urlscan.io logo urlscan.io
SecurityTrails logo

www.cora-live.tk Open in urlscan Pro
2a00:1450:4001:813::2013  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.cora-live.tk/
Effective URL: https://www.cora-live.tk/
Submission Tags: falconsandbox
Submission: On June 01 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 87 IPs in 9 countries across 82 domains to perform 1202 HTTP transactions. The main IP is 2a00:1450:4001:813::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.cora-live.tk.
TLS certificate: Issued by GTS CA 1D4 on May 24th 2021. Valid for: 3 months.
This is the only time www.cora-live.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
16 2a00:1450:400... 15169 (GOOGLE)
9 2606:4700:20:... 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
11 62.249.138.135 20485 (TRANSTELE...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
46 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
73 2a00:1450:400... 15169 (GOOGLE)
2 13 2606:4700:303... 13335 (CLOUDFLAR...)
15 176.9.125.108 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
4 52.222.149.119 16509 (AMAZON-02)
6 213.186.33.19 16276 (OVH)
4 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
51 176.99.9.105 49352 (LOGOL-AS)
70 2001:41d0:301... 16276 (OVH)
3 9 2606:4700:303... 13335 (CLOUDFLAR...)
4 6 193.29.104.118 9009 (M247)
3 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
39 143.204.98.70 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a05:3a80:0:1... 201499 (FULLSPACE-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 12 2a02:6b8::1:119 13238 (YANDEX)
1 37.139.1.242 14061 (DIGITALOC...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 192.0.78.27 2635 (AUTOMATTIC)
17 85.114.134.182 24961 (MYLOC-AS ...)
17 2600:9000:218... 16509 (AMAZON-02)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
63 38.122.162.115 174 (COGENT-174)
4 7 93.170.93.24 2591 (IMPLETEC-AS)
9 2a02:2638::3 44788 (ASN-CRITE...)
87 146.185.142.91 14061 (DIGITALOC...)
13 13 52.29.176.117 16509 (AMAZON-02)
2 2 188.165.137.78 16276 (OVH)
1 46.105.201.240 16276 (OVH)
1 195.201.242.31 24940 (HETZNER-AS)
6 2606:4700:303... 13335 (CLOUDFLAR...)
3 109.206.162.83 50245 (SERVEREL-AS)
3 2a04:4e42:200... 54113 (FASTLY)
120 89.161.255.72 12824 (HOMEPL-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.22.53.65 13335 (CLOUDFLAR...)
29 192.0.77.37 2635 (AUTOMATTIC)
1 217.182.63.16 16276 (OVH)
30 74 192.0.77.2 2635 (AUTOMATTIC)
12 24 142.250.186.38 15169 (GOOGLE)
31 2a00:1450:400... 15169 (GOOGLE)
6 192.0.76.3 2635 (AUTOMATTIC)
41 104.16.200.58 13335 (CLOUDFLAR...)
7 8.253.95.110 3356 (LEVEL3)
50 52.222.149.110 16509 (AMAZON-02)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a03:2880:f11... 32934 (FACEBOOK)
3 142.250.74.194 15169 (GOOGLE)
4 46.4.104.25 24940 (HETZNER-AS)
30 2a03:2880:f21... 32934 (FACEBOOK)
34 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 67.202.94.93 32748 (STEADFAST)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 158.69.251.190 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
10 8.241.82.249 3356 (LEVEL3)
4 5 104.111.239.217 16625 (AKAMAI-AS)
1 2600:9000:218... 16509 (AMAZON-02)
1 195.216.249.67 47268 (ZANOX)
2 2 146.0.227.107 20773 (GODADDY)
2 2 3.127.51.194 16509 (AMAZON-02)
1 88.198.68.43 24940 (HETZNER-AS)
1202 87
12    2a00:1450:4001:813::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.cora-live.tk
14    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
16    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
2.bp.blogspot.com
9    2606:4700:20::681a:c9 (United States)

ASN13335 (CLOUDFLARENET, US)
linkslot.ru
11    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh6.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
2    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
11    62.249.138.135 (Russian Federation)

ASN20485 (TRANSTELECOM Moscow, Russia, RU)
PTR: host.135.dynamic1.l2tp.subnets.svg.ttkdv.ru
webtrafic.ru
trafiframe.ru
2    2606:4700:3034::6815:5c26 (United States)

ASN13335 (CLOUDFLARENET, US)
serfnets.ru
46    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
www.youtube.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
73    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
13    2606:4700:3033::6815:180d (United States)

ASN13335 (CLOUDFLARENET, US)
www.adzbux.com
15    176.9.125.108 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.108.125.9.176.clients.your-server.de
ad.a-ads.com
acceptable.a-ads.com
1    2a00:1450:4001:813::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
4    52.222.149.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-119.cdg52.r.cloudfront.net
arc.io
6    213.186.33.19 (France)

ASN16276 (OVH, FR)
PTR: cluster010.hosting.ovh.net
exp3.eurosptp.com
www.interclics.com
4    2606:4700:3031::6815:26dc (United States)

ASN13335 (CLOUDFLARENET, US)
www.globalrotator.com
4    2606:4700:3034::ac43:8196 (United States)

ASN13335 (CLOUDFLARENET, US)
www.adzbux.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
51    176.99.9.105 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: sharkpromotion.net
sharkpromotion.net
70    2001:41d0:301:3::30 (France)

ASN16276 (OVH, FR)
worldofclix.com
9    2606:4700:3030::ac43:b3db (United States)

ASN13335 (CLOUDFLARENET, US)
surfujkase.pl
www.surfujkase.pl
6    193.29.104.118 (Paris, France)

ASN9009 (M247, GB)
moneyonlineinvestment.com
3    2606:4700:3032::ac43:c050 (United States)

ASN13335 (CLOUDFLARENET, US)
www.epicrotator.com
3    2606:4700:3037::6815:2905 (United States)

ASN13335 (CLOUDFLARENET, US)
www.randomadz.com
39    143.204.98.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-70.fra50.r.cloudfront.net
static.arc.io
core.arc.io
4    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2606:4700:3030::6815:2631 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-slot.ru
1    2606:4700:3036::6815:3d6d (United States)

ASN13335 (CLOUDFLARENET, US)
static.surfe.pro
3    2a05:3a80:0:1::9e (Russian Federation)

ASN201499 (FULLSPACE-AS, RU)
bannerswall.ru
1    2606:4700:10::ac43:26f8 (United States)

ASN13335 (CLOUDFLARENET, US)
www.free-kassa.ru
12    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
informer.yandex.ru
mc.yandex.ru
mc.yandex.com
1    37.139.1.242 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
push.multibux.org
1    2606:4700:3032::6815:3da9 (United States)

ASN13335 (CLOUDFLARENET, US)
www.skidrowcrack.com
3    192.0.78.27 (United States)

ASN2635 (AUTOMATTIC, US)
href.li
17    85.114.134.182 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: h104.hubuhost.com
g.cash-ads.com
17    2600:9000:218f:1400:1c:4bbb:9180:93a1 (United States)

ASN16509 (AMAZON-02, US)
adserver.reklamstore.com
1    2606:4700:10::6816:1e8 (United States)

ASN13335 (CLOUDFLARENET, US)
cutt.ly
1    2606:4700:3035::ac43:d7f5 (United States)

ASN13335 (CLOUDFLARENET, US)
nullrefer.com
63    38.122.162.115 (Memphis, United States)

ASN174 (COGENT-174, US)
audience.rtb.adp3.net
7    93.170.93.24 (Czech Republic)

ASN2591 (IMPLETEC-AS, BG)
payeer.com
9    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
87    146.185.142.91 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
ads.rekmob.com
13    52.29.176.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    188.165.137.78 (France)

ASN16276 (OVH, FR)
PTR: ip78.ip-188-165-137.eu
green.erne.co
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    195.201.242.31 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.31.242.201.195.clients.your-server.de
surfe.pro
6    2606:4700:3034::6815:4436 (United States)

ASN13335 (CLOUDFLARENET, US)
popmyads.com
3    109.206.162.83 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 83.162.serverel.net
myolnyr5bsk18.com
oranegfodnd.com
3    2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
120    89.161.255.72 (Poland)

ASN12824 (HOMEPL-AS, PL)
PTR: cloudserver2082618.home.pl
agronews.com.pl
1    2606:4700:3035::6815:1b79 (United States)

ASN13335 (CLOUDFLARENET, US)
api.allorigins.win
1    2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
6    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    104.22.53.65 (United States)

ASN13335 (CLOUDFLARENET, US)
secure.statcounter.com
c.statcounter.com
29    192.0.77.37 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
1    217.182.63.16 (France)

ASN16276 (OVH, FR)
PTR: serveur-public.com
serveur-gmod.com
74    192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i2.wp.com
i0.wp.com
i1.wp.com
24    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
ad.doubleclick.net
31    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
img.youtube.com
www.youtube.com
6    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
41    104.16.200.58 (United States)

ASN13335 (CLOUDFLARENET, US)
pixel.yabidos.com
7    8.253.95.110 (United States)

ASN3356 (LEVEL3, US)
cdn.runative-syndicate.com
cdn.run-syndicate.com
50    52.222.149.110 (United States)

ASN16509 (AMAZON-02, US)
adimg.rekmob.com
12    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
3    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
www.googleadservices.com
4    46.4.104.25 (Rostock, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.25.104.4.46.clients.your-server.de
run-syndicate.com
pixel-avg.runative-syndicate.com
30    2a03:2880:f216:c4:face:b00c:0:43fe (Warsaw, Poland)

ASN32934 (FACEBOOK, US)
scontent-waw1-1.cdninstagram.com
34    2606:4700::6810:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)
pre.glotgrx.com
1    2606:4700:3035::6815:5080 (United States)

ASN13335 (CLOUDFLARENET, US)
maquiags.com
6    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2606:4700:3032::6815:57ae (United States)

ASN13335 (CLOUDFLARENET, US)
ad4mat.net
1    67.202.94.93 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
1    2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)
widgets.amung.us
3    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
3    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
3    2a00:1450:4001:801::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    158.69.251.190 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns546644.ip-158-69-251.net
s4.histats.com
3    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
10    8.241.82.249 (United States)

ASN3356 (LEVEL3, US)
lcdn.runative-syndicate.com
5    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
www.zenaps.com
1    2600:9000:218f:e800:11:19ae:9580:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2a54pfih9ionq.cloudfront.net
1    195.216.249.67 (France)

ASN47268 (ZANOX, FR)
ad.zanox.com
2    146.0.227.107 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
2    3.127.51.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.creative-serving.com
1    88.198.68.43 (Germany)

ASN24940 (HETZNER-AS, DE)
pixel.runative-syndicate.com
Apex Domain
Subdomains		 Transfer
137 rekmob.com
ads.rekmob.com
adimg.rekmob.com
427 KB
120 agronews.com.pl
agronews.com.pl
3 MB
109 wp.com
c0.wp.com
i2.wp.com
i0.wp.com
i1.wp.com
stats.wp.com
pixel.wp.com
1 MB
77 gstatic.com
fonts.gstatic.com
www.gstatic.com
1 MB
70 worldofclix.com
worldofclix.com Failed
827 KB
63 youtube.com
img.youtube.com
www.youtube.com
6 MB
63 adp3.net
audience.rtb.adp3.net
2 KB
51 sharkpromotion.net
sharkpromotion.net Failed
1 MB
43 arc.io
arc.io
static.arc.io
core.arc.io
672 KB
41 yabidos.com
pixel.yabidos.com
429 KB
34 glotgrx.com
pre.glotgrx.com
4 KB
33 doubleclick.net
ad.doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
7 KB
30 cdninstagram.com
scontent-waw1-1.cdninstagram.com
5 MB
18 runative-syndicate.com
cdn.runative-syndicate.com
lcdn.runative-syndicate.com
pixel-avg.runative-syndicate.com
pixel.runative-syndicate.com
77 KB
17 reklamstore.com
adserver.reklamstore.com
498 KB
17 cash-ads.com
g.cash-ads.com
99 KB
16 blogspot.com
1.bp.blogspot.com
2.bp.blogspot.com
336 KB
15 a-ads.com
ad.a-ads.com
static.a-ads.com Failed
acceptable.a-ads.com
16 KB
14 google-analytics.com
www.google-analytics.com
230 KB
14 googletagmanager.com
www.googletagmanager.com
378 KB
13 bidswitch.net
x.bidswitch.net
5 KB
13 adzbux.com
www.adzbux.com
297 KB
13 googleusercontent.com
lh6.googleusercontent.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
315 KB
13 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
104 KB
12 ad4m.at
ad4m.at
as.ad4m.at
assets.ad4m.at
190 KB
12 cora-live.tk
www.cora-live.tk
100 KB
10 google.com
www.google.com
43 KB
9 criteo.net
static.criteo.net
344 KB
9 surfujkase.pl
www.surfujkase.pl Failed
surfujkase.pl
8 KB
9 linkslot.ru
linkslot.ru
109 KB
8 yandex.com
mc.yandex.com
2 KB
7 cloudflare.com
ajax.cloudflare.com
cdnjs.cloudflare.com
12 KB
7 payeer.com
payeer.com
1 KB
7 trafiframe.ru
trafiframe.ru Failed
16 KB
6 popmyads.com
popmyads.com
70 KB
6 moneyonlineinvestment.com
moneyonlineinvestment.com
3 KB
5 eurosptp.com
exp3.eurosptp.com
11 KB
4 run-syndicate.com
run-syndicate.com
cdn.run-syndicate.com Failed
18 KB
4 yandex.ru
informer.yandex.ru
mc.yandex.ru
141 KB
4 adzbux.net
www.adzbux.net
4 KB
4 globalrotator.com
www.globalrotator.com
4 webtrafic.ru
webtrafic.ru
240 KB
3 awin1.com
www.awin1.com
2 KB
3 ytimg.com
i.ytimg.com
301 KB
3 ggpht.com
yt3.ggpht.com
14 KB
3 google.de
www.google.de
724 B
3 googleadservices.com
www.googleadservices.com
42 KB
3 facebook.com
www.facebook.com
3 sentry-cdn.com
browser.sentry-cdn.com
61 KB
3 href.li
href.li
1 KB
3 bannerswall.ru
bannerswall.ru
97 KB
3 randomadz.com
www.randomadz.com Failed
3 epicrotator.com
www.epicrotator.com Failed
2 creative-serving.com
ads.creative-serving.com
1 KB
2 admixer.net
inv-nets.admixer.net
1 KB
2 zenaps.com
www.zenaps.com
1 KB
2 amung.us
whos.amung.us Failed
widgets.amung.us
814 B
2 statcounter.com
secure.statcounter.com
c.statcounter.com
13 KB
2 oranegfodnd.com
oranegfodnd.com
6 KB
2 histats.com
s10.histats.com
s4.histats.com
5 KB
2 erne.co
green.erne.co
605 B
2 surfe.pro
static.surfe.pro
surfe.pro
3 KB
2 ad-slot.ru
ad-slot.ru
3 KB
2 facebook.net
connect.facebook.net
66 KB
2 serfnets.ru
serfnets.ru
4 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com
83 KB
1 zanox.com
ad.zanox.com
2 KB
1 cloudfront.net
d2a54pfih9ionq.cloudfront.net
701 B
1 criteo.com
gum.criteo.com
1 KB
1 ad4mat.net
ad4mat.net
1 maquiags.com
maquiags.com
667 B
1 serveur-gmod.com
serveur-gmod.com
676 B
1 allorigins.win
api.allorigins.win
1 KB
1 myolnyr5bsk18.com
myolnyr5bsk18.com
41 KB
1 interclics.com
www.interclics.com
866 B
1 nullrefer.com
nullrefer.com
1 KB
1 cutt.ly
cutt.ly
528 B
1 skidrowcrack.com
www.skidrowcrack.com
39 KB
1 multibux.org
push.multibux.org
485 B
1 free-kassa.ru
www.free-kassa.ru
3 KB
1 blogger.com
www.blogger.com
53 KB
0 oceanofgames.com Failed
oceanofgames.com Failed
1202 82
Domain Requested by
120 agronews.com.pl href.li
agronews.com.pl
c0.wp.com
87 ads.rekmob.com adserver.reklamstore.com
exp3.eurosptp.com
74 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
70 worldofclix.com www.adzbux.net
www.adzbux.com
worldofclix.com
63 audience.rtb.adp3.net www.cora-live.tk
exp3.eurosptp.com
51 sharkpromotion.net webtrafic.ru
ajax.googleapis.com
sharkpromotion.net
50 adimg.rekmob.com exp3.eurosptp.com
adserver.reklamstore.com
41 pixel.yabidos.com adserver.reklamstore.com
pixel.yabidos.com
36 static.arc.io arc.io
core.arc.io
static.arc.io
34 pre.glotgrx.com exp3.eurosptp.com
www.adzbux.com
33 www.youtube.com c0.wp.com
www.youtube.com
www.adzbux.com
www.adzbux.net
30 scontent-waw1-1.cdninstagram.com agronews.com.pl
30 img.youtube.com agronews.com.pl
29 c0.wp.com agronews.com.pl
27 i1.wp.com 18 redirects agronews.com.pl
www.adzbux.net
c0.wp.com
27 i0.wp.com 6 redirects agronews.com.pl
www.surfujkase.pl
c0.wp.com
www.adzbux.com
24 ad.doubleclick.net 12 redirects agronews.com.pl
20 i2.wp.com 6 redirects agronews.com.pl
17 adserver.reklamstore.com exp3.eurosptp.com
www.cora-live.tk
17 g.cash-ads.com exp3.eurosptp.com
g.cash-ads.com
15 1.bp.blogspot.com www.cora-live.tk
14 www.google-analytics.com www.cora-live.tk
www.google-analytics.com
www.adzbux.com
www.adzbux.net
www.surfujkase.pl
www.googletagmanager.com
14 www.googletagmanager.com www.cora-live.tk
adserver.reklamstore.com
agronews.com.pl
www.googletagmanager.com
13 x.bidswitch.net 13 redirects
13 www.adzbux.com 2 redirects www.cora-live.tk
www.adzbux.com
www.adzbux.net
ajax.googleapis.com
12 ad.a-ads.com www.cora-live.tk
www.adzbux.com
ajax.googleapis.com
worldofclix.com
12 www.cora-live.tk 1 redirects www.cora-live.tk
ajax.googleapis.com
10 lcdn.runative-syndicate.com exp3.eurosptp.com
run-syndicate.com
10 www.google.com sharkpromotion.net
agronews.com.pl
www.youtube.com
10 fonts.googleapis.com www.cora-live.tk
worldofclix.com
agronews.com.pl
popmyads.com
9 static.criteo.net adserver.reklamstore.com
9 linkslot.ru www.cora-live.tk
sharkpromotion.net
8 mc.yandex.com 1 redirects trafiframe.ru
mc.yandex.ru
7 payeer.com 4 redirects trafiframe.ru
7 trafiframe.ru webtrafic.ru
ajax.googleapis.com
trafiframe.ru
6 assets.ad4m.at as.ad4m.at
6 googleads.g.doubleclick.net www.googleadservices.com
www.youtube.com
6 cdn.runative-syndicate.com adserver.reklamstore.com
6 cdnjs.cloudflare.com static.arc.io
6 popmyads.com exp3.eurosptp.com
popmyads.com
6 moneyonlineinvestment.com 4 redirects www.adzbux.com
6 www.surfujkase.pl www.adzbux.com
www.adzbux.net
www.surfujkase.pl
6 lh5.googleusercontent.com www.cora-live.tk
5 exp3.eurosptp.com www.adzbux.com
www.adzbux.net
exp3.eurosptp.com
4 ad4m.at g.cash-ads.com
ad4m.at
4 www.adzbux.net www.adzbux.com
4 www.globalrotator.com www.adzbux.com
www.adzbux.net
4 arc.io www.adzbux.com
www.adzbux.net
4 webtrafic.ru www.cora-live.tk
webtrafic.ru
4 lh6.googleusercontent.com www.cora-live.tk
3 www.awin1.com 3 redirects
3 www.gstatic.com www.youtube.com
3 i.ytimg.com www.youtube.com
3 yt3.ggpht.com www.youtube.com
3 static.doubleclick.net www.youtube.com
3 pixel.wp.com agronews.com.pl
3 www.google.de agronews.com.pl
3 run-syndicate.com cdn.runative-syndicate.com
3 www.googleadservices.com www.googletagmanager.com
3 www.facebook.com agronews.com.pl
3 stats.wp.com agronews.com.pl
3 browser.sentry-cdn.com arc.io
3 href.li www.surfujkase.pl
3 acceptable.a-ads.com www.surfujkase.pl
3 bannerswall.ru sharkpromotion.net
3 core.arc.io arc.io
3 surfujkase.pl 3 redirects
3 www.randomadz.com www.adzbux.com
www.adzbux.net
3 www.epicrotator.com www.adzbux.com
www.adzbux.net
3 ajax.googleapis.com www.cora-live.tk
trafiframe.ru
2 ads.creative-serving.com 2 redirects
2 inv-nets.admixer.net 2 redirects
2 www.zenaps.com 1 redirects as.ad4m.at
2 as.ad4m.at ad4m.at
as.ad4m.at
2 oranegfodnd.com www.interclics.com
2 green.erne.co 2 redirects
2 mc.yandex.ru trafiframe.ru
sharkpromotion.net
2 informer.yandex.ru sharkpromotion.net
trafiframe.ru
2 ad-slot.ru sharkpromotion.net
www.cora-live.tk
2 connect.facebook.net www.cora-live.tk
connect.facebook.net
2 serfnets.ru www.cora-live.tk
2 lh3.googleusercontent.com www.cora-live.tk
2 stackpath.bootstrapcdn.com www.cora-live.tk
stackpath.bootstrapcdn.com
1 pixel.runative-syndicate.com
1 ad.zanox.com as.ad4m.at
1 d2a54pfih9ionq.cloudfront.net as.ad4m.at
1 pixel-avg.runative-syndicate.com www.cora-live.tk
1 gum.criteo.com static.criteo.net
1 s4.histats.com s10.histats.com
1 widgets.amung.us popmyads.com
1 ad4mat.net ad4m.at
1 maquiags.com 1 redirects
1 whos.amung.us exp3.eurosptp.com
1 cdn.run-syndicate.com cdn.runative-syndicate.com
1 c.statcounter.com secure.statcounter.com
1 serveur-gmod.com exp3.eurosptp.com
1 secure.statcounter.com ajax.cloudflare.com
1 ajax.cloudflare.com nullrefer.com
1 api.allorigins.win exp3.eurosptp.com
1 myolnyr5bsk18.com www.interclics.com
1 surfe.pro www.cora-live.tk
1 s10.histats.com exp3.eurosptp.com
1 www.interclics.com www.cora-live.tk
1 nullrefer.com exp3.eurosptp.com
1 cutt.ly 1 redirects
1 www.skidrowcrack.com www.cora-live.tk
1 push.multibux.org sharkpromotion.net
1 www.free-kassa.ru sharkpromotion.net
1 static.surfe.pro sharkpromotion.net
1 www.blogger.com www.cora-live.tk
1 lh4.googleusercontent.com www.cora-live.tk
1 2.bp.blogspot.com www.cora-live.tk
0 oceanofgames.com Failed www.cora-live.tk
0 static.a-ads.com Failed ad.a-ads.com
1202 114
Subject Issuer Validity Valid
www.cora-live.tk
GTS CA 1D4		 2021-05-24 -
2021-08-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
webtrafic.ru
R3		 2021-03-14 -
2021-06-12		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2020-12-02 -
2022-01-02		 a year crt.sh
*.blogger.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
arc.io
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
eurosptp.com
R3		 2021-05-21 -
2021-08-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
sharkpromotion.net
R3		 2021-05-19 -
2021-08-17		 3 months crt.sh
trafiframe.ru
R3		 2021-05-16 -
2021-08-14		 3 months crt.sh
worldofclix.com
R3		 2021-04-22 -
2021-07-21		 3 months crt.sh
moneyonlineinvestment.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-13 -
2021-08-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.ad-slot.ru
R3		 2021-04-25 -
2021-07-24		 3 months crt.sh
bannerswall.ru
R3		 2021-05-22 -
2021-08-20		 3 months crt.sh
free-kassa.ru
Cloudflare Inc ECC CA-3		 2020-07-03 -
2021-07-03		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
*.multibux.org
GoGetSSL RSA DV CA		 2020-09-05 -
2021-09-05		 a year crt.sh
tls.automattic.com
R3		 2021-04-16 -
2021-07-15		 3 months crt.sh
g.cash-ads.com
R3		 2021-05-17 -
2021-08-15		 3 months crt.sh
adserver2.reklamstore.com
Amazon		 2021-05-20 -
2022-06-18		 a year crt.sh
*.rtb.adp3.net
R3		 2021-04-30 -
2021-07-29		 3 months crt.sh
*.payeer.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-15 -
2021-07-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
ads.rekmob.com
Sectigo RSA Domain Validation Secure Server CA		 2021-04-30 -
2022-05-08		 a year crt.sh
histats.com
R3		 2021-05-21 -
2021-08-19		 3 months crt.sh
surfe.pro
R3		 2021-05-06 -
2021-08-04		 3 months crt.sh
myolnyr5bsk18.com
R3		 2021-05-18 -
2021-08-16		 3 months crt.sh
oranegfodnd.com
R3		 2021-04-03 -
2021-07-02		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-02-22 -
2022-03-26		 a year crt.sh
agronews.com.pl
Certyfikat SSL		 2020-08-18 -
2021-08-18		 a year crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-13 -
2021-11-13		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
serveur-wow.com
R3		 2021-05-22 -
2021-08-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
cdn.runative-syndicate.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-24 -
2021-06-24		 a year crt.sh
adimg.rekmob.com
Amazon		 2021-05-31 -
2022-06-29		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
run-syndicate.com
R3		 2021-04-29 -
2021-07-28		 3 months crt.sh
*.instagram.com
DigiCert SHA2 High Assurance Server CA		 2021-05-13 -
2021-08-11		 3 months crt.sh
*.glotgrx.com
Go Daddy Secure Certificate Authority - G2		 2020-12-14 -
2022-01-12		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2020-05-21 -
2022-05-21		 2 years crt.sh
edgestatic.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
lcdn.runative-syndicate.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-19 -
2021-06-19		 a year crt.sh
runative-syndicate.com
R3		 2021-04-12 -
2021-07-11		 3 months crt.sh
www.awin1.com
DigiCert Secure Site ECC CA-1		 2020-04-21 -
2021-07-21		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
ad.zanox.com
Thawte RSA CA 2018		 2019-06-17 -
2021-07-16		 2 years crt.sh
cdn.run-syndicate.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-30 -
2021-06-30		 a year crt.sh

This page contains 136 frames:

Primary Page: https://www.cora-live.tk/
Frame ID: CB811C33397B7D6AD181DE8A7516693F
Requests: 71 HTTP requests in this frame

Frame: https://www.adzbux.com/banner468.php?u=50390
Frame ID: E41C783723BA3FFA7698AC5A5D55737C
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1562375?size=160x600
Frame ID: 3CF34038D0F929602ACCD96C5553461C
Requests: 2 HTTP requests in this frame

Frame: https://www.adzbux.com/mass.php
Frame ID: 5F44B73976E8FA09DDB43A7484FB916F
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1267016?size=160x600
Frame ID: FAF85CCFC903AF5939BF19EBF8054962
Requests: 3 HTTP requests in this frame

Frame: https://www.surfujkase.pl/promuj2.php
Frame ID: A02A68F3B06975623426F73A9FECF32D
Requests: 1 HTTP requests in this frame

Frame: https://www.adzbux.com/mass-rotator.php
Frame ID: 75673DDE2DD83C3A47D7074D99D6D9F7
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1267021?size=200x200
Frame ID: 7B953F890F314D00A9290EB1F6F14D4B
Requests: 3 HTTP requests in this frame

Frame: https://exp3.eurosptp.com/page.php?fr
Frame ID: CD55D45439EFCD6027824AF8F4A6906D
Requests: 1 HTTP requests in this frame

Frame: https://www.surfujkase.pl/promuj2.php
Frame ID: 9D4F13EF97AFA7CB65F4A270C8B22889
Requests: 1 HTTP requests in this frame

Frame: https://www.globalrotator.com/rotate.php
Frame ID: AAE70D0302BAA6EADD9AD5DF8A5E4294
Requests: 1 HTTP requests in this frame

Frame: https://www.epicrotator.com/rotate.php
Frame ID: 43A847CCDDDB1490BE26E0C9F2DF1B63
Requests: 1 HTTP requests in this frame

Frame: https://www.randomadz.com/rotate.php
Frame ID: 754533377A95D4D7F76179928BD41A67
Requests: 1 HTTP requests in this frame

Frame: https://www.adzbux.net/mass1.php
Frame ID: EA7C09C499EC95824B854B32595BA340
Requests: 3 HTTP requests in this frame

Frame: https://www.adzbux.net/mass1.php
Frame ID: 8AC3A33F671898ABBABBD7A29B6FCCD4
Requests: 3 HTTP requests in this frame

Frame: https://exp3.eurosptp.com/page.php?fr
Frame ID: 2D579FCCED7B83317C34BAB911286164
Requests: 1 HTTP requests in this frame

Frame: https://sharkpromotion.net/?r=51425
Frame ID: 6AE62AB0F76548558984E7710E4ADC56
Requests: 1 HTTP requests in this frame

Frame: https://trafiframe.ru/iframe.php
Frame ID: 2D2EEDF71ED68EFAB80BDE33A0CBEE8B
Requests: 1 HTTP requests in this frame

Frame: https://exp3.eurosptp.com/page.php?fr
Frame ID: D0CB53976E0DEBAD10F568DA4B925C91
Requests: 1 HTTP requests in this frame

Frame: https://www.adzbux.com/mass-rotator.php
Frame ID: 6A8428622805001962BD9BB20AE5501A
Requests: 1 HTTP requests in this frame

Frame: https://www.globalrotator.com/rotate.php
Frame ID: 4BA56ED7BAFEB4068DA8EF83B55DFF95
Requests: 1 HTTP requests in this frame

Frame: https://www.epicrotator.com/rotate.php
Frame ID: BC40E635D604639761548744457B3D07
Requests: 1 HTTP requests in this frame

Frame: https://www.randomadz.com/rotate.php
Frame ID: 5ECC5162CB8680B39C60551A8A6A3B7F
Requests: 1 HTTP requests in this frame

