ynpaqzdnmzfzraydzafalq.on.drv.tw Open in urlscan Pro
47.88.48.79 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rson.cz/
Effective URL:
https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
Submission: On February 22 via api (February 22nd 2024, 11:03:50 pm UTC) from US — Scanned from US

Summary HTTP 37 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 37 HTTP transactions. The main IP is 47.88.48.79, located in United States and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is ynpaqzdnmzfzraydzafalq.on.drv.tw.
TLS certificate: Issued by R3 on January 1st 2024. Valid for: 3 months.

This is the only time ynpaqzdnmzfzraydzafalq.on.drv.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	37.9.175.164 37.9.175.164	51013 (WEBSUPPOR...) (WEBSUPPORT-SRO-SK-AS)
4 13	47.88.48.79 47.88.48.79	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
5	108.139.38.192 108.139.38.192	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:261... 2600:9000:261f:e00:8:3164:8500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:21d... 2600:9000:21dd:a00:19:de1f:9c00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:24f... 2600:9000:24f1:de00:5:6c74:c540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	20.75.109.112 20.75.109.112	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:806::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::9d	15169 (GOOGLE) (GOOGLE)
37	12

1 37.9.175.164 (Slovakia) 1 redirects

ASN51013 (WEBSUPPORT-SRO-SK-AS, SK)
PTR: ing.r3.websupport.sk

rson.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 47.88.48.79 (United States) 4 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

ynpaqzdnmzfzraydzafalq.on.drv.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.139.38.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-38-192.jfk50.r.cloudfront.net

d1di2lzuh97fh2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:261f:e00:8:3164:8500:93a1 (United States)

ASN16509 (AMAZON-02, US)

37e1b8ec2f.cbaul-cdnwnd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21dd:a00:19:de1f:9c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn2-of.drv.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f1:de00:5:6c74:c540:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-of.drv.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.75.109.112 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.drv.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:806::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	drv.tw 4 redirects ynpaqzdnmzfzraydzafalq.on.drv.tw cdn2-of.drv.tw cdn-of.drv.tw www.drv.tw	458 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	385 KB
5	cloudfront.net d1di2lzuh97fh2.cloudfront.net	220 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
4	gstatic.com fonts.gstatic.com	144 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 86	416 B
2	cbaul-cdnwnd.com 37e1b8ec2f.cbaul-cdnwnd.com	1008 KB
2	google.com drive.google.com — Cisco Umbrella Rank: 294 analytics.google.com — Cisco Umbrella Rank: 160	268 B
1	rson.cz 1 redirects rson.cz	110 B
37	9

	Domain	Requested by
13	ynpaqzdnmzfzraydzafalq.on.drv.tw	4 redirects ynpaqzdnmzfzraydzafalq.on.drv.tw
5	www.googletagmanager.com	ynpaqzdnmzfzraydzafalq.on.drv.tw www.drv.tw www.googletagmanager.com
5	d1di2lzuh97fh2.cloudfront.net	ynpaqzdnmzfzraydzafalq.on.drv.tw d1di2lzuh97fh2.cloudfront.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	fonts.gstatic.com	d1di2lzuh97fh2.cloudfront.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	cdn2-of.drv.tw	ynpaqzdnmzfzraydzafalq.on.drv.tw
2	37e1b8ec2f.cbaul-cdnwnd.com	ynpaqzdnmzfzraydzafalq.on.drv.tw
1	analytics.google.com	www.googletagmanager.com
1	www.drv.tw	ynpaqzdnmzfzraydzafalq.on.drv.tw
1	cdn-of.drv.tw	ynpaqzdnmzfzraydzafalq.on.drv.tw
1	drive.google.com	ynpaqzdnmzfzraydzafalq.on.drv.tw
1	rson.cz	1 redirects
37	13

This site contains links to these domains. Also see Links.

Domain
jakobytohonebylomocneserte-me.webnode.cz
pexels.com
www.webnode.cz
www.webnode.com

Subject Issuer	Validity	Valid
drv.tw R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
cbaul-cdnwnd.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-16`	a year	crt.sh
www.drv.tw GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-12-18` - `2024-06-18`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
Frame ID: C832A3E815CD5AB7A801BC8983F32E7C
Requests: 36 HTTP requests in this frame

Frame: https://d1di2lzuh97fh2.cloudfront.net/files/3p/3p9/3p9ym6.svg?ph=37e1b8ec2f&border=7b7b7b&outline=bfbfbf&color=9e9e9e
Frame ID: 74E7221F32CEE77B324DC07784C30500
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

jakobytohonebylomoc@neserte.me

Page URL History Show full URLs

https://rson.cz/ HTTP 301
https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

37
Requests

89 %
HTTPS

69 %
IPv6

9
Domains

13
Subdomains

12
IPs

2
Countries

2236 kB
Transfer

4658 kB
Size

7
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://jakobytohonebylomocneserte-me.webnode.cz/
Title: Menu

Search URL Search Domain Scan URL

URL: https://jakobytohonebylomocneserte-me.webnode.cz/o-nas/
Title: B7 Číst dále

Search URL Search Domain Scan URL

URL: https://jakobytohonebylomocneserte-me.webnode.cz/sluzby/
Title: C9 Zobrazit více

Search URL Search Domain Scan URL

URL: https://pexels.com/
Title: Pexels

Search URL Search Domain Scan URL

URL: https://www.webnode.cz/?utm_source=text&utm_medium=footer&utm_campaign=free1&utm_content=wnd2
Title: Webnode

Search URL Search Domain Scan URL

URL: https://www.webnode.com/cs/?utm_source=text&utm_medium=footer&utm_content=wnd2_blue_bottom_button&utm_campaign=signature
Title: Vytvořte si webové stránky zdarma! Tento web je vytvořený pomocí Webnode. Vytvořte si vlastní stránky zdarma ještě dnes! Vytvořit stránky

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rson.cz/ HTTP 301
https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/gtm.js.sta%C5%BEen%C3%BD%20soubor HTTP 302
https://drive.google.com/uc?id=1y_YfjQMQWZ6tzMafG0xkBXm_3DxNUXs7

Request Chain 10

https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/0g0ezi.js.sta%C5%BEen%C3%BD%20soubor HTTP 302
https://cdn2-of.drv.tw/_guf/ynpaqzdnmzfzraydzafalq/1ErNPgoh-C7vaCcZj4Lmetk_moiBN104F?ra=3710A6utU93aRHSOh0W1Q_Si7BiM2XGHQFSARAS8fAKYgCag96esAe12Y9yDvqV0iKvc8Jr9QNglLeYOWQCl34ubGZKPM8UvDcKZRgJI4Mp3vTy7N5dd8wNLYFvLi7FBPRA5WAbX3ENWrSezQ7edtU8FbhQ6dA_jeJAUJcZGsZI0VS61geZ9fAMnSo000b8rEXaMEchqyoXuR5Cyb_BfA0a.92ay

