xy2.eu Open in urlscan Pro
185.11.100.204 

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response xy2.eu/	11 KB 4 KB	91ms 32ms	Document text/html	185.11.100.204 CF-KRK
General Check archive.org Show headers Download Go to Full URL http://xy2.eu/ Protocol HTTP/1.1 Server 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL), Reverse DNS v5103.vps.ogicom.net Software Apache / PHP/5.5.38 Resource Hash 5a579da4395be27b7c05065ed78db0a42a8902c4aaf7a88eeac2c4b018d3b199 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language pl-PL,pl;q=0.9 Response headers cache-control max-age=0 content-encoding gzip content-type text/html date Sat, 01 Apr 2023 05:03:10 GMT expires Sat, 01 Apr 2023 05:03:10 GMT server Apache transfer-encoding chunked vary Accept-Encoding x-powered-by PHP/5.5.38
GET H/1.1	200 OK	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	140 KB 51 KB	132ms 86ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: xy2.eu URL: http://xy2.eu/ Protocol HTTP/1.1 Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 668937487f28f4b473c50556c8b88486a0f9d5763b715a2f87861f88b5d707aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer http://xy2.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Sat, 01 Apr 2023 05:03:11 GMT Content-Encoding gzip X-Content-Type-Options nosniff P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cross-Origin-Resource-Policy cross-origin Content-Disposition attachment; filename="f.txt" Content-Length 51508 X-XSS-Protection 0 Server cafe ETag 11318841795579097433 Vary Accept-Encoding Content-Type text/javascript; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control private, max-age=3600 Timing-Allow-Origin * Expires Sat, 01 Apr 2023 05:03:11 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	113 KB 44 KB	144ms 52ms	Script application/javascript	142.250.186.72 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-36872558-7 Requested by Host: xy2.eu URL: http://xy2.eu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.72 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f8.1e100.net Software Google Tag Manager / Resource Hash d4f17e5b0e1a73de3d287fd97ca0957f687cda0fd3562e3a3bfb01175ce3fa06 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer http://xy2.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 01 Apr 2023 05:03:11 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 45011 x-xss-protection 0 last-modified Sat, 01 Apr 2023 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 01 Apr 2023 05:03:11 GMT
GET H/1.1	200 OK	style.css xy2.eu/css/	10 KB 3 KB	31ms 31ms	Stylesheet text/css	185.11.100.204 CF-KRK
General Check archive.org Show headers Download Go to Full URL http://xy2.eu/css/style.css Requested by Host: xy2.eu URL: http://xy2.eu/ Protocol HTTP/1.1 Server 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL), Reverse DNS v5103.vps.ogicom.net Software Apache / Resource Hash dc4178564e7595bff5e47ec8a66e13261e00eeda4f03b77d6301a0950d62c125 Request headers accept-language pl-PL,pl;q=0.9 Referer http://xy2.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 01 Apr 2023 05:03:10 GMT content-encoding gzip last-modified Sun, 29 Jan 2023 15:05:02 GMT server Apache etag "2791-5f3686c44334f-gzip" vary Accept-Encoding content-type text/css cache-control max-age=0 accept-ranges bytes content-length 2345 expires Sat, 01 Apr 2023 05:03:10 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 1 KB	141ms 49ms	Stylesheet text/css	142.250.186.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext Requested by Host: xy2.eu URL: http://xy2.eu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f10.1e100.net Software ESF / Resource Hash fc50c9494e602f4722d6412f1ebb68a2bda4e3a316124795a2672d378fb7d6b4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer http://xy2.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 01 Apr 2023 05:03:11 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 01 Apr 2023 05:03:11 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 01 Apr 2023 05:03:11 GMT
GET H/1.1	200 OK	adframe.js Show response xy2.eu/js/	16 B 306 B	59ms 30ms	Script application/javascript	185.11.100.204 CF-KRK