Frame: https://worldofclix.com/
Frame ID: 891359AF46C8B5827B1A987B023DCCE5
Requests: 1 HTTP requests in this frame

Frame: https://www.adzbux.com/mass-rotator.php
Frame ID: 690CD465F7D8CE2DA5E19413C50DC62A
Requests: 1 HTTP requests in this frame

Frame: https://www.globalrotator.com/rotate.php
Frame ID: C0557F063DF64780F65B5C7AC88B7EA6
Requests: 1 HTTP requests in this frame

Frame: https://www.epicrotator.com/rotate.php
Frame ID: 99C358AE1B78E894A333B0A653EF7377
Requests: 1 HTTP requests in this frame

Frame: https://www.randomadz.com/rotate.php
Frame ID: 9C4101147DACE67283A17882E68C3C4D
Requests: 1 HTTP requests in this frame

Frame: https://sharkpromotion.net/?r=51425
Frame ID: 9665FA70A021EDD5E072E8F344FF733F
Requests: 75 HTTP requests in this frame

Frame: https://trafiframe.ru/iframe.php
Frame ID: 156515647D9D1C273A0D00A77BF89AD1
Requests: 16 HTTP requests in this frame

Frame: https://www.adzbux.com/banner468.php?u=50390
Frame ID: 78D3A9F45CB6378FE72140E98DEB9D32
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1562375?size=160x600
Frame ID: 587800DF0A1C4805DE33ED41E30A74F6
Requests: 2 HTTP requests in this frame

Frame: https://www.adzbux.com/mass.php
Frame ID: E61B4F8932B1BA8D3849BD38467D91F3
Requests: 9 HTTP requests in this frame

Frame: https://ad.a-ads.com/1267016?size=160x600
Frame ID: 86F907F59D16B81D8FB57DB56B6A46FF
Requests: 1 HTTP requests in this frame

Frame: https://worldofclix.com/
Frame ID: FE67481E9490CA2A2E3E44EF1A993F8E
Requests: 40 HTTP requests in this frame

Frame: https://www.adzbux.com/mass-rotator.php
Frame ID: BEAA18A5607F3178AD0F213D7831D541
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1267021?size=200x200
Frame ID: 3FED9B09C8388B52136F663A6187B2AE
Requests: 1 HTTP requests in this frame

Frame: https://www.surfujkase.pl/promuj2.php
Frame ID: 7CBCBE8E21B0A1D95989515387DFFEB1
Requests: 2 HTTP requests in this frame

Frame: https://moneyonlineinvestment.com/index.html
Frame ID: E5150E1B891E9BF5B5A05EFBAD63E901
Requests: 1 HTTP requests in this frame

Frame: https://www.globalrotator.com/rotate.php
Frame ID: D92B224095C4FF3C782ABA385915AB05
Requests: 1 HTTP requests in this frame

Frame: https://www.epicrotator.com/rotate.php
Frame ID: EC10BECF067B91C70290DC0A40BE043E
Requests: 1 HTTP requests in this frame

Frame: https://www.randomadz.com/rotate.php
Frame ID: DF9377EFD77681E059682D199D476FE2
Requests: 1 HTTP requests in this frame

Frame: https://www.adzbux.net/mass1.php
Frame ID: 94CBDCA4B1A76C55811A4430B6535AA0
Requests: 9 HTTP requests in this frame

Frame: https://www.adzbux.net/mass1.php
Frame ID: D2CA7493DB17F4542A5CC04CFB697004
Requests: 9 HTTP requests in this frame

Frame: https://core.arc.io/broker.html?fd8fd2c
Frame ID: 3D9A888847204CD77EAEB4B44EF51DB7
Requests: 6 HTTP requests in this frame

Frame: https://www.surfujkase.pl/promuj2.php
Frame ID: E6F49DAA03EF7CC62C3FE16C3260A657
Requests: 2 HTTP requests in this frame

Frame: https://worldofclix.com/
Frame ID: 810BDCAA6888FFD8B13C8EE1C2ADE298
Requests: 40 HTTP requests in this frame

Frame: https://www.adzbux.com/mass-rotator.php
Frame ID: 7A0ACEE1B50DC7EEAA39F84508B942DA
Requests: 1 HTTP requests in this frame

Frame: https://www.globalrotator.com/rotate.php
Frame ID: 115F554089261736841EBBC81B85E5DF
Requests: 1 HTTP requests in this frame

Frame: https://www.epicrotator.com/rotate.php
Frame ID: 3CAF515FB264DA3CAE493FA6B02EE431
Requests: 1 HTTP requests in this frame

Frame: https://www.randomadz.com/rotate.php
Frame ID: F90327918167FAD3D8E4BF16345D45E7
Requests: 1 HTTP requests in this frame

Frame: https://www.surfujkase.pl/promuj2.php
Frame ID: C302EADEE4D0247312A832388C6C7F94
Requests: 2 HTTP requests in this frame

Frame: https://www.adzbux.com/mass-rotator.php
Frame ID: 49A0B0EB9B16A086BB0ACA973C3222B0
Requests: 1 HTTP requests in this frame

Frame: https://www.globalrotator.com/rotate.php
Frame ID: E7033B9A1F171D3EF870DCE8D6B102BB
Requests: 1 HTTP requests in this frame

Frame: https://www.epicrotator.com/rotate.php
Frame ID: AEDF1CDD8EDAC086E4EDD683DC977CDD
Requests: 1 HTTP requests in this frame

Frame: https://www.randomadz.com/rotate.php
Frame ID: 952F04FD84F623B28501BD4F0782B31C
Requests: 1 HTTP requests in this frame

Frame: https://core.arc.io/broker.html?fd8fd2c
Frame ID: 227DBF139F702CDCEA7FFE7CB2582FEA
Requests: 6 HTTP requests in this frame

Frame: https://core.arc.io/broker.html?fd8fd2c
Frame ID: 2533F240D45F4C626BFCB301EDC346E9
Requests: 6 HTTP requests in this frame

Frame: https://ad.a-ads.com/1649062?size=468x60
Frame ID: 3007A777DCECF7EB188E3EC13E4A3EE7
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1649062?size=468x60
Frame ID: A446DBD013B8362D2467BDB15E1C8F02
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1649065?size=728x90
Frame ID: 76615677DA3409219CDB35EE6287DDA1
Requests: 1 HTTP requests in this frame

Frame: https://exp3.eurosptp.com/page.php?fr
Frame ID: 285428D0DF04955C78413C9FC2C2BB27
Requests: 229 HTTP requests in this frame

Frame: https://moneyonlineinvestment.com/index.html
Frame ID: 886E4820852151DD0D21EA8EBAEBC285
Requests: 1 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/1213985
Frame ID: 7A953D1C3269515F142556CCFD569D58
Requests: 2 HTTP requests in this frame

Frame: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Frame ID: 00CEE1A5CABBF766164F81C48E2A85C7
Requests: 124 HTTP requests in this frame

Frame: https://exp3.eurosptp.com/popmyads.php
Frame ID: 8BCA0C538EB72C31F02D3D28BF6AD8FC
Requests: 3 HTTP requests in this frame

Frame: https://serveur-gmod.com/
Frame ID: 7816300FC97B4422301EE6D67D89CAB5
Requests: 5 HTTP requests in this frame

Frame: https://audience.rtb.adp3.net/direct?pubid=88796&subid=paifl&feedid=348235&q=sex&return_url=
Frame ID: 79016A59616CE0A61651976BE80ABC9C
Requests: 1 HTTP requests in this frame

Frame: https://audience.rtb.adp3.net/direct?pubid=88796&subid=paifl&feedid=423803&q=sex&return_url=
Frame ID: 9C1316B20F2CF92B0078590F4CAC315E
Requests: 1 HTTP requests in this frame

Frame: https://audience.rtb.adp3.net/direct?pubid=88796&subid=paifl&feedid=351699&q=sex&return_url=
Frame ID: BF087C1A85FE2B19819CA7605E4183A2
Requests: 1 HTTP requests in this frame

Frame: https://audience.rtb.adp3.net/direct?pubid=88796&subid=paifl&feedid=376540&q=sex&return_url=
Frame ID: B1718328042B5AD7BE83C597A05B9B59
Requests: 1 HTTP requests in this frame

Frame: https://www.interclics.com/cinema.php
Frame ID: 1CF4CC9C0AB27345732D171454C53070
Requests: 4 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/1213985
Frame ID: 0A84ABC3D4F53C7017AB9C8BC1782526
Requests: 1 HTTP requests in this frame

Frame: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Frame ID: 47B9C7D78F172CB2CC3DACF076AE3600
Requests: 125 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/1213985
Frame ID: 81A21A13C0BDFD3D3163C367E76704D5
Requests: 1 HTTP requests in this frame

Frame: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Frame ID: 19D19F52EA19E5AFCD564A383E39D3B7
Requests: 125 HTTP requests in this frame

Frame: https://payeer.com/?session=2103954
Frame ID: 821FB352B6820F06AC1A691677C6BED1
Requests: 2 HTTP requests in this frame

Frame: https://payeer.com/
Frame ID: CBAA8B6FB5C98826DDFDF16F20C35DEB
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1649062?size=468x60
Frame ID: 1BA6FE19C88BD20BBD3B23AD28E98B89
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1649062?size=468x60
Frame ID: 8CF4D0BCC92024524B06ED61459E8A2A
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1649065?size=728x90
Frame ID: B5B109E5EED629969DEC78B015F58C3B
Requests: 1 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=F%2BN5TYbQxSxDgVdO2HBjZcum3nuTpjIWjA8UVYRIP%2Bk%3D
Frame ID: 5DCB28C9B0A544F2827E5469BEF42536
Requests: 8 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=F%2BN5TYbQxSxDgVdO2HBjZeH7Se7BlO3rmBYpDrtTWSE%3D
Frame ID: 4BF74B94EE60495B17B5DEE68F654C8B
Requests: 7 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?fd8fd2c
Frame ID: 51E30146DD20F3139BC9AE276C424C0B
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?fd8fd2c
Frame ID: 13DA2721B070B8A951F5AE2A89FC63A0
Requests: 9 HTTP requests in this frame

Frame: https://cdn.runative-syndicate.com/sdk/v1/bi.js
Frame ID: 56215D0EAE6057FBAEED478A69D4E41E
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Frame ID: 1CD6B625E6891BCCDC22D4BDF7440400
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Frame ID: 4D8E607C5F8365547385A3C4339D6AA0
Requests: 1 HTTP requests in this frame

Frame: https://agronews.com.pl/artykul/zasilek-opiekunczy-dla-rolnikow-przedluzony/embed/
Frame ID: 009DF5BFA4DECB2147EDED8304360335
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 95CB44C1A6E04F9DE3F983D112F3E805
Requests: 1 HTTP requests in this frame

Frame: https://cdn.runative-syndicate.com/sdk/v1/n.js
Frame ID: F071C3B6C0D49F6206B5BF965FAAB427
Requests: 4 HTTP requests in this frame

Frame: https://adimg.rekmob.com/logos/rs-b.png
Frame ID: 8B49C0BD8400F8B8EBFFAF81BD9ECE53
Requests: 3 HTTP requests in this frame

Frame: https://cdn.runative-syndicate.com/sdk/v1/n.js
Frame ID: B73F75D856ED12F6C20AD122424D3988
Requests: 4 HTTP requests in this frame

Frame: https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=0&clientjs=1&w=1600&h=1200
Frame ID: 98BB8B159D62D52BC1AEF221B19E56B3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Frame ID: F248F94F04F7C18D474B709CEB8964F5
Requests: 1 HTTP requests in this frame

Frame: https://agronews.com.pl/artykul/asf-co-ze-swiniami-na-wybiegach/embed/
Frame ID: 5BD4C988C415789249B7D2EF73B546F7
Requests: 7 HTTP requests in this frame

Frame: https://popmyads.com/404?dsc6123
Frame ID: 3F74E9845D92FB292FAA041CA620D45E
Requests: 9 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: B38433101F278F25FB654C1FC1239431
Requests: 1 HTTP requests in this frame

Frame: https://adimg.rekmob.com/logos/rs-b.png
Frame ID: D7D8956405A987E3F14B7D1A06EC69C0
Requests: 3 HTTP requests in this frame

Frame: https://adimg.rekmob.com/a6ef61b5aa4d4a35995bc18d04125b93
Frame ID: 25901D55EDB84563277C23DA3E348091
Requests: 3 HTTP requests in this frame

Frame: https://adimg.rekmob.com/logos/rs-b.png
Frame ID: 5738D185D3D87591E93306206B4E8AC9
Requests: 3 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Frame ID: 29B1C44D33677726BB617C1A6CCB6152
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Frame ID: 5263BF622C23CA29C97A5834D0527C2F
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Frame ID: 64BAF7F53849C6AB6C61EF2F4D4C3B47
Requests: 18 HTTP requests in this frame

Frame: https://adimg.rekmob.com/logos/rs-b.png
Frame ID: 484EF668896A449C92A804C96E293084
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.cora-live.tk
Frame ID: FB5D6578453BB6F5B5BFCB460A6F36FD
Requests: 1 HTTP requests in this frame

Frame: https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Frame ID: 28CDA9420D8E0781F5F19E06207C7463
Requests: 3 HTTP requests in this frame

Frame: https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Frame ID: 50FF7FC5D464CF91F98EA37CE641FAF2
Requests: 3 HTTP requests in this frame

Frame: https://adimg.rekmob.com/logos/rs-b.png
Frame ID: 5FFC6C095079805857CFE98FBFD8F1EF
Requests: 3 HTTP requests in this frame

Frame: https://cdn.runative-syndicate.com/sdk/v1/bi.js
Frame ID: AB68B8F7B3ED9809F058BCCD1FBF1929
Requests: 3 HTTP requests in this frame

Frame: https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=0&clientjs=1&w=1600&h=1200
Frame ID: 90CA699EB4E95AD0C7EE57B22A6BB984
Requests: 7 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?fd8fd2c
Frame ID: 2EC42C6092C2CC5B8AE52022754D42C1
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?fd8fd2c
Frame ID: 922DBFD01801C86992545A8DF7E04285
Requests: 9 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?fd8fd2c
Frame ID: A8EBE06BD7B364B10DAF4BD20C8000D3
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?fd8fd2c
Frame ID: 966D625AAFD2D04789034A28D95773D8
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=34900%2C15823%2C34855&b=DZ97u3fwfxmgf3HmH9t1tQY4u4tVtdk%2CdpWxsEfkfzwMUEHjHwtEtb6YFKtRtmG%2C52JdHXfEf4dMHpH7HMt3tXZxcbtktxV&f=dpWxsEfkfkb8TEHjHwtqC3EBFKtRtmG%2CK74MuRfZf6grU5HMHktzCB9mhKtrt2w%2CpqG2u1fgfrKwCkH4HmtJCMX9ubt7tAE&c=728&d=90&e=&g=d1dcbaf6a3dba476e630295b6267f262%2F7774909048148328637&i=27800%2C20547%2C17738&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_IT_advancedad_728x90&y=0&z=0
Frame ID: 8AEA183BB6EAD164FFE85BF86350D101
Requests: 11 HTTP requests in this frame

Frame: https://adimg.rekmob.com/2e630aeb4a40478e989c620cb82e8065
Frame ID: DA8C233A5427670368F4CA4C19D6929A
Requests: 3 HTTP requests in this frame

Frame: https://adimg.rekmob.com/5a1b9c9bcd394786b925816e44cc87a0
Frame ID: 559A08D0DCAF1B65163A7E9A4A8850D1
Requests: 3 HTTP requests in this frame

Frame: https://cdn.runative-syndicate.com/sdk/v1/n.js
Frame ID: D84B2C64E1B21343308BCAD486B56AD5
Requests: 4 HTTP requests in this frame

Frame: https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Frame ID: 21D20BD3CB930175C469039B41B3DC95
Requests: 3 HTTP requests in this frame

Frame: https://adimg.rekmob.com/a6ef61b5aa4d4a35995bc18d04125b93
Frame ID: 5F5A395013B1B5C252CEC1E9608D8B4B
Requests: 3 HTTP requests in this frame

Frame: https://adimg.rekmob.com/logos/rs-b.png
Frame ID: 823C04506582A3EAED8551F4027B1238
Requests: 3 HTTP requests in this frame

Frame: https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Frame ID: 86540A21EB7BBBCD3BCFC9C6ED64DB01
Requests: 3 HTTP requests in this frame

Frame: https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Frame ID: 8332C2C2B682D48EB57AA3B5E522A2DD
Requests: 3 HTTP requests in this frame

Frame: https://www.surfujkase.pl/ptpwynik2.php?czas=1622580312&user=1&strona=6911&uv=1&pl=0&skad=www.adzbux.com
Frame ID: 2080164D507C1B492B1D7024062249DA
Requests: 1 HTTP requests in this frame

Frame: https://www.surfujkase.pl/ptpwynik2.php?czas=1622580312&user=1&strona=7169&uv=1&pl=0&skad=www.adzbux.com
Frame ID: 17956B6C67591649E5A3A1009CE73E29
Requests: 1 HTTP requests in this frame

Frame: https://www.surfujkase.pl/ptpwynik2.php?czas=1622580312&user=1&strona=6951&uv=1&pl=0&skad=www.adzbux.net
Frame ID: BB993796FFA79D6ACF0BFFE3421107D1
Requests: 1 HTTP requests in this frame

Frame: https://adimg.rekmob.com/logos/rs-b.png
Frame ID: CD0FBB75272AB6F65AD5D95C9F05306C
Requests: 3 HTTP requests in this frame

Frame: https://adimg.rekmob.com/a6ef61b5aa4d4a35995bc18d04125b93
Frame ID: 69997586011238A25F5991E9093752CD
Requests: 3 HTTP requests in this frame

Frame: https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Frame ID: CBE7E32D1B47F80A444A54DD2B53409A
Requests: 3 HTTP requests in this frame

Frame: https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Frame ID: ED23E134C13E11CB971B3F2B5630263B
Requests: 3 HTTP requests in this frame

Frame: https://cdn.runative-syndicate.com/sdk/v1/bi.js
Frame ID: F2AC6B66AE9C957C651C1504C5A06E27
Requests: 3 HTTP requests in this frame

Frame: https://adimg.rekmob.com/5a1b9c9bcd394786b925816e44cc87a0
Frame ID: 3BDEA3DC8523035155A17BBC4F58D71B
Requests: 3 HTTP requests in this frame

Frame: https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Frame ID: 8FE69C5935271C67AD2110DEF75EE2DA
Requests: 3 HTTP requests in this frame

Frame: https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Frame ID: 226E2CC63D00E8832E2EC7EE9EFCD9DD
Requests: 3 HTTP requests in this frame

Frame: https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=0&clientjs=1&w=1600&h=1200
Frame ID: 6F3BAB4E8E1DC210111CF1FD3284005C
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.cora-live.tk/ HTTP 301
    https://www.cora-live.tk/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Page Statistics

1202
Requests

96 %
HTTPS

59 %
IPv6

82
Domains

114
Subdomains

87
IPs

9
Countries

23648 kB
Transfer

41042 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.cora-live.tk/ HTTP 301
    https://www.cora-live.tk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://www.adzbux.com/quick.php?u=50390 HTTP 302
  • https://www.adzbux.com/mass.php
Request Chain 52
  • https://surfujkase.pl/promuj2.php HTTP 301
  • https://www.surfujkase.pl/promuj2.php
Request Chain 56
  • https://surfujkase.pl/promuj2.php HTTP 301
  • https://www.surfujkase.pl/promuj2.php
Request Chain 104
  • https://www.adzbux.com/quick.php?u=50390 HTTP 302
  • https://www.adzbux.com/mass.php
Request Chain 111
  • https://surfujkase.pl/promuj2.php HTTP 301
  • https://www.surfujkase.pl/promuj2.php
Request Chain 112
  • https://moneyonlineinvestment.com/r/321478 HTTP 301
  • https://moneyonlineinvestment.com/?a_aid=321478 HTTP 302
  • https://moneyonlineinvestment.com/index.html
Request Chain 120
  • https://surfujkase.pl/promuj2.php HTTP 301
  • https://www.surfujkase.pl/promuj2.php
Request Chain 130
  • https://surfujkase.pl/promuj2.php HTTP 301
  • https://www.surfujkase.pl/promuj2.php
Request Chain 239
  • https://moneyonlineinvestment.com/r/321478 HTTP 301
  • https://moneyonlineinvestment.com/?a_aid=321478 HTTP 302
  • https://moneyonlineinvestment.com/index.html
Request Chain 295
  • https://cutt.ly/traficboost10 HTTP 301
  • https://nullrefer.com/?https://serveur-gmod.com/
Request Chain 372
  • https://payeer.com/?session=2103954 HTTP 302
  • https://payeer.com/iproxy/j?5m+4KdpM2Ysdr2w7Nv3nMi8/c2Vzc2lvbj0yMTAzOTU0 HTTP 302
  • https://payeer.com/?session=2103954
Request Chain 374
  • https://payeer.com/?session=2103954 HTTP 302
  • https://payeer.com/iproxy/j?5m+4KdpM2Ysdr2w7Nv3nMi8/c2Vzc2lvbj0yMTAzOTU0 HTTP 302
  • https://payeer.com/
Request Chain 384
  • https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=reklamstore&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=DeNKMOjwBNkqZW1xZyxpW599&ssp=reklamstore HTTP 302
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=4974bc1a-9a43-4775-ad36-7cefbae6831d&d=1
Request Chain 431
  • https://mc.yandex.com/watch/56460499?wmode=7&page-url=https%3A%2F%2Ftrafiframe.ru%2Fiframe.php&page-ref=https%3A%2F%2Fwww.cora-live.tk%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A1334056509743%3Ahid%3A425655252%3Az%3A120%3Ai%3A20210601224513%3Aet%3A1622580313%3Ac%3A1%3Arn%3A521571814%3Au%3A1622580313525379762%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1622580312056%3Ads%3A0%2C243%2C161%2C1%2C3%2C0%2C%2C605%2C1%2C%2C%2C%2C1070%3Adsn%3A0%2C243%2C161%2C1%2C2%2C0%2C%2C661%2C2%2C%2C%2C%2C1069%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622580313%3At%3AAuto-surfing%20sites HTTP 302
  • https://mc.yandex.com/watch/56460499/1?wmode=7&page-url=https%3A%2F%2Ftrafiframe.ru%2Fiframe.php&page-ref=https%3A%2F%2Fwww.cora-live.tk%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A1334056509743%3Ahid%3A425655252%3Az%3A120%3Ai%3A20210601224513%3Aet%3A1622580313%3Ac%3A1%3Arn%3A521571814%3Au%3A1622580313525379762%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1622580312056%3Ads%3A0%2C243%2C161%2C1%2C3%2C0%2C%2C605%2C1%2C%2C%2C%2C1070%3Adsn%3A0%2C243%2C161%2C1%2C2%2C0%2C%2C661%2C2%2C%2C%2C%2C1069%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622580313%3At%3AAuto-surfing%20sites
Request Chain 554
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25863051.302957292;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25863051.302957292;dc_pre=CNbth9qm9_ACFWvuuwgdyKkHbg;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 556
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25863051.302957292;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25863051.302957292;dc_pre=COCdodqm9_ACFVaFgwcdDFAOeg;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 558
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25863051.302957292;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25863051.302957292;dc_pre=CMed-Nmm9_ACFROD3godRu0DFw;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 559
  • https://i0.wp.com/img.youtube.com/vi/ICfwHZMYPdo/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/ICfwHZMYPdo/default.jpg
Request Chain 560
  • https://i2.wp.com/img.youtube.com/vi/ZebfYY4_sbc/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/ZebfYY4_sbc/default.jpg
Request Chain 561
  • https://i1.wp.com/img.youtube.com/vi/VKDhIZmcVlU/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/VKDhIZmcVlU/default.jpg
Request Chain 562
  • https://i1.wp.com/img.youtube.com/vi/NUSuhg-i-xE/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/NUSuhg-i-xE/default.jpg
Request Chain 563
  • https://i1.wp.com/img.youtube.com/vi/MzwB-VR5BVM/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/MzwB-VR5BVM/default.jpg
Request Chain 564
  • https://i1.wp.com/img.youtube.com/vi/6wLvFLyOSi8/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/6wLvFLyOSi8/default.jpg
Request Chain 565
  • https://i1.wp.com/img.youtube.com/vi/-wUIl-jd52k/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/-wUIl-jd52k/default.jpg
Request Chain 566
  • https://i0.wp.com/img.youtube.com/vi/JX2o9pE0ndU/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/JX2o9pE0ndU/default.jpg
Request Chain 567
  • https://i2.wp.com/img.youtube.com/vi/ce8lSVJBqs8/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/ce8lSVJBqs8/default.jpg
Request Chain 568
  • https://i1.wp.com/img.youtube.com/vi/akhYyRbY6Iw/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/akhYyRbY6Iw/default.jpg
Request Chain 571
  • https://i0.wp.com/img.youtube.com/vi/ICfwHZMYPdo/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/ICfwHZMYPdo/default.jpg
Request Chain 572
  • https://i2.wp.com/img.youtube.com/vi/ZebfYY4_sbc/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/ZebfYY4_sbc/default.jpg
Request Chain 573
  • https://i1.wp.com/img.youtube.com/vi/VKDhIZmcVlU/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/VKDhIZmcVlU/default.jpg
Request Chain 574
  • https://i1.wp.com/img.youtube.com/vi/NUSuhg-i-xE/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/NUSuhg-i-xE/default.jpg
Request Chain 575
  • https://i1.wp.com/img.youtube.com/vi/MzwB-VR5BVM/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/MzwB-VR5BVM/default.jpg
Request Chain 576
  • https://i1.wp.com/img.youtube.com/vi/6wLvFLyOSi8/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/6wLvFLyOSi8/default.jpg
Request Chain 577
  • https://i1.wp.com/img.youtube.com/vi/-wUIl-jd52k/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/-wUIl-jd52k/default.jpg
Request Chain 578
  • https://i0.wp.com/img.youtube.com/vi/JX2o9pE0ndU/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/JX2o9pE0ndU/default.jpg
Request Chain 579
  • https://i2.wp.com/img.youtube.com/vi/ce8lSVJBqs8/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/ce8lSVJBqs8/default.jpg
Request Chain 580
  • https://i1.wp.com/img.youtube.com/vi/akhYyRbY6Iw/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/akhYyRbY6Iw/default.jpg
Request Chain 581
  • https://i0.wp.com/img.youtube.com/vi/ICfwHZMYPdo/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/ICfwHZMYPdo/default.jpg
Request Chain 582
  • https://i2.wp.com/img.youtube.com/vi/ZebfYY4_sbc/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/ZebfYY4_sbc/default.jpg
Request Chain 583
  • https://i1.wp.com/img.youtube.com/vi/VKDhIZmcVlU/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/VKDhIZmcVlU/default.jpg
Request Chain 584
  • https://i1.wp.com/img.youtube.com/vi/NUSuhg-i-xE/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/NUSuhg-i-xE/default.jpg
Request Chain 585
  • https://i1.wp.com/img.youtube.com/vi/MzwB-VR5BVM/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/MzwB-VR5BVM/default.jpg
Request Chain 586
  • https://i1.wp.com/img.youtube.com/vi/6wLvFLyOSi8/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/6wLvFLyOSi8/default.jpg
Request Chain 587
  • https://i1.wp.com/img.youtube.com/vi/-wUIl-jd52k/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/-wUIl-jd52k/default.jpg
Request Chain 588
  • https://i0.wp.com/img.youtube.com/vi/JX2o9pE0ndU/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/JX2o9pE0ndU/default.jpg
Request Chain 589
  • https://i2.wp.com/img.youtube.com/vi/ce8lSVJBqs8/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/ce8lSVJBqs8/default.jpg
Request Chain 590
  • https://i1.wp.com/img.youtube.com/vi/akhYyRbY6Iw/default.jpg?w=696&ssl=1 HTTP 302
  • https://img.youtube.com/vi/akhYyRbY6Iw/default.jpg
Request Chain 594
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25764214.302870472;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25764214.302870472;dc_pre=CMGljNqm9_ACFVMF4AodD5wEyQ;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 596
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25857693.303061777;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25857693.303061777;dc_pre=CJDYjdqm9_ACFVyK_QcdrkIOng;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 598
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25455579.296658109;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25455579.296658109;dc_pre=CJ_Zjdqm9_ACFWzsuwgdwUMNmQ;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 621
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25857693.303061777;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25857693.303061777;dc_pre=CJXvh9qm9_ACFYPhuwgdnOgGww;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 623
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25764214.302870472;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25764214.302870472;dc_pre=CMToh9qm9_ACFTXXEQgddXsCQw;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 625
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25455579.296658109;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25455579.296658109;dc_pre=CLXqh9qm9_ACFTTauwgdGLwFbg;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 648
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25764214.302870472;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25764214.302870472;dc_pre=CNufodqm9_ACFVyK_QcdrkIOng;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 650
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25857693.303061777;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25857693.303061777;dc_pre=CKCiodqm9_ACFTTauwgdGLwFbg;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 652
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25455579.296658109;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25455579.296658109;dc_pre=CPKkodqm9_ACFWvuuwgdyKkHbg;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 832
  • https://maquiags.com/gget HTTP 302
  • https://popmyads.com/404?dsc6123
Request Chain 872
  • https://whos.amung.us/swidget/popmyads404.png HTTP 307
  • https://widgets.amung.us/small/14/1442.png
Request Chain 1051
  • https://www.awin1.com/cshow.php?s=2711551&v=9529&q=387910&r=412871&pv=1&pref3=oneidDZ97u3fwfxmgf3HmH9t1tQY4u4tVtdkoneid__cash_ads_IT_advancedad_728x90&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=467dd5f0-c31a-11eb-9ae5-692d08e93505&v=9529&r=412871&q=387910&s=2711551&viewref3=oneidDZ97u3fwfxmgf3HmH9t1tQY4u4tVtdkoneid__cash_ads_IT_advancedad_728x90&pv=1&gdpr=0&gdpr_consent=
Request Chain 1054
  • https://www.awin1.com/cshow.php?s=2638561&v=17198&q=366377&r=412871&pref3=oneiddpWxsEfkfzwMUEHjHwtEtb6YFKtRtmGoneid__cash_ads_IT_advancedad_728x90&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://d2a54pfih9ionq.cloudfront.net/blank/gif/728/90
Request Chain 1057
  • https://www.awin1.com/cshow.php?s=2227945&v=9773&q=344675&r=412873&pref3=oneid52JdHXfEf4dMHpH7HMt3tXZxcbtktxVoneid__cash_ads_IT_advancedad_728x90&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=46857710-c31a-11eb-906c-692d0dd6f317&v=9773&r=412873&q=344675&s=2227945&viewref3=oneid52JdHXfEf4dMHpH7HMt3tXZxcbtktxVoneid__cash_ads_IT_advancedad_728x90&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.zanox.com/ppv/images/programs/2183/loghi/Telecom-TIM-80x50.png
Request Chain 1063
  • https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dreklamstore%26bsw_param%3D4974bc1a-9a43-4775-ad36-7cefbae6831d%26gdpr%3D%26consent%3D%26gdpr_pd%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=0645a34b63824399acc7647fb439b948&ssp=reklamstore&bsw_param=4974bc1a-9a43-4775-ad36-7cefbae6831d&gdpr=&consent=&gdpr_pd= HTTP 302
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=4974bc1a-9a43-4775-ad36-7cefbae6831d&d=1
Request Chain 1104
  • https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dreklamstore%26bsw_param%3D646ff3e6-b9ac-4a2e-8106-7a1ceb7ae668%26gdpr%3D%26consent%3D%26gdpr_pd%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=dd9e365154294436a3d928eb6be4d8e4&ssp=reklamstore&bsw_param=646ff3e6-b9ac-4a2e-8106-7a1ceb7ae668&gdpr=&consent=&gdpr_pd= HTTP 302
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=646ff3e6-b9ac-4a2e-8106-7a1ceb7ae668&d=1
Request Chain 1145
  • https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=reklamstore&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=DeNKMOjwBNkqZW1xZyxpW599&ssp=reklamstore HTTP 302
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=646ff3e6-b9ac-4a2e-8106-7a1ceb7ae668&d=1
Request Chain 1185
  • https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=646ff3e6-b9ac-4a2e-8106-7a1ceb7ae668 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=646ff3e6-b9ac-4a2e-8106-7a1ceb7ae668 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=e06958f5-4a01-49d0-9cdd-ffdaa7ccb634&ssp=reklamstore&expires=30&user_group=5&bsw_param=646ff3e6-b9ac-4a2e-8106-7a1ceb7ae668 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=e06958f5-4a01-49d0-9cdd-ffdaa7ccb634&ssp=reklamstore&expires=30&user_group=5&bsw_param=646ff3e6-b9ac-4a2e-8106-7a1ceb7ae668 HTTP 302
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=03edb402-2acc-4bb6-82e3-10c03234ae05&d=1