Request Chain 11

https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/lang.cz.1302.js.sta%C5%BEen%C3%BD%20soubor HTTP 302
https://cdn2-of.drv.tw/_guf/ynpaqzdnmzfzraydzafalq/1y0rAhbpiqilqHRA9qp-7iqZadVL4vlsY?ra=3710A6utU93aRHSOh0W1Q_Si7BiM2XGHQFSARAS8fAKYgCag96esAe12Y9yDvqV0iKvc8Jr9QNglLeYOWQCl34ubGZKPM8UvDcKZRgJI4Mp3vTy7N5dd8wNLYFvLi7FBPRA5WAbX3ENWrSezQ7edtU8FbhQ6dA_jeJAUJcZGsZI0VS61geZ9fAMnSo000b8rEXaMEchqyoXuR5Cyb_BfA0a.92ay

Request Chain 12

https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/compiled.multi.2-1639.js.sta%C5%BEen%C3%BD%20soubor HTTP 302
https://cdn-of.drv.tw/_guf/ynpaqzdnmzfzraydzafalq/1R99BOCQHY1Asoikl_ymHAA8S0FQ_peiS?ra=3710A6utU93aRHSOh0W1Q_Si7BiM2XGHQFSARAS8fAKYgCag96esAe12Y9yDvqV0iKvc8Jr9QNglLeYOWQCl34ubGZKPM8UvDcKZRgJI4Mp3vTy7N5dd8wNLYFvLi7FBPRA5WAbX3ENWrSezQ7edtU8FbhQ6dA_jeJAUJcZGsZI0VS61geZ9fAMnSo000b8rEXaMEchqyoXuR5Cyb_BfA0a.92ay

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
Redirect Chain

https://rson.cz/
https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/

52 KB
17 KB

6867ms
1554ms

Document
text/html

47.88.48.79
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.88.48.79 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c895392397f9be6fdcf1cda47a137abbc84c75b3f40be6ea4fc3cc5291103bb3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: public, s-maxage=43200, max-age=43200
content-encoding: gzip
content-type: text/html
date: Thu, 22 Feb 2024 23:03:40 GMT
last-modified: Thu, 22 Feb 2024 19:23:36 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Origin, Sec-Fetch-Mode, X-Requested-Wtih Accept-Encoding
x-cache: BYPASS

Redirect headers

content-length: 166
content-type: text/html
date: Thu, 22 Feb 2024 23:03:33 GMT
location: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
server: openresty

GET
H2 200 0fy9xa.css
ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/ 321 KB
63 KB 1558ms
1546ms Stylesheet
text/css 47.88.48.79
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/0fy9xa.css
Requested by: Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.88.48.79 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9ecc3be98fde0839f554dde210af85932e8dc213dc09c2819295cbb3c0421391

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:03:42 GMT
content-encoding: gzip
last-modified: Wed, 21 Feb 2024 15:59:37 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Origin, Sec-Fetch-Mode, X-Requested-Wtih, Accept-Encoding
x-cache: BYPASS
content-type: text/css
cache-control: public, s-maxage=43200, max-age=43200

GET
H2 200 3wgc1k.css
ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/ 248 KB
39 KB 1913ms
1902ms Stylesheet
text/css 47.88.48.79
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/3wgc1k.css
Requested by: Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.88.48.79 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d26df8384a4b23566c9e32a563c81379b8232170a4350c04c106e4e805b031e8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:03:42 GMT
content-encoding: gzip
last-modified: Wed, 21 Feb 2024 15:59:37 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Origin, Sec-Fetch-Mode, X-Requested-Wtih, Accept-Encoding
x-cache: BYPASS
content-type: text/css
cache-control: public, s-maxage=43200, max-age=43200

GET
H2 200 03uzgx.css
ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/ 343 KB
54 KB 1690ms
1681ms Stylesheet
text/css 47.88.48.79
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/03uzgx.css
Requested by: Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.88.48.79 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ed3d2b5e2ab21f3313fb53c76be615c7a518fe5481f1764d3d16b9742641fcd2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:03:42 GMT
content-encoding: gzip
last-modified: Wed, 21 Feb 2024 15:59:38 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Origin, Sec-Fetch-Mode, X-Requested-Wtih, Accept-Encoding
x-cache: BYPASS
content-type: text/css
cache-control: public, s-maxage=43200, max-age=43200

GET
H2 200 3wyjbs.css
ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/ 242 KB
23 KB 1644ms
1635ms Stylesheet
text/css 47.88.48.79
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/3wyjbs.css
Requested by: Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.88.48.79 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a43ccfb92bff16810e5650ca885e81641c610bd0fcf80769e0a8a638cb8b7700

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:03:42 GMT
content-encoding: gzip
last-modified: Wed, 21 Feb 2024 15:59:38 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Origin, Sec-Fetch-Mode, X-Requested-Wtih, Accept-Encoding
x-cache: BYPASS
content-type: text/css
cache-control: public, s-maxage=43200, max-age=43200

GET
H2 200 19dqyu.css
ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/ 205 B
478 B 1631ms
1623ms Stylesheet
text/css 47.88.48.79
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/19dqyu.css
Requested by: Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.88.48.79 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 79aa509415c4f1d4b99cfef57fb7874eb4c3dacea19b10c31078fc56d278fa32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:03:42 GMT
last-modified: Wed, 21 Feb 2024 15:59:38 GMT
server: nginx/1.14.0 (Ubuntu)
etag: 0Bx02KR5XeAV1bS8yKy9VbHBUSDhsK1ZXaHdmci93V0xQZ3ZNPQ
vary: Origin, Sec-Fetch-Mode, X-Requested-Wtih, Accept-Encoding
x-cache: BYPASS
content-type: text/css
cache-control: public, s-maxage=43200, max-age=43200
content-length: 205

GET
H2 200 2snxn6.css
ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/ 72 KB
12 KB 1472ms
1465ms Stylesheet
text/css 47.88.48.79
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/2snxn6.css
Requested by: Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.88.48.79 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3d0b3706e9e5dfa0d7da3d24934cca803d81febefec829f018077fcab165fbb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:03:42 GMT
content-encoding: gzip
last-modified: Wed, 21 Feb 2024 15:59:38 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Origin, Sec-Fetch-Mode, X-Requested-Wtih, Accept-Encoding
x-cache: BYPASS
content-type: text/css
cache-control: public, s-maxage=43200, max-age=43200