General Check archive.org Show headers Download Go to Full URL http://xy2.eu/js/adframe.js Requested by Host: xy2.eu URL: http://xy2.eu/ Protocol HTTP/1.1 Server 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL), Reverse DNS v5103.vps.ogicom.net Software Apache / Resource Hash 0059cb4ff0a271382c38af8a7367aaf45cbeb31449637d3928d25317401e2828 Request headers accept-language pl-PL,pl;q=0.9 Referer http://xy2.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 01 Apr 2023 05:03:11 GMT last-modified Sat, 30 Dec 2017 21:02:30 GMT server Apache etag "10-5619511402320" content-type application/javascript cache-control max-age=0 accept-ranges bytes content-length 16 expires Sat, 01 Apr 2023 05:03:11 GMT
GET H/1.1	200 OK	paypal.jpg xy2.eu/gfx/	9 KB 9 KB	43ms 30ms	Image image/jpeg	185.11.100.204 CF-KRK
General Check archive.org Show headers Download Go to Show image Full URL http://xy2.eu/gfx/paypal.jpg Requested by Host: xy2.eu URL: http://xy2.eu/ Protocol HTTP/1.1 Server 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL), Reverse DNS v5103.vps.ogicom.net Software Apache / Resource Hash 1ae6619173f92af4f0201b7204322213c714b56df437aa7d6482a1c141d5337c Request headers accept-language pl-PL,pl;q=0.9 Referer http://xy2.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 01 Apr 2023 05:03:11 GMT last-modified Tue, 02 Jan 2018 13:00:56 GMT server Apache etag "2204-561cab086d14b" content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes content-length 8708 expires Sun, 31 Mar 2024 05:03:11 GMT
GET H/1.1	200 OK	paypal.png xy2.eu/gfx/	5 KB 6 KB	58ms 30ms	Image image/png	185.11.100.204 CF-KRK
General Check archive.org Show headers Download Go to Show image Full URL http://xy2.eu/gfx/paypal.png Requested by Host: xy2.eu URL: http://xy2.eu/ Protocol HTTP/1.1 Server 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL), Reverse DNS v5103.vps.ogicom.net Software Apache / Resource Hash 675f6b6dc673aae01f8ef949697ee544c8df8574ca090a4dd690776ec6e442ea Request headers accept-language pl-PL,pl;q=0.9 Referer http://xy2.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 01 Apr 2023 05:03:11 GMT last-modified Tue, 02 Jan 2018 13:00:54 GMT server Apache etag "158c-561cab06562ce" content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 5516 expires Sun, 31 Mar 2024 05:03:11 GMT
GET H2	200	pixel.gif www.paypalobjects.com/pl_PL/i/scr/	43 B 442 B	120ms 25ms	Image image/gif	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/pl_PL/i/scr/pixel.gif Requested by Host: xy2.eu URL: http://xy2.eu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (wmi/FEF4) / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language pl-PL,pl;q=0.9 Referer http://xy2.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 01 Apr 2023 05:03:11 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-cache HIT paypal-debug-id 3ddeb05243326 dc ccg11-origin-www-1.paypal.com content-length 43 last-modified Fri, 16 Aug 2019 04:57:41 GMT server ECAcc (wmi/FEF4) traceparent 00-00000000000000000003ddeb05243326-c0390848ad1539d2-01 etag "5d5637c5-2b" content-type image/gif cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com expires Sat, 01 Apr 2023 06:03:11 GMT
GET H/1.1	200 OK	xy2-chart.png xy2.eu/gfx/	220 B 505 B	59ms 30ms	Image image/png	185.11.100.204 CF-KRK
General Check archive.org Show headers Download Go to Show image Full URL http://xy2.eu/gfx/xy2-chart.png Requested by Host: xy2.eu URL: http://xy2.eu/ Protocol HTTP/1.1 Server 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL), Reverse DNS v5103.vps.ogicom.net Software Apache / Resource Hash 87a8b9554a46930e118f1a2b6690f35026c2f510ed907a1881506cfd398d460b Request headers accept-language pl-PL,pl;q=0.9 Referer http://xy2.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 01 Apr 2023 05:03:11 GMT last-modified Fri, 12 Jan 2018 08:19:15 GMT server Apache etag "dc-5628feb96c68e" content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 220 expires Sun, 31 Mar 2024 05:03:11 GMT
GET H2	200	JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 fonts.gstatic.com/s/montserrat/v25/	12 KB 13 KB	130ms 40ms	Font font/woff2	142.250.185.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f3.1e100.net Software sffe / Resource Hash ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://xy2.eu accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 28 Mar 2023 10:39:13 GMT x-content-type-options nosniff age 325438 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12708 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:55:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Mar 2024 10:39:13 GMT