1202 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.cora-live.tk/
Redirect Chain
  • http://www.cora-live.tk/
  • https://www.cora-live.tk/
522 KB
76 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8cbe1cb46302dbf9b57be9189db96ac5afd7e009d3c9be4babe92c6bbb9239d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.cora-live.tk
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
expires
Tue, 01 Jun 2021 20:45:11 GMT
date
Tue, 01 Jun 2021 20:45:11 GMT
cache-control
private, max-age=0
last-modified
Sat, 27 Feb 2021 16:27:04 GMT
etag
W/"8ccb912846fc2d7a1863e57c255a5b63a33a2876e82a80172fee3d8d600c9d50"
x-robots-tag
all,noodp
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
77309
server
GSE

Redirect headers

Location
https://www.cora-live.tk/
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Date
Tue, 01 Jun 2021 20:45:10 GMT
Expires
Tue, 01 Jun 2021 20:45:10 GMT
Cache-Control
private, max-age=0
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
frame-ancestors 'self'
X-XSS-Protection
1; mode=block
Content-Length
175
Server
GSE
js
www.googletagmanager.com/gtag/ 		89 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-114936408-9
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
28a25a48616d0b319a79623a9e6c2d9dd4d740d9f642d81968647fd7cf9506b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35939
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 20:23:47 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Jun 2021 20:45:11 GMT
css
fonts.googleapis.com/ 		8 KB
880 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ac5fd587ee98e49b60b128721f8ed6759fd9d90e68473985d3203452dd11d2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 19:16:38 GMT
server
ESF
date
Tue, 01 Jun 2021 20:45:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Jun 2021 20:45:11 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617
age
6133758
cdn-cachedat
2021-03-11 11:57:51
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6aebcd2600004e146e14a000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
6fc1a75116c932681ed09108db37b84c
cf-ray
658b48c1d9c84e14-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
Game-x-logo.png
1.bp.blogspot.com/-D3zLE_mHH9A/X3cRhkvRbbI/AAAAAAAAJbk/zKvoq0B3gzszEHPZlD2z_EETYuS2DV7XwCK4BGAYYCw/s1600/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-D3zLE_mHH9A/X3cRhkvRbbI/AAAAAAAAJbk/zKvoq0B3gzszEHPZlD2z_EETYuS2DV7XwCK4BGAYYCw/s1600/Game-x-logo.png
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
642814e42f3c40a457d7995fbe18f981945a46ae5851dcc6e7c50fa74109634d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:03:57 GMT
x-content-type-options
nosniff
age
6074
content-disposition
inline;filename="Game-x-logo.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11911
x-xss-protection
0
server
fife
etag
"v25ba"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 10 May 2021 07:57:06 GMT
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=312527
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2be2bcf2ce9f8cc89aab5c5fc1f4633a7c2f3e8cbed7f548896182b73ab4f413

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-request-id
0a6aebcd6e00006485550d8000000001
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
date
Tue, 01 Jun 2021 20:45:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jZfk38J1%2F2n05078QMiiZ4SN76cd8FkaS1FAs65J6pRYbDfV3sZVpNZyWZAIO2KHJjbt8ceyceZ5x6JMQRLtQt5%2FYpctPgKAorMpYdKo%2FZIb7sr%2Fc%2FO0bK5YUIpevH0Cb5eYLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
cf-ray
658b48c24b866485-FRA
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=312526
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a772bfbd354ed84c115bcb746e9dc5a1b56a23a8b3be536a14a721e9395e0c9d

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-request-id
0a6aebcd6d00006485652d6000000001
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
date
Tue, 01 Jun 2021 20:45:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vFjdClLHlW7vcp2arH%2FMY5rYbuRb58j47ZX%2FPUWRJCZlClKgHbTleRpBd1LuLsMfa4bpAAPRxn7IOvwgmqV06lqI1%2Fgt1my51VAe2XARCDfSpxRCsZ3yprITRlBqSwr2DfHyrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
cf-ray
658b48c24b886485-FRA
Game-x-Mobile.png
2.bp.blogspot.com/-XS91IccH6LU/X3cSrKd0AYI/AAAAAAAAJbw/m9trBJeVpPULwwanpEXZGwmmDe-gwJIagCK4BGAYYCw/s1600/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-XS91IccH6LU/X3cSrKd0AYI/AAAAAAAAJbw/m9trBJeVpPULwwanpEXZGwmmDe-gwJIagCK4BGAYYCw/s1600/Game-x-Mobile.png
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3c2d401979d7270a07d5790ac6e5da5d809318b676abf8b7e44c363bee8933ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:24:27 GMT
x-content-type-options
nosniff
age
4844
content-disposition
inline;filename="Game-x-Mobile.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1927
x-xss-protection
0
server
fife
etag
"v25bf"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 02 Jun 2021 13:53:21 GMT
%25D8%25AA%25D9%2586%25D8%25B2%25D9%258A%25D9%2584%2B%25283%2529.jpg
1.bp.blogspot.com/-DoznQINSVTg/YCNa3uTC5pI/AAAAAAAAAqQ/ywAeQidI6QY3P1FoVsOhQIx896MRcjFdgCLcBGAsYHQ/w640/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-DoznQINSVTg/YCNa3uTC5pI/AAAAAAAAAqQ/ywAeQidI6QY3P1FoVsOhQIx896MRcjFdgCLcBGAsYHQ/w640/%25D8%25AA%25D9%2586%25D8%25B2%25D9%258A%25D9%2584%2B%25283%2529.jpg
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
079aa61ede2ab44182deb255e8b2158f090fd121ed0abf1b6f12117d2e24a664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
x-content-type-options
nosniff
server
fife
etag
"v2a6"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="_____ (3).jpg";filename*=UTF-8''%D8%AA%D9%86%D8%B2%D9%8A%D9%84%20(3).jpg
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14499
x-xss-protection
0
expires
Wed, 02 Jun 2021 20:45:11 GMT
PnVCF-veHlfohZE2eYOi-pTXeX1gAY_zuxIYoXwgkDBmFBIt2I3Vsi9fkSku6ID9SZ4JnpW38YU9P0Rk_C3Dj7kXvPKjUbyOCSjfHqV_DlaNc5lmhBhOs4e9lUWhAG8TOV-iZsvSdEfveJqxsIg=w640
lh6.googleusercontent.com/proxy/ 		205 KB
206 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/proxy/PnVCF-veHlfohZE2eYOi-pTXeX1gAY_zuxIYoXwgkDBmFBIt2I3Vsi9fkSku6ID9SZ4JnpW38YU9P0Rk_C3Dj7kXvPKjUbyOCSjfHqV_DlaNc5lmhBhOs4e9lUWhAG8TOV-iZsvSdEfveJqxsIg=w640
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b5f0d0e75b7fbf6ea3c86ef17338e3c48a14d5e27429e6e693882167db9344e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
210199
x-xss-protection
0
expires
Wed, 02 Jun 2021 20:45:11 GMT
ABSMpiXsk7lJ0_vrBzIzvQ7bYJY0-PFMkXVMoEBWgxkjj1n7OBx65f2eW-FSgm3AN_yCrDXHijhaWt0dbMpB5EPSIIE07FO5Om61n4_mTvMi_pgP0sDGgcL-niKjv7gDNMGYTRjThRbIu8flgf3LBtAOLcLrXz2NSsjWbPTTDUApQ8X_419BTvfrrkw3xZw5kTT_W...
lh3.googleusercontent.com/proxy/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/proxy/ABSMpiXsk7lJ0_vrBzIzvQ7bYJY0-PFMkXVMoEBWgxkjj1n7OBx65f2eW-FSgm3AN_yCrDXHijhaWt0dbMpB5EPSIIE07FO5Om61n4_mTvMi_pgP0sDGgcL-niKjv7gDNMGYTRjThRbIu8flgf3LBtAOLcLrXz2NSsjWbPTTDUApQ8X_419BTvfrrkw3xZw5kTT_WF_DKA8R1vRn0Q=w640
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a7bb98cc95ca5dacac9435be8d9c75af43cdda11f9abc2df6a7b1075dd800726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67005
x-xss-protection
0
expires
Wed, 02 Jun 2021 20:45:11 GMT
rD_hJbblgjrygtsk0F8dEg2r9e5MjUqbRN6dil4oTrpUXjooLeJiEXYg9_rj04DTQPAdrljTMdR02j7iI9vW_Eka5HAJPUdhzxErxQbBs_D1apULLjkTMg=w640
lh4.googleusercontent.com/proxy/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/proxy/rD_hJbblgjrygtsk0F8dEg2r9e5MjUqbRN6dil4oTrpUXjooLeJiEXYg9_rj04DTQPAdrljTMdR02j7iI9vW_Eka5HAJPUdhzxErxQbBs_D1apULLjkTMg=w640
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b731453e29d8246324bd7ec363e7acdcb8498e2ed086f31db2bcd8463604d20c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38969
x-xss-protection
0
expires
Wed, 02 Jun 2021 20:45:11 GMT
mKCGRKyYl37fHl0900sGydrZAJSLhcwagV1apol70ydax5meISAZWeb1G4mrYCTKOJT10TrDMmFHoCp3LeD3AmYYKNR3_BZE1-TBUISaI7XEm92SsDXjHDq-UFdV7tEKMNKa1wkCUKqmir_HUXW-iRGeEFZwgHDtq9pG=w640
lh5.googleusercontent.com/proxy/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/proxy/mKCGRKyYl37fHl0900sGydrZAJSLhcwagV1apol70ydax5meISAZWeb1G4mrYCTKOJT10TrDMmFHoCp3LeD3AmYYKNR3_BZE1-TBUISaI7XEm92SsDXjHDq-UFdV7tEKMNKa1wkCUKqmir_HUXW-iRGeEFZwgHDtq9pG=w640
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4c2e6a69a80aaf22d8e624a49eedc1cd63efce124a3d02e6c8561aca65e55886
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2102
x-xss-protection
0
expires
Wed, 02 Jun 2021 20:45:11 GMT
Earn+To+Die.jpeg
1.bp.blogspot.com/-YbU2CFl8lv8/UjmOEV27olI/AAAAAAAABVM/Ub29zOWihbY/w640/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-YbU2CFl8lv8/UjmOEV27olI/AAAAAAAABVM/Ub29zOWihbY/w640/Earn+To+Die.jpeg
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
22c93f75e3cde3ec94ae6ed1e0df8bd15cc80ce9b85876827646768ae917a09e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="Earn To Die.jpeg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9065
x-xss-protection
0
server
fife
etag
"v554"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 31 May 2021 15:07:29 GMT
UMAG.jpeg
1.bp.blogspot.com/-GH-XC1T7KQY/UjCmrpc8GSI/AAAAAAAABRk/OwBwkTaaLFg/w640/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-GH-XC1T7KQY/UjCmrpc8GSI/AAAAAAAABRk/OwBwkTaaLFg/w640/UMAG.jpeg
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6ab968e3ded88d26e2dae763bfd7e5e5cd7bdbea3baed21bff5c8b75066ad9ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="UMAG.jpeg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7072
x-xss-protection
0
server
fife
etag
"v51a"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 29 May 2021 14:45:24 GMT
rnNOlZCffJN0PPM91dbSdi5o9P6JrOm-T5diJEnmap1WSMGcYzlRC1Ob-HZUYnc6nKPjSIaIqnUuuZQa1wlpqQjIG1et_BI-QEI6MrLHdNgwBYz3=w640
lh5.googleusercontent.com/proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/proxy/rnNOlZCffJN0PPM91dbSdi5o9P6JrOm-T5diJEnmap1WSMGcYzlRC1Ob-HZUYnc6nKPjSIaIqnUuuZQa1wlpqQjIG1et_BI-QEI6MrLHdNgwBYz3=w640
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
AVGkatEU6B7oMwHe0Nc3xG1oaX_-zunsB5txwRcH3H3MgqGKt7zBt-Jzs-KchyQIU0n8VHUSTpXZ1TE4f0exO8-xQDBfgVv0GQUT_eg=w640
lh5.googleusercontent.com/proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/proxy/AVGkatEU6B7oMwHe0Nc3xG1oaX_-zunsB5txwRcH3H3MgqGKt7zBt-Jzs-KchyQIU0n8VHUSTpXZ1TE4f0exO8-xQDBfgVv0GQUT_eg=w640
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
CmXyM0AQu9tta7P9IYdFVv3-QN8RRcjFLIe38jrp7ClEzsrShGESO7K6wwpSAwP5MtQJ-mYeTAkOiDcL2qugWpmq=w640
lh6.googleusercontent.com/proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/proxy/CmXyM0AQu9tta7P9IYdFVv3-QN8RRcjFLIe38jrp7ClEzsrShGESO7K6wwpSAwP5MtQJ-mYeTAkOiDcL2qugWpmq=w640
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
ads.php
webtrafic.ru/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webtrafic.ru/ads.php?uid=1021
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.249.138.135 , Russian Federation, ASN20485 (TRANSTELECOM Moscow, Russia, RU),
Reverse DNS
host.135.dynamic1.l2tp.subnets.svg.ttkdv.ru
Software
nginx/1.16.1 /
Resource Hash
6a43b0f3b84c0f4704ffac94cd1ea8f58a8ccb628708311a784c537399681c2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:11 GMT
server
nginx/1.16.1
strict-transport-security
max-age=31536000;
content-type
text/html; charset=UTF-8
getjscode.php
serfnets.ru/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serfnets.ru/getjscode.php?r=13387
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5c26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.3.29
Resource Hash
7c555b29f11d54f5a0760c5b0ee4ff9f7fa66f96b45b186059cbcf56e22c517e

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.3.29
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=U6SR7BXpn%2BqOhZFkarnesgADXI9dX%2FpIgh6kZOpwn23dMg%2BbeadhS3LpCvDtqgHVB1C%2BggiGWwrk3%2BuaSUMrufFWXbGb5IV5PpUcfn5xB1bEan54Hf2d288UdUfz12tNVPwdeCM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=WINDOWS-1251
cf-ray
658b48c31b514e74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6aebcdef00004e7422a1d000000001
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5628
date
Tue, 01 Jun 2021 19:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 01 Jun 2021 21:11:23 GMT
/
www.cora-live.tk/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cora-live.tk/
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.cora-live.tk
referer
https://www.cora-live.tk/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 27 Feb 2021 16:27:04 GMT
server
GSE
etag
W/"8ccb912846fc2d7a1863e57c255a5b63a33a2876e82a80172fee3d8d600c9d50"
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0
x-robots-tag
all,noodp
content-length
77309
x-xss-protection
1; mode=block
expires
Tue, 01 Jun 2021 20:45:11 GMT
bg.jpg
1.bp.blogspot.com/-fqVMbKfY6hM/X3b3TqVgc4I/AAAAAAAAJbI/TvoWA9Y6BA4NVxZRWOvgyMdJglxzuhBnACNcBGAsYHQ/s16000/ 		229 KB
229 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-fqVMbKfY6hM/X3b3TqVgc4I/AAAAAAAAJbI/TvoWA9Y6BA4NVxZRWOvgyMdJglxzuhBnACNcBGAsYHQ/s16000/bg.jpg
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
95e496bbb822ef09ccdf06fc2f804bb195e6fd0632b09a43502f8f410f06c53f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:43:29 GMT
x-content-type-options
nosniff
age
7302
content-disposition
inline;filename="bg.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234310
x-xss-protection
0
server
fife
etag
"v25b3"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 02 Jun 2021 06:41:36 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.cora-live.tk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:32:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
age
601971
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
expires
Wed, 25 May 2022 21:32:20 GMT
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.cora-live.tk
Referer
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
601, 617, 617
access-control-allow-origin
*
cdn-cachedat
2021-06-01 22:38:34
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
77160
cf-request-id
0a6aebcd580000c2a41d888000000001
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
29e63d959c01ee05e4296b2393af550a
accept-ranges
bytes
cf-ray
658b48c22a32c2a4-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
jsunder.php
serfnets.ru/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serfnets.ru/jsunder.php?r=13387
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5c26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.3.29
Resource Hash
7c555b29f11d54f5a0760c5b0ee4ff9f7fa66f96b45b186059cbcf56e22c517e

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.3.29
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1Cn9uNVMDq%2BpVovu2k4utplarcjyfj0RKRsym8pjmwKVS7c0htQXNXIKRuGuoLO4U%2F1q6vlfvuIVJS62tw3qtLiFKvsif8JZtFL%2BCKXoIeVYMPRxcg1qhBv7M65fIpsx6uhFQBg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=WINDOWS-1251
cf-ray
658b48c31b4e4e74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6aebcdef00004e74268e1000000001
ABSMpiXsk7lJ0_vrBzIzvQ7bYJY0-PFMkXVMoEBWgxkjj1n7OBx65f2eW-FSgm3AN_yCrDXHijhaWt0dbMpB5EPSIIE07FO5Om61n4_mTvMi_pgP0sDGgcL-niKjv7gDNMGYTRjThRbIu8flgf3LBtAOLcLrXz2NSsjWbPTTDUApQ8X_419BTvfrrkw3xZw5kTT_W...
lh3.googleusercontent.com/proxy/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/proxy/ABSMpiXsk7lJ0_vrBzIzvQ7bYJY0-PFMkXVMoEBWgxkjj1n7OBx65f2eW-FSgm3AN_yCrDXHijhaWt0dbMpB5EPSIIE07FO5Om61n4_mTvMi_pgP0sDGgcL-niKjv7gDNMGYTRjThRbIu8flgf3LBtAOLcLrXz2NSsjWbPTTDUApQ8X_419BTvfrrkw3xZw5kTT_WF_DKA8R1vRn0Q=w100
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fca3897e87cf9d790a5d8b69bcbe6169347e9e6df2ea31baedaabf8372e081e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3166
x-xss-protection
0
expires
Wed, 02 Jun 2021 20:45:11 GMT
RbakVEEJOW_5jObjl-KPgBW6I3cjOkgzI3NRJdfjkTXSIgiCvRXmtGGvgDSU9NUlrujtk4dzDKzsY8zytwZYy3d0_ShNYBe_gZvPFHIeaQGkL6Jy6jgh=w100
lh6.googleusercontent.com/proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/proxy/RbakVEEJOW_5jObjl-KPgBW6I3cjOkgzI3NRJdfjkTXSIgiCvRXmtGGvgDSU9NUlrujtk4dzDKzsY8zytwZYy3d0_ShNYBe_gZvPFHIeaQGkL6Jy6jgh=w100
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
%25D8%25AA%25D9%2586%25D8%25B2%25D9%258A%25D9%2584%2B%25283%2529.jpg
1.bp.blogspot.com/-DoznQINSVTg/YCNa3uTC5pI/AAAAAAAAAqQ/ywAeQidI6QY3P1FoVsOhQIx896MRcjFdgCLcBGAsYHQ/w100/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-DoznQINSVTg/YCNa3uTC5pI/AAAAAAAAAqQ/ywAeQidI6QY3P1FoVsOhQIx896MRcjFdgCLcBGAsYHQ/w100/%25D8%25AA%25D9%2586%25D8%25B2%25D9%258A%25D9%2584%2B%25283%2529.jpg
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4eed1a65ba188827087e0dc195feb90fce50180665c4cbd449c7e7edf06a917f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
x-content-type-options
nosniff
server
fife
etag
"v2a6"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="_____ (3).jpg";filename*=UTF-8''%D8%AA%D9%86%D8%B2%D9%8A%D9%84%20(3).jpg
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3229
x-xss-protection
0
expires
Wed, 02 Jun 2021 20:45:11 GMT
Earn+To+Die.jpeg
1.bp.blogspot.com/-YbU2CFl8lv8/UjmOEV27olI/AAAAAAAABVM/Ub29zOWihbY/w100/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-YbU2CFl8lv8/UjmOEV27olI/AAAAAAAABVM/Ub29zOWihbY/w100/Earn+To+Die.jpeg
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
82e0f9f4ca0f3161f272a4722260fad74aaf4a6df389974d6603e40e39ea43c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
x-content-type-options
nosniff
server
fife
etag
"v554"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Earn To Die.jpeg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2574
x-xss-protection
0
expires
Wed, 02 Jun 2021 20:45:11 GMT
UMAG.jpeg
1.bp.blogspot.com/-GH-XC1T7KQY/UjCmrpc8GSI/AAAAAAAABRk/OwBwkTaaLFg/w100/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-GH-XC1T7KQY/UjCmrpc8GSI/AAAAAAAABRk/OwBwkTaaLFg/w100/UMAG.jpeg
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b17edcf2228977512f0c4d80afe5ba02013f71d97239c6481476172a96c0fd75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
x-content-type-options
nosniff
server
fife
etag
"v51a"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="UMAG.jpeg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3497
x-xss-protection
0
expires
Wed, 02 Jun 2021 20:45:11 GMT
rnNOlZCffJN0PPM91dbSdi5o9P6JrOm-T5diJEnmap1WSMGcYzlRC1Ob-HZUYnc6nKPjSIaIqnUuuZQa1wlpqQjIG1et_BI-QEI6MrLHdNgwBYz3=w100
lh5.googleusercontent.com/proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/proxy/rnNOlZCffJN0PPM91dbSdi5o9P6JrOm-T5diJEnmap1WSMGcYzlRC1Ob-HZUYnc6nKPjSIaIqnUuuZQa1wlpqQjIG1et_BI-QEI6MrLHdNgwBYz3=w100
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 15:38:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18388
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jun 2022 15:38:43 GMT
menu-extra.png
1.bp.blogspot.com/-KCn8BvTt1V8/X3buBPvz9_I/AAAAAAAAJa8/DuU3vU_WJcMJe_6ukEKYzdXjJHo7ez-bACNcBGAsYHQ/s16000/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-KCn8BvTt1V8/X3buBPvz9_I/AAAAAAAAJa8/DuU3vU_WJcMJe_6ukEKYzdXjJHo7ez-bACNcBGAsYHQ/s16000/menu-extra.png
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
93454b20879fa1bb00c7dd9d3bc3cbcfb8f31cbb900f3d99252d9b4647336585
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:21:40 GMT
x-content-type-options
nosniff
age
8611
content-disposition
inline;filename="menu-extra.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16102
x-xss-protection
0
server
fife
etag
"v25b0"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 02 Jun 2021 14:21:36 GMT
widgetback.png
1.bp.blogspot.com/-34BiwryoUvo/X3boPatWLBI/AAAAAAAAJas/eAeMahpCGXkYoY0wOlqmKGRDx_4j17AKQCNcBGAsYHQ/s16000/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-34BiwryoUvo/X3boPatWLBI/AAAAAAAAJas/eAeMahpCGXkYoY0wOlqmKGRDx_4j17AKQCNcBGAsYHQ/s16000/widgetback.png
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
33ff83805a247c7983099c18a4f22bbde67fabd4eb5da1fccb7d55cb2025d683
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:27:43 GMT
x-content-type-options
nosniff
age
1048
content-disposition
inline;filename="widgetback.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1335
x-xss-protection
0
server
fife
etag
"v25ad"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 02 Jun 2021 04:23:00 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.cora-live.tk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 07:37:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
age
47288
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
expires
Wed, 01 Jun 2022 07:37:03 GMT
mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v20/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.cora-live.tk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:32:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:17 GMT
server
sffe
age
601985
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13792
x-xss-protection
0
expires
Wed, 25 May 2022 21:32:06 GMT
banner468.php
www.adzbux.com/ Frame E41C 		364 B
942 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adzbux.com/banner468.php?u=50390
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:180d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4
Resource Hash
e1537f025788a59780d6a261928ed46a56bfe6bb45b57778197a9bc3ae9f9087

Request headers

:method
GET
:authority
www.adzbux.com
:scheme
https
:path
/banner468.php?u=50390
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.cora-live.tk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.cora-live.tk/

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a6aebce120000062d93117000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=d41aa18d88884cf90c6c36587f868bda11abcbbb-1622580311-1800-AbHrbS4aSH8SJYqpnt142Cg+r8KRs0Yztbianv7/TSVbwa4yb9YAQn+J7qeiyJ1vVVvKRwsDhYd8OjXarJm4cTc=; path=/; expires=Tue, 01-Jun-21 21:15:11 GMT; domain=.adzbux.com; HttpOnly; Secure; SameSite=None
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=X9ej4LvmDJL%2BArVBDwWtHoP1pa5E0Z3mQmr4Ras2wfjh54SrFbsVHfchhQMlALjxG7ikOiQBWf59kqy16yTjJpjeJVYZP9xQgtc06bs%2FPlCF1fHH65aUihnOWGoial7wW7Ydnze5GUU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c34fe1062d-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1562375
ad.a-ads.com/ Frame 3CF3 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1562375?size=160x600
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.108.125.9.176.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
e05b218a03e31a6449e18887b1e6ad934cbc65caa880ae6be5135c40bf52ee76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.cora-live.tk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.cora-live.tk/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 01 Jun 2021 20:45:11 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://www.cora-live.tk/
Content-Encoding
gzip
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=784247605&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cora-live.tk%2F&ul=en-us&de=UTF-8&dt=cora-live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=971766650&gjid=124189728&cid=308665836.1622580312&tid=UA-114936408-9&_gid=642033752.1622580312&_r=1&_slc=1&z=1434856882
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cora-live.tk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=784247605&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cora-live.tk%2F&ul=en-us&de=UTF-8&dt=cora-live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=1596775588&gjid=1794226391&cid=308665836.1622580312&tid=UA-114936408-9&_gid=642033752.1622580312&_r=1&gtm=2ou5q1&z=1195579036
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cora-live.tk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gate.php
linkslot.ru/ 		2 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=dae2dc98d5d6dbdb8eded1ddcd91dfd08da5989baf93a88b989e939b889ba497999dcee1e2d0d4cfcc949fa09789a2d8dbd6cbd7dade85d8e6879aaa8fa2a387dfccd99b9ead87e1b0959b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19fa2a891a09c9aa09c999c9c92dacae0c2e4d1969d96a2939da88a9cee9adb9ee09acba0cbd7a29799aa91a2989798939b959aa29799aa91a298978b938e889ba8999baf99a29b989998a295
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.14
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.14
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CyVdGBSBtghmHoEwXDN%2Be%2F%2Fv8jfVL8OPaovJ7HFNvYoI8j%2FCtUO%2FYwdfBw00lMueZSeDoi0doksHsAcRgwMnfgZPugobfl7bjprkNjzLiEBd32s0FLGqXtUIGv5Gt4xzMrkIgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
658b48c369a34d89-FRA
content-length
2
cf-request-id
0a6aebce2600004d8977b34000000001
468x60.jpg
linkslot.ru/promo/dummy/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/promo/dummy/468x60.jpg
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2198
content-length
11802
cf-request-id
0a6aebce140000648568895000000001
last-modified
Tue, 21 Jul 2015 17:32:18 GMT
server
cloudflare
etag
"55ae8222-2e1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GoN3ZgF%2Fp%2BJeHz8Jb%2BB2uGaY%2Bt1iQ1Hp7vkrqgOcnGait5gJGkq34oq5%2FvGXBcnNqCMxIue9TC5QbDndAxtCn1BvEfslJj9PtFbUtzw47BozAwrAZ3MExHC3hxSGJ024x78YVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
658b48c35bfe6485-FRA
cf-bgj
h2pri
cookienotice.js
www.cora-live.tk/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cora-live.tk/js/cookienotice.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/js/cookienotice.js
pragma
no-cache
cookie
_ga=GA1.2.308665836.1622580312; _gid=GA1.2.642033752.1622580312; _gat_blogger=1; _gat_gtag_UA_114936408_9=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.cora-live.tk
referer
https://www.cora-live.tk/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 19:22:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
expires
Tue, 08 Jun 2021 20:45:11 GMT
4154767893-widgets.js
www.blogger.com/static/v1/widgets/ 		146 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/4154767893-widgets.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fa997e09f206cb872e70d94837c6c32a5438f86a1c962886db3497b8af26d2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 21:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 31 May 2021 19:10:10 GMT
server
sffe
age
82540
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54286
x-xss-protection
0
expires
Tue, 31 May 2022 21:49:31 GMT
gate.php
linkslot.ru/ 		2 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=dae2dc98d5d6dbdb8eded1ddcd91dfd08da5989baf93a98b989e939b889ba497999dcee1e2d0d4cfcc949fa09789a2d8dbd6cbd7dade85d8e6879aaa8fa2a387dfccd99b9ead87e1b0959b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19fa2a891a09c9aa09c999c9c92dacae0c2e4d1969d96a2939da88a9bead1abdbcfddcfcdd4d7a29799aa91a2989798939b959aa29799aa91a298978b938e889ba8999baf99a29b989998a49a
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.14
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.14
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HNLKofFwb4DlZYBAiqcH9ovBivNLZSh%2FST1L1IMOjiGMj%2Fi%2FWQCkYeAXbWxLn7IrbmiQnTWr4Dw2PrwPQ31V3oyBleh78bYk6whZKfYtmK8BwMxSjhxNe6tid6EKhssEvplqKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
658b48c379c04d89-FRA
content-length
2
cf-request-id
0a6aebce2c00004d89593de000000001
summary
www.cora-live.tk/feeds/posts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cora-live.tk/feeds/posts/summary?max-results=1&alt=json-in-script&callback=dataFeed
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
57bb569975a5f071f7e318123394f77e5c9b6e389712fe43cf6ede915a0bb5e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:path
/feeds/posts/summary?max-results=1&alt=json-in-script&callback=dataFeed
pragma
no-cache
cookie
_ga=GA1.2.308665836.1622580312; _gid=GA1.2.642033752.1622580312; _gat_blogger=1; _gat_gtag_UA_114936408_9=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.cora-live.tk
referer
https://www.cora-live.tk/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 27 Feb 2021 16:27:04 GMT
server
blogger-renderd
etag
W/"9c880ccb21e2ef8024fc640fdec6d3e5b33b109c3e71b98f79ce078bd091c6ec"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
1438
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:45:12 GMT
truncated
/ Frame 3CF3 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
banner2.gif
www.adzbux.com/ Frame E41C 		144 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.adzbux.com/banner2.gif
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/banner468.php?u=50390
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:180d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4035335c1b5b38a2b06e0f780f1ae522d09a6f375c2b014e683757751d5f8fa4