GET
H2 200 3s1tpc.css
ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/ 12 KB
3 KB 1689ms
1682ms Stylesheet
text/css 47.88.48.79
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/3s1tpc.css
Requested by: Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.88.48.79 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 988f91b687b9bb91a9958e3781f4b17d1af4926d6c3151157f05f1a8232831c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:03:42 GMT
content-encoding: gzip
last-modified: Wed, 21 Feb 2024 15:59:38 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Origin, Sec-Fetch-Mode, X-Requested-Wtih, Accept-Encoding
x-cache: BYPASS
content-type: text/css
cache-control: public, s-maxage=43200, max-age=43200

GET
H2

403

uc
drive.google.com/
Redirect Chain

https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/gtm.js.sta%C5%BEen%C3%BD%20soubor
https://drive.google.com/uc?id=1y_YfjQMQWZ6tzMafG0xkBXm_3DxNUXs7

0
0

139ms
56ms

Script
text/html

2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://drive.google.com/uc?id=1y_YfjQMQWZ6tzMafG0xkBXm_3DxNUXs7
Requested by: Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
Protocol: H2
Server: 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Redirect headers

date: Thu, 22 Feb 2024 23:03:43 GMT
last-modified: Wed, 21 Feb 2024 15:59:38 GMT
server: nginx/1.14.0 (Ubuntu)
x-d2w-target-length: 178686
etag: 0Bx02KR5XeAV1MnZLRy9OUkJDN05mWlFMMHIvcWhqRWJrT3JBPQ
vary: Origin, Sec-Fetch-Mode, X-Requested-Wtih
x-cache: BYPASS
content-type: text/html
location: https://drive.google.com/uc?id=1y_YfjQMQWZ6tzMafG0xkBXm_3DxNUXs7
cache-control: public, s-maxage=604800, max-age=604800

GET
H2 200 0dscwu.css
d1di2lzuh97fh2.cloudfront.net/files/0d/0ds/ 92 KB
6 KB 512ms
357ms Stylesheet
text/css 108.139.38.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1di2lzuh97fh2.cloudfront.net/files/0d/0ds/0dscwu.css?ph=37e1b8ec2f
Requested by: Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-192.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8047d33b96a7fe6341e058ae584e00f82046c34bfa720577e85cfaad0f6aa25

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:03:42 GMT
content-encoding: br
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
last-modified: Mon, 27 Feb 2023 16:47:08 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
etag: W/"1615d5e0c3b94ef87c42cd22f9286181"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 7_WjuqbvXcJzRTBCciENLBwTM6FKobyBaT-yYJWwObzUzSgVEYdrVQ==

GET
H2 200 images-pexels-com-photos-159243-solar-solar-cells-photovoltaic-environmentally-friendly-159243-auto-compress-cs-tinysrgb-dpr-2-h-650-w-940.webp
37e1b8ec2f.cbaul-cdnwnd.com/e3f96b0d32f05adf0f2852a5a76091f4/200000009-2b0582b05c/ 429 KB
430 KB 628ms
419ms Image
image/webp 2600:9000:261f:e00:8:3164:8500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://37e1b8ec2f.cbaul-cdnwnd.com/e3f96b0d32f05adf0f2852a5a76091f4/200000009-2b0582b05c/images-pexels-com-photos-159243-solar-solar-cells-photovoltaic-environmentally-friendly-159243-auto-compress-cs-tinysrgb-dpr-2-h-650-w-940.webp?ph=37e1b8ec2f
Requested by: Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:261f:e00:8:3164:8500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 990c1a3c25946eb57d3267e892664b10e8b7c00bd6c792e840e4170d5dbe7301

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:03:42 GMT
x-amz-version-id: eqRxk.eYUfB6eFUqoaVYyne8QOXOk0OC
via: 1.1 38d213e81ab517fd857234c4eccd4632.cloudfront.net (CloudFront)
last-modified: Wed, 21 Feb 2024 10:32:37 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
etag: "ce580050401e4ae65db1d9e84e7afa02"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
content-length: 439146
x-amz-cf-id: 4wERC_TK33r5IwSCT15y1SyCb7GQpmAgVtqsefF7b_2Jg1WSC0azlA==

GET
H2

200

1ErNPgoh-C7vaCcZj4Lmetk_moiBN104F Show response
cdn2-of.drv.tw/_guf/ynpaqzdnmzfzraydzafalq/
Redirect Chain

https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/0g0ezi.js.sta%C5%BEen%C3%BD%20soubor
https://cdn2-of.drv.tw/_guf/ynpaqzdnmzfzraydzafalq/1ErNPgoh-C7vaCcZj4Lmetk_moiBN104F?ra=3710A6utU93aRHSOh0W1Q_Si7BiM2XGHQFSARAS8fAKYgCag96esAe12Y9yDvqV0iKvc8Jr9QNglLeYOWQCl34ubGZKPM8UvDcKZRgJI4Mp3v...

557 KB
176 KB

1001ms
35ms

Script
application/octet-stream

2600:9000:21dd:a00:19:de1f:9c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2-of.drv.tw/_guf/ynpaqzdnmzfzraydzafalq/1ErNPgoh-C7vaCcZj4Lmetk_moiBN104F?ra=3710A6utU93aRHSOh0W1Q_Si7BiM2XGHQFSARAS8fAKYgCag96esAe12Y9yDvqV0iKvc8Jr9QNglLeYOWQCl34ubGZKPM8UvDcKZRgJI4Mp3vTy7N5dd8wNLYFvLi7FBPRA5WAbX3ENWrSezQ7edtU8FbhQ6dA_jeJAUJcZGsZI0VS61geZ9fAMnSo000b8rEXaMEchqyoXuR5Cyb_BfA0a.92ay

Requested by

Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/

Protocol

Server

2600:9000:21dd:a00:19:de1f:9c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ESF /