GET H2	200	wEO_EBrAnc9BLjLQAUk1VvoK.woff2 fonts.gstatic.com/s/courgette/v13/	24 KB 25 KB	138ms 48ms	Font font/woff2	142.250.185.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/courgette/v13/wEO_EBrAnc9BLjLQAUk1VvoK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f3.1e100.net Software sffe / Resource Hash 405773c896e1955562d347744121c4bdfb078188d311b13fcb6471444d191400 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://xy2.eu accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:14:04 GMT x-content-type-options nosniff age 319747 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24964 x-xss-protection 0 last-modified Thu, 21 Apr 2022 16:43:10 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Mar 2024 12:14:04 GMT
GET H2	200	RrQfboBx-C5_XxrBbg.woff2 fonts.gstatic.com/s/acme/v21/	8 KB 8 KB	175ms 86ms	Font font/woff2	142.250.185.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/acme/v21/RrQfboBx-C5_XxrBbg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f3.1e100.net Software sffe / Resource Hash bb814ac86e7f409154ced702b9f3543761d09410e837ec728242e6b980a26aa0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://xy2.eu accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:45:43 GMT x-content-type-options nosniff age 317848 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8236 x-xss-protection 0 last-modified Wed, 07 Dec 2022 17:50:27 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Mar 2024 12:45:43 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	126ms 39ms	Script text/javascript	172.217.16.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-36872558-7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f206.1e100.net Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language pl-PL,pl;q=0.9 Referer http://xy2.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 01 Apr 2023 04:05:12 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 3479 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Sat, 01 Apr 2023 06:05:12 GMT
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/	350 KB 118 KB	188ms 102ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2614556310778759&plah=xy2.eu Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 7fa10d638514541df8cd5fd7e5dd837129340652f058dcc72f5991c2e65ec4d5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer http://xy2.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 01 Apr 2023 05:03:11 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 119897 x-xss-protection 0 server cafe etag 14504546720199594154 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 01 Apr 2023 05:03:11 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/ Frame C006	10 KB 5 KB	124ms 39ms	Document text/html	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://xy2.eu/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language pl-PL,pl;q=0.9 Response headers age 8084 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4549 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 01 Apr 2023 02:48:27 GMT etag 2378337311435320485 expires Sat, 15 Apr 2023 02:48:27 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 200 B	47ms 46ms	XHR text/plain	172.217.16.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=333430582&t=pageview&_s=1&dl=http%3A%2F%2Fxy2.eu%2F&ul=en-us&de=UTF-8&dt=XY2%20%7C%20URL%20Shortener&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1750159813&gjid=1801726241&cid=434706407.1680325391&tid=UA-36872558-7&_gid=288220912.1680325391&_r=1&gtm=457e33t0&jsscut=1&z=1827352428 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f206.1e100.net Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://xy2.eu/ accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 01 Apr 2023 05:03:11 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://xy2.eu cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 342 B	140ms 46ms	XHR text/plain	173.194.76.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-36872558-7&cid=434706407.1680325391&jid=1750159813&gjid=1801726241&_gid=288220912.1680325391&_u=YEBAAUAAAAAAACAAI~&z=1109053058 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.194.76.