Request headers

Referer
https://www.adzbux.com/banner468.php?u=50390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
147053
cf-request-id
0a6aebcea800002c264fbc4000000001
last-modified
Sun, 11 Apr 2021 12:36:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=isfhBIYczMkYKwOzx71nuq8tOElOK7xv2tJD9%2FCclIOSbwd5BAd4AUYweY8LJv9jyC2msxBdaVETZkBktirCQJDsBvih5U1eVci7JDFKaYSGsJTp0lUDz0ZUxpEswb2j5Ym5A4HYwUc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
658b48c43cfe2c26-FRA
expires
Tue, 01 Jun 2021 21:00:11 GMT
mass.php
www.adzbux.com/ Frame 5F44
Redirect Chain
  • https://www.adzbux.com/quick.php?u=50390
  • https://www.adzbux.com/mass.php
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adzbux.com/mass.php
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/banner468.php?u=50390
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:180d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4
Resource Hash
73f0f545d24761f4634e840838d3118cef1f8c1eca31cdf69aeabcce7365e115

Request headers

:method
GET
:authority
www.adzbux.com
:scheme
https
:path
/mass.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.com/banner468.php?u=50390
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=d41aa18d88884cf90c6c36587f868bda11abcbbb-1622580311-1800-AbHrbS4aSH8SJYqpnt142Cg+r8KRs0Yztbianv7/TSVbwa4yb9YAQn+J7qeiyJ1vVVvKRwsDhYd8OjXarJm4cTc=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/banner468.php?u=50390

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a6aebcee500002c269a2bb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=U19%2BM8kk4lSncNP9hmJXdvNqkcl0bbtXpCjDMIsEUQOO5%2FigS%2BN1QZlFm2%2F5pRpIYw%2FDi%2BRTNSfRoadwFQgBMkdLi1ZoJ7CnAbJJljGyZ7NYYPhV9%2FQ4Dz%2F8czKHBkYj1O96tL9oqWw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c4adbd2c26-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Tue, 01 Jun 2021 20:45:11 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4
location
../mass.php
cf-cache-status
DYNAMIC
cf-request-id
0a6aebcea700002c2686338000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uVYWT2dkgDr7wKjPi%2BT0OIYrna4c7E7ocAqUfKsWQUm2UWVNNT98NeoPSnnUh19Rekr5r%2FrFC91%2FW5aiVg2hXl6P%2FNJd1QKfjuaeLIVg7W3ni3v5oqWTU2KIn4NIB2Um8FTAPhgoU%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c43cfb2c26-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
widget.min.js
arc.io/ Frame 5F44 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arc.io/widget.min.js
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-119.cdg52.r.cloudfront.net
Software
/
Resource Hash
51cd96815bdd1ed018e9de7476502efa8c9f129ec8735762b02379d628f72753
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.adzbux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Wed, 26 May 2021 20:49:24 GMT
age
2446
etag
"60aeb454-b4f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, stale-while-revalidate=864000
date
Tue, 01 Jun 2021 20:04:25 GMT
x-amz-cf-pop
CDG52-P1
content-length
2895
via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
x-amz-cf-id
_HzAT1Xx7vig84dkOlUQyNpt6NMpEvRkD4TIFyksU3ESHcaXvInqJQ==
analytics.js
www.google-analytics.com/ Frame 5F44 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.adzbux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5628
date
Tue, 01 Jun 2021 19:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 01 Jun 2021 21:11:23 GMT
1267016
ad.a-ads.com/ Frame FAF8 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1267016?size=160x600
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.108.125.9.176.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
3cf45b4b0cb3c689b7fe53411e8d6c3d825e451a93c191a92c65cc2fc1fa9ede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.adzbux.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 01 Jun 2021 20:45:11 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://www.adzbux.com/
Content-Encoding
gzip
promuj2.php
www.surfujkase.pl/ Frame A02A
Redirect Chain
  • https://surfujkase.pl/promuj2.php
  • https://www.surfujkase.pl/promuj2.php
0
0
mass-rotator.php
www.adzbux.com/ Frame 7567 		768 B
870 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adzbux.com/mass-rotator.php
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:180d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4
Resource Hash
83f3d168c40a0c104bc911da2994a8a8a4d9fdd336b0c70c33e27e8d10b1e069

Request headers

:method
GET
:authority
www.adzbux.com
:scheme
https
:path
/mass-rotator.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.com/mass.php
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=d41aa18d88884cf90c6c36587f868bda11abcbbb-1622580311-1800-AbHrbS4aSH8SJYqpnt142Cg+r8KRs0Yztbianv7/TSVbwa4yb9YAQn+J7qeiyJ1vVVvKRwsDhYd8OjXarJm4cTc=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/mass.php

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a6aebcf3d00002c2668839000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cxg4o3v3zrGje2%2BHXZC9s306gRxhr%2BgJRjgAoDyAiS%2FwACG3JlKku%2Blt8GFXXS%2F8L32MW3w2FD9RFUwOLwdzymMZuv8sOM3lj6mcyHALe0DZFQhfI5gBCIdUfqiiF5iFHnmuJfSFJ%2Fo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c52ee62c26-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1267021
ad.a-ads.com/ Frame 7B95 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1267021?size=200x200
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.108.125.9.176.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
2ab7bb4ef8660e45796d82167303bfe3b493f43348fffadce5ea673c0d1bc894
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.adzbux.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 01 Jun 2021 20:45:11 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://www.adzbux.com/
Content-Encoding
gzip
page.php
exp3.eurosptp.com/ Frame CD55 		21 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://exp3.eurosptp.com/page.php?fr
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.19 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster010.hosting.ovh.net
Software
Apache / PHP/5.4
Resource Hash

Request headers

:method
GET
:authority
exp3.eurosptp.com
:scheme
https
:path
/page.php?fr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
x-powered-by
PHP/5.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
expires
Sun, 01 Jan 2014 00:00:00 GMT
pragma
no-cache
cache-control
no-cache, must-revalidate
referrer-policy
origin
set-cookie
visbl=1; expires=Tue, 01-Jun-2021 20:45:41 GMT; path=/; SameSite=None;secure; domain=eurosptp.com visite24=1; expires=Wed, 02-Jun-2021 20:45:11 GMT; path=/; SameSite=None;secure; domain=eurosptp.com visite=24h; expires=Wed, 02-Jun-2021 08:45:11 GMT; path=/; SameSite=None;secure; domain=eurosptp.com
vary
Accept-Encoding
content-encoding
gzip
x-robots-tag
noindex
promuj2.php
www.surfujkase.pl/ Frame 9D4F
Redirect Chain
  • https://surfujkase.pl/promuj2.php
  • https://www.surfujkase.pl/promuj2.php
0
0
rotate.php
www.globalrotator.com/ Frame AAE7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.globalrotator.com/rotate.php
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:26dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
www.globalrotator.com
:scheme
https
:path
/rotate.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a6aebcf5d00004ee5dfbe6000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TN5FevoG5GIsTKFxjK%2Bkw1TpR5Ui%2FJGluXHzADzsNJqB2M3Q4CmLE7m3XpmUgqwhCkRkXoauokviH1K1HYNPlmaOBvihSZ9L3bjAcVHKNWynT5QwpopP2VbuySVYf6d%2FSXOtiYzWO93WnSupnYci"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c56e824ee5-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
rotate.php
www.epicrotator.com/ Frame 43A8 		0
0
rotate.php
www.randomadz.com/ Frame 7545 		0
0
mass1.php
www.adzbux.net/ Frame EA7C 		2 KB
857 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adzbux.net/mass1.php
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:8196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4
Resource Hash
77a00e7745b474cd82b1868feef24bb022bb0e3f9e2992e1b90c324fa1c8d64b

Request headers

:method
GET
:authority
www.adzbux.net
:scheme
https
:path
/mass1.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4
age
83
x-cdn-cache
HIT
x-cdn-request-id
678734603
x-cdn-pop
rbx
cf-cache-status
DYNAMIC
cf-request-id
0a6aebcf6300004e077f24b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=81fWAedv%2BjFmK%2F%2FIS9bmCR40M0Hov0tgBO%2BktgxJPdFRC9JiOa0RJvb9U2emggCqfrVks8z91nc%2F%2FxZdfZbgMS%2B9josLlhRuNRjijEgIz3wY84Sjcm%2BKHyASbBd2YdlkAlN7FJa%2F6O0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c569b34e07-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
mass1.php
www.adzbux.net/ Frame 8AC3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adzbux.net/mass1.php
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:8196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4
Resource Hash
ed25e989d522973670b46aa097ce2b9199d97924b20ede490cd50f17b5192bf2

Request headers

:method
GET
:authority
www.adzbux.net
:scheme
https
:path
/mass1.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4
age
76
x-cdn-cache
HIT
x-cdn-request-id
596429244
x-cdn-pop
rbx
cf-cache-status
DYNAMIC
cf-request-id
0a6aebcf6300004e0726019000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mjxC573g9%2FG4Esw8Xn5%2Bp%2FTGEzX%2BU7kQi1cpYXKEycBGMwE2GIrIH8J5b%2F3zCPZBrUXkb%2B6WPJv%2BZUOS50OJHThT05vei0O9XUSTHxlz0rRR9kO5VI7GzWYduYIdu7WD8wvZqvb%2FccI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c569b94e07-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
160x600
static.a-ads.com/a-ads-banners/171433/ Frame FAF8 		0
0
truncated
/ Frame FAF8 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
page.php
exp3.eurosptp.com/ Frame 2D57 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://exp3.eurosptp.com/page.php?fr
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass-rotator.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.19 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster010.hosting.ovh.net
Software
Apache / PHP/5.4
Resource Hash

Request headers

:method
GET
:authority
exp3.eurosptp.com
:scheme
https
:path
/page.php?fr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
x-powered-by
PHP/5.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
expires
Sun, 01 Jan 2014 00:00:00 GMT
pragma
no-cache
cache-control
no-cache, must-revalidate
referrer-policy
origin
set-cookie
visbl=1; expires=Tue, 01-Jun-2021 20:45:41 GMT; path=/; SameSite=None;secure; domain=eurosptp.com visite24=1; expires=Wed, 02-Jun-2021 20:45:11 GMT; path=/; SameSite=None;secure; domain=eurosptp.com visite=24h; expires=Wed, 02-Jun-2021 08:45:11 GMT; path=/; SameSite=None;secure; domain=eurosptp.com
vary
Accept-Encoding
content-encoding
gzip
x-robots-tag
noindex
/
sharkpromotion.net/ Frame 6AE6 		0
0
iframe.php
trafiframe.ru/ Frame 2D2E 		0
0
2e1d42353d627af61a63ef860bdb6484.gif
webtrafic.ru/banners/ 		234 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webtrafic.ru/banners/2e1d42353d627af61a63ef860bdb6484.gif
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.249.138.135 , Russian Federation, ASN20485 (TRANSTELECOM Moscow, Russia, RU),
Reverse DNS
host.135.dynamic1.l2tp.subnets.svg.ttkdv.ru
Software
nginx/1.16.1 /
Resource Hash
df918b2bb46327d9e1a0c4306ed31843a0286de8cbf701dd891215505d13d147
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 01 Jun 2021 20:15:33 GMT
server
nginx/1.16.1
etag
"60b69565-3a635"
strict-transport-security
max-age=31536000;
content-type
image/gif
accept-ranges
bytes
content-length
239157
200x200
static.a-ads.com/a-ads-banners/116319/ Frame 7B95 		0
0
logo.png
webtrafic.ru/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webtrafic.ru/img/logo.png
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.249.138.135 , Russian Federation, ASN20485 (TRANSTELECOM Moscow, Russia, RU),
Reverse DNS
host.135.dynamic1.l2tp.subnets.svg.ttkdv.ru
Software
nginx/1.16.1 /
Resource Hash
49a8b3ceb434623d189b48093c53cbe40be562b52d50a0f69ab65f57c9e9786b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Sun, 14 Mar 2021 14:24:37 GMT
server
nginx/1.16.1
etag
"604e1ca5-4b0"
strict-transport-security
max-age=31536000;
content-type
image/png
accept-ranges
bytes
content-length
1200
truncated
/ Frame 7B95 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
widget.min.js
arc.io/ Frame 8AC3 		0
0
analytics.js
www.google-analytics.com/ Frame 8AC3 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.adzbux.net
URL: https://www.adzbux.net/mass1.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.adzbux.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5628
date
Tue, 01 Jun 2021 19:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 01 Jun 2021 21:11:23 GMT
page.php
exp3.eurosptp.com/ Frame D0CB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://exp3.eurosptp.com/page.php?fr
Requested by
Host: www.adzbux.net
URL: https://www.adzbux.net/mass1.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.19 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster010.hosting.ovh.net
Software
Apache / PHP/5.4
Resource Hash

Request headers

:method
GET
:authority
exp3.eurosptp.com
:scheme
https
:path
/page.php?fr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.net/

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
x-powered-by
PHP/5.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
expires
Sun, 01 Jan 2014 00:00:00 GMT
pragma
no-cache
cache-control
no-cache, must-revalidate
referrer-policy
origin
set-cookie
visbl=1; expires=Tue, 01-Jun-2021 20:45:41 GMT; path=/; SameSite=None;secure; domain=eurosptp.com visite24=1; expires=Wed, 02-Jun-2021 20:45:11 GMT; path=/; SameSite=None;secure; domain=eurosptp.com visite=24h; expires=Wed, 02-Jun-2021 08:45:11 GMT; path=/; SameSite=None;secure; domain=eurosptp.com
vary
Accept-Encoding
content-encoding
gzip
x-robots-tag
noindex
mass-rotator.php
www.adzbux.com/ Frame 6A84 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adzbux.com/mass-rotator.php
Requested by
Host: www.adzbux.net
URL: https://www.adzbux.net/mass1.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:180d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4
Resource Hash

Request headers

:method
GET
:authority
www.adzbux.com
:scheme
https
:path
/mass-rotator.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=d41aa18d88884cf90c6c36587f868bda11abcbbb-1622580311-1800-AbHrbS4aSH8SJYqpnt142Cg+r8KRs0Yztbianv7/TSVbwa4yb9YAQn+J7qeiyJ1vVVvKRwsDhYd8OjXarJm4cTc=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.net/

Response headers

date
Tue, 01 Jun 2021 20:45:11 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a6aebcfa700002c2657152000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Jwzixri%2FfTAnd4CIt0N0fFK5v4ahIfeWnPGDWzOqL9IZQj5PlZy1o3BGgVzjJXJWe2TObWI8T6Hc8w27sZUVhSFgZXzzhKRDUYlL8KzNLOSRw1cBWIyGZw2RdPFWSljXqfLjybUUqEw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c5d8582c26-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
rotate.php
www.globalrotator.com/ Frame 4BA5 		0
0
rotate.php
www.epicrotator.com/ Frame BC40 		0
0
rotate.php
www.randomadz.com/ Frame 5ECC 		0
0
mem8YaGs126MiZpBA-UFUZ0bbck.woff2
fonts.gstatic.com/s/opensans/v20/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFUZ0bbck.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.cora-live.tk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:39:15 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:20 GMT
server
sffe
age
601556
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9400
x-xss-protection
0
expires
Wed, 25 May 2022 21:39:15 GMT
widget.min.js
arc.io/ Frame EA7C 		0
0
analytics.js
www.google-analytics.com/ Frame EA7C 		0
0
/
worldofclix.com/ Frame 8913 		0
0
mass-rotator.php
www.adzbux.com/ Frame 690C 		0
0
rotate.php
www.globalrotator.com/ Frame C055 		0
0
rotate.php
www.epicrotator.com/ Frame 99C3 		0
0
rotate.php
www.randomadz.com/ Frame 9C41 		0
0
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5e2756a25bc1f7d4c051342fac7c7d9deed845cd8d2def10081646c0bec3e215
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
sHFiYd0li0vUjuWCMfa22g==
cross-origin-resource-policy
cross-origin
expires
Tue, 01 Jun 2021 21:04:54 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1780
x-fb-rlafr
0
x-fb-debug
ORbQOozIjc0N3AdBjTVXiIQ/7sRQAEb/zgeCciEdXUznQZnmnFecm5RJUkXW5k9QOzYe+wnt2aWPbsfbOZcJpw==
x-fb-trip-id
686109401
x-fb-content-md5
206491f975fe720ff56a0ba3a8c149eb
date
Tue, 01 Jun 2021 20:45:12 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"b62ee81b72d807d15eda263d0113e365"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
Cookie set /
sharkpromotion.net/ Frame 9665 		44 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sharkpromotion.net/?r=51425
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 / PHP/5.3.3
Resource Hash
c332e2f07c8afb061e80de416b2caf95091d28516155e872dfd31456ae979424

Request headers

Host
sharkpromotion.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.cora-live.tk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.cora-live.tk/

Response headers

Server
nginx/1.18.0
Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Type
text/html; charset=WINDOWS-1251
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.3.3
Set-Cookie
PHPSESSID=9ihhrs8i5r7kak186hp0qjmmv6; path=/; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Content-Encoding
gzip
iframe.php
trafiframe.ru/ Frame 1565 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trafiframe.ru/iframe.php
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.249.138.135 , Russian Federation, ASN20485 (TRANSTELECOM Moscow, Russia, RU),
Reverse DNS
host.135.dynamic1.l2tp.subnets.svg.ttkdv.ru
Software
nginx/1.16.1 /
Resource Hash
5f3a90f1931f9c20ddc7ec0e37d23bb81cb9280c638dfa54062f307550df7c93
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

:method
GET
:authority
trafiframe.ru
:scheme
https
:path
/iframe.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.cora-live.tk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.cora-live.tk/

Response headers

server
nginx/1.16.1
date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
PHPSESSID=91nsv2mh9pop5afefrfsop4l64; path=/
vary
Accept-Encoding
content-encoding
gzip
strict-transport-security
max-age=0;
banner468.php
www.adzbux.com/ Frame 78D3 		364 B
721 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adzbux.com/banner468.php?u=50390
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:180d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4
Resource Hash
e1537f025788a59780d6a261928ed46a56bfe6bb45b57778197a9bc3ae9f9087

Request headers

:method
GET
:authority
www.adzbux.com
:scheme
https
:path
/banner468.php?u=50390
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.cora-live.tk/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=d41aa18d88884cf90c6c36587f868bda11abcbbb-1622580311-1800-AbHrbS4aSH8SJYqpnt142Cg+r8KRs0Yztbianv7/TSVbwa4yb9YAQn+J7qeiyJ1vVVvKRwsDhYd8OjXarJm4cTc=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.cora-live.tk/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a6aebcffd00002c266ab36000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=StolCq6a0egssrKCUCGcHYtIwWNMaSJ3p5YZiYo3faVD7RtExJx3h%2F8N71nVV7LJ9%2BGNhzlhdZMFzafYBtvJo%2FQ4VLyCVZad5Uw5dAYazOIZDFElFOXjBDvJAax9STYcQqWGy0G1w2A%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c669842c26-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1562375
ad.a-ads.com/ Frame 5878 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1562375?size=160x600
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.108.125.9.176.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
223d03c5adcefb6eb18813dfd60dde36115184e51a1a53b267d07603f0510b4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.cora-live.tk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.cora-live.tk/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://www.cora-live.tk/
Content-Encoding
gzip
War
www.cora-live.tk/feeds/posts/default/-/ 		2 KB
1001 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cora-live.tk/feeds/posts/default/-/War?alt=json-in-script&max-results=5&callback=jQuery112406513610441457367_1622580311620&_=1622580311621
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
fbaad5ed946f088a6a6eae87eeada389da5dc3a8acadb37c338a2097cc1137e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.308665836.1622580312; _gid=GA1.2.642033752.1622580312; _gat_blogger=1; _gat_gtag_UA_114936408_9=1; nova=2pp9shulbom000000000000000000000
:path
/feeds/posts/default/-/War?alt=json-in-script&max-results=5&callback=jQuery112406513610441457367_1622580311620&_=1622580311621
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.cora-live.tk
referer
https://www.cora-live.tk/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.cora-live.tk/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 27 Feb 2021 16:27:04 GMT
server
blogger-renderd
etag
W/"ce57fef87fa599a819047bacdaa3ca630510002e9099f2b7a41177a28741c613"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
882
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:45:13 GMT
Xbox
www.cora-live.tk/feeds/posts/default/-/ 		2 KB
1002 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cora-live.tk/feeds/posts/default/-/Xbox?alt=json-in-script&max-results=2&callback=jQuery112406513610441457367_1622580311622&_=1622580311623
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
09e4ac38344bc43a667ed48756e2f2c05a4ede9995510b94e1a3f65e5d0c8555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.308665836.1622580312; _gid=GA1.2.642033752.1622580312; _gat_blogger=1; _gat_gtag_UA_114936408_9=1; nova=2pp9shulbom000000000000000000000
:path
/feeds/posts/default/-/Xbox?alt=json-in-script&max-results=2&callback=jQuery112406513610441457367_1622580311622&_=1622580311623
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.cora-live.tk
referer
https://www.cora-live.tk/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.cora-live.tk/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 27 Feb 2021 16:27:04 GMT
server
blogger-renderd
etag
W/"937b1500d0e0df9f22923367e49984e399aafd34cca43ef8ecfe7e136cdfa22a"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
883
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:45:13 GMT
RPG
www.cora-live.tk/feeds/posts/default/-/ 		2 KB
1000 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cora-live.tk/feeds/posts/default/-/RPG?alt=json-in-script&max-results=3&callback=jQuery112406513610441457367_1622580311624&_=1622580311625
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
63dc986df9eed801db9d873b7c510934348c3edb736c49ef56d92dbd46443fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.308665836.1622580312; _gid=GA1.2.642033752.1622580312; _gat_blogger=1; _gat_gtag_UA_114936408_9=1; nova=2pp9shulbom000000000000000000000
:path
/feeds/posts/default/-/RPG?alt=json-in-script&max-results=3&callback=jQuery112406513610441457367_1622580311624&_=1622580311625
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.cora-live.tk
referer
https://www.cora-live.tk/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.cora-live.tk/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 27 Feb 2021 16:27:04 GMT
server
blogger-renderd
etag
W/"253a33cdc03d34a5596f71901f783105766f9a54b89a5ba14e8e61c152d680f6"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
884
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:45:13 GMT
Gameplay
www.cora-live.tk/feeds/posts/default/-/ 		2 KB
1005 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cora-live.tk/feeds/posts/default/-/Gameplay?alt=json-in-script&max-results=3&callback=jQuery112406513610441457367_1622580311626&_=1622580311627
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
d7cd2b8d92c8163b69b4c3848d47415a79bc52caebc7cc1abc9bc26e4196853e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.308665836.1622580312; _gid=GA1.2.642033752.1622580312; _gat_blogger=1; _gat_gtag_UA_114936408_9=1; nova=2pp9shulbom000000000000000000000
:path
/feeds/posts/default/-/Gameplay?alt=json-in-script&max-results=3&callback=jQuery112406513610441457367_1622580311626&_=1622580311627
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.cora-live.tk
referer
https://www.cora-live.tk/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.cora-live.tk/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 27 Feb 2021 16:27:04 GMT
server
blogger-renderd
etag
W/"945b8cdc7b872188a37c877526048a3d8fb8e0fffc17e20e4ed4edbdc7d42dd8"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
885
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:45:13 GMT
Releases
www.cora-live.tk/feeds/posts/default/-/ 		2 KB
1005 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cora-live.tk/feeds/posts/default/-/Releases?alt=json-in-script&max-results=3&callback=jQuery112406513610441457367_1622580311628&_=1622580311629
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
50ee7ab6c3a1270d630aee6823ff7052281c5a97a0f0075e89954d4f5988c5ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.308665836.1622580312; _gid=GA1.2.642033752.1622580312; _gat_blogger=1; _gat_gtag_UA_114936408_9=1; nova=2pp9shulbom000000000000000000000
:path
/feeds/posts/default/-/Releases?alt=json-in-script&max-results=3&callback=jQuery112406513610441457367_1622580311628&_=1622580311629
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.cora-live.tk
referer
https://www.cora-live.tk/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.cora-live.tk/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 27 Feb 2021 16:27:04 GMT
server
blogger-renderd
etag
W/"95062e2331a3df0bce4a6c9509d792efb129c443d73a4a02d131a7e4bce48208"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
886
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:45:13 GMT
default
www.cora-live.tk/feeds/posts/ 		19 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cora-live.tk/feeds/posts/default?max-results=3&start-index=2&alt=json-in-script&callback=jQuery112406513610441457367_1622580311630&_=1622580311631
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
ca4e6dc3179ff5a79b4858588cb2d7313fc1f9e5e782ce1e4dfc6088045a4eb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.308665836.1622580312; _gid=GA1.2.642033752.1622580312; _gat_blogger=1; _gat_gtag_UA_114936408_9=1; nova=2pp9shulbom000000000000000000000
:path
/feeds/posts/default?max-results=3&start-index=2&alt=json-in-script&callback=jQuery112406513610441457367_1622580311630&_=1622580311631
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.cora-live.tk
referer
https://www.cora-live.tk/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.cora-live.tk/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 27 Feb 2021 16:27:04 GMT
server
blogger-renderd
etag
W/"d7d83f8cb99cf78fbe58ad4d583e56d6329e69679e8f4a1d5ca0e0451eef0a13"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
4594
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:45:13 GMT
PC
www.cora-live.tk/feeds/posts/default/-/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cora-live.tk/feeds/posts/default/-/PC?alt=json-in-script&max-results=3&callback=jQuery112406513610441457367_1622580311632&_=1622580311633
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
e9bb70d6854dc3940429fe26bbc47843860be34124dc4f0af065c2023a1a258c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.308665836.1622580312; _gid=GA1.2.642033752.1622580312; _gat_blogger=1; _gat_gtag_UA_114936408_9=1; nova=2pp9shulbom000000000000000000000
:path
/feeds/posts/default/-/PC?alt=json-in-script&max-results=3&callback=jQuery112406513610441457367_1622580311632&_=1622580311633
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.cora-live.tk
referer
https://www.cora-live.tk/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.cora-live.tk/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 27 Feb 2021 16:27:04 GMT
server
blogger-renderd
etag
W/"7c66ddb561dc71b70fec0a19842ae4b86d7279184a194738809bbe1bada12b7d"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
884
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:45:13 GMT
rnNOlZCffJN0PPM91dbSdi5o9P6JrOm-T5diJEnmap1WSMGcYzlRC1Ob-HZUYnc6nKPjSIaIqnUuuZQa1wlpqQjIG1et_BI-QEI6MrLHdNgwBYz3=w640
lh5.googleusercontent.com/proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/proxy/rnNOlZCffJN0PPM91dbSdi5o9P6JrOm-T5diJEnmap1WSMGcYzlRC1Ob-HZUYnc6nKPjSIaIqnUuuZQa1wlpqQjIG1et_BI-QEI6MrLHdNgwBYz3=w640
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
AVGkatEU6B7oMwHe0Nc3xG1oaX_-zunsB5txwRcH3H3MgqGKt7zBt-Jzs-KchyQIU0n8VHUSTpXZ1TE4f0exO8-xQDBfgVv0GQUT_eg=w640
lh5.googleusercontent.com/proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/proxy/AVGkatEU6B7oMwHe0Nc3xG1oaX_-zunsB5txwRcH3H3MgqGKt7zBt-Jzs-KchyQIU0n8VHUSTpXZ1TE4f0exO8-xQDBfgVv0GQUT_eg=w640
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
CmXyM0AQu9tta7P9IYdFVv3-QN8RRcjFLIe38jrp7ClEzsrShGESO7K6wwpSAwP5MtQJ-mYeTAkOiDcL2qugWpmq=w640
lh6.googleusercontent.com/proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/proxy/CmXyM0AQu9tta7P9IYdFVv3-QN8RRcjFLIe38jrp7ClEzsrShGESO7K6wwpSAwP5MtQJ-mYeTAkOiDcL2qugWpmq=w640
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
sdk.js
connect.facebook.net/en_US/ 		218 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=83ffbb1cde965b80b39a82441e64b47e&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
efbb9b7c14a08fd06196ad5c3bca10f1175a102c8399808c99ef31c0d17948b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.cora-live.tk
Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
9nFBVfsIRw5DUyQXJpjmeA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
65698
x-fb-rlafr
0
x-fb-debug
Iz18XOp2bvb86VE3FJpqA7WaWtYwwcacjovcLuG57AjuEu31yKfbkUpCcDOb9raOOSWkHJkz12uemMogPg+oow==
x-fb-content-md5
9fa2a175c1d354796ca58cdd4b4afb34
x-frame-options
DENY
date
Tue, 01 Jun 2021 20:45:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"35e2f27222c37215fa9c8cccdcfa2232"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 01 Jun 2022 19:10:46 GMT
truncated
/ Frame 5878 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
banner2.gif
www.adzbux.com/ Frame 78D3 		144 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.adzbux.com/banner2.gif
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/banner468.php?u=50390
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:180d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4035335c1b5b38a2b06e0f780f1ae522d09a6f375c2b014e683757751d5f8fa4