Resource Hash

f1b183023b08196f639d6c9a405293f0bbab1ebb574d18c4c84407d6d180f5c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 16:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 8e7c396366d89944c10dfabcfcb15b3c.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 111548
x-guploader-uploadid: ABPtcPqLUIMWGPBOH9tqgPeqnTdcfCbnH5fHkjGvoZyWd8cMs53ohGW_OQih3C-rWWQUToaAiG0
x-cache: Hit from cloudfront
x-guploader-response-body-transformations: gzipped
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,HEAD
content-type: application/octet-stream
access-control-allow-origin: https://ynpaqzdnmzfzraydzafalq.on.drv.tw
warning: 214 UploadServer gzipped
access-control-expose-headers: *
cache-control: public, s-maxage=15552000, max-age=15552000
access-control-allow-credentials: false
access-control-max-age: 15552000
access-control-allow-headers: *
vary: Origin
x-amz-cf-id: jfElNqA1I7MG_Xrml1gnQZPwjV8eXBkTD3ajdqY41d4lj5f6IhAkQg==

Redirect headers

date: Thu, 22 Feb 2024 23:03:41 GMT
last-modified: Wed, 21 Feb 2024 15:59:38 GMT
server: nginx/1.14.0 (Ubuntu)
x-d2w-target-length: 570785
etag: 0Bx02KR5XeAV1akpFK3dzVDdHYm9WZjBFTU42ZytJV1NKNnkwPQ
vary: Origin, Sec-Fetch-Mode, X-Requested-Wtih
x-cache: BYPASS
content-type: text/html
access-control-allow-origin: https://ynpaqzdnmzfzraydzafalq.on.drv.tw
location: https://cdn2-of.drv.tw/_guf/ynpaqzdnmzfzraydzafalq/1ErNPgoh-C7vaCcZj4Lmetk_moiBN104F?ra=3710A6utU93aRHSOh0W1Q_Si7BiM2XGHQFSARAS8fAKYgCag96esAe12Y9yDvqV0iKvc8Jr9QNglLeYOWQCl34ubGZKPM8UvDcKZRgJI4Mp3vTy7N5dd8wNLYFvLi7FBPRA5WAbX3ENWrSezQ7edtU8FbhQ6dA_jeJAUJcZGsZI0VS61geZ9fAMnSo000b8rEXaMEchqyoXuR5Cyb_BfA0a.92ay
cache-control: public, s-maxage=1512, max-age=1512
access-control-allow-credentials: false

GET
H2

200

1y0rAhbpiqilqHRA9qp-7iqZadVL4vlsY Show response
cdn2-of.drv.tw/_guf/ynpaqzdnmzfzraydzafalq/
Redirect Chain

https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/lang.cz.1302.js.sta%C5%BEen%C3%BD%20soubor
https://cdn2-of.drv.tw/_guf/ynpaqzdnmzfzraydzafalq/1y0rAhbpiqilqHRA9qp-7iqZadVL4vlsY?ra=3710A6utU93aRHSOh0W1Q_Si7BiM2XGHQFSARAS8fAKYgCag96esAe12Y9yDvqV0iKvc8Jr9QNglLeYOWQCl34ubGZKPM8UvDcKZRgJI4Mp3v...

1 KB
1 KB

991ms
52ms

Script
application/octet-stream

2600:9000:21dd:a00:19:de1f:9c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2-of.drv.tw/_guf/ynpaqzdnmzfzraydzafalq/1y0rAhbpiqilqHRA9qp-7iqZadVL4vlsY?ra=3710A6utU93aRHSOh0W1Q_Si7BiM2XGHQFSARAS8fAKYgCag96esAe12Y9yDvqV0iKvc8Jr9QNglLeYOWQCl34ubGZKPM8UvDcKZRgJI4Mp3vTy7N5dd8wNLYFvLi7FBPRA5WAbX3ENWrSezQ7edtU8FbhQ6dA_jeJAUJcZGsZI0VS61geZ9fAMnSo000b8rEXaMEchqyoXuR5Cyb_BfA0a.92ay

Requested by

Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/

Protocol

Server

2600:9000:21dd:a00:19:de1f:9c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ESF /

Resource Hash

ed0443066d9d99723d289ba48fdf5fbe0b937590ff97da17f309bc32c54d2b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 16:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 8e7c396366d89944c10dfabcfcb15b3c.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 111549
x-guploader-uploadid: ABPtcPpBy640AsbIRCV8s9FPZC0FpPqhHGa870qdCsOXnkNyFv7D7wmwaUR1m0nR_5JfgGOMxy4
x-cache: Hit from cloudfront
x-guploader-response-body-transformations: gzipped
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,HEAD
content-type: application/octet-stream
access-control-allow-origin: https://ynpaqzdnmzfzraydzafalq.on.drv.tw
warning: 214 UploadServer gzipped
access-control-expose-headers: *
cache-control: public, s-maxage=15552000, max-age=15552000
access-control-allow-credentials: false
access-control-max-age: 15552000
access-control-allow-headers: *
vary: Origin
x-amz-cf-id: c0BFyjhyMWjt-GJNneKTsDJ7lTzgIJCKgt7iJl9AP5AHv9JLPUM78w==

Redirect headers

date: Thu, 22 Feb 2024 23:03:41 GMT
last-modified: Wed, 21 Feb 2024 15:59:38 GMT
server: nginx/1.14.0 (Ubuntu)
x-d2w-target-length: 1285
etag: 0Bx02KR5XeAV1L0VDK25jdHlUcXpQVk1xUzVERVlodXViZDJJPQ
vary: Origin, Sec-Fetch-Mode, X-Requested-Wtih
x-cache: BYPASS
content-type: text/html
access-control-allow-origin: https://ynpaqzdnmzfzraydzafalq.on.drv.tw
location: https://cdn2-of.drv.tw/_guf/ynpaqzdnmzfzraydzafalq/1y0rAhbpiqilqHRA9qp-7iqZadVL4vlsY?ra=3710A6utU93aRHSOh0W1Q_Si7BiM2XGHQFSARAS8fAKYgCag96esAe12Y9yDvqV0iKvc8Jr9QNglLeYOWQCl34ubGZKPM8UvDcKZRgJI4Mp3vTy7N5dd8wNLYFvLi7FBPRA5WAbX3ENWrSezQ7edtU8FbhQ6dA_jeJAUJcZGsZI0VS61geZ9fAMnSo000b8rEXaMEchqyoXuR5Cyb_BfA0a.92ay
cache-control: public, s-maxage=1512, max-age=1512
access-control-allow-credentials: false

GET
H2

200

1R99BOCQHY1Asoikl_ymHAA8S0FQ_peiS Show response
cdn-of.drv.tw/_guf/ynpaqzdnmzfzraydzafalq/
Redirect Chain

https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/compiled.multi.2-1639.js.sta%C5%BEen%C3%BD%20soubor
https://cdn-of.drv.tw/_guf/ynpaqzdnmzfzraydzafalq/1R99BOCQHY1Asoikl_ymHAA8S0FQ_peiS?ra=3710A6utU93aRHSOh0W1Q_Si7BiM2XGHQFSARAS8fAKYgCag96esAe12Y9yDvqV0iKvc8Jr9QNglLeYOWQCl34ubGZKPM8UvDcKZRgJI4Mp3vT...