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS ws-in-f155.1e100.net Software Golfe2 / Resource Hash a6289d9cd6ab88d70ba405980f406b61aad967a7323e9e1d744f28afdadcc317 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://xy2.eu/ accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sat, 01 Apr 2023 05:03:11 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://xy2.eu cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ca-pub-2614556310778759 Show response fundingchoicesmessages.google.com/i/	133 KB 45 KB	180ms 69ms	Script application/javascript	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/ca-pub-2614556310778759?ers=2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2614556310778759&plah=xy2.eu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software ESF / Resource Hash 7cf9b33dd7512d6dd1a8f8375bb0731568d0b1083023cab47dd2babd9755e678 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Vl0pwIinLldFhq6Kpu73tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer http://xy2.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 01 Apr 2023 05:03:11 GMT content-security-policy script-src 'report-sample' 'nonce-Vl0pwIinLldFhq6Kpu73tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	149ms 51ms	Image image/gif	142.250.185.100 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-36872558-7&cid=434706407.1680325391&jid=1750159813&_u=YEBAAUAAAAAAACAAI~&z=1030538280 Requested by Host: xy2.eu URL: http://xy2.eu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer http://xy2.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Sat, 01 Apr 2023 05:03:11 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.pl/ads/	42 B 408 B	142ms 52ms	Image image/gif	142.250.186.163 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.pl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-36872558-7&cid=434706407.1680325391&jid=1750159813&_u=YEBAAUAAAAAAACAAI~&z=1030538280 Requested by Host: xy2.eu URL: http://xy2.eu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer http://xy2.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Sat, 01 Apr 2023 05:03:11 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	AGSKWxWhSLtgz-MujZaT4PXnaECuJeAS6xWTQYXv1cZghYPH4Vu2zlToDm2wBoaQl3HNVJi1KEfnsOIvhExIr2Rg5Kw= Show response fundingchoicesmessages.google.com/f/	433 KB 58 KB	140ms 140ms	Script application/javascript	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWhSLtgz-MujZaT4PXnaECuJeAS6xWTQYXv1cZghYPH4Vu2zlToDm2wBoaQl3HNVJi1KEfnsOIvhExIr2Rg5Kw=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjgwMzI1MzkxLDkzNjAwMDAwMF0sIjc1NzhGRTBELTY0RjItNDgwRS04Qjg4LUUyNERDRjg0QTJEOCIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHA6Ly94eTIuZXUvIixudWxsLFtbOCwiRVV3SHJGbHVwb3MiXSxbOSwicGwiXV1d Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.pl.EUwHrFlupos.es5.O/d=1/rs=AJlcJMytWAvBFRDUXrwsyZjo916cZLKb4g/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software ESF / Resource Hash 5cf94650dfa1f57cb3113697203e67527abb98e442d7532987aaac0e56511e54 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7A6aAMIyaJjilOltPsmKhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer http://xy2.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 01 Apr 2023 05:03:12 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7A6aAMIyaJjilOltPsmKhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	css fonts.googleapis.com/	60 KB 4 KB	57ms 57ms	Stylesheet text/css	142.250.186.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.pl.EUwHrFlupos.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMytWAvBFRDUXrwsyZjo916cZLKb4g/m=web_iab_tcf_v2_wall_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f10.1e100.net Software ESF / Resource Hash c5df79fc23ff87c5df5cd97d4078e04071ea7815ada57ab23e2c759ed8367a62 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer http://xy2.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 01 Apr 2023 05:03:12 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 01 Apr 2023 05:03:12 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 01 Apr 2023 05:03:12 GMT