Request headers

Referer
https://www.adzbux.com/banner468.php?u=50390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
147053
cf-request-id
0a6aebd03e00002c268635b000000001
last-modified
Sun, 11 Apr 2021 12:36:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TbQhv5VqOIKxUpuP4%2BZqkN1WPGjpIT24GQmjwgp0quAHNm6DWmOpXorzi8EeKQ5YYQh1as6D27kdOw4emxeeyRXMiq9dNsEX5WGhsVVMdbwEp6CZ45%2FQRj4AOVnREQi%2FEchgx4UZKRc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
658b48c6ca502c26-FRA
expires
Tue, 01 Jun 2021 21:00:11 GMT
mass.php
www.adzbux.com/ Frame E61B
Redirect Chain
  • https://www.adzbux.com/quick.php?u=50390
  • https://www.adzbux.com/mass.php
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adzbux.com/mass.php
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/banner468.php?u=50390
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:180d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4
Resource Hash
5bb66f358aa9c078a032cf7d56612f584a891b6a6118ffc5d646e732fe0e1833

Request headers

:method
GET
:authority
www.adzbux.com
:scheme
https
:path
/mass.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.com/banner468.php?u=50390
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=d41aa18d88884cf90c6c36587f868bda11abcbbb-1622580311-1800-AbHrbS4aSH8SJYqpnt142Cg+r8KRs0Yztbianv7/TSVbwa4yb9YAQn+J7qeiyJ1vVVvKRwsDhYd8OjXarJm4cTc=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/banner468.php?u=50390

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a6aebd06e00002c264fbe8000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=egect4YMMTyLsBB4SWLeWNA%2FARDMddUHz5xGVB9PgzSHYY8Z2qFxGQWopMvtcJvMkCuNjYID8nBrOGEZen9zudOb76BTXM37QX626P7UzMV5%2BkAG%2FxaIrJ2bEfBC1838DVEkpiDjD2Q%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c71b142c26-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4
location
../mass.php
cf-cache-status
DYNAMIC
cf-request-id
0a6aebd03a00002c26be13f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1KOHWR0MEQ9S4sX3LZEYSQ%2BPR2%2Ba6N1jTpucdBSPMhhd3sopzOjR8S8gcWeCTvynaTi4xN0qAPUQJ%2F1H2NOLJ4sr9SARZIAdybKjkuYTvJ2euW2pnJ%2FkdwviTJONKXGNI5NdH%2BFPFO0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c6ca552c26-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
widget.min.js
arc.io/ Frame E61B 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arc.io/widget.min.js
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-119.cdg52.r.cloudfront.net
Software
/
Resource Hash
51cd96815bdd1ed018e9de7476502efa8c9f129ec8735762b02379d628f72753
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.adzbux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Wed, 26 May 2021 20:49:24 GMT
age
2447
etag
"60aeb454-b4f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, stale-while-revalidate=864000
date
Tue, 01 Jun 2021 20:04:25 GMT
x-amz-cf-pop
CDG52-P1
content-length
2895
via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
x-amz-cf-id
jmnEfJpGjjEsLc9Falwva3yLldwjdIXs2OE2bcFAlBJ1ChjzI8esIw==
analytics.js
www.google-analytics.com/ Frame E61B 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.adzbux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5629
date
Tue, 01 Jun 2021 19:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 01 Jun 2021 21:11:23 GMT
1267016
ad.a-ads.com/ Frame 86F9 		0
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1267016?size=160x600
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.108.125.9.176.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.adzbux.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Length
0
Connection
keep-alive
/
worldofclix.com/ Frame FE67 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache / PHP/7.4
Resource Hash
58ddcfa3881de98d1bdbe63d7cd3f3731bc0cfaefc89104bd78a778f54fd141d

Request headers

:method
GET
:authority
worldofclix.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
content-length
2477
server
Apache
x-powered-by
PHP/7.4
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
evo_session=13eeafa8d92c06f4c9f3d7dce6e1c70424412764; expires=Tue, 01-Jun-2021 22:45:12 GMT; Max-Age=7200; path=/; HttpOnly
vary
Accept-Encoding
content-encoding
gzip
mass-rotator.php
www.adzbux.com/ Frame BEAA 		764 B
868 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adzbux.com/mass-rotator.php
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:180d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4
Resource Hash
898204dfac6a9d1df2df0f5fd51d9710d193b3c43b9cb3f621ed07b8e5e65820

Request headers

:method
GET
:authority
www.adzbux.com
:scheme
https
:path
/mass-rotator.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.com/mass.php
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=d41aa18d88884cf90c6c36587f868bda11abcbbb-1622580311-1800-AbHrbS4aSH8SJYqpnt142Cg+r8KRs0Yztbianv7/TSVbwa4yb9YAQn+J7qeiyJ1vVVvKRwsDhYd8OjXarJm4cTc=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/mass.php

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a6aebd0ba00002c26a795f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=e%2Fv4CW%2FMvAHTYZdF1pLp7zulUWl8nIuf5FG%2FqNl6ZLuL4HvuPZff9TIN4e7TlTzrxYestMcytWGFZK697GqqFUoGNMwM8tkmng%2BdgAXhKm52v9iOdPLiqHnvcR5yuj38q5UE6sNb4wE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c78c622c26-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1267021
ad.a-ads.com/ Frame 3FED 		0
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1267021?size=200x200
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.108.125.9.176.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.adzbux.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Length
0
Connection
keep-alive
promuj2.php
www.surfujkase.pl/ Frame 7CBC
Redirect Chain
  • https://surfujkase.pl/promuj2.php
  • https://www.surfujkase.pl/promuj2.php
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.surfujkase.pl/promuj2.php
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b3db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74e9d197c84b4674008b5993fbbf8c4a39ce97fa7382338759ea4b08d6755c5b

Request headers

:method
GET
:authority
www.surfujkase.pl
:scheme
https
:path
/promuj2.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
PHPSESSID=uhlnh581a4262f7puomp7r4ihn; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0a6aebd13e0000c2ea9938d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2nipkGVGENSLdf8oxwEcxH0oeTmPlk2ZgngCJE5iVoBwcHHZV3nelr3CSgRCj%2B1Pj%2Bxc%2B23qSZrO61PHLmGgc7qx4e%2BwkQlKR%2FN3oGdV2dlWCItMeVTZQC7EbmPQ%2B%2FB49o8eU8mXrZlzXu4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c8599dc2ea-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html
location
https://www.surfujkase.pl/promuj2.php
cf-cache-status
DYNAMIC
cf-request-id
0a6aebd0c700004de29cb3d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QoeOoEWMI2pYITyl6yC63pt19W4nxlePJPacUmKGh7DG%2Fge8FocLaTI9NSZZqmNzbRpOuHvQ44j6RRMhLOKFCw6AVP%2BN%2BPJgsnALdpBlj8rlnTF%2Bms6aZ8LUQ%2BbhoWfzjMNby4Zjcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c7aed54de2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
index.html
moneyonlineinvestment.com/ Frame E515
Redirect Chain
  • https://moneyonlineinvestment.com/r/321478
  • https://moneyonlineinvestment.com/?a_aid=321478
  • https://moneyonlineinvestment.com/index.html
278 B
517 B 		Document
General
Check archive.org
Download Go to
Full URL
https://moneyonlineinvestment.com/index.html
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.29.104.118 Paris, France, ASN9009 (M247, GB),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
922928a8f6f3e0b9cfe1dc7daf5dbcbb2c84b18d7fbf10174052c33b013e6667

Request headers

Host
moneyonlineinvestment.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.adzbux.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Server
Apache/2.4.41 (Ubuntu)
Last-Modified
Thu, 15 Apr 2021 09:46:01 GMT
ETag
"116-5bfffbb333c44-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
217
Connection
close
Content-Type
text/html

Redirect headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Server
Apache/2.4.41 (Ubuntu)
Set-Cookie
PHPSESSID=mtsdr2n95c0m321q7mpu9ir9j8; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
/index.html
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
rotate.php
www.globalrotator.com/ Frame D92B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.globalrotator.com/rotate.php
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:26dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.globalrotator.com
:scheme
https
:path
/rotate.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=520:658b48c7a853c2ea:FRA; path=/; expires=Tue, 01-Jun-21 20:45:42 GMT cf_use_ob=443; path=/; expires=Tue, 01-Jun-21 20:45:42 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
658b48c7a853c2ea-FRA
server
cloudflare
rotate.php
www.epicrotator.com/ Frame EC10 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.epicrotator.com/rotate.php
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c050 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.epicrotator.com
:scheme
https
:path
/rotate.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=520:658b48c798bc4eaf:FRA; path=/; expires=Tue, 01-Jun-21 20:45:42 GMT cf_use_ob=443; path=/; expires=Tue, 01-Jun-21 20:45:42 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
658b48c798bc4eaf-FRA
server
cloudflare
rotate.php
www.randomadz.com/ Frame DF93 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.randomadz.com/rotate.php
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2905 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.randomadz.com
:scheme
https
:path
/rotate.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=520:658b48c79ace4e14:FRA; path=/; expires=Tue, 01-Jun-21 20:45:42 GMT cf_use_ob=443; path=/; expires=Tue, 01-Jun-21 20:45:42 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
658b48c79ace4e14-FRA
server
cloudflare
mass1.php
www.adzbux.net/ Frame 94CB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adzbux.net/mass1.php
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:8196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4
Resource Hash
77a00e7745b474cd82b1868feef24bb022bb0e3f9e2992e1b90c324fa1c8d64b

Request headers

:method
GET
:authority
www.adzbux.net
:scheme
https
:path
/mass1.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4
age
83
x-cdn-cache
HIT
x-cdn-request-id
397256388
x-cdn-pop
rbx
cf-cache-status
DYNAMIC
cf-request-id
0a6aebd0d900004a8cf19ee000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Z1wpfQlni7CEekt1H0jUaRDr2iecK7H3Ls3vgcAKvvK4%2F8Wj4aOHOWqYmT%2BjmET2qqDboXvDyruayZKOruVnaJmjPE0RbPdc0y0zw30QVIaoWwIjqxMe8Mqob%2B8W3d9X%2B%2FQnoJSQYYA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c7ccd24a8c-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
mass1.php
www.adzbux.net/ Frame D2CA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adzbux.net/mass1.php
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:8196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4
Resource Hash
a1c4745047b83b5404f556b5e9c1ea4879619f274226ab4cb4bf691b67bbb5a2

Request headers

:method
GET
:authority
www.adzbux.net
:scheme
https
:path
/mass1.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4
age
122
x-cdn-cache
HIT
x-cdn-request-id
683676923
x-cdn-pop
rbx
cf-cache-status
DYNAMIC
cf-request-id
0a6aebd0da00004a8c108ac000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9icbiurRRBN2KSx6thEG9oV3P3OyBIpcEL9UFhgWuT6ut9aR5RdL0XNrIfN95T4%2BMT9MLJ6%2F2mVaXEH%2Bwqn8385B4NX7Qfn7pW%2F1LsgzlKPG4nw%2BlfFWNjlykcrRx2MTkSIQ%2F%2FSk6LM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c7ccd64a8c-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
core.js
static.arc.io/widget/js/ Frame E61B 		305 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/core.js?fd8fd2c
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51136c5dfc1447ed50c7b34cac414b012f39c63f81a541581d285aa8744c1318

Request headers

Origin
https://www.adzbux.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:07:58 GMT
content-encoding
br
vary
Accept-Encoding
age
517034
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:46 GMT
server
AmazonS3
etag
W/"2debae42bd406c057afa815a5bf49fef"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Ypo_PRsAcJOhc62ps3tPl-7C72dVJBXZC7NRfh5c7VdO2iML1yjyJw==
broker.html
core.arc.io/ Frame 3D9A 		2 KB
938 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.arc.io/broker.html?fd8fd2c
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
/
Resource Hash
7f1b840e7fe64080c79a2f1d946dbd74b76ea9880999a12637487e688490d670
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
core.arc.io
:scheme
https
:path
/broker.html?fd8fd2c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

content-type
text/html
content-length
493
date
Wed, 26 May 2021 21:04:23 GMT
last-modified
Wed, 05 May 2021 02:49:38 GMT
etag
"609207c2-1ed"
content-encoding
br
expires
Fri, 25 Jun 2021 21:04:23 GMT
cache-control
max-age=2592000 public
access-control-allow-origin
*
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ueq1wJSOVmcBxl5ybbb8QcvUcwAN6uhTaMJAV9ogZR6pXoc1O3sQFA==
age
517249
promuj2.php
www.surfujkase.pl/ Frame E6F4
Redirect Chain
  • https://surfujkase.pl/promuj2.php
  • https://www.surfujkase.pl/promuj2.php
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.surfujkase.pl/promuj2.php
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass-rotator.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b3db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc2887db946eba4373a1b34ed18dd4fb99d5278e42fbf56fb84c7290cfea38f4

Request headers

:method
GET
:authority
www.surfujkase.pl
:scheme
https
:path
/promuj2.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
PHPSESSID=6p0op70o7bv7ioedj98tdbv4rl; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0a6aebd1740000c2eabb9cf000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oWPMjZYq61zK1nWJDAqtOrimGbqDO8AddSkEv0eLEsA9uwqY1qr0%2FV3BL8pk1QU3E3gqu99j6TImMy4Ljioe0nDS8Po4vHvlev1wo%2FuWN7VKpT5tSQJfCYodexlZ7EuWQTFtmutbRO6Q1e0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c8ba3bc2ea-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html
location
https://www.surfujkase.pl/promuj2.php
cf-cache-status
DYNAMIC
cf-request-id
0a6aebd0f600004de2979e3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TGTD0dAsQm6hleykrEGJAivaBB6A9beTG2ag7RqkcWk1Juz46rd86fKmUTrKa2k99uyFFbwV9lNiUuRsUcTSTa1cMAvfjIiZJ%2B2TwvYHHtEWmKeIPgOYKznD76tdzcaE%2Byt5KJdtog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c7efa44de2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
widget.min.js
arc.io/ Frame 94CB 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arc.io/widget.min.js
Requested by
Host: www.adzbux.net
URL: https://www.adzbux.net/mass1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-119.cdg52.r.cloudfront.net
Software
/
Resource Hash
51cd96815bdd1ed018e9de7476502efa8c9f129ec8735762b02379d628f72753
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.adzbux.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Wed, 26 May 2021 20:49:24 GMT
age
2447
etag
"60aeb454-b4f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, stale-while-revalidate=864000
date
Tue, 01 Jun 2021 20:04:25 GMT
x-amz-cf-pop
CDG52-P1
content-length
2895
via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
x-amz-cf-id
cjpe7E5P1lKI_sjolpGGUqzrY6pnaxBVtSfo1WeccLLclxkTg1g6_w==
analytics.js
www.google-analytics.com/ Frame 94CB 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.adzbux.net
URL: https://www.adzbux.net/mass1.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.adzbux.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5629
date
Tue, 01 Jun 2021 19:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 01 Jun 2021 21:11:23 GMT
/
worldofclix.com/ Frame 810B 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/
Requested by
Host: www.adzbux.net
URL: https://www.adzbux.net/mass1.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache / PHP/7.4
Resource Hash
58ddcfa3881de98d1bdbe63d7cd3f3731bc0cfaefc89104bd78a778f54fd141d

Request headers

:method
GET
:authority
worldofclix.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.net/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
content-length
2477
server
Apache
x-powered-by
PHP/7.4
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
evo_session=23d519c4b671af73da10e57bab5c2791fe095b5f; expires=Tue, 01-Jun-2021 22:45:12 GMT; Max-Age=7200; path=/; HttpOnly
vary
Accept-Encoding
content-encoding
gzip
mass-rotator.php
www.adzbux.com/ Frame 7A0A 		773 B
867 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adzbux.com/mass-rotator.php
Requested by
Host: www.adzbux.net
URL: https://www.adzbux.net/mass1.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:180d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4
Resource Hash
6c2610f340dc0b0764b14bd8f4212c7786fd8760bdd1c013a3c08a6de9081a46

Request headers

:method
GET
:authority
www.adzbux.com
:scheme
https
:path
/mass-rotator.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=d41aa18d88884cf90c6c36587f868bda11abcbbb-1622580311-1800-AbHrbS4aSH8SJYqpnt142Cg+r8KRs0Yztbianv7/TSVbwa4yb9YAQn+J7qeiyJ1vVVvKRwsDhYd8OjXarJm4cTc=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.net/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a6aebd11f00002c26753d8000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=h%2BX07mfrs%2FOAXTz%2BmVxosegnnQldik2W3df9RrkNoR4m8zbIEoqUznsXq5Fi0S%2FokbAVkRlOTpV1cRjE51X6FVSYpM4nXUQmUCFPh99mGQY%2Bz37A83l9AnQux6ZXtid%2BN86LXdKGMJk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c83e3d2c26-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
rotate.php
www.globalrotator.com/ Frame 115F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.globalrotator.com/rotate.php
Requested by
Host: www.adzbux.net
URL: https://www.adzbux.net/mass1.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:26dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.globalrotator.com
:scheme
https
:path
/rotate.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.net/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=520:658b48c82938c2ea:FRA; path=/; expires=Tue, 01-Jun-21 20:45:42 GMT cf_use_ob=443; path=/; expires=Tue, 01-Jun-21 20:45:42 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
658b48c82938c2ea-FRA
server
cloudflare
rotate.php
www.epicrotator.com/ Frame 3CAF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.epicrotator.com/rotate.php
Requested by
Host: www.adzbux.net
URL: https://www.adzbux.net/mass1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c050 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.epicrotator.com
:scheme
https
:path
/rotate.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.net/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=520:658b48c83a2a4eaf:FRA; path=/; expires=Tue, 01-Jun-21 20:45:42 GMT cf_use_ob=443; path=/; expires=Tue, 01-Jun-21 20:45:42 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
658b48c83a2a4eaf-FRA
server
cloudflare
rotate.php
www.randomadz.com/ Frame F903 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.randomadz.com/rotate.php
Requested by
Host: www.adzbux.net
URL: https://www.adzbux.net/mass1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2905 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.randomadz.com
:scheme
https
:path
/rotate.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.net/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=520:658b48c83c444e14:FRA; path=/; expires=Tue, 01-Jun-21 20:45:42 GMT cf_use_ob=443; path=/; expires=Tue, 01-Jun-21 20:45:42 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
658b48c83c444e14-FRA
server
cloudflare
widget.min.js
arc.io/ Frame D2CA 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arc.io/widget.min.js
Requested by
Host: www.adzbux.net
URL: https://www.adzbux.net/mass1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-119.cdg52.r.cloudfront.net
Software
/
Resource Hash
51cd96815bdd1ed018e9de7476502efa8c9f129ec8735762b02379d628f72753
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.adzbux.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Wed, 26 May 2021 20:49:24 GMT
age
2447
etag
"60aeb454-b4f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, stale-while-revalidate=864000
date
Tue, 01 Jun 2021 20:04:25 GMT
x-amz-cf-pop
CDG52-P1
content-length
2895
via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
x-amz-cf-id
LZ6Xwfs6m4skJN3bsYG7EWNkbQfgY1GW9HD5un4D_5cjim-roZaZBQ==
analytics.js
www.google-analytics.com/ Frame D2CA 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.adzbux.net
URL: https://www.adzbux.net/mass1.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.adzbux.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5629
date
Tue, 01 Jun 2021 19:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 01 Jun 2021 21:11:23 GMT
promuj2.php
www.surfujkase.pl/ Frame C302
Redirect Chain
  • https://surfujkase.pl/promuj2.php
  • https://www.surfujkase.pl/promuj2.php
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.surfujkase.pl/promuj2.php
Requested by
Host: www.adzbux.net
URL: https://www.adzbux.net/mass1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b3db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0fb798a657e04acfe9906648682258ba7b35e508edcde6896bb49b197f4499a

Request headers

:method
GET
:authority
www.surfujkase.pl
:scheme
https
:path
/promuj2.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.net/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
PHPSESSID=1bprhelhtv3m2d6o1817bnelp2; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0a6aebd1af0000c2ea55333000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mchdpTme9H%2BtrlcTc96WGJX50ihYIWeq6W2WFH%2FiE52kfVVs53cEhsUWe4Xy8mzM2eg2naY8HoYqcfZgC3RcVYGUsHU6lL%2Fj5%2B8SDedRCMUy5RXqC08B6fxeH8i0ySRBXwGoYUrH9RDasVs%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c91b1fc2ea-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html
location
https://www.surfujkase.pl/promuj2.php
cf-cache-status
DYNAMIC
cf-request-id
0a6aebd12000004de2da14d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=f0mVa0rmNzd8qHCRoim6atYv2I5ADHnESqIlYJ49kUBcLC3eNV71XOy3SU3I2DCk8eXmxhZigVWxIUOK5cghpG5g7d3SgEFoLFtxoKovdGUGEGC4dRpJmlIx1BOM%2FD4PcioO8z3CWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c838824de2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
mass-rotator.php
www.adzbux.com/ Frame 49A0 		768 B
869 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adzbux.com/mass-rotator.php
Requested by
Host: www.adzbux.net
URL: https://www.adzbux.net/mass1.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:180d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4
Resource Hash
83f3d168c40a0c104bc911da2994a8a8a4d9fdd336b0c70c33e27e8d10b1e069

Request headers

:method
GET
:authority
www.adzbux.com
:scheme
https
:path
/mass-rotator.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=d41aa18d88884cf90c6c36587f868bda11abcbbb-1622580311-1800-AbHrbS4aSH8SJYqpnt142Cg+r8KRs0Yztbianv7/TSVbwa4yb9YAQn+J7qeiyJ1vVVvKRwsDhYd8OjXarJm4cTc=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.net/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a6aebd12100002c2697bfb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=B8uFxexr8I6bS7ZxfndzFZlU67bzk5LE3iY%2B%2BrLNm0L55NQ0oazFpaLlE%2BK9Ep4mCkTvuqqfS8Ml4SOWpOVh30yBhDSfUe9%2BI%2BtdUjo06gv%2B37jaZe3HU9DGJpw0Wpo5df5EtbDyo4U%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48c83e412c26-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
rotate.php
www.globalrotator.com/ Frame E703 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.globalrotator.com/rotate.php
Requested by
Host: www.adzbux.net
URL: https://www.adzbux.net/mass1.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:26dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.globalrotator.com
:scheme
https
:path
/rotate.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.net/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=520:658b48c83946c2ea:FRA; path=/; expires=Tue, 01-Jun-21 20:45:42 GMT cf_use_ob=443; path=/; expires=Tue, 01-Jun-21 20:45:42 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
658b48c83946c2ea-FRA
server
cloudflare
rotate.php
www.epicrotator.com/ Frame AEDF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.epicrotator.com/rotate.php
Requested by
Host: www.adzbux.net
URL: https://www.adzbux.net/mass1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c050 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.epicrotator.com
:scheme
https
:path
/rotate.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.net/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=520:658b48c83a464eaf:FRA; path=/; expires=Tue, 01-Jun-21 20:45:42 GMT cf_use_ob=443; path=/; expires=Tue, 01-Jun-21 20:45:42 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
658b48c83a464eaf-FRA
server
cloudflare
rotate.php
www.randomadz.com/ Frame 952F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.randomadz.com/rotate.php
Requested by
Host: www.adzbux.net
URL: https://www.adzbux.net/mass1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2905 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.randomadz.com
:scheme
https
:path
/rotate.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.net/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=520:658b48c84c914e14:FRA; path=/; expires=Tue, 01-Jun-21 20:45:42 GMT cf_use_ob=443; path=/; expires=Tue, 01-Jun-21 20:45:42 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
658b48c84c914e14-FRA
server
cloudflare
jquery-ui.min.css
worldofclix.com/assets/jqueryui/css/ Frame FE67 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/jqueryui/css/jquery-ui.min.css
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
efaaa09c3b1e7b374e13123fe496ba19e53ac74386fa136d09fdb34701c76755

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 20:37:11 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=900
accept-ranges
bytes
content-length
7759
expires
Tue, 01 Jun 2021 21:00:12 GMT
global.css
worldofclix.com/assets/evolution/css/ Frame FE67 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/evolution/css/global.css
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
b0d4b1978c31347d88169c9dcbbb3223e251cc272d65f80a6b7b57cb9443ce3e

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Wed, 26 May 2021 13:33:08 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=900
accept-ranges
bytes
content-length
4905
expires
Tue, 01 Jun 2021 21:00:12 GMT
font-awesome.min.css
worldofclix.com/assets/components/font-awesome/css/ Frame FE67 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/components/font-awesome/css/font-awesome.min.css
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 20:37:14 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=900
accept-ranges
bytes
content-length
7053
expires
Tue, 01 Jun 2021 21:00:12 GMT
jquery.min.js
worldofclix.com/assets/jquery/ Frame FE67 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/jquery/jquery.min.js
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
9690d10e55416d5928a5db2dcff5f32e3d9509d1aa55a5baed85933e045dcda3

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 20:37:00 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
33767
expires
Tue, 01 Jun 2021 21:00:12 GMT
jquery-ui.min.js
worldofclix.com/assets/jqueryui/ Frame FE67 		248 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/jqueryui/jquery-ui.min.js
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
9852ccf03b383d1b3855c1983e18258fbdf07999ff77a68327ed0413466db4f2

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 20:37:01 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
expires
Tue, 01 Jun 2021 21:00:12 GMT
evolutionscript.js
worldofclix.com/assets/evolution/js/ Frame FE67 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/evolution/js/evolutionscript.js
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
8be2a4d9b5c58396029b73f7f4786649bf20be679133cccf2130741f3786348d

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 20:37:07 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
4003
expires
Tue, 01 Jun 2021 21:00:12 GMT
l2blockit.js
worldofclix.com/assets/evolution/js/ Frame FE67 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/evolution/js/l2blockit.js
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
7ba57ba8c83b63763e70005c9b1840d8d7e8c71611969265aa5675aae93ead18

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 20:37:07 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
1286
expires
Tue, 01 Jun 2021 21:00:12 GMT
bootstrap.bundle.min.js
worldofclix.com/assets/components/bootstrap/js/ Frame FE67 		77 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/components/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 20:37:13 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
22295
expires
Tue, 01 Jun 2021 21:00:12 GMT
bootstrap.min.css
worldofclix.com/assets/evolution/css/ Frame FE67 		95 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/evolution/css/bootstrap.min.css
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
e6235f861e373bda60b414e87e3b85eb1035e408ede6552bcaee4cdac089a422

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Tue, 25 May 2021 15:55:17 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=900
accept-ranges
bytes
content-length
16678
expires
Tue, 01 Jun 2021 21:00:12 GMT
css
fonts.googleapis.com/ Frame FE67 		5 KB
606 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito:400,600,700
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d42f042ed608b6961fa3d30ecbf836e83c9f107e6aebe828e7fb8cafaa98b16e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 19:08:16 GMT
server
ESF
date
Tue, 01 Jun 2021 20:45:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Jun 2021 20:45:12 GMT
custom.css
worldofclix.com/assets/evolution/css/ Frame FE67 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/evolution/css/custom.css
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
cda0df68d4e1a654e96e9769ddacfa5fc8e2049861374fc12556277d0d9d6b48

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Tue, 25 May 2021 15:47:08 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=900
accept-ranges
bytes
content-length
3035
expires
Tue, 01 Jun 2021 21:00:12 GMT
bootstrap.min.js
worldofclix.com/assets/evolution/css/ Frame FE67 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/evolution/css/bootstrap.min.js
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
ecb27879c669b3efe26467e7cc0168d7955b73aa22ca9fe786cc41458566545a

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Tue, 25 May 2021 15:55:19 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5554
expires
Tue, 01 Jun 2021 21:00:12 GMT
logo.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/logo.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
08d83396832457655f02a3dda3602efeafda0df47302150827ae7523d79c8554

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Sun, 30 May 2021 20:41:42 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
1969
expires
Tue, 01 Jun 2021 21:00:12 GMT
ad_468x60.jpg
worldofclix.com/assets/evolution/images/ Frame FE67 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/images/ad_468x60.jpg
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
ea62fc8fcef4a384c88b9d6cb61cf3fb24c9f2dd2a3ec911cf63388ebd3a7cd3

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Wed, 28 Apr 2021 20:37:07 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=900
accept-ranges
bytes
content-length
2751
expires
Tue, 01 Jun 2021 21:00:12 GMT
close.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		724 B
903 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/close.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
fca254618289bd652eee1a799b4d45bdf64d3af03ff2d953f918dea612974d2b

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:28 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
724
expires
Tue, 01 Jun 2021 21:00:12 GMT
style.css
sharkpromotion.net/style/ Frame 9665 		156 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sharkpromotion.net/style/style.css?t=1616814258
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
715c6bae49a53616e78862cfab85684cc401e4ffc7665a516dcfda709dc0debb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Mar 2021 03:04:18 GMT
Server
nginx/1.18.0
ETag
W/"605ea0b2-2711b"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 08 Jun 2021 20:45:12 GMT
block.css
sharkpromotion.net/style/ Frame 9665 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sharkpromotion.net/style/block.css?t=1601960145
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
f076ff89285e564595a8004b584c7f1606e1d816c64fae893588e477f97458e0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Oct 2020 04:55:45 GMT
Server
nginx/1.18.0
ETag
W/"5f7bf8d1-130f"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 08 Jun 2021 20:45:12 GMT
modalpopup.css
sharkpromotion.net/style/ Frame 9665 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sharkpromotion.net/style/modalpopup.css?t=1526266365
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
7b7df998a2bf189879437b331787a4a641af5842b5454f90599a11aa69cd429b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 May 2018 02:52:45 GMT
Server
nginx/1.18.0
ETag
W/"5af8f9fd-c54"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 08 Jun 2021 20:45:12 GMT
style.css
sharkpromotion.net/forum/style/ Frame 9665 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sharkpromotion.net/forum/style/style.css?t=1485965000
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
d94e6f09dd808c548c510a4587b95d6f367c464386f888667e534bc707153bb2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Feb 2017 16:03:20 GMT
Server
nginx/1.18.0
ETag
W/"589206c8-27c5"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 08 Jun 2021 20:45:12 GMT
cabinet.css
sharkpromotion.net/cabinet/style/ Frame 9665 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sharkpromotion.net/cabinet/style/cabinet.css?t=1526268791
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
947c2097a472f2a7af11da74a31547a68773d30b7a30cab4354f0c833f307d50