183 KB
64 KB

744ms
115ms

Script
application/octet-stream

2600:9000:24f1:de00:5:6c74:c540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-of.drv.tw/_guf/ynpaqzdnmzfzraydzafalq/1R99BOCQHY1Asoikl_ymHAA8S0FQ_peiS?ra=3710A6utU93aRHSOh0W1Q_Si7BiM2XGHQFSARAS8fAKYgCag96esAe12Y9yDvqV0iKvc8Jr9QNglLeYOWQCl34ubGZKPM8UvDcKZRgJI4Mp3vTy7N5dd8wNLYFvLi7FBPRA5WAbX3ENWrSezQ7edtU8FbhQ6dA_jeJAUJcZGsZI0VS61geZ9fAMnSo000b8rEXaMEchqyoXuR5Cyb_BfA0a.92ay

Requested by

Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/

Protocol

Server

2600:9000:24f1:de00:5:6c74:c540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ESF /

Resource Hash

2147219b07d3f452e659b6ff0ec9bdb17d4a4f7310cbf1b466f7f62d36c54e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 16:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0afec277ba3e75e96fa6b4c76d8e130c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
age: 111549
x-guploader-uploadid: ABPtcPozMReJ08pFSK7SAX95Q2q6z2lUMD3njNUCWLOQkzsiseJU-J5rPUwlS2P1Z1v8xLqUiP4
x-cache: Hit from cloudfront
x-guploader-response-body-transformations: gzipped
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,HEAD
content-type: application/octet-stream
access-control-allow-origin: https://ynpaqzdnmzfzraydzafalq.on.drv.tw
warning: 214 UploadServer gzipped
access-control-expose-headers: *
cache-control: public, s-maxage=15552000, max-age=15552000
access-control-allow-credentials: false
access-control-max-age: 15552000
access-control-allow-headers: *
vary: Origin
x-amz-cf-id: AgXvidKf7SbLoQAnwdtYFHyqTqQ-jXaPbTKUGND_c4HpAcepFCSnwg==

Redirect headers

date: Thu, 22 Feb 2024 23:03:41 GMT
last-modified: Wed, 21 Feb 2024 15:59:38 GMT
server: nginx/1.14.0 (Ubuntu)
x-d2w-target-length: 187019
etag: 0Bx02KR5XeAV1MnozeG9SYXdiVUNRNUhISFFrRlUwbkZKazBNPQ
vary: Origin, Sec-Fetch-Mode, X-Requested-Wtih
x-cache: BYPASS
content-type: text/html
access-control-allow-origin: https://ynpaqzdnmzfzraydzafalq.on.drv.tw
location: https://cdn-of.drv.tw/_guf/ynpaqzdnmzfzraydzafalq/1R99BOCQHY1Asoikl_ymHAA8S0FQ_peiS?ra=3710A6utU93aRHSOh0W1Q_Si7BiM2XGHQFSARAS8fAKYgCag96esAe12Y9yDvqV0iKvc8Jr9QNglLeYOWQCl34ubGZKPM8UvDcKZRgJI4Mp3vTy7N5dd8wNLYFvLi7FBPRA5WAbX3ENWrSezQ7edtU8FbhQ6dA_jeJAUJcZGsZI0VS61geZ9fAMnSo000b8rEXaMEchqyoXuR5Cyb_BfA0a.92ay
cache-control: public, s-maxage=1512, max-age=1512
access-control-allow-credentials: false

GET
H2 200 wd.js Show response
www.drv.tw/inc/ 690 B
851 B 322ms
79ms Script
text/javascript 20.75.109.112
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.drv.tw/inc/wd.js?s=ynpaqzdnmzfzraydzafalq

Requested by

Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.75.109.112 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4f33b00ff60ba75c03cfd1a1a5d0be37fb7bba6718ef54bf9898a53e1c72f87f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:03:41 GMT
content-encoding: br
referrer-policy: same-origin
strict-transport-security: max-age=10886400; includeSubDomains; preload
last-modified: Tue, 20 Feb 2024 14:16:48 GMT
x-content-type-options: nosniff
etag: "76615853"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

GET
H2 200 04pi85.css
ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/ 8 KB
3 KB 1622ms
1614ms Stylesheet
text/css 47.88.48.79
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/jakobytohonebylomoc@neserte.me_files/04pi85.css
Requested by: Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.88.48.79 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0856b50a13d951fe90e90189529c2ecf3d6153d769c170a1327871ab6c537d8e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:03:44 GMT
content-encoding: gzip
last-modified: Wed, 21 Feb 2024 15:59:37 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Origin, Sec-Fetch-Mode, X-Requested-Wtih, Accept-Encoding
x-cache: BYPASS
content-type: text/css
cache-control: public, s-maxage=43200, max-age=43200

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 174 KB
63 KB 169ms
57ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-542MMSL&l=_gtmDataLayer

Requested by

Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b29dc83c9c1a933c913d9acf7de5e4fcdc6063c433ab3afa634b63e4deb90bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:03:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64019
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 22:43:11 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Feb 2024 23:03:42 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v27/ 46 KB
46 KB 165ms
49ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v27/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: d1di2lzuh97fh2.cloudfront.net
URL: https://d1di2lzuh97fh2.cloudfront.net/files/0d/0ds/0dscwu.css?ph=37e1b8ec2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1di2lzuh97fh2.cloudfront.net/
Origin: https://ynpaqzdnmzfzraydzafalq.on.drv.tw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:53:35 GMT
x-content-type-options: nosniff
age: 54607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47312
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 07:53:35 GMT

GET
H2 200 7cHmv4okm5zmbtYoK-4.woff2
fonts.gstatic.com/s/exo2/v20/ 39 KB
39 KB 177ms
67ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v20/7cHmv4okm5zmbtYoK-4.woff2

Requested by

Host: d1di2lzuh97fh2.cloudfront.net
URL: https://d1di2lzuh97fh2.cloudfront.net/files/0d/0ds/0dscwu.css?ph=37e1b8ec2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2f675f4572825d07c6bd49d03a2e7db7b58165f8175c0e162a1a1221dede462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1di2lzuh97fh2.cloudfront.net/
Origin: https://ynpaqzdnmzfzraydzafalq.on.drv.tw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 06:27:26 GMT
x-content-type-options: nosniff
age: 59776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39772
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:19:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 06:27:26 GMT