POST H3	204	AGSKWxXASefMcFNIkWeYvSnUeDT1iz1jJAjsWOtdhDzQc13W5N2-gnB528jQv_SEVmYlyP1JPGaE_SldmxeeIJHYEWYrgpcijQ2TJMg06_7R3Wb-nflrhZ1TnSIKRMpbCbs8z8Lk1stbhg== Show response fundingchoicesmessages.google.com/el/	0 29 B	138ms 58ms	XHR text/html	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxXASefMcFNIkWeYvSnUeDT1iz1jJAjsWOtdhDzQc13W5N2-gnB528jQv_SEVmYlyP1JPGaE_SldmxeeIJHYEWYrgpcijQ2TJMg06_7R3Wb-nflrhZ1TnSIKRMpbCbs8z8Lk1stbhg==?dmid=de9fc90b331a5456 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.pl.EUwHrFlupos.es5.O/d=1/rs=AJlcJMytWAvBFRDUXrwsyZjo916cZLKb4g/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-_QjMi0bToZ6E2latf8CLdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://xy2.eu/ accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type text/plain Response headers date Sat, 01 Apr 2023 05:03:12 GMT content-security-policy script-src 'report-sample' 'nonce-_QjMi0bToZ6E2latf8CLdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin; report-to="ContributorLoggingHttp" server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin http://xy2.eu access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN report-to {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]} expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v140/	125 KB 126 KB	40ms 39ms	Font font/woff2	142.250.185.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f3.1e100.net Software sffe / Resource Hash 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://xy2.eu accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 28 Mar 2023 10:32:06 GMT x-content-type-options nosniff age 325866 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128352 x-xss-protection 0 last-modified Tue, 07 Mar 2023 19:51:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Mar 2024 10:32:06 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	102ms 101ms	Font font/woff2	142.250.185.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f3.1e100.net Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://xy2.eu accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 28 Mar 2023 10:31:04 GMT x-content-type-options nosniff age 325928 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Mar 2024 10:31:04 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 boolean| credentialless object| adsbygoogle function| gtag object| dataLayer boolean| adblock function| paste number| links_count function| numberWithCommas object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googleToken object| googleIMState object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| NzQyOGU5ZTY4MGI2ODQ1NWxvYWRlcl9qcw== string| NzQyOGU5ZTY4MGI2ODQ1NWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.xy2.eu/	1970-01-20 20:21:25	Name: _ga Value: GA1.2.434706407.1680325391
			.xy2.eu/	1970-01-20 10:46:51	Name: _gid Value: GA1.2.288220912.1680325391
			.xy2.eu/	1970-01-20 10:45:25	Name: _gat_gtag_UA_36872558_7 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.pl
www.googletagmanager.com
www.paypalobjects.com
xy2.eu
142.250.185.100
142.250.185.110
142.250.185.194
142.250.185.226
142.250.185.227
142.250.186.163
142.250.186.72
142.250.186.74
172.217.16.206
173.194.76.155
185.11.100.204
192.229.221.25
0059cb4ff0a271382c38af8a7367aaf45cbeb31449637d3928d25317401e2828
1ae6619173f92af4f0201b7204322213c714b56df437aa7d6482a1c141d5337c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
405773c896e1955562d347744121c4bdfb078188d311b13fcb6471444d191400
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a579da4395be27b7c05065ed78db0a42a8902c4aaf7a88eeac2c4b018d3b199
5cf94650dfa1f57cb3113697203e67527abb98e442d7532987aaac0e56511e54
668937487f28f4b473c50556c8b88486a0f9d5763b715a2f87861f88b5d707aa
675f6b6dc673aae01f8ef949697ee544c8df8574ca090a4dd690776ec6e442ea
7cf9b33dd7512d6dd1a8f8375bb0731568d0b1083023cab47dd2babd9755e678
7fa10d638514541df8cd5fd7e5dd837129340652f058dcc72f5991c2e65ec4d5
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87a8b9554a46930e118f1a2b6690f35026c2f510ed907a1881506cfd398d460b
a6289d9cd6ab88d70ba405980f406b61aad967a7323e9e1d744f28afdadcc317
bb814ac86e7f409154ced702b9f3543761d09410e837ec728242e6b980a26aa0
c5df79fc23ff87c5df5cd97d4078e04071ea7815ada57ab23e2c759ed8367a62
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d4f17e5b0e1a73de3d287fd97ca0957f687cda0fd3562e3a3bfb01175ce3fa06
dc4178564e7595bff5e47ec8a66e13261e00eeda4f03b77d6301a0950d62c125
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc50c9494e602f4722d6412f1ebb68a2bda4e3a316124795a2672d378fb7d6b4