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 May 2018 03:33:11 GMT
Server
nginx/1.18.0
ETag
W/"5af90377-1e8c"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 08 Jun 2021 20:45:12 GMT
font-awesome-4.7.0.css
sharkpromotion.net/style/fontawesome/css/ Frame 9665 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sharkpromotion.net/style/fontawesome/css/font-awesome-4.7.0.css?t=1573126754
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
c6adeaeae279a56a81590a04f843968ec4f0e68ca219669f73a66d0f1cf12611

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Nov 2019 11:39:14 GMT
Server
nginx/1.18.0
ETag
W/"5dc40262-9257"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 08 Jun 2021 20:45:12 GMT
btn.css
sharkpromotion.net/style/ Frame 9665 		31 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sharkpromotion.net/style/btn.css?t=1570305539
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
f953fbcd273689f6dd3fe4abf6ed64bddc3cb4c752cba2a4304b948d24dfd293

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Encoding
gzip
Last-Modified
Sat, 05 Oct 2019 19:58:59 GMT
Server
nginx/1.18.0
ETag
W/"5d98f603-7d72"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 08 Jun 2021 20:45:12 GMT
jquery-3.2.1.min.js
sharkpromotion.net/js/jquery/ Frame 9665 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharkpromotion.net/js/jquery/jquery-3.2.1.min.js
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Dec 2020 13:06:20 GMT
Server
nginx/1.18.0
ETag
W/"5fe9d84c-15283"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 08 Jun 2021 20:45:12 GMT
socket.io-2.1.0.js
sharkpromotion.net/js/socket.io/ Frame 9665 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharkpromotion.net/js/socket.io/socket.io-2.1.0.js
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
96abb5b678adf9e5ac48c8e1a5a903671e7eae8c1d30fd3eb00a678b0cb06729

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 May 2018 01:30:35 GMT
Server
nginx/1.18.0
ETag
W/"5af8e6bb-f39b"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 08 Jun 2021 20:45:12 GMT
js_modalpopup-0.3.min.js
sharkpromotion.net/js/ Frame 9665 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharkpromotion.net/js/js_modalpopup-0.3.min.js
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
ae4bea7bccc1a5298b79c5af6b39e3353091fce64eece3c0759efc2b70736d3f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 May 2019 18:33:20 GMT
Server
nginx/1.18.0
ETag
W/"5cd9b870-2872"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 08 Jun 2021 20:45:12 GMT
js_main.js
sharkpromotion.net/js/ Frame 9665 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharkpromotion.net/js/js_main.js?t=1593852522
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
55656bf06bd70646e5bc4667a33ea6eb246b73f1d31c9e452a670a0abfd16030

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 Jul 2020 08:48:42 GMT
Server
nginx/1.18.0
ETag
W/"5f00426a-2613"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 08 Jun 2021 20:45:12 GMT
js_auth.js
sharkpromotion.net/js/ Frame 9665 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharkpromotion.net/js/js_auth.js?v=1615821997
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
3c04dc838b2345878b84da1b344c1dd260e7f57cdec0a24e0f4c07d9b387a5d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Mar 2021 15:26:37 GMT
Server
nginx/1.18.0
ETag
W/"604f7cad-11d1"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 08 Jun 2021 20:45:12 GMT
logo21g.png
sharkpromotion.net/img/logo/ Frame 9665 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/img/logo/logo21g.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
999ffa23346cf591497108ad8250ab9162a768c9c523f74f6435bf54b47528f6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Last-Modified
Thu, 12 Oct 2017 10:38:55 GMT
Server
nginx/1.18.0
ETag
"59df463f-137b"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4987
Expires
Tue, 08 Jun 2021 20:45:12 GMT
help.png
sharkpromotion.net/img/ Frame 9665 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/img/help.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
c0520f17da2ae2ca792888c3846f26972de9e04873014214955ab404faa7897a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Last-Modified
Thu, 12 Oct 2017 10:38:55 GMT
Server
nginx/1.18.0
ETag
"59df463f-10be"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4286
Expires
Tue, 08 Jun 2021 20:45:12 GMT
forward.gif
sharkpromotion.net/img/ Frame 9665 		763 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/img/forward.gif
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
bc39aef11760558299f967bdf23ab5959f984d15965888269eaf2a33e86fd72c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Last-Modified
Thu, 12 Oct 2017 10:38:55 GMT
Server
nginx/1.18.0
ETag
"59df463f-2fb"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
763
Expires
Tue, 08 Jun 2021 20:45:12 GMT
favicons
www.google.com/s2/ Frame 9665 		492 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/s2/favicons?domain=seomiledi.wixsite.com
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e30ff33270fd8687b0eb4d12652bfd967f23975f158bf8da93bece2ba4ab947
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /s2/_/FaviconHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:20:50 GMT
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
age
5062
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=28800
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /s2/_/FaviconHttp/cspreport;worker-src 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
492
x-xss-protection
0
expires
Wed, 02 Jun 2021 03:20:50 GMT
favicons
www.google.com/s2/ Frame 9665 		684 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/s2/favicons?domain=AP62586.WholeWorld.ws
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b731d10c00cc7128f14fb6cf3f533d443c0390c17da3f55566e66c72294618f4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yl6qhu/3rOBvQw4DA0YjRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/FaviconHttp/cspreport;worker-src 'self', script-src 'nonce-yl6qhu/3rOBvQw4DA0YjRw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/FaviconHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 17:26:24 GMT
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
age
11928
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-yl6qhu/3rOBvQw4DA0YjRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/FaviconHttp/cspreport;worker-src 'self', script-src 'nonce-yl6qhu/3rOBvQw4DA0YjRw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/FaviconHttp/cspreport
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
684
x-xss-protection
0
expires
Wed, 02 Jun 2021 17:26:24 GMT
favicons
www.google.com/s2/ Frame 9665 		217 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/s2/favicons?domain=youtube.com
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f48b89e04ab809519139b43894b1ba505138e51536ada5d71157563d7873268b
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-BSD9ISAJa4CRVPVh6+J5PA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/FaviconHttp/cspreport;worker-src 'self', script-src 'nonce-BSD9ISAJa4CRVPVh6+J5PA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/FaviconHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 10:26:45 GMT
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
age
37107
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'nonce-BSD9ISAJa4CRVPVh6+J5PA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/FaviconHttp/cspreport;worker-src 'self', script-src 'nonce-BSD9ISAJa4CRVPVh6+J5PA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/FaviconHttp/cspreport
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
217
x-xss-protection
0
expires
Wed, 02 Jun 2021 10:26:45 GMT
favicons
www.google.com/s2/ Frame 9665 		370 B
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/s2/favicons?domain=linkslot.ru
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c542bde2532aaf7936ec455a94ef5b158229c0c036739e9b9804c1638448c244
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DNDJDZcbgPYgFr3Zzu8CWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/FaviconHttp/cspreport;worker-src 'self', script-src 'nonce-DNDJDZcbgPYgFr3Zzu8CWQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/FaviconHttp/cspreport, require-trusted-types-for 'script';report-uri /s2/_/FaviconHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 05:04:15 GMT
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
age
56457
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-DNDJDZcbgPYgFr3Zzu8CWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/FaviconHttp/cspreport;worker-src 'self', script-src 'nonce-DNDJDZcbgPYgFr3Zzu8CWQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/FaviconHttp/cspreport, require-trusted-types-for 'script';report-uri /s2/_/FaviconHttp/cspreport
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
370
x-xss-protection
0
expires
Wed, 02 Jun 2021 05:04:15 GMT
bancode.php
linkslot.ru/ Frame 9665 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=248092
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00304dee31424bc6a6600ff3c9a87e9ad14df79fa27357b29ded7133ba5e5f18

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-request-id
0a6aebd3040000648574a95000000001
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
date
Tue, 01 Jun 2021 20:45:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=68xUOCVMnUEEqNjc%2BHEYllH2hSWn8hKLVOKY6zjV8j19mBw7zhhyaDKiVc9WAQbF6dmvlnwCPijKiH4ChIEO8NWShUubTkH3SMJ%2FdHuBhgqhdFHWBopnUeahyJ5AiREiKGTkXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
cf-ray
658b48cb2ef06485-FRA
54644.jpeg
sharkpromotion.net/avatar/ Frame 9665 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/avatar/54644.jpeg?1550846372
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
de94b410e6c44216bd6cf0b1bfdc016b4144f6327e58090a730b69c43a1fb26b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Last-Modified
Fri, 22 Feb 2019 14:39:32 GMT
Server
nginx/1.18.0
ETag
"5c7009a4-1b6c"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7020
Expires
Tue, 08 Jun 2021 20:45:12 GMT
54739.gif
sharkpromotion.net/avatar/ Frame 9665 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/avatar/54739.gif?1551030108
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
9deb057310e3b86232068bc57f0603fbc6fe8ca5d3b58eb0d755341e7c47b246

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Last-Modified
Sun, 24 Feb 2019 17:41:48 GMT
Server
nginx/1.18.0
ETag
"5c72d75c-82f4"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33524
Expires
Tue, 08 Jun 2021 20:45:12 GMT
103077.jpeg
sharkpromotion.net/avatar/ Frame 9665 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/avatar/103077.jpeg?1550811051
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
e62c8cc9e9880002fee629cc8fde96a69f15b2f84ef795e946df567e6c61b264

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Last-Modified
Fri, 22 Feb 2019 04:50:51 GMT
Server
nginx/1.18.0
ETag
"5c6f7fab-1439"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5177
Expires
Tue, 08 Jun 2021 20:45:12 GMT
123768.jpeg
sharkpromotion.net/avatar/ Frame 9665 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/avatar/123768.jpeg?1552615595
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
26f90feb6b962302e2e0cb7c63b23c2a9a962f3dc46d72f7ac8cb3ddf7348d5d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Last-Modified
Fri, 15 Mar 2019 02:06:35 GMT
Server
nginx/1.18.0
ETag
"5c8b08ab-2683"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9859
Expires
Tue, 08 Jun 2021 20:45:12 GMT
151150.gif
sharkpromotion.net/avatar/ Frame 9665 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/avatar/151150.gif?1550800533
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
f4f20111df93a4f108b52794147cfe79f6a5da05026365ebfd4ae30cec4d0442

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Last-Modified
Fri, 22 Feb 2019 01:55:33 GMT
Server
nginx/1.18.0
ETag
"5c6f5695-c4c9"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50377
Expires
Tue, 08 Jun 2021 20:45:12 GMT
162673.jpeg
sharkpromotion.net/avatar/ Frame 9665 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/avatar/162673.jpeg?1550941856
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
b3db3d53ed6fbb2b9cef73bf713902da2f4409ed642742c1b0fc4d90808fdab4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Last-Modified
Sat, 23 Feb 2019 17:10:56 GMT
Server
nginx/1.18.0
ETag
"5c717ea0-799"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1945
Expires
Tue, 08 Jun 2021 20:45:12 GMT
168299.jpeg
sharkpromotion.net/avatar/ Frame 9665 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/avatar/168299.jpeg
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
68391ae80fcc6244e67fc2f282ddd04fdc2b18b8c0317d90e8f59f13414f6a76

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Last-Modified
Fri, 30 Nov 2018 10:44:03 GMT
Server
nginx/1.18.0
ETag
"5c011473-18a9"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6313
Expires
Tue, 08 Jun 2021 20:45:12 GMT
link-code.php
ad-slot.ru/ Frame 9665 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-slot.ru/link-code.php?id=1442
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fe45b31f926b323e3c5fd7d2ae947cb1ec0ddc3b53aef180cf2a75fa85b27fe

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-request-id
0a6aebd31e000005e9e5165000000001
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
date
Tue, 01 Jun 2021 20:45:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=S%2BjInJOeD8J6FWCIsrI0%2FnDyWzaNEIUoc7TKLdoSrQPVa%2F%2BvA7MWN3y%2FEsYaZluwWfumvdYlW1yQyWJ8%2FsQ7aHJkM2T%2BIojQT%2F2%2FzLvd8nzaiw%2Byu5ZnzNO26vK%2BaMsdoIQUzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
658b48cb6bb605e9-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
users5.png
sharkpromotion.net/img/ Frame 9665 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/img/users5.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
8d07ef66745d81b4332a6472fe1b4336ff6cd028687ca3c3934409e4285dad9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Last-Modified
Thu, 12 Oct 2017 10:38:55 GMT
Server
nginx/1.18.0
ETag
"59df463f-11e4f"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
73295
Expires
Tue, 08 Jun 2021 20:45:12 GMT
money.png
sharkpromotion.net/img/ Frame 9665 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/img/money.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
37c4671396f1ec0d7c673159ca7272bd267e7ee9bafeabd4f7c16ba3f83e6038

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Last-Modified
Thu, 12 Oct 2017 10:38:55 GMT
Server
nginx/1.18.0
ETag
"59df463f-2d60"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11616
Expires
Tue, 08 Jun 2021 20:45:12 GMT
tvisit.png
sharkpromotion.net/img/ Frame 9665 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/img/tvisit.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
5a2e2bcf9912ee707b709dad843b930c87f563967a0600064780dd344eb92fe5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Thu, 12 Oct 2017 10:38:55 GMT
Server
nginx/1.18.0
ETag
"59df463f-169d"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5789
Expires
Tue, 08 Jun 2021 20:45:13 GMT
net.js
static.surfe.pro/js/ Frame 9665 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.surfe.pro/js/net.js
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:3d6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95a29b000e578fd31100a7503263c0c6944ad11c5d9a922619d7ab21f1757685

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 May 2021 12:11:27 GMT
server
cloudflare
age
2433
etag
W/"609bc5ef-ea9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sfgkx%2FDCTFhln0IAbJbBsSc%2BMzvq0thbZl%2Bjz2sktFEkUav2f98eQVwirBjBB78nGUcKqsXeI%2BMwh96Y7YAY9sNlx36LOnYJ2QbB8i9GEraVJm8XbABIfkCrmtfTa922BrkA%2Bxr4a2u51g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
658b48cb4a174e92-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6aebd30d00004e92bfb76000000001
bancode.php
bannerswall.ru/ Frame 9665 		913 B
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bannerswall.ru/bancode.php?id=479
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:3a80:0:1::9e , Russian Federation, ASN201499 (FULLSPACE-AS, RU),
Reverse DNS
Software
nginx/1.18.0 / PHP/5.6.40-pl0-gentoo
Resource Hash
f38dfdd0206574a65fa7b1eef853c39873116d6b864926c83f998901ac08a9b2
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
server
nginx/1.18.0
x-powered-by
PHP/5.6.40-pl0-gentoo
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
attestat.png
sharkpromotion.net/img/wm/ Frame 9665 		805 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/img/wm/attestat.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
a8cb1a292789f28237522e7564bbe347e5eb9c76bec1f8e9d7a414ca4cff86ec

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Thu, 12 Oct 2017 10:38:55 GMT
Server
nginx/1.18.0
ETag
"59df463f-325"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
805
Expires
Tue, 08 Jun 2021 20:45:13 GMT
wm_pay.png
sharkpromotion.net/img/wm/ Frame 9665 		854 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/img/wm/wm_pay.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
be4ba2c067449ee68cd89d090dd3176ae90de2ab061d751e123a33b27f2e0a87

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Thu, 12 Oct 2017 10:38:55 GMT
Server
nginx/1.18.0
ETag
"59df463f-356"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
854
Expires
Tue, 08 Jun 2021 20:45:13 GMT
payeer88x31.png
sharkpromotion.net/img/ Frame 9665 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/img/payeer88x31.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
464d65970e869421632096d069c8836c814f6ff97420e6934b3e62612a49d1d5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Thu, 12 Oct 2017 10:38:55 GMT
Server
nginx/1.18.0
ETag
"59df463f-cfa"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3322
Expires
Tue, 08 Jun 2021 20:45:13 GMT
yandex_88x31.png
sharkpromotion.net/img/ Frame 9665 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/img/yandex_88x31.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
7881ba745dd77f3506008c3e0c6208a429335935470e40d0b125fdf106088696

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Fri, 16 Apr 2021 12:51:16 GMT
Server
nginx/1.18.0
ETag
"60798844-a55"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2645
Expires
Tue, 08 Jun 2021 20:45:13 GMT
16.png
www.free-kassa.ru/img/fk_btn/ Frame 9665 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.free-kassa.ru/img/fk_btn/16.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:26f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbc56f395f77d153150b1b7fed67ffec03dc73522a2f879610cbb25a95ba02fd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2015 10:32:35 GMT
server
cloudflare
age
3461292
etag
"1be0c75-c5e-526749bd042b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
658b48cb5851d721-FRA
content-length
3166
cf-request-id
0a6aebd3190000d721d280e000000001
expires
Mon, 21 Jun 2021 19:17:00 GMT
robokassa88x31.png
sharkpromotion.net/img/ Frame 9665 		863 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/img/robokassa88x31.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
f26b9f182773582f327321f6185641581ebf7ce534eee8f89ee793f16a5e6d3f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Fri, 11 Oct 2019 14:41:30 GMT
Server
nginx/1.18.0
ETag
"5da0949a-35f"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
863
Expires
Tue, 08 Jun 2021 20:45:13 GMT
3_1_B9B9FFFF_9999FFFF_0_uniques
informer.yandex.ru/informer/52739227/ Frame 9665 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://informer.yandex.ru/informer/52739227/3_1_B9B9FFFF_9999FFFF_0_uniques
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
1afc145c69299c944bb46b3f70853fdce15d8b64f27ce8363969f9d6e91a4981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
last-modified
Tue, 01-Jun-2021 20:45:12 GMT
content-type
image/png
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
1606
x-xss-protection
1; mode=block
expires
Tue, 01-Jun-2021 20:45:12 GMT
push.js
push.multibux.org/ Frame 9665 		141 B
485 B 		Script
General
Check archive.org
Download Go to
Full URL
https://push.multibux.org/push.js?id=366
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / PHP/5.5.9-1ubuntu4.26
Resource Hash
d4da16037687a3774d10c612b54842c55a416026402d8b6ed8259f7dc9e669a5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Jun 2021 20:45:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Jun 2021 20:45:13 GMT
Server
nginx
X-Powered-By
PHP/5.5.9-1ubuntu4.26
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
117
go-up.png
sharkpromotion.net/img/ Frame 9665 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/img/go-up.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
2b7c8f3411715d32d57e58a00c674e56eb1b180979447ff90a4a8533b5491580

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Thu, 12 Oct 2017 10:38:55 GMT
Server
nginx/1.18.0
ETag
"59df463f-83e"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2110
Expires
Tue, 08 Jun 2021 20:45:13 GMT
go-down.png
sharkpromotion.net/img/ Frame 9665 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/img/go-down.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
d356667bcf69fa80d76f36150e741f1bfb52f869c279e50489a6674172af19ab

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Thu, 12 Oct 2017 10:38:55 GMT
Server
nginx/1.18.0
ETag
"59df463f-849"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2121
Expires
Tue, 08 Jun 2021 20:45:13 GMT
core.js
static.arc.io/widget/js/ Frame 94CB 		305 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/core.js?fd8fd2c
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51136c5dfc1447ed50c7b34cac414b012f39c63f81a541581d285aa8744c1318

Request headers

Origin
https://www.adzbux.net
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:07:58 GMT
content-encoding
br
vary
Accept-Encoding
age
517034
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:46 GMT
server
AmazonS3
etag
W/"2debae42bd406c057afa815a5bf49fef"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
7N7FOSBBh-NDZumnyfWqqN3d5T1lOUdoCH0vo7MuNBLVVAsjXLg_6A==
broker.html
core.arc.io/ Frame 227D 		2 KB
940 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.arc.io/broker.html?fd8fd2c
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
/
Resource Hash
7f1b840e7fe64080c79a2f1d946dbd74b76ea9880999a12637487e688490d670
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
core.arc.io
:scheme
https
:path
/broker.html?fd8fd2c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.net/

Response headers

content-type
text/html
content-length
493
date
Wed, 26 May 2021 21:04:23 GMT
last-modified
Wed, 05 May 2021 02:49:38 GMT
etag
"609207c2-1ed"
content-encoding
br
expires
Fri, 25 Jun 2021 21:04:23 GMT
cache-control
max-age=2592000 public
access-control-allow-origin
*
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
nGQyw6F79aroDyKXffPVDcqZdZ6mgdFfONpxtUx9sJ4CV5JZ48bmgg==
age
517249
css
fonts.googleapis.com/ Frame FE67 		0
0
uicons.css
worldofclix.com/assets/evolution/css/ Frame FE67 		71 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/evolution/css/uicons.css
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/global.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
6b3e012f4506ee657c139ef677a5b5e8ce4504655cb7ac403a2cfe6e5a1af425

Request headers

Referer
https://worldofclix.com/assets/evolution/css/global.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Tue, 25 May 2021 15:45:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=900
accept-ranges
bytes
content-length
8271
expires
Tue, 01 Jun 2021 21:00:12 GMT
core.js
static.arc.io/widget/js/ Frame D2CA 		305 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/core.js?fd8fd2c
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51136c5dfc1447ed50c7b34cac414b012f39c63f81a541581d285aa8744c1318

Request headers

Origin
https://www.adzbux.net
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:07:58 GMT
content-encoding
br
vary
Accept-Encoding
age
517034
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:46 GMT
server
AmazonS3
etag
W/"2debae42bd406c057afa815a5bf49fef"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
EssxoDl21R6q79trDC-gNUlm4Yffud-S9FWiTxkR1dx8isDsyu546w==
broker.html
core.arc.io/ Frame 2533 		2 KB
940 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.arc.io/broker.html?fd8fd2c
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
/
Resource Hash
7f1b840e7fe64080c79a2f1d946dbd74b76ea9880999a12637487e688490d670
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
core.arc.io
:scheme
https
:path
/broker.html?fd8fd2c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.net/

Response headers

content-type
text/html
content-length
493
date
Wed, 26 May 2021 21:04:23 GMT
last-modified
Wed, 05 May 2021 02:49:38 GMT
etag
"609207c2-1ed"
content-encoding
br
expires
Fri, 25 Jun 2021 21:04:23 GMT
cache-control
max-age=2592000 public
access-control-allow-origin
*
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
IFnaOQ-p3M5EjCPdjMB4P9AePryOvmpMb5iFdPNIHWMsjQSWbESExg==
age
517249
broker.8ade32c4.js
static.arc.io/broker/js/ Frame 3D9A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/broker.8ade32c4.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e67a62c23c04cf1f7f2ae3615dc16e99ff318a5238a311287ce9dfc74d79ef36

Request headers

Origin
https://core.arc.io
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:59 GMT
content-encoding
gzip
vary
Accept-Encoding
age
2316194
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"7f8131981b3050291ebfde5200590514"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
8RA1PKOPMniYj5-9T_hI7XKG7fMhhi9Pr7XJwvMOAFwGHCD_HHJ15g==
chunk-vendors.85cb0bd7.js
static.arc.io/broker/js/ Frame 3D9A 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/chunk-vendors.85cb0bd7.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87d5ef022a7dcf0361ac7c406f0a85a16712db4e66ee2363941c2a9f412fb27a

Request headers

Origin
https://core.arc.io
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:59 GMT
content-encoding
gzip
vary
Accept-Encoding
age
2316194
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"c34d69d2acc5361be94bab962c0f07eb"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ShffiFGqM64of8MDRC-F55eP3Mo4h7inSnJpM-RJfl-Kk_QAenhfZA==
1649062
ad.a-ads.com/ Frame 3007 		0
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1649062?size=468x60
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.108.125.9.176.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://worldofclix.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://worldofclix.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Length
0
Connection
keep-alive
1649062
ad.a-ads.com/ Frame A446 		0
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1649062?size=468x60
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.108.125.9.176.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://worldofclix.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://worldofclix.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Length
0
Connection
keep-alive
1649065
ad.a-ads.com/ Frame 7661 		0
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1649065?size=728x90
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.108.125.9.176.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://worldofclix.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://worldofclix.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Length
0
Connection
keep-alive
broker.8ade32c4.js
static.arc.io/broker/js/ Frame 227D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/broker.8ade32c4.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e67a62c23c04cf1f7f2ae3615dc16e99ff318a5238a311287ce9dfc74d79ef36

Request headers

Origin
https://core.arc.io
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:59 GMT
content-encoding
gzip
vary
Accept-Encoding
age
2316194
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"7f8131981b3050291ebfde5200590514"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
YFe0p1khFagYq-_4UZKaaMsAk82lXFCgnDM23l3v5iclyg5320dyvA==
chunk-vendors.85cb0bd7.js
static.arc.io/broker/js/ Frame 227D 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/chunk-vendors.85cb0bd7.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87d5ef022a7dcf0361ac7c406f0a85a16712db4e66ee2363941c2a9f412fb27a

Request headers

Origin
https://core.arc.io
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:59 GMT
content-encoding
gzip
vary
Accept-Encoding
age
2316194
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"c34d69d2acc5361be94bab962c0f07eb"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
j1gcXEA0sGSYz8uSKPLKwHWktLI8rWIrNg_UCpkAE8DVr_96Ile03g==
lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame 3D9A 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:58 GMT
content-encoding
br
vary
Accept-Encoding
age
2316195
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"7fd8734437dbdc553c3513d10d0c0a97"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
XsfGdQEfKXnfksCiGDvZB01T2O7Fr6J7w_nUzpkUPvz8L0P15Ed2Pg==
lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 3D9A 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:58 GMT
content-encoding
br
vary
Accept-Encoding
age
2316195
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
uSc9ldm1hw_CTZjw8I7h4K34DmyABr08rl0RjOX6buf6hY9taOWIPA==
page.php
exp3.eurosptp.com/ Frame 2854 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exp3.eurosptp.com/page.php?fr
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass-rotator.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.19 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster010.hosting.ovh.net
Software
Apache / PHP/5.4
Resource Hash
ed4105b36ad11fcc24381293553755e43df528793dc562df2c25227b1ebcd786

Request headers

:method
GET
:authority
exp3.eurosptp.com
:scheme
https
:path
/page.php?fr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adzbux.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
visbl=1; visite24=1; visite=24h
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
x-powered-by
PHP/5.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
expires
Sun, 01 Jan 2014 00:00:00 GMT
pragma
no-cache
cache-control
no-cache, must-revalidate
referrer-policy
origin
set-cookie
visbl=2; expires=Tue, 01-Jun-2021 20:45:42 GMT; path=/; SameSite=None;secure; domain=eurosptp.com visite=24h; expires=Wed, 02-Jun-2021 08:45:12 GMT; path=/; SameSite=None;secure; domain=eurosptp.com
vary
Accept-Encoding
content-encoding
gzip
x-robots-tag
noindex
Midtown-Madness-1-Download-For-Free.jpg
oceanofgames.com/wp-content/uploads/2014/10/ 		0
0
%25D8%25AA%25D9%2586%25D8%25B2%25D9%258A%25D9%2584.jpg
1.bp.blogspot.com/-9K5TkU3L8VM/YBFUS_70pcI/AAAAAAAAApM/RP5yO0HfcbwSoYp7pRtUHSpo0_aDUjYMACPcBGAYYCw/w250-h101/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-9K5TkU3L8VM/YBFUS_70pcI/AAAAAAAAApM/RP5yO0HfcbwSoYp7pRtUHSpo0_aDUjYMACPcBGAYYCw/w250-h101/%25D8%25AA%25D9%2586%25D8%25B2%25D9%258A%25D9%2584.jpg
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3a72ceecf1381c9d7f57373317b87ea0cf0c931872663dcf2ea54f7259e1e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
x-content-type-options
nosniff
server
fife
etag
"v293"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="_____.jpg";filename*=UTF-8''%D8%AA%D9%86%D8%B2%D9%8A%D9%84.jpg
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7036
x-xss-protection
0
expires
Wed, 02 Jun 2021 20:45:12 GMT
The-Waylanders-The-Corrupted-Coven-Early-Access-Free-Download-1-OceanofGames.com_.jpg
oceanofgames.com/wp-content/uploads/2020/11/ 		0
0
%25D8%25AA%25D9%2586%25D8%25B2%25D9%258A%25D9%2584.jpg
1.bp.blogspot.com/-iqvuE_Fs0is/YA7UbVJANiI/AAAAAAAAAoo/rH-S4nA60_86AokBHfUdB2NdHggyeHLNACLcBGAsYHQ/s0/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-iqvuE_Fs0is/YA7UbVJANiI/AAAAAAAAAoo/rH-S4nA60_86AokBHfUdB2NdHggyeHLNACLcBGAsYHQ/s0/%25D8%25AA%25D9%2586%25D8%25B2%25D9%258A%25D9%2584.jpg
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
04f16f38c5da1ee157d22fae7cd7bf6fa3e6af5f094b9c714cbf260c6533c867
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
x-content-type-options
nosniff
server
fife
etag
"v28b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="_____.jpg";filename*=UTF-8''%D8%AA%D9%86%D8%B2%D9%8A%D9%84.jpg
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7441
x-xss-protection
0
expires
Wed, 02 Jun 2021 20:45:12 GMT
Cyberpunk-2077-GOG.jpg
www.skidrowcrack.com/download/2020/12/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.skidrowcrack.com/download/2020/12/Cyberpunk-2077-GOG.jpg
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3da9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95dfea8f6ba26a382f5354d9b6c5dc6e83e459ac4503e0245945038f7e100825