GET
H2 200 3p9ym6.svg Show response
d1di2lzuh97fh2.cloudfront.net/files/3p/3p9/ Frame 74E7 5 KB
1 KB 32ms
32ms Document
image/svg+xml 108.139.38.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1di2lzuh97fh2.cloudfront.net/files/3p/3p9/3p9ym6.svg?ph=37e1b8ec2f&border=7b7b7b&outline=bfbfbf&color=9e9e9e
Requested by: Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-192.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a38d1b1820642310552cab57350c2937565cb5c2d0e0271bbc5ee94d86a79944

Request headers

Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 11473
cache-control: public, max-age=31536000, immutable
content-encoding: br
content-type: image/svg+xml
date: Thu, 22 Feb 2024 19:52:30 GMT
etag: W/"d57bc7ecf756743b0980413493b053e3"
last-modified: Mon, 27 Sep 2021 08:05:51 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
x-amz-cf-id: PajMT2_3GQrStvAu0QyIYcbV1NAe-t9MBIfprxk3YK7WRDrK4inveg==
x-amz-cf-pop: JFK50-P2
x-cache: Hit from cloudfront

GET
H2 200 1mhb7k.png
d1di2lzuh97fh2.cloudfront.net/files/1m/1mh/ 12 KB
12 KB 556ms
555ms Image
image/png 108.139.38.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1di2lzuh97fh2.cloudfront.net/files/1m/1mh/1mhb7k.png?ph=37e1b8ec2f
Requested by: Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-192.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 982d48c247caadbecbbbf4c1611243249f8127f97c3bfebd7e6044387d967967

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:03:44 GMT
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
last-modified: Mon, 27 Sep 2021 07:54:26 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
etag: "5dacd004927da04b74e271b176c3dee0"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 12047
x-amz-cf-id: T4VJ2cY3OpOh-8wYMU9_TShR-S_FTF66pYAaAGhi2NmMzcX3JIXo4w==

GET
H2 200 1Ptug8zYS_SKggPNyCMIT5lu.woff2
fonts.gstatic.com/s/raleway/v27/ 30 KB
30 KB 116ms
36ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v27/1Ptug8zYS_SKggPNyCMIT5lu.woff2

Requested by

Host: d1di2lzuh97fh2.cloudfront.net
URL: https://d1di2lzuh97fh2.cloudfront.net/files/0d/0ds/0dscwu.css?ph=37e1b8ec2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a3cd7ed9675ce72c00f36cfca4673fa578a3747a6165e4e99617d7ea81bb8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1di2lzuh97fh2.cloudfront.net/
Origin: https://ynpaqzdnmzfzraydzafalq.on.drv.tw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 19:58:29 GMT
x-content-type-options: nosniff
age: 11113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30340
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 19:58:29 GMT

GET
H2 200 2n6epi.woff2
d1di2lzuh97fh2.cloudfront.net/files/2n/2n6/ 14 KB
15 KB 137ms
49ms Font
application/font-woff2 108.139.38.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1di2lzuh97fh2.cloudfront.net/files/2n/2n6/2n6epi.woff2
Requested by: Host: d1di2lzuh97fh2.cloudfront.net
URL: https://d1di2lzuh97fh2.cloudfront.net/files/0d/0ds/0dscwu.css?ph=37e1b8ec2f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-192.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1f5c08bdeafbe236a7a61a692d02b4a24e71f8b845209430d8a65c50f791f4f

Request headers

Referer: https://d1di2lzuh97fh2.cloudfront.net/files/0d/0ds/0dscwu.css?ph=37e1b8ec2f
Origin: https://ynpaqzdnmzfzraydzafalq.on.drv.tw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 19:52:39 GMT
via: 1.1 f458ab1245bb4f257969c1da8e708f88.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 11464
x-cache: Hit from cloudfront
content-length: 14432
last-modified: Mon, 27 Sep 2021 08:00:03 GMT
server: AmazonS3
etag: "9874ef6135a3145ce2b64f313e817a6a"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: s5p7VQgUPS8sH_IObCHQKdtYvGsjyi6GuHBYy91uQzyLiKF-slS1FA==

GET
H2 200 7cHmv4okm5zmbtYmK-4E4Q.woff2
fonts.gstatic.com/s/exo2/v20/ 29 KB
29 KB 132ms
69ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v20/7cHmv4okm5zmbtYmK-4E4Q.woff2

Requested by

Host: d1di2lzuh97fh2.cloudfront.net
URL: https://d1di2lzuh97fh2.cloudfront.net/files/0d/0ds/0dscwu.css?ph=37e1b8ec2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fcb84b7c4fdf6d0d04c0a6d6fd153edea271b882d30b4797d17f837e7682ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1di2lzuh97fh2.cloudfront.net/
Origin: https://ynpaqzdnmzfzraydzafalq.on.drv.tw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:55:54 GMT
x-content-type-options: nosniff
age: 54468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29536
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:14:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 07:55:54 GMT

GET
H2 200 3vk6ie.jpg
d1di2lzuh97fh2.cloudfront.net/files/3v/3vk/ 185 KB
186 KB 373ms
371ms Image
image/jpeg 108.139.38.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1di2lzuh97fh2.cloudfront.net/files/3v/3vk/3vk6ie.jpg?ph=37e1b8ec2f
Requested by: Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-192.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 677aee4a97d1169091e1a64eda0c787c9545b9fe9ce73c83877420ef61ec54d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:03:43 GMT
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
last-modified: Mon, 27 Sep 2021 08:06:50 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
etag: "df8c8f6d1522a65570c05bd2e2dae14b"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 189387
x-amz-cf-id: urwP_ZkDxyx5ppvCmvRPHNrStyyak-u4jO3EN8yr0eorknZ0mAV9qQ==

