822dc06c3b5c47ea13057fd3f235296610974d6c97e67471665db
7a10794dbcfc266390ebf771db25804dcfac2555abd239f648b3a1039d665271
804dc27006ad8cee4d5764592e7991ea1f8dedfd8ee618e44969557698bbeec4
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85b188d753e191ad4c8b58c3af7c7a8792991f627efaaf9ed407b0b3adf72e8e
8696cee86999f6d03320e995abc00d260687ca83684f05c6c212a47456fe629d
89d88a0a6557a254d3b4b4680213e4f2d5143c4980823b053fdd732a2a546366
8da190f1aac81835acd7cdb1dbebb700a733974543e0ce8b8df9f0f280278716
989e1f778b2b37ef61248011421bfca5c456464fc4c0db4de5f5b466779ff22d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b2711d32a132a2207eb852d41e42775173715a32ad4bcdfb6dba4b976271b4c
9f45eea0aa51eba208b906cfeabe0c382fdc84e0244232641e8e21f551a25c39
9fe1cb7ac6b2f6d212aa8dc054a30f1cfe311b8ba8a4b532fa64f14f1f4799aa
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1c68fd2bd2ee4b4f547e60af04ee988f48aade799a957f6c82720b347620ad7
a26e916c9fb7fb3ad7b7c4ad4a548f26a0ce23a60175c659f9627d3c3a064ae5
a566a2afe30443e5c55766281a3ae52c419085d855b1a3c8a821d3693062ed32
a656b4cab74124ed71ca6a3294a917fb01f1ab7244e9ee3224385a76a4b2b5c4
aa935cc7a61a9661e4a3ff39925b70e0cbf1134b7a7e53e7d6de2898434f73f2
aea1d04e964e02f52f3af3271228c21b1bb2cd62daea9cc7de3aa96b2c51b5ac
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b46c7554a80d629be9ef66a793c4aea7e6bd8aee84c931e9bb4fdd84ea047160
b8c1ad487927155e27c8922614bda50816c6d222154851c05b731ea07c73bcab
c477268b497a5138e28ca44c2c3b9914d14c565d31ad8bea80fc9103dcaeb0d6
c535015e54235a0fc56e36ebae6a71f8491c2bef2112a7e1dab111b777145ba3
c6100c279b023a4252d806603fc8e1001632c04b410e0392ab4a44d48fccce5a
cb28fc8822220023495cab439d75ed1a50be08683c9cea5be6323c3b641394b4
cbe2f192eba633f88505cc59a033a391ab828510d37a1817cebf937eb9d164f1
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d25a37b3070f33f86862bce97206a8f3f403e23ba39c7c8cd8c2f96266f19f03
d3759299ce00e3bac2782faf02d6f1962e5c88b04e9682224f5852d0c86b6480
d44fe33544eb7000a4be897820643c827d44076217f2ca3376bf3134409bb9fb
db49005f7798a8592e5ab69356cb11e3cac99eeec64a823974ea3a5c1bf83c18
dbdddd64683f212724513d6d8d3238e53bb8708548c458e1071707382320acfe
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd76128f0531e9806e2001e8975586544e5c454efe39ee318699ad6027930ac6
df4163856210708618de447a46ce56755595283328dff369a2ccc3e9dd052fca
dfe27297d880df8f959e485da2211930ba8a2ebaa15a843ecf6317926e992ecb
e212ad536e148368978ece4afe62ad5a1135b3a712a2f8f3e383e9486488c215
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e428854f4607fbc8e99c64f4eac50fad7911242de9842c23d03a2bce44e7d7ec
ebc4630cd9254c69deb4a342db24b7d118cadce3e3f22e2339dd4270a2a1297b
ee2640c3528b59332b055fd02b83d5fb8bce93d3c03fd5083ba39eeb1b6b592b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa2505c6f92532a87016f22c8c1ebccf158e00abc3bbe9beb4ef1353792ce91
f316fbd86438f25c90ca4a161b69ebddadbdbccc57713bee4d5a4f43a0d70e97
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f584b9d8d1efc5b95fabd3eecb68727a44484c2bce6a16924c58bdd8ecdad427
f644111d79c25160befe025154fc7d8edb57ebcda35b0a2df2c413405a408d2b
fa14db52cf261082272462590ec8674daee2c742ac0905bb29180819191bfb43
ff2dc5fe17d95bb49cc8e3e8051ea886c85a11989e1b6942626e66bfebf3a929

januszspiewa.prv.pl Open in urlscan Pro 37.59.49.187 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

198 Requests

85 %HTTPS

20 %IPv6

78 Domains

107 Subdomains

62 IPs

14 Countries

1816 kBTransfer

3975 kBSize

18 Cookies

12 Outgoing links

Redirected requests

198 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

januszspiewa.prv.pl Open in urlscan Pro
37.59.49.187 Public Scan

Screenshot
Live screenshot

Full Image

198
Requests

85 %
HTTPS

20 %
IPv6

78
Domains

107
Subdomains

62
IPs

14
Countries

1816 kB
Transfer

3975 kB
Size

18
Cookies

198 HTTP transactions
-2 data transactions