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 14 Dec 2020 07:38:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dNksMqIdkGwim29ktAKpL%2FLb9tpKvoC2wS6ozCtApk7IJ120CZZaSTLkAjDJae7z7EYCj2lRRFX3EzDaKaZYgJLc6iiF8GnkA96HZ995Yhz4rZ9K8E4bO2gYLKgmVdMFJN%2Bm1eBWvW2W%2FkRpceQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
658b48c9edcad721-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
38859
cf-request-id
0a6aebd2300000d721f136d000000001
%25D8%25AA%25D9%2586%25D8%25B2%25D9%258A%25D9%2584.jpg
1.bp.blogspot.com/-5VO6YK04huk/YA7SfaQIY8I/AAAAAAAAAoc/M-ynKbGQH_0fqhRBwjS8a4NbUcAjBZpJwCLcBGAsYHQ/s0/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-5VO6YK04huk/YA7SfaQIY8I/AAAAAAAAAoc/M-ynKbGQH_0fqhRBwjS8a4NbUcAjBZpJwCLcBGAsYHQ/s0/%25D8%25AA%25D9%2586%25D8%25B2%25D9%258A%25D9%2584.jpg
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
04f16f38c5da1ee157d22fae7cd7bf6fa3e6af5f094b9c714cbf260c6533c867
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
x-content-type-options
nosniff
server
fife
etag
"v288"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="_____.jpg";filename*=UTF-8''%D8%AA%D9%86%D8%B2%D9%8A%D9%84.jpg
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7441
x-xss-protection
0
expires
Wed, 02 Jun 2021 20:45:12 GMT
%25D8%25AA%25D9%2586%25D8%25B2%25D9%258A%25D9%2584.jpg
1.bp.blogspot.com/-iqvuE_Fs0is/YA7UbVJANiI/AAAAAAAAAoo/rH-S4nA60_86AokBHfUdB2NdHggyeHLNACLcBGAsYHQ/w680/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-iqvuE_Fs0is/YA7UbVJANiI/AAAAAAAAAoo/rH-S4nA60_86AokBHfUdB2NdHggyeHLNACLcBGAsYHQ/w680/%25D8%25AA%25D9%2586%25D8%25B2%25D9%258A%25D9%2584.jpg
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
04f16f38c5da1ee157d22fae7cd7bf6fa3e6af5f094b9c714cbf260c6533c867
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
x-content-type-options
nosniff
server
fife
etag
"v28b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="_____.jpg";filename*=UTF-8''%D8%AA%D9%86%D8%B2%D9%8A%D9%84.jpg
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7441
x-xss-protection
0
expires
Wed, 02 Jun 2021 20:45:12 GMT
%25D8%25AA%25D9%2586%25D8%25B2%25D9%258A%25D9%2584.jpg
1.bp.blogspot.com/-5VO6YK04huk/YA7SfaQIY8I/AAAAAAAAAoc/M-ynKbGQH_0fqhRBwjS8a4NbUcAjBZpJwCLcBGAsYHQ/w680/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-5VO6YK04huk/YA7SfaQIY8I/AAAAAAAAAoc/M-ynKbGQH_0fqhRBwjS8a4NbUcAjBZpJwCLcBGAsYHQ/w680/%25D8%25AA%25D9%2586%25D8%25B2%25D9%258A%25D9%2584.jpg
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
04f16f38c5da1ee157d22fae7cd7bf6fa3e6af5f094b9c714cbf260c6533c867
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
x-content-type-options
nosniff
server
fife
etag
"v288"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="_____.jpg";filename*=UTF-8''%D8%AA%D9%86%D8%B2%D9%8A%D9%84.jpg
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7441
x-xss-protection
0
expires
Wed, 02 Jun 2021 20:45:12 GMT
bg1.jpg
worldofclix.com/assets/evolution/css/images/ Frame FE67 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/bg1.jpg
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
cd0a43dde6ea96c9aa99adb178d2237c8fa09bee17cecd729c26cafdc0bde3b9

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:28 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=900
accept-ranges
bytes
content-length
13672
expires
Tue, 01 Jun 2021 21:00:12 GMT
hd-top-ic1.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/hd-top-ic1.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
35a062aa170c4c24958380051d96a6ee99d90e67f7bcdfaf6a582313cfd4a4b3

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
3030
expires
Tue, 01 Jun 2021 21:00:12 GMT
hd-top-ic2.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/hd-top-ic2.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
18609b8d5fd5c0435b13933a0d05cbd33fe171b98608f835bfc3ae2948c29d22

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
2959
expires
Tue, 01 Jun 2021 21:00:12 GMT
hd-top-ic3.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/hd-top-ic3.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
6d553c3ca954593882680041cf8acf5aa25cbf2fa4b974ce1a96aa6635bf46f0

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
3085
expires
Tue, 01 Jun 2021 21:00:12 GMT
hd-top-ic5.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/hd-top-ic5.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
8caec4f2567668ff5d4cc3a0cedb7a2a8f9a9c38759d08f08e032b880d9568d4

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
3116
expires
Tue, 01 Jun 2021 21:00:12 GMT
hd-top-ic6.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/hd-top-ic6.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
55694b6e69a63a9c107ceb17c238459a7e20e03d10cf9b2626a20d56ab8bcd67

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
3009
expires
Tue, 01 Jun 2021 21:00:12 GMT
hd-top-ic4.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/hd-top-ic4.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
2a881bb0c27788e87f84dbab80758002844891bf68f0bf4bde6991521b9d9bd2

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
3030
expires
Tue, 01 Jun 2021 21:00:12 GMT
bn-bg.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/bn-bg.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
a2810c8b66ea10a80b82977bf3ebf81cb00717244bf4cb5f6cf309168a546d03

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
117953
expires
Tue, 01 Jun 2021 21:00:12 GMT
ctn-stt1.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/ctn-stt1.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
0c33677fab284805eb3bca37c22b8ec3f0699ee44ed87bd93070fdbf63fb9990

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
3429
expires
Tue, 01 Jun 2021 21:00:12 GMT
ctn-stt2.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/ctn-stt2.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
4f08dbf81c41d8b17540ed85fa39446f59c45877f9bc76b37cecf22074628f0b

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
3507
expires
Tue, 01 Jun 2021 21:00:12 GMT
ctn-stt3.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/ctn-stt3.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
2c5af47d9a8ea867422b0c54202d7b1b2a23f7928fe2102e08055f016e39663b

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
3395
expires
Tue, 01 Jun 2021 21:00:12 GMT
ctn-latest.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/ctn-latest.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
84ed81a3036aeecfed391395e853d2d97e7624073a1f14e700f0d663f7eac41f

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
12018
expires
Tue, 01 Jun 2021 21:00:12 GMT
icon-ab.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/icon-ab.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
426cc66e1caeae882eee4e798e82e1ef51662dff27d765ce285bd816ccf7ba45

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
3129
expires
Tue, 01 Jun 2021 21:00:12 GMT
about-bg.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/about-bg.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
1c0544e877f7c6419d443e66cc17d2a8c463826a0eba654437b6c177b169ccff

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:28 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
5714
expires
Tue, 01 Jun 2021 21:00:12 GMT
ctn-lang1.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/ctn-lang1.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
2bb41414722d7276310934e4e35d05a74ba54050b1b6d0d39439d352368f34d8

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
8298
expires
Tue, 01 Jun 2021 21:00:12 GMT
ctn-lang2.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/ctn-lang2.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
b4386ba53943af85eb560626f1997f4cbc6aedf40b6908a4e5b63f87545fd7e8

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
8701
expires
Tue, 01 Jun 2021 21:00:12 GMT
ctn-lang3.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/ctn-lang3.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
8efd38d9b334b270b6850c12f56903dcb9fdbc40cc114b266a00a7b7be07dec0

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
7974
expires
Tue, 01 Jun 2021 21:00:12 GMT
ctn-lang4.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/ctn-lang4.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
0bc936373732dd7d9ab96c3b970415946b4e6dba568f9eb64b1254e18427a0d5

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
7660
expires
Tue, 01 Jun 2021 21:00:12 GMT
solid.png
worldofclix.com/assets/evolution/css/images/ Frame FE67 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/solid.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
11284a36e61efc8c52ef4209016895dfd06d664b3541da93cae80d4daafa1d7f

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
11818
expires
Tue, 01 Jun 2021 21:00:12 GMT
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v16/ Frame FE67 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:400,600,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://worldofclix.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 10:13:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 02:44:35 GMT
server
sffe
age
383502
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18972
x-xss-protection
0
expires
Sat, 28 May 2022 10:13:30 GMT
XRXW3I6Li01BKofA6sKUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ Frame FE67 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofA6sKUYevI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:400,600,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://worldofclix.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 23:20:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 02:44:29 GMT
server
sffe
age
77087
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19248
x-xss-protection
0
expires
Tue, 31 May 2022 23:20:25 GMT
XRXW3I6Li01BKofAjsOUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ Frame FE67 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:400,600,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://worldofclix.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 06:30:44 GMT
x-content-type-options
nosniff
age
51268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19088
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 02:44:23 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jun 2022 06:30:44 GMT
index.html
moneyonlineinvestment.com/ Frame 886E
Redirect Chain
  • https://moneyonlineinvestment.com/r/321478
  • https://moneyonlineinvestment.com/?a_aid=321478
  • https://moneyonlineinvestment.com/index.html
278 B
517 B 		Document
General
Check archive.org
Download Go to
Full URL
https://moneyonlineinvestment.com/index.html
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass-rotator.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.29.104.118 Paris, France, ASN9009 (M247, GB),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
922928a8f6f3e0b9cfe1dc7daf5dbcbb2c84b18d7fbf10174052c33b013e6667

Request headers

Host
moneyonlineinvestment.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.adzbux.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adzbux.com/

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Server
Apache/2.4.41 (Ubuntu)
Last-Modified
Thu, 15 Apr 2021 09:46:01 GMT
ETag
"116-5bfffbb333c44-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
217
Connection
close
Content-Type
text/html

Redirect headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Server
Apache/2.4.41 (Ubuntu)
Set-Cookie
PHPSESSID=gkr8hbmpenvh48fmti32ge0vni; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
/index.html
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame 227D 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:58 GMT
content-encoding
br
vary
Accept-Encoding
age
2316195
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"7fd8734437dbdc553c3513d10d0c0a97"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
mlr3VCQ6cD8YTy6TeEYvBokUP7u2ha5UBnHcdUcc785Pj46Yft7MnQ==
lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 227D 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:58 GMT
content-encoding
br
vary
Accept-Encoding
age
2316195
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
lSr_LrsDw93adf2hoCoYsr76jHJxBe68XF_BlTQRPm8uBT4eQ9CrsA==
vendors~widget-ui.js
static.arc.io/widget/js/ Frame 94CB 		93 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/vendors~widget-ui.js?fd8fd2c
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a97573fb98d12e72469bd719502cc07964386b1d274f46c8a1aecc246faf5916

Request headers

Referer
https://www.adzbux.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:25 GMT
content-encoding
br
vary
Accept-Encoding
age
517248
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:47 GMT
server
AmazonS3
etag
W/"520b74b9d66dcf95cd6398794c2ad023"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
i7dciJ4cPj5dNraGTmehR9S-kUPKe3948fK1Ke1dnBRyv_a63T88KQ==
widget.css
static.arc.io/widget/css/ Frame 94CB 		84 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/css/widget.css?fd8fd2c
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cafaaa9b989a8e48ee553971cf9b972b2d8f3e8fdddbd06a8147d0ec0498e5

Request headers

Referer
https://www.adzbux.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:25 GMT
content-encoding
br
vary
Accept-Encoding
age
517248
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:46 GMT
server
AmazonS3
etag
W/"a923e8363c5b89f335d13ce57f2f1fa8"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
veoKmNTDr2TaFBbJQC5kh2Bpm0oV4IT6HSRzyhXSkccOeGqwohHu9g==
widget-ui.js
static.arc.io/widget/js/ Frame 94CB 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/widget-ui.js?fd8fd2c
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dc91b7deab415797539622fd50d18e8f8b674ac37e525070b592ad3c7f8b96b

Request headers

Referer
https://www.adzbux.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:25 GMT
content-encoding
br
vary
Accept-Encoding
age
517248
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:47 GMT
server
AmazonS3
etag
W/"ce2a4cd559f434679a1989acff0effea"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
WYFxqTO-siNCy3mMUE5udAgYyDgYcO4YASkbiyHWM2U6x5IVGw0oUQ==
vendors~widget-ui.js
static.arc.io/widget/js/ Frame E61B 		93 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/vendors~widget-ui.js?fd8fd2c
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a97573fb98d12e72469bd719502cc07964386b1d274f46c8a1aecc246faf5916

Request headers

Referer
https://www.adzbux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:25 GMT
content-encoding
br
vary
Accept-Encoding
age
517248
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:47 GMT
server
AmazonS3
etag
W/"520b74b9d66dcf95cd6398794c2ad023"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
68OzT-YLV24es5ZLYivQpXEJX5L5vjNcS1XZu8_eAovkLo4kTVDofg==
widget.css
static.arc.io/widget/css/ Frame E61B 		84 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/css/widget.css?fd8fd2c
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cafaaa9b989a8e48ee553971cf9b972b2d8f3e8fdddbd06a8147d0ec0498e5

Request headers

Referer
https://www.adzbux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:25 GMT
content-encoding
br
vary
Accept-Encoding
age
517248
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:46 GMT
server
AmazonS3
etag
W/"a923e8363c5b89f335d13ce57f2f1fa8"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
DPAB5-WlHjRtqcBzXs7_gk-6wxq0yCIG_PjIHeiU2O3xYVmoEXKqfg==
widget-ui.js
static.arc.io/widget/js/ Frame E61B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/widget-ui.js?fd8fd2c
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dc91b7deab415797539622fd50d18e8f8b674ac37e525070b592ad3c7f8b96b

Request headers

Referer
https://www.adzbux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:25 GMT
content-encoding
br
vary
Accept-Encoding
age
517248
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:47 GMT
server
AmazonS3
etag
W/"ce2a4cd559f434679a1989acff0effea"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
RJ2vzEB9jetMtn2yqzLFmwYTQER_VJvNpKgsotrCaNtfsbUhoMjXDQ==
broker.8ade32c4.js
static.arc.io/broker/js/ Frame 2533 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/broker.8ade32c4.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e67a62c23c04cf1f7f2ae3615dc16e99ff318a5238a311287ce9dfc74d79ef36

Request headers

Origin
https://core.arc.io
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:59 GMT
content-encoding
gzip
vary
Accept-Encoding
age
2316194
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"7f8131981b3050291ebfde5200590514"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ToPIhv5wolbuxq22p0I4vhQ5GMp3xVlsASh-E4cvRHLw0xukjuYqoQ==
chunk-vendors.85cb0bd7.js
static.arc.io/broker/js/ Frame 2533 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/chunk-vendors.85cb0bd7.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87d5ef022a7dcf0361ac7c406f0a85a16712db4e66ee2363941c2a9f412fb27a

Request headers

Origin
https://core.arc.io
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:59 GMT
content-encoding
gzip
vary
Accept-Encoding
age
2316194
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"c34d69d2acc5361be94bab962c0f07eb"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ChXGi4XFs2jSioBz5BRjC-q_eVfK4uHOapw9QKHWjg5Fi5b40mzqWg==
jquery-ui.min.css
worldofclix.com/assets/jqueryui/css/ Frame 810B 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/jqueryui/css/jquery-ui.min.css
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
efaaa09c3b1e7b374e13123fe496ba19e53ac74386fa136d09fdb34701c76755

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 20:37:11 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=900
accept-ranges
bytes
content-length
7759
expires
Tue, 01 Jun 2021 21:00:12 GMT
global.css
worldofclix.com/assets/evolution/css/ Frame 810B 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/evolution/css/global.css
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
b0d4b1978c31347d88169c9dcbbb3223e251cc272d65f80a6b7b57cb9443ce3e

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Wed, 26 May 2021 13:33:08 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=900
accept-ranges
bytes
content-length
4905
expires
Tue, 01 Jun 2021 21:00:12 GMT
font-awesome.min.css
worldofclix.com/assets/components/font-awesome/css/ Frame 810B 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/components/font-awesome/css/font-awesome.min.css
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 20:37:14 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=900
accept-ranges
bytes
content-length
7053
expires
Tue, 01 Jun 2021 21:00:12 GMT
jquery.min.js
worldofclix.com/assets/jquery/ Frame 810B 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/jquery/jquery.min.js
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
9690d10e55416d5928a5db2dcff5f32e3d9509d1aa55a5baed85933e045dcda3

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 20:37:00 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
33767
expires
Tue, 01 Jun 2021 21:00:12 GMT
jquery-ui.min.js
worldofclix.com/assets/jqueryui/ Frame 810B 		248 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/jqueryui/jquery-ui.min.js
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
9852ccf03b383d1b3855c1983e18258fbdf07999ff77a68327ed0413466db4f2

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 20:37:01 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
expires
Tue, 01 Jun 2021 21:00:12 GMT
evolutionscript.js
worldofclix.com/assets/evolution/js/ Frame 810B 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/evolution/js/evolutionscript.js
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
8be2a4d9b5c58396029b73f7f4786649bf20be679133cccf2130741f3786348d

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 20:37:07 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
4003
expires
Tue, 01 Jun 2021 21:00:12 GMT
l2blockit.js
worldofclix.com/assets/evolution/js/ Frame 810B 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/evolution/js/l2blockit.js
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
7ba57ba8c83b63763e70005c9b1840d8d7e8c71611969265aa5675aae93ead18

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 20:37:07 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
1286
expires
Tue, 01 Jun 2021 21:00:12 GMT
bootstrap.bundle.min.js
worldofclix.com/assets/components/bootstrap/js/ Frame 810B 		77 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/components/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 20:37:13 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
22295
expires
Tue, 01 Jun 2021 21:00:12 GMT
bootstrap.min.css
worldofclix.com/assets/evolution/css/ Frame 810B 		95 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/evolution/css/bootstrap.min.css
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
e6235f861e373bda60b414e87e3b85eb1035e408ede6552bcaee4cdac089a422

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Tue, 25 May 2021 15:55:17 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=900
accept-ranges
bytes
content-length
16678
expires
Tue, 01 Jun 2021 21:00:12 GMT
css
fonts.googleapis.com/ Frame 810B 		5 KB
606 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito:400,600,700
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d42f042ed608b6961fa3d30ecbf836e83c9f107e6aebe828e7fb8cafaa98b16e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 20:07:41 GMT
server
ESF
date
Tue, 01 Jun 2021 20:45:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Jun 2021 20:45:12 GMT
custom.css
worldofclix.com/assets/evolution/css/ Frame 810B 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/evolution/css/custom.css
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
cda0df68d4e1a654e96e9769ddacfa5fc8e2049861374fc12556277d0d9d6b48

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Tue, 25 May 2021 15:47:08 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=900
accept-ranges
bytes
content-length
3035
expires
Tue, 01 Jun 2021 21:00:12 GMT
bootstrap.min.js
worldofclix.com/assets/evolution/css/ Frame 810B 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/evolution/css/bootstrap.min.js
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
ecb27879c669b3efe26467e7cc0168d7955b73aa22ca9fe786cc41458566545a

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Tue, 25 May 2021 15:55:19 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5554
expires
Tue, 01 Jun 2021 21:00:12 GMT
logo.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/logo.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
08d83396832457655f02a3dda3602efeafda0df47302150827ae7523d79c8554

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Sun, 30 May 2021 20:41:42 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
1969
expires
Tue, 01 Jun 2021 21:00:13 GMT
ad_468x60.jpg
worldofclix.com/assets/evolution/images/ Frame 810B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/images/ad_468x60.jpg
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
ea62fc8fcef4a384c88b9d6cb61cf3fb24c9f2dd2a3ec911cf63388ebd3a7cd3

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Wed, 28 Apr 2021 20:37:07 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=900
accept-ranges
bytes
content-length
2751
expires
Tue, 01 Jun 2021 21:00:13 GMT
close.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		724 B
903 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/close.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
fca254618289bd652eee1a799b4d45bdf64d3af03ff2d953f918dea612974d2b

Request headers

Referer
https://worldofclix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:28 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
724
expires
Tue, 01 Jun 2021 21:00:13 GMT
cs-s.css
trafiframe.ru/css/ Frame 1565 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trafiframe.ru/css/cs-s.css
Requested by
Host: trafiframe.ru
URL: https://trafiframe.ru/iframe.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.249.138.135 , Russian Federation, ASN20485 (TRANSTELECOM Moscow, Russia, RU),
Reverse DNS
host.135.dynamic1.l2tp.subnets.svg.ttkdv.ru
Software
nginx/1.16.1 /
Resource Hash
2d2da6de75890af2103b060eb000ad3186dfaf045935b6024e48546d724ceea0
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

Referer
https://trafiframe.ru/iframe.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
last-modified
Wed, 27 Jan 2021 12:06:47 GMT
server
nginx/1.16.1
etag
"60115757-132e"
strict-transport-security
max-age=0;
content-type
text/css
accept-ranges
bytes
content-length
4910
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ Frame 1565 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: trafiframe.ru
URL: https://trafiframe.ru/iframe.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trafiframe.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:48:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7014
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33333
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jun 2022 18:48:18 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ Frame 1565 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: trafiframe.ru
URL: https://trafiframe.ru/iframe.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trafiframe.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 13:27:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26260
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jun 2022 13:27:32 GMT
foot.png
trafiframe.ru/css/img/ Frame 1565 		548 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trafiframe.ru/css/img/foot.png
Requested by
Host: trafiframe.ru
URL: https://trafiframe.ru/iframe.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.249.138.135 , Russian Federation, ASN20485 (TRANSTELECOM Moscow, Russia, RU),
Reverse DNS
host.135.dynamic1.l2tp.subnets.svg.ttkdv.ru
Software
nginx/1.16.1 /
Resource Hash
49a7a5d720f769b67e864725cd43fafd9212e25cc93ebb3a2945280034d72176
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

Referer
https://trafiframe.ru/iframe.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Fri, 29 Nov 2019 23:41:16 GMT
server
nginx/1.16.1
etag
"5de1ac9c-224"
strict-transport-security
max-age=0;
content-type
image/png
accept-ranges
bytes
content-length
548
3_0_ECECECFF_CCCCCCFF_0_pageviews
informer.yandex.ru/informer/56460499/ Frame 1565 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://informer.yandex.ru/informer/56460499/3_0_ECECECFF_CCCCCCFF_0_pageviews
Requested by
Host: trafiframe.ru
URL: https://trafiframe.ru/iframe.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
96f260924b26b97aac9a8416425cfffe385bbac29b67a28dd9f91330f8fb4f14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trafiframe.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
last-modified
Tue, 01-Jun-2021 20:45:13 GMT
content-type
image/png
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
1618
x-xss-protection
1; mode=block
expires
Tue, 01-Jun-2021 20:45:13 GMT
megastock.png
trafiframe.ru/css/img/ Frame 1565 		854 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trafiframe.ru/css/img/megastock.png
Requested by
Host: trafiframe.ru
URL: https://trafiframe.ru/iframe.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.249.138.135 , Russian Federation, ASN20485 (TRANSTELECOM Moscow, Russia, RU),
Reverse DNS
host.135.dynamic1.l2tp.subnets.svg.ttkdv.ru
Software
nginx/1.16.1 /
Resource Hash
be4ba2c067449ee68cd89d090dd3176ae90de2ab061d751e123a33b27f2e0a87
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

Referer
https://trafiframe.ru/iframe.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Sat, 30 Nov 2019 03:56:37 GMT
server
nginx/1.16.1
etag
"5de1e875-356"
strict-transport-security
max-age=0;
content-type
image/png
accept-ranges
bytes
content-length
854
Payeer.png
trafiframe.ru/css/img/ Frame 1565 		680 B
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trafiframe.ru/css/img/Payeer.png
Requested by
Host: trafiframe.ru
URL: https://trafiframe.ru/iframe.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.249.138.135 , Russian Federation, ASN20485 (TRANSTELECOM Moscow, Russia, RU),
Reverse DNS
host.135.dynamic1.l2tp.subnets.svg.ttkdv.ru
Software
nginx/1.16.1 /
Resource Hash
28513542247e10b882e088a7eaf583e87d6ec6cd6affc8c8916d703fd3be9902
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

Referer
https://trafiframe.ru/iframe.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Sat, 30 Nov 2019 03:56:37 GMT
server
nginx/1.16.1
etag
"5de1e875-2a8"
strict-transport-security
max-age=0;
content-type
image/png
accept-ranges
bytes
content-length
680
Yandex.png
trafiframe.ru/css/img/ Frame 1565 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trafiframe.ru/css/img/Yandex.png
Requested by
Host: trafiframe.ru
URL: https://trafiframe.ru/iframe.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.249.138.135 , Russian Federation, ASN20485 (TRANSTELECOM Moscow, Russia, RU),
Reverse DNS
host.135.dynamic1.l2tp.subnets.svg.ttkdv.ru
Software
nginx/1.16.1 /
Resource Hash
107b5b6d1b4acdf6f07d7e33e9dbaf592a052f8aeff4984cdc17eb61402b4f38
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

Referer
https://trafiframe.ru/iframe.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Sat, 30 Nov 2019 03:56:37 GMT
server
nginx/1.16.1
etag
"5de1e875-998"
strict-transport-security
max-age=0;
content-type
image/png
accept-ranges
bytes
content-length
2456
Qiwi.png
trafiframe.ru/css/img/ Frame 1565 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trafiframe.ru/css/img/Qiwi.png
Requested by
Host: trafiframe.ru
URL: https://trafiframe.ru/iframe.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.249.138.135 , Russian Federation, ASN20485 (TRANSTELECOM Moscow, Russia, RU),
Reverse DNS
host.135.dynamic1.l2tp.subnets.svg.ttkdv.ru
Software
nginx/1.16.1 /
Resource Hash
a24361e8123c217d21726c53fb1e5e4268974ff6cb0177c8eb31c242791f6e95
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

Referer
https://trafiframe.ru/iframe.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Mon, 08 Jul 2019 05:30:46 GMT
server
nginx/1.16.1
etag
"5d22d506-ba3"
strict-transport-security
max-age=0;
content-type
image/png
accept-ranges
bytes
content-length
2979
9e6f20afad0dc58a5d05d9f988955433.gif
sharkpromotion.net/adv_banners/ Frame 9665 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/adv_banners/9e6f20afad0dc58a5d05d9f988955433.gif
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
f392fb9446325049661e305ced5613607e4618364b3d5ff980f106b83697c7ce

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Sun, 28 Feb 2021 07:42:05 GMT
Server
nginx/1.18.0
ETag
"603b494d-16d79"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93561
Expires
Tue, 08 Jun 2021 20:45:13 GMT
bg-header.png
sharkpromotion.net/style/img/ Frame 9665 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/style/img/bg-header.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/style/style.css?t=1616814258
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
12ede549c3b4612e30042bb9a8ff52bc76061aedc479a40e9ea20af7ae17733a

Request headers

Referer
https://sharkpromotion.net/style/style.css?t=1616814258
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:12 GMT
Last-Modified
Wed, 08 Oct 2014 19:55:54 GMT
Server
nginx/1.18.0
ETag
"543596ca-d46"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3398
Expires
Tue, 08 Jun 2021 20:45:12 GMT
menu-bg.png
sharkpromotion.net/style/img/ Frame 9665 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/style/img/menu-bg.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/style/block.css?t=1601960145
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
eec083b235053b4e5ce80f3fc79cf441474a3f12da5425475add4848b0bcfc29

Request headers

Referer
https://sharkpromotion.net/style/block.css?t=1601960145
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Wed, 08 Oct 2014 19:55:54 GMT
Server
nginx/1.18.0
ETag
"543596ca-403"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1027
Expires
Tue, 08 Jun 2021 20:45:13 GMT
menu-bg-sel.png
sharkpromotion.net/style/img/ Frame 9665 		964 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/style/img/menu-bg-sel.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/style/block.css?t=1601960145
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
3f725322031d3e6f84d3b35d508846f5a51583a7b649502cadeb84a527bcbaf4

Request headers

Referer
https://sharkpromotion.net/style/block.css?t=1601960145
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Wed, 08 Oct 2014 19:55:54 GMT
Server
nginx/1.18.0
ETag
"543596ca-3c4"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
964
Expires
Tue, 08 Jun 2021 20:45:13 GMT
icon-advertise-add.png
sharkpromotion.net/style/icon-serf/ Frame 9665 		733 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/style/icon-serf/icon-advertise-add.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/style/style.css?t=1616814258
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
c06a52df3361df380a02a45159a0858d6f7cd8cbc3f71ff732a65d6c25ea6af6

Request headers

Referer
https://sharkpromotion.net/style/style.css?t=1616814258
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Mon, 25 Nov 2019 05:33:16 GMT
Server
nginx/1.18.0
ETag
"5ddb679c-2dd"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
733
Expires
Tue, 08 Jun 2021 20:45:13 GMT
bg-block.png
sharkpromotion.net/style/img/ Frame 9665 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/style/img/bg-block.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/style/block.css?t=1601960145
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
f3e506846f1adc9a51bce68a428b3b47bce0c4fd28f27600b3f8c3050c145600

Request headers

Referer
https://sharkpromotion.net/style/block.css?t=1601960145
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Mon, 15 May 2017 19:20:44 GMT
Server
nginx/1.18.0
ETag
"5919ff8c-4f2"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1266
Expires
Tue, 08 Jun 2021 20:45:13 GMT
bg-block-title.gif
sharkpromotion.net/style/img/ Frame 9665 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/style/img/bg-block-title.gif
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/style/block.css?t=1601960145
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
addf01d9aa1e7918b31ff0959a8d3e937dc1dca07e8408a35025635dec7d962b

Request headers

Referer
https://sharkpromotion.net/style/block.css?t=1601960145
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Wed, 08 Oct 2014 19:55:54 GMT
Server
nginx/1.18.0
ETag
"543596ca-4b6"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1206
Expires
Tue, 08 Jun 2021 20:45:13 GMT
lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame 2533 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:58 GMT
content-encoding
br
vary
Accept-Encoding
age
2316195
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"7fd8734437dbdc553c3513d10d0c0a97"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
OT-GgjrYlTBW0FdCSMqR-GqbmTAt7f1xYWgoQQwAO3Wq6GKfCzF2ow==
lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 2533 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:58 GMT
content-encoding
br
vary
Accept-Encoding
age
2316195
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
XTTP0Iqe1qnD0zq4wye2riya0Um06Vmx788jl-wv-JHdy6DP-7cp1A==
vendors~widget-ui.js
static.arc.io/widget/js/ Frame D2CA 		93 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/vendors~widget-ui.js?fd8fd2c
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a97573fb98d12e72469bd719502cc07964386b1d274f46c8a1aecc246faf5916