GET
H2 200 images-pexels-com-photos-2800832-pexels-photo-2800832-auto-compress-cs-tinysrgb-dpr-2-h-650-w-940.webp
37e1b8ec2f.cbaul-cdnwnd.com/e3f96b0d32f05adf0f2852a5a76091f4/200000008-d702ed7031/ 577 KB
578 KB 390ms
389ms Image
image/webp 2600:9000:261f:e00:8:3164:8500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://37e1b8ec2f.cbaul-cdnwnd.com/e3f96b0d32f05adf0f2852a5a76091f4/200000008-d702ed7031/images-pexels-com-photos-2800832-pexels-photo-2800832-auto-compress-cs-tinysrgb-dpr-2-h-650-w-940.webp?ph=37e1b8ec2f
Requested by: Host: ynpaqzdnmzfzraydzafalq.on.drv.tw
URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:261f:e00:8:3164:8500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9118d213eb26ba8c8244529a24f4a2f516f87812024651f837ee320e29fbde8b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:03:43 GMT
x-amz-version-id: J7uDRxCHyVNxzrQhGGoymgdChKpctSGe
via: 1.1 38d213e81ab517fd857234c4eccd4632.cloudfront.net (CloudFront)
last-modified: Wed, 21 Feb 2024 10:32:35 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
etag: "fa24dcf404b237ed42bb89a8487016bb"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
content-length: 590748
x-amz-cf-id: jbL0g1lYhAMD8cnneXWdlay5pndgCYLdn_FuVAyKy6rZ4rUrAAzTsw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 137 KB
52 KB 52ms
52ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-85417367-1

Requested by

Host: www.drv.tw
URL: https://www.drv.tw/inc/wd.js?s=ynpaqzdnmzfzraydzafalq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c23836472b698c3abd04c66be5908b1726547f8272ef653ddb21d3f81f72bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:03:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 53568
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Feb 2024 23:03:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
93 KB 38ms
37ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-92DTJYQXGQ&l=_gtmDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-542MMSL&l=_gtmDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60f13d04c7aeb585be80e125b7c73cb7f4facc298968fb58692f985c4874accb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:03:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Feb 2024 23:03:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
81 KB 74ms
74ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NBGQJBJMEG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85417367-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b07efbb89c58a59c4afe4ef2dd17c9d087723bdc4b20f62c71738abae1461448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:03:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Feb 2024 23:03:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 291 KB
95 KB 76ms
75ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LHL0SH0Z7S&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85417367-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fcba44007cc34e226e8eb6635a693a29a4ed5c123a6874cd7e7e96f255dde1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:03:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97311
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Feb 2024 23:03:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 152ms
31ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85417367-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 21:51:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4321
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 22 Feb 2024 23:51:42 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
185 B 53ms
52ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-92DTJYQXGQ&gtm=45je42l0v9135990192z89127275577za200&_p=1708643022582&gcd=13l3l3l3l1&npa=0&dma=0&cid=1933060445.1708643023&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708643023&sct=1&seg=0&dl=https%3A%2F%2Fynpaqzdnmzfzraydzafalq.on.drv.tw%2Fwww.parametr.vhodny%2F&dt=jakobytohonebylomoc%40neserte.me&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=11303
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-92DTJYQXGQ&l=_gtmDataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 23:03:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ynpaqzdnmzfzraydzafalq.on.drv.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 66ms
66ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NBGQJBJMEG&gtm=45je42l0za200&_p=1708643022744&gcd=13l3l3l3l1&npa=0&dma=0&cid=1933060445.1708643023&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1708643023&sct=1&seg=0&dl=https%3A%2F%2Fynpaqzdnmzfzraydzafalq.on.drv.tw%2Fwww.parametr.vhodny%2F&dt=jakobytohonebylomoc%40neserte.me&en=page_view&_fv=1&_ss=1&tfd=11422
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NBGQJBJMEG&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 23:03:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ynpaqzdnmzfzraydzafalq.on.drv.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
268 B 133ms
37ms Ping
text/plain 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-LHL0SH0Z7S&gtm=45je42l0v898224655za200&_p=1708643022744&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1933060445.1708643023&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1708643023&sct=1&seg=0&dl=https%3A%2F%2Fynpaqzdnmzfzraydzafalq.on.drv.tw%2Fwww.parametr.vhodny%2F&dt=jakobytohonebylomoc%40neserte.me&en=page_view&_fv=1&_ss=1&tfd=11479
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LHL0SH0Z7S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 23:03:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ynpaqzdnmzfzraydzafalq.on.drv.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 149ms
49ms Ping
text/plain 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LHL0SH0Z7S&cid=1933060445.1708643023&gtm=45je42l0v898224655za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LHL0SH0Z7S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 23:03:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ynpaqzdnmzfzraydzafalq.on.drv.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 38ms
38ms XHR
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1974245426&t=pageview&_s=1&dl=https%3A%2F%2Fynpaqzdnmzfzraydzafalq.on.drv.tw%2Fwww.parametr.vhodny%2F&ul=en-us&de=UTF-8&dt=jakobytohonebylomoc%40neserte.me&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=944312586&gjid=1900748408&cid=1933060445.1708643023&tid=UA-85417367-1&_gid=1280616551.1708643023&_r=1&gtm=457e42l0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1774521458

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 23:03:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ynpaqzdnmzfzraydzafalq.on.drv.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
360 B 65ms
36ms XHR
text/plain 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-85417367-1&cid=1933060445.1708643023&jid=944312586&gjid=1900748408&_gid=1280616551.1708643023&_u=YADAAUAAAAAAACAAI~&z=600223701

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 22 Feb 2024 23:03:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ynpaqzdnmzfzraydzafalq.on.drv.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ynpaqzdnmzfzraydzafalq.on.drv.tw/	1969-12-31 23:59:59	Name: uid Value: rBSZwGXX0syH9y6/dBudAg==
.drv.tw/	1970-01-21 04:13:23	Name: _ga_92DTJYQXGQ Value: GS1.1.1708643023.1.0.1708643023.0.0.0
.drv.tw/	1970-01-21 04:13:23	Name: _ga_NBGQJBJMEG Value: GS1.1.1708643023.1.0.1708643023.0.0.0
.drv.tw/	1970-01-21 04:13:23	Name: _ga_LHL0SH0Z7S Value: GS1.1.1708643023.1.0.1708643023.60.0.0
.drv.tw/	1970-01-21 04:13:23	Name: _ga Value: GA1.2.1933060445.1708643023
.drv.tw/	1970-01-20 18:38:49	Name: _gid Value: GA1.2.1280616551.1708643023
.drv.tw/	1970-01-20 18:37:23	Name: _gat_gtag_UA_85417367_1 Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/ Message: Refused to execute script from 'https://cdn2-of.drv.tw/_guf/ynpaqzdnmzfzraydzafalq/1y0rAhbpiqilqHRA9qp-7iqZadVL4vlsY?ra=3710A6utU93aRHSOh0W1Q_Si7BiM2XGHQFSARAS8fAKYgCag96esAe12Y9yDvqV0iKvc8Jr9QNglLeYOWQCl34ubGZKPM8UvDcKZRgJI4Mp3vTy7N5dd8wNLYFvLi7FBPRA5WAbX3ENWrSezQ7edtU8FbhQ6dA_jeJAUJcZGsZI0VS61geZ9fAMnSo000b8rEXaMEchqyoXuR5Cyb_BfA0a.92ay' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://ynpaqzdnmzfzraydzafalq.on.drv.tw/www.parametr.vhodny/ Message: Refused to execute script from 'https://cdn-of.drv.tw/_guf/ynpaqzdnmzfzraydzafalq/1R99BOCQHY1Asoikl_ymHAA8S0FQ_peiS?ra=3710A6utU93aRHSOh0W1Q_Si7BiM2XGHQFSARAS8fAKYgCag96esAe12Y9yDvqV0iKvc8Jr9QNglLeYOWQCl34ubGZKPM8UvDcKZRgJI4Mp3vTy7N5dd8wNLYFvLi7FBPRA5WAbX3ENWrSezQ7edtU8FbhQ6dA_jeJAUJcZGsZI0VS61geZ9fAMnSo000b8rEXaMEchqyoXuR5Cyb_BfA0a.92ay' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
javascript	error	URL: https://cdn2-of.drv.tw/_guf/ynpaqzdnmzfzraydzafalq/1ErNPgoh-C7vaCcZj4Lmetk_moiBN104F?ra=3710A6utU93aRHSOh0W1Q_Si7BiM2XGHQFSARAS8fAKYgCag96esAe12Y9yDvqV0iKvc8Jr9QNglLeYOWQCl34ubGZKPM8UvDcKZRgJI4Mp3vTy7N5dd8wNLYFvLi7FBPRA5WAbX3ENWrSezQ7edtU8FbhQ6dA_jeJAUJcZGsZI0VS61geZ9fAMnSo000b8rEXaMEchqyoXuR5Cyb_BfA0a.92ay Message: Failed to load module script: Expected a JavaScript module script but the server responded with a MIME type of "application/octet-stream". Strict MIME type checking is enforced for module scripts per HTML spec.
network	error	URL: https://drive.google.com/uc?id=1y_YfjQMQWZ6tzMafG0xkBXm_3DxNUXs7 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

37e1b8ec2f.cbaul-cdnwnd.com
analytics.google.com
cdn-of.drv.tw
cdn2-of.drv.tw
d1di2lzuh97fh2.cloudfront.net
drive.google.com
fonts.gstatic.com
rson.cz
stats.g.doubleclick.net
www.drv.tw
www.google-analytics.com
www.googletagmanager.com
ynpaqzdnmzfzraydzafalq.on.drv.tw
108.139.38.192
20.75.109.112
2600:9000:21dd:a00:19:de1f:9c00:93a1
2600:9000:24f1:de00:5:6c74:c540:93a1
2600:9000:261f:e00:8:3164:8500:93a1
2607:f8b0:4004:c09::9d
2607:f8b0:4006:806::200e
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80f::200e
2607:f8b0:4006:820::2008
2607:f8b0:4006:821::200e
37.9.175.164
47.88.48.79
0856b50a13d951fe90e90189529c2ecf3d6153d769c170a1327871ab6c537d8e
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2147219b07d3f452e659b6ff0ec9bdb17d4a4f7310cbf1b466f7f62d36c54e4f
3c23836472b698c3abd04c66be5908b1726547f8272ef653ddb21d3f81f72bd3
3d0b3706e9e5dfa0d7da3d24934cca803d81febefec829f018077fcab165fbb7
3fcb84b7c4fdf6d0d04c0a6d6fd153edea271b882d30b4797d17f837e7682ebe
4f33b00ff60ba75c03cfd1a1a5d0be37fb7bba6718ef54bf9898a53e1c72f87f
60f13d04c7aeb585be80e125b7c73cb7f4facc298968fb58692f985c4874accb
677aee4a97d1169091e1a64eda0c787c9545b9fe9ce73c83877420ef61ec54d0
6b29dc83c9c1a933c913d9acf7de5e4fcdc6063c433ab3afa634b63e4deb90bc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
79aa509415c4f1d4b99cfef57fb7874eb4c3dacea19b10c31078fc56d278fa32
83a3cd7ed9675ce72c00f36cfca4673fa578a3747a6165e4e99617d7ea81bb8c
9118d213eb26ba8c8244529a24f4a2f516f87812024651f837ee320e29fbde8b
982d48c247caadbecbbbf4c1611243249f8127f97c3bfebd7e6044387d967967
988f91b687b9bb91a9958e3781f4b17d1af4926d6c3151157f05f1a8232831c0
990c1a3c25946eb57d3267e892664b10e8b7c00bd6c792e840e4170d5dbe7301
9ecc3be98fde0839f554dde210af85932e8dc213dc09c2819295cbb3c0421391
a38d1b1820642310552cab57350c2937565cb5c2d0e0271bbc5ee94d86a79944
a43ccfb92bff16810e5650ca885e81641c610bd0fcf80769e0a8a638cb8b7700
b07efbb89c58a59c4afe4ef2dd17c9d087723bdc4b20f62c71738abae1461448
b1f5c08bdeafbe236a7a61a692d02b4a24e71f8b845209430d8a65c50f791f4f
c895392397f9be6fdcf1cda47a137abbc84c75b3f40be6ea4fc3cc5291103bb3
d26df8384a4b23566c9e32a563c81379b8232170a4350c04c106e4e805b031e8
d2f675f4572825d07c6bd49d03a2e7db7b58165f8175c0e162a1a1221dede462
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8047d33b96a7fe6341e058ae584e00f82046c34bfa720577e85cfaad0f6aa25
ed0443066d9d99723d289ba48fdf5fbe0b937590ff97da17f309bc32c54d2b39
ed3d2b5e2ab21f3313fb53c76be615c7a518fe5481f1764d3d16b9742641fcd2
f1b183023b08196f639d6c9a405293f0bbab1ebb574d18c4c84407d6d180f5c3
fcba44007cc34e226e8eb6635a693a29a4ed5c123a6874cd7e7e96f255dde1df

ynpaqzdnmzfzraydzafalq.on.drv.tw Open in urlscan Pro 47.88.48.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

89 %HTTPS

69 %IPv6

9 Domains

13 Subdomains

12 IPs

2 Countries

2236 kBTransfer

4658 kBSize

7 Cookies

6 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ynpaqzdnmzfzraydzafalq.on.drv.tw Open in urlscan Pro
47.88.48.79 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

89 %
HTTPS

69 %
IPv6

9
Domains

13
Subdomains

12
IPs

2
Countries

2236 kB
Transfer

4658 kB
Size

7
Cookies

37 HTTP transactions
0 data transactions