Request headers

Referer
https://www.adzbux.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:25 GMT
content-encoding
br
vary
Accept-Encoding
age
517248
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:47 GMT
server
AmazonS3
etag
W/"520b74b9d66dcf95cd6398794c2ad023"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
QstNLnBcUaCWOmYCNwJiE54S7ACOBlRJRYfsY3E1YRTFK1UM_yBZeg==
widget.css
static.arc.io/widget/css/ Frame D2CA 		84 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/css/widget.css?fd8fd2c
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cafaaa9b989a8e48ee553971cf9b972b2d8f3e8fdddbd06a8147d0ec0498e5

Request headers

Referer
https://www.adzbux.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:25 GMT
content-encoding
br
vary
Accept-Encoding
age
517248
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:46 GMT
server
AmazonS3
etag
W/"a923e8363c5b89f335d13ce57f2f1fa8"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
bU4z-RxnrhAa2R_lm0ODBkGB7P1oh64uiEDbYlT7NcYoWwKPVDiPZg==
widget-ui.js
static.arc.io/widget/js/ Frame D2CA 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/widget-ui.js?fd8fd2c
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dc91b7deab415797539622fd50d18e8f8b674ac37e525070b592ad3c7f8b96b

Request headers

Referer
https://www.adzbux.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:25 GMT
content-encoding
br
vary
Accept-Encoding
age
517248
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:47 GMT
server
AmazonS3
etag
W/"ce2a4cd559f434679a1989acff0effea"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
KwBY6FKjut9iN4cKI3z5RLN_-WQ1YVY7SkPQggnAIHwhh5kOHDTZXw==
analytics.js
www.google-analytics.com/ Frame 7CBC 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.surfujkase.pl
URL: https://www.surfujkase.pl/promuj2.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.surfujkase.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5629
date
Tue, 01 Jun 2021 19:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 01 Jun 2021 21:11:23 GMT
1213985
acceptable.a-ads.com/ Frame 7A95 		24 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acceptable.a-ads.com/1213985
Requested by
Host: www.surfujkase.pl
URL: https://www.surfujkase.pl/promuj2.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.108.125.9.176.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
7791226f40f7aac51843f5a0008290b1f7f79dba3f0a3e0e795e66db53a703ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
acceptable.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.surfujkase.pl/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.surfujkase.pl/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 01 Jun 2021 20:45:12 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://www.surfujkase.pl/
Content-Encoding
gzip
/
href.li/ Frame 00CE 		667 B
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://href.li/?https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Requested by
Host: www.surfujkase.pl
URL: https://www.surfujkase.pl/promuj2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.27 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7d91e0f207b3736b98b1681d857b81ed5fe009493b96eba4a65421f5ce15d4f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
href.li
:scheme
https
:path
/?https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.surfujkase.pl/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.surfujkase.pl/

Response headers

server
nginx
date
Tue, 01 Jun 2021 20:45:13 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-encoding
gzip
x-ac
3.vie _dca
css
fonts.googleapis.com/ Frame 810B 		0
0
uicons.css
worldofclix.com/assets/evolution/css/ Frame 810B 		71 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://worldofclix.com/assets/evolution/css/uicons.css
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/global.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
6b3e012f4506ee657c139ef677a5b5e8ce4504655cb7ac403a2cfe6e5a1af425

Request headers

Referer
https://worldofclix.com/assets/evolution/css/global.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
last-modified
Tue, 25 May 2021 15:45:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=900
accept-ranges
bytes
content-length
8271
expires
Tue, 01 Jun 2021 21:00:12 GMT
banner.php
g.cash-ads.com/ Frame 2854 		209 B
381 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/banner.php?uid=4071&size=1
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
nginx /
Resource Hash
30080f4636ea37592bf515094a58139a55d257a2a7265afe8a23c16e1a283459
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
server
nginx
x-frame-options
deny
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
/
g.cash-ads.com/banner/ Frame 2854 		215 B
378 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/banner/?code=fcUxxfaC4tUKD%2F0BY9mTluUw%2B8ORBwU%2FPN0nAZqA9Tc%3D
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
nginx /
Resource Hash
59a6d5113bd83c8f94dea733c15de42dd2f83558afb33cc102413895df19b206
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-encoding
gzip
server
nginx
x-frame-options
deny
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
reklamstore.js
adserver.reklamstore.com/ Frame 2854 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:1400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
74216
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
content-length
29647
x-amz-cf-id
HLyzZBl2fL4WfclFpQNZr2fUneO5MpXqWRGtmr9I7oiWu8vfvL_XGQ==
popmyads.php
exp3.eurosptp.com/ Frame 8BCA 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exp3.eurosptp.com/popmyads.php
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.19 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster010.hosting.ovh.net
Software
Apache / PHP/5.4
Resource Hash
f42f982d3cf93053a71b4b69f1e3e576ee87e829ac9d7df7e641cee7f6dd142e

Request headers

:method
GET
:authority
exp3.eurosptp.com
:scheme
https
:path
/popmyads.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://exp3.eurosptp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
visite24=1; visite=24h; visbl=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://exp3.eurosptp.com/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
x-powered-by
PHP/5.4
expires
Sun, 01 Jan 2014 00:00:00 GMT
pragma
no-cache
cache-control
no-cache, must-revalidate
referrer-policy
origin
vary
Accept-Encoding
content-encoding
gzip
/
nullrefer.com/ Frame 7816
Redirect Chain
  • https://cutt.ly/traficboost10
  • https://nullrefer.com/?https://serveur-gmod.com/
810 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nullrefer.com/?https://serveur-gmod.com/
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d7f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.3.28
Resource Hash
804c488104b2fce78733953a181af8b70860d7dd9afe491866154172cbcc3a5e

Request headers

:method
GET
:authority
nullrefer.com
:scheme
https
:path
/?https://serveur-gmod.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-type
text/html
x-powered-by
PHP/5.3.28
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a6aebd3de00000742309fa000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=p6Lb6VErymtU0ersGB%2FHdeHWcJrPmCDuiejQmQ2PCtvY962emSB22z7mggoqytt1gh9lbpNx3oZMkktFO%2FlnVumtvxx%2B8sqzgCzIW3JRKqCRH3NCvsF1QSxHVa%2Fbth402RodgtrUIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48cc9f510742-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-type
text/html; charset=UTF-8
set-cookie
PHPSESSID=4ts2v0diq8i1di1ogs3lc7nke2; path=/; secure
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
location
https://nullrefer.com/?https://serveur-gmod.com/
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
cf-request-id
0a6aebd36800004ddcf48d1000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
658b48cbdeaa4ddc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
direct
audience.rtb.adp3.net/ Frame 7901 		0
27 B 		Document
General
Check archive.org
Download Go to
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paifl&feedid=348235&q=sex&return_url=
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
audience.rtb.adp3.net
:scheme
https
:path
/direct?pubid=88796&subid=paifl&feedid=348235&q=sex&return_url=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
0
location
direct
audience.rtb.adp3.net/ Frame 9C13 		0
26 B 		Document
General
Check archive.org
Download Go to
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paifl&feedid=423803&q=sex&return_url=
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
audience.rtb.adp3.net
:scheme
https
:path
/direct?pubid=88796&subid=paifl&feedid=423803&q=sex&return_url=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
0
location
direct
audience.rtb.adp3.net/ Frame BF08 		0
26 B 		Document
General
Check archive.org
Download Go to
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paifl&feedid=351699&q=sex&return_url=
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
audience.rtb.adp3.net
:scheme
https
:path
/direct?pubid=88796&subid=paifl&feedid=351699&q=sex&return_url=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
0
location
direct
audience.rtb.adp3.net/ Frame B171 		0
26 B 		Document
General
Check archive.org
Download Go to
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paifl&feedid=376540&q=sex&return_url=
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
audience.rtb.adp3.net
:scheme
https
:path
/direct?pubid=88796&subid=paifl&feedid=376540&q=sex&return_url=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
0
location
cinema.php
www.interclics.com/ Frame 1CF4 		1 KB
866 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.interclics.com/cinema.php
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.19 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster010.hosting.ovh.net
Software
Apache / PHP/7.3
Resource Hash
6a3e56dc2d6d10e493702eb78292c839c3272690db61247f2354b809fdf91666

Request headers

:method
GET
:authority
www.interclics.com
:scheme
https
:path
/cinema.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://exp3.eurosptp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://exp3.eurosptp.com/

Response headers

date
Tue, 01 Jun 2021 20:45:12 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
x-powered-by
PHP/7.3
vary
Accept-Encoding
content-encoding
gzip
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=429582&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=496448&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=438710&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=415219&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=495157&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=377374&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=378587&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=306827&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=330062&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=353391&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=361567&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=358324&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=406372&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=390987&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=490971&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=329029&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=480812&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=452102&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=482175&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=474517&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=373701&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=367767&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=465131&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=448902&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=307103&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=382526&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=434567&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=362239&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=318126&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=303611&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=400440&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=402314&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=339297&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=317454&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=352757&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=333804&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=361584&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=394345&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=377503&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=366134&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=342598&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=322175&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=413563&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=322008&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=480844&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=330682&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=497434&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=403469&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=390531&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=493474&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=402511&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=326443&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=405140&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=306601&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=348927&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=461303&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=382052&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=465286&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 2854 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=357096&q=sex&return_url=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
/
g.cash-ads.com/ Frame 2854 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.cash-ads.com/?nc=9e1gMrTRYdeeio%2Fy6khd8kLsdEH5O9qC0%2FpixD3HpyQ%3D
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
g.cash-ads.com/ Frame 2854 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.cash-ads.com/?nc=1AkXkjykmotsLdLDJdlmN6mMS3rkfkeXH9R8i%2B6bDP4%3D
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
83772ba9b19d8299ebf59beb9927356f.gif
sharkpromotion.net/adv_banners/ Frame 9665 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/adv_banners/83772ba9b19d8299ebf59beb9927356f.gif
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
0b738234938f14fa8275347402ad6ce3719f8c7b745965308ad072d7d4205a95

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Sun, 30 May 2021 21:05:44 GMT
Server
nginx/1.18.0
ETag
"60b3fe28-2013"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8211
Expires
Tue, 08 Jun 2021 20:45:13 GMT
analytics.js
www.google-analytics.com/ Frame E6F4 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.surfujkase.pl
URL: https://www.surfujkase.pl/promuj2.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.surfujkase.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5629
date
Tue, 01 Jun 2021 19:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 01 Jun 2021 21:11:23 GMT
1213985
acceptable.a-ads.com/ Frame 0A84 		0
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acceptable.a-ads.com/1213985
Requested by
Host: www.surfujkase.pl
URL: https://www.surfujkase.pl/promuj2.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.108.125.9.176.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
acceptable.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.surfujkase.pl/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.surfujkase.pl/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 01 Jun 2021 20:45:13 GMT
Content-Length
0
Connection
keep-alive
/
href.li/ Frame 47B9 		735 B
365 B 		Document
General
Check archive.org
Download Go to
Full URL
https://href.li/?https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Requested by
Host: www.surfujkase.pl
URL: https://www.surfujkase.pl/promuj2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.27 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ff8eee79afb5abc8901ad6fea16eeb929505971481694097a02d298b356f6b69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
href.li
:scheme
https
:path
/?https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.surfujkase.pl/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.surfujkase.pl/

Response headers

server
nginx
date
Tue, 01 Jun 2021 20:45:13 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-encoding
gzip
x-ac
3.vie _dca
brokers.js
static.arc.io/widget/js/ Frame E61B 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/brokers.js?fd8fd2c
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fb0ca8e793d8b529a7e7abdaa270757ea9774e2998d2421591133860a22a08

Request headers

Referer
https://www.adzbux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:28 GMT
content-encoding
br
vary
Accept-Encoding
age
517245
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:47 GMT
server
AmazonS3
etag
W/"312a3673cc8af3d946f275c1a4467309"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
7_bctvvjsRNVFqU9ExfoqZPTQN3n0CdQww1iDilnBofdS3sB_zlvYg==
analytics.js
www.google-analytics.com/ Frame C302 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.surfujkase.pl
URL: https://www.surfujkase.pl/promuj2.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.surfujkase.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5629
date
Tue, 01 Jun 2021 19:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 01 Jun 2021 21:11:23 GMT
1213985
acceptable.a-ads.com/ Frame 81A2 		0
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acceptable.a-ads.com/1213985
Requested by
Host: www.surfujkase.pl
URL: https://www.surfujkase.pl/promuj2.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.108.125.9.176.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
acceptable.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.surfujkase.pl/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.surfujkase.pl/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 01 Jun 2021 20:45:13 GMT
Content-Length
0
Connection
keep-alive
/
href.li/ Frame 19D1 		743 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://href.li/?https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Requested by
Host: www.surfujkase.pl
URL: https://www.surfujkase.pl/promuj2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.27 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
46f5a60e217c1cee422d4445804845a414f6196c519e1271a8be5068454a4377
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
href.li
:scheme
https
:path
/?https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.surfujkase.pl/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.surfujkase.pl/

Response headers

server
nginx
date
Tue, 01 Jun 2021 20:45:13 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-encoding
gzip
x-ac
3.vie _dca
brokers.js
static.arc.io/widget/js/ Frame 94CB 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/brokers.js?fd8fd2c
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fb0ca8e793d8b529a7e7abdaa270757ea9774e2998d2421591133860a22a08

Request headers

Referer
https://www.adzbux.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:28 GMT
content-encoding
br
vary
Accept-Encoding
age
517246
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:47 GMT
server
AmazonS3
etag
W/"312a3673cc8af3d946f275c1a4467309"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Usz0806tn0_PvL0dB9WwQFosBJuIcVn3Lh3J7dW9MwCGiihosV_4Sw==
avatarbg.png
sharkpromotion.net/style/img/ Frame 9665 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/style/img/avatarbg.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/style/style.css?t=1616814258
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
d1ea1e5e79755bde453eee54fe6bc4ad0281bd9072c8b4bf05c75202d7af395d

Request headers

Referer
https://sharkpromotion.net/style/style.css?t=1616814258
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Fri, 22 Feb 2019 18:13:42 GMT
Server
nginx/1.18.0
ETag
"5c703bd6-12be"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4798
Expires
Tue, 08 Jun 2021 20:45:13 GMT
/
payeer.com/ Frame 821F
Redirect Chain
  • https://payeer.com/?session=2103954
  • https://payeer.com/iproxy/j?5m+4KdpM2Ysdr2w7Nv3nMi8/c2Vzc2lvbj0yMTAzOTU0
  • https://payeer.com/?session=2103954
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://payeer.com/?session=2103954
Requested by
Host: trafiframe.ru
URL: https://trafiframe.ru/iframe.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.170.93.24 , Czech Republic, ASN2591 (IMPLETEC-AS, BG),
Reverse DNS
Software
iCore Proxy Module /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
payeer.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://trafiframe.ru/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

Server
iCore Proxy Module
Date
Tue, 01 Jun 2021 20:45:13 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff

Redirect headers

Server
iCore Proxy Module
Date
Tue, 01 Jun 2021 20:45:13 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-store, max-age=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
/?session=2103954
tag.js
mc.yandex.ru/metrika/ Frame 1565 		216 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: trafiframe.ru
URL: https://trafiframe.ru/iframe.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
14f5b9c2901a58cb9e77ccd997a844b32824e54b2e6626990e0e0ae5b962ae2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://trafiframe.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Mon, 31 May 2021 17:00:30 GMT
etag
"60ae3a7b-11182"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
70018
expires
Tue, 01 Jun 2021 21:45:13 GMT
/
payeer.com/ Frame CBAA
Redirect Chain
  • https://payeer.com/?session=2103954
  • https://payeer.com/iproxy/j?5m+4KdpM2Ysdr2w7Nv3nMi8/c2Vzc2lvbj0yMTAzOTU0
  • https://payeer.com/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://payeer.com/
Requested by
Host: trafiframe.ru
URL: https://trafiframe.ru/iframe.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.170.93.24 , Czech Republic, ASN2591 (IMPLETEC-AS, BG),
Reverse DNS
Software
iCore Proxy Module /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
payeer.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://trafiframe.ru/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://trafiframe.ru/

Response headers

Server
iCore Proxy Module
Date
Tue, 01 Jun 2021 20:45:13 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff

Redirect headers

Server
iCore Proxy Module
Date
Tue, 01 Jun 2021 20:45:13 GMT
Content-Type
text/html
Content-Length
151
Location
https://payeer.com/
Connection
keep-alive
bdbb934e5f6c8232a0fc4fef7d840048.gif
sharkpromotion.net/adv_banners/ Frame 9665 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/adv_banners/bdbb934e5f6c8232a0fc4fef7d840048.gif
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
aebbcd2b05cae179f8c24bc2d17fdf2da53d81593b4e16e2e2d25813acadb224

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Sun, 30 May 2021 21:05:51 GMT
Server
nginx/1.18.0
ETag
"60b3fe2f-75cc"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30156
Expires
Tue, 08 Jun 2021 20:45:13 GMT
1649062
ad.a-ads.com/ Frame 1BA6 		0
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1649062?size=468x60
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.108.125.9.176.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://worldofclix.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://worldofclix.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 01 Jun 2021 20:45:13 GMT
Content-Length
0
Connection
keep-alive
1649062
ad.a-ads.com/ Frame 8CF4 		0
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1649062?size=468x60
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.108.125.9.176.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://worldofclix.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://worldofclix.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 01 Jun 2021 20:45:13 GMT
Content-Length
0
Connection
keep-alive
1649065
ad.a-ads.com/ Frame B5B1 		0
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1649065?size=728x90
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.108.125.9.176.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://worldofclix.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://worldofclix.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 01 Jun 2021 20:45:13 GMT
Content-Length
0
Connection
keep-alive
c1d9ff8256b7bc24b376819c29f0b9ab.gif
linkslot.ru/uploads/ Frame 9665 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/uploads/c1d9ff8256b7bc24b376819c29f0b9ab.gif
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42ceb5b26dc85772c3631da76c442a95860842eadb3ed1e4bccebf82edb14a7e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4361
content-length
80749
cf-request-id
0a6aebd4600000648575be4000000001
last-modified
Thu, 27 May 2021 06:53:45 GMT
server
cloudflare
etag
"60af41f9-13b6d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pcOIFW3%2Fle%2Ba%2F%2BVde5cKWivgzg5kweL3w6Ct0O1ubGKg5ykW6qaMUyR0iMiy2KsBAxvO2WcWJ9PFnTGiqDHs1uiX0qQmyy6y%2Bg2Of8qMq%2B0x6UBfyqag96GEws2huqKhO1JUog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
658b48cd6fc06485-FRA
buyb.png
linkslot.ru/img/ Frame 9665 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/img/buyb.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2397
content-length
2585
cf-request-id
0a6aebd46100006485662bb000000001
last-modified
Fri, 29 May 2015 20:03:43 GMT
server
cloudflare
etag
"5568c61f-a19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hp0R6vNpeTWz9vg6gyBc3Sau24mExIVKs%2BUSmhWVX%2BEyDyM8950yiPhFYDkhFvRr4FhWy8qa0gj4Dm0USGrugXVUppqiGv7F6cvzrqPDhyPYszSESKzRFi6H%2F7723ZFLa1Tr2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
658b48cd6fc16485-FRA
publishertag.js
static.criteo.net/js/ld/ Frame 2854 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 02 Jun 2021 20:45:13 GMT
/
ads.rekmob.com/m/props/ Frame 2854 		271 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101739
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
429870d686efc9fbf3477266c4e558849ac6001e4f8fc3b0f586cba547f95178

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:44 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
gtm.js
www.googletagmanager.com/ Frame 2854 		82 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b2cb584d3ddae5cb48e5c017900b7edbfa1712e29ddff48464414b19a72a339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33175
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 20:23:47 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Jun 2021 20:45:13 GMT
pix
ads.rekmob.com/retarget/ Frame 2854
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=reklamstore
  • https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=reklamstore&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=DeNKMOjwBNkqZW1xZyxpW599&ssp=reklamstore
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=4974bc1a-9a43-4775-ad36-7cefbae6831d&d=1
35 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/retarget/pix?id=bs&cv=4974bc1a-9a43-4775-ad36-7cefbae6831d&d=1
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:46 GMT
Server
nginx/1.9.6
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

location
//ads.rekmob.com/retarget/pix?id=bs&cv=4974bc1a-9a43-4775-ad36-7cefbae6831d&d=1
date
Tue, 01 Jun 2021 20:45:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
ads.rekmob.com/m/props/ Frame 2854 		270 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101741
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
f67871a227d63cd3691dcecbdf5e15e6a6fd839b917e1a607e65dd1528cace0d

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:44 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
/
ads.rekmob.com/m/props/ Frame 2854 		272 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101742
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
a4b0d4bdd00ad184b5fdbd07013558393dacc7003aa8a76805c249a018b406e8

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:44 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
/
ads.rekmob.com/m/props/ Frame 2854 		270 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101743
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
67a7eb7a5a506154a6f9c7e8bdb601a1ba7c1d035174185bbefb7e4c92318cbe

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:44 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
js15_as.js
s10.histats.com/ Frame 2854 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:42:44 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
51.254.41.192/26
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
4364
x-request-id
64029088
bg-block-bottom.png
sharkpromotion.net/style/img/ Frame 9665 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/style/img/bg-block-bottom.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/style/block.css?t=1601960145
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
81bafa851efd7bf585e984cc86db76679a9075d67bea0aa04f5804de781c1dc4

Request headers

Referer
https://sharkpromotion.net/style/block.css?t=1601960145
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Mon, 15 May 2017 19:22:00 GMT
Server
nginx/1.18.0
ETag
"5919ffd8-8df"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2271
Expires
Tue, 08 Jun 2021 20:45:13 GMT
bg1.jpg
worldofclix.com/assets/evolution/css/images/ Frame 810B 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/bg1.jpg
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
cd0a43dde6ea96c9aa99adb178d2237c8fa09bee17cecd729c26cafdc0bde3b9

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:28 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=900
accept-ranges
bytes
content-length
13672
expires
Tue, 01 Jun 2021 21:00:13 GMT
hd-top-ic1.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/hd-top-ic1.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
35a062aa170c4c24958380051d96a6ee99d90e67f7bcdfaf6a582313cfd4a4b3

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
3030
expires
Tue, 01 Jun 2021 21:00:13 GMT
hd-top-ic2.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/hd-top-ic2.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
18609b8d5fd5c0435b13933a0d05cbd33fe171b98608f835bfc3ae2948c29d22

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
2959
expires
Tue, 01 Jun 2021 21:00:13 GMT
hd-top-ic3.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/hd-top-ic3.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
6d553c3ca954593882680041cf8acf5aa25cbf2fa4b974ce1a96aa6635bf46f0

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
3085
expires
Tue, 01 Jun 2021 21:00:13 GMT
hd-top-ic5.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/hd-top-ic5.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
8caec4f2567668ff5d4cc3a0cedb7a2a8f9a9c38759d08f08e032b880d9568d4

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
3116
expires
Tue, 01 Jun 2021 21:00:13 GMT
hd-top-ic6.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/hd-top-ic6.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
55694b6e69a63a9c107ceb17c238459a7e20e03d10cf9b2626a20d56ab8bcd67

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
3009
expires
Tue, 01 Jun 2021 21:00:13 GMT
hd-top-ic4.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/hd-top-ic4.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
2a881bb0c27788e87f84dbab80758002844891bf68f0bf4bde6991521b9d9bd2

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
3030
expires
Tue, 01 Jun 2021 21:00:13 GMT
bn-bg.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/bn-bg.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
a2810c8b66ea10a80b82977bf3ebf81cb00717244bf4cb5f6cf309168a546d03

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
117953
expires
Tue, 01 Jun 2021 21:00:13 GMT
ctn-stt1.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/ctn-stt1.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
0c33677fab284805eb3bca37c22b8ec3f0699ee44ed87bd93070fdbf63fb9990

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
3429
expires
Tue, 01 Jun 2021 21:00:13 GMT
ctn-stt2.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/ctn-stt2.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
4f08dbf81c41d8b17540ed85fa39446f59c45877f9bc76b37cecf22074628f0b

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
3507
expires
Tue, 01 Jun 2021 21:00:13 GMT
ctn-stt3.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/ctn-stt3.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
2c5af47d9a8ea867422b0c54202d7b1b2a23f7928fe2102e08055f016e39663b

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
3395
expires
Tue, 01 Jun 2021 21:00:13 GMT
ctn-latest.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/ctn-latest.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
84ed81a3036aeecfed391395e853d2d97e7624073a1f14e700f0d663f7eac41f

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
12018
expires
Tue, 01 Jun 2021 21:00:13 GMT
icon-ab.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/icon-ab.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
426cc66e1caeae882eee4e798e82e1ef51662dff27d765ce285bd816ccf7ba45

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
3129
expires
Tue, 01 Jun 2021 21:00:13 GMT
about-bg.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/about-bg.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
1c0544e877f7c6419d443e66cc17d2a8c463826a0eba654437b6c177b169ccff

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:28 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
5714
expires
Tue, 01 Jun 2021 21:00:13 GMT
ctn-lang1.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/ctn-lang1.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
2bb41414722d7276310934e4e35d05a74ba54050b1b6d0d39439d352368f34d8

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
8298
expires
Tue, 01 Jun 2021 21:00:13 GMT
ctn-lang2.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/ctn-lang2.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
b4386ba53943af85eb560626f1997f4cbc6aedf40b6908a4e5b63f87545fd7e8

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
8701
expires
Tue, 01 Jun 2021 21:00:13 GMT
ctn-lang3.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/ctn-lang3.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
8efd38d9b334b270b6850c12f56903dcb9fdbc40cc114b266a00a7b7be07dec0

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
7974
expires
Tue, 01 Jun 2021 21:00:13 GMT
ctn-lang4.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/ctn-lang4.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
0bc936373732dd7d9ab96c3b970415946b4e6dba568f9eb64b1254e18427a0d5

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
7660
expires
Tue, 01 Jun 2021 21:00:13 GMT
solid.png
worldofclix.com/assets/evolution/css/images/ Frame 810B 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldofclix.com/assets/evolution/css/images/solid.png
Requested by
Host: worldofclix.com
URL: https://worldofclix.com/assets/evolution/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:3::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
11284a36e61efc8c52ef4209016895dfd06d664b3541da93cae80d4daafa1d7f

Request headers

Referer
https://worldofclix.com/assets/evolution/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 25 May 2021 15:56:29 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
11818
expires
Tue, 01 Jun 2021 21:00:13 GMT
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v16/ Frame 810B 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:400,600,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://worldofclix.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 10:13:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 02:44:35 GMT
server
sffe
age
383503
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18972
x-xss-protection
0
expires
Sat, 28 May 2022 10:13:30 GMT
XRXW3I6Li01BKofA6sKUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ Frame 810B 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofA6sKUYevI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:400,600,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://worldofclix.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 23:20:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 02:44:29 GMT
server
sffe
age
77088
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19248
x-xss-protection
0
expires
Tue, 31 May 2022 23:20:25 GMT
XRXW3I6Li01BKofAjsOUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ Frame 810B 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:400,600,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://worldofclix.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 06:30:44 GMT
x-content-type-options
nosniff
age
51269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19088
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 02:44:23 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jun 2022 06:30:44 GMT
brokers.js
static.arc.io/widget/js/ Frame D2CA 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/brokers.js?fd8fd2c
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fb0ca8e793d8b529a7e7abdaa270757ea9774e2998d2421591133860a22a08

Request headers

Referer
https://www.adzbux.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:28 GMT
content-encoding
br
vary
Accept-Encoding
age
517246
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:47 GMT
server
AmazonS3
etag
W/"312a3673cc8af3d946f275c1a4467309"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Q6hLq8WDL1CzwufQMBpcETdtZDa7czK1Uhk2V9IkKo9-R0EifcqQRA==
go.php
ad-slot.ru/ Frame 9665 		2 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad-slot.ru/go.php?d=6c696e6b2131343432217669657726723d302e38393935373332383038313034323531
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=G%2FTubftLu0M1NiUmQiCsPFIkT6fvpZQBFNbU%2B%2FHUPtkF2haPHcZ%2B2y5scA5jjoHcLH1UGSmfe%2BYv5sU%2BC6pi8IQi1wO3lDMxbHfRL8jYSDk1yXSB2y7FNyovk2atMuZ8AX5WYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
658b48ce28f74a8b-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6aebd4d800004a8b4c3a4000000001
3eea8848118056f6940853f30f364218.gif
sharkpromotion.net/adv_banners/ Frame 9665 		293 KB
294 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/adv_banners/3eea8848118056f6940853f30f364218.gif
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
e12bf66ce4b8872eae53b9694352b4b421053974ca3935afb27fee6ca1d18117

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Wed, 19 May 2021 13:18:45 GMT
Server
nginx/1.18.0
ETag
"60a51035-49546"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
300358
Expires
Tue, 08 Jun 2021 20:45:13 GMT
id
surfe.pro/net/ Frame 9665 		15 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://surfe.pro/net/id
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.242.31 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.31.242.201.195.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
cc5a11ea472a6942fbdd5228e1eddbf70a9eb7dcf89d4df21523db20afd79c11

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 01 Jun 2021 20:45:16 GMT
content-encoding
gzip
server
nginx/1.10.3
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
text/html; charset=UTF-8
access-control-allow-origin
null
access-control-allow-credentials
true
the-rule
surfe.pro
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
/
g.cash-ads.com/ Frame 5DCB 		498 B
510 B 		Document
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/?nc=5YyiYC3y5xm9tk1wOiIG4HkRy6s3ZDl8kwfLplZ7Drg%3D
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
nginx /
Resource Hash
d2886f7ba545449320a08019b6e8d41d9c3a1484e319d56674b7ac54e857f7e7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=5YyiYC3y5xm9tk1wOiIG4HkRy6s3ZDl8kwfLplZ7Drg%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://exp3.eurosptp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://exp3.eurosptp.com/

Response headers

server
nginx
date
Tue, 01 Jun 2021 20:45:13 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
/
g.cash-ads.com/ Frame 4BF7 		496 B
508 B 		Document
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/?nc=5YyiYC3y5xm9tk1wOiIG4I4eacT%2BYjPOf20Z5%2BB02ZE%3D
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
nginx /
Resource Hash
4da4e3880b3b2513a0a58bbf09bb2cd0a4873bf56a95712d6d1839b9f99dcc39
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=5YyiYC3y5xm9tk1wOiIG4I4eacT%2BYjPOf20Z5%2BB02ZE%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://exp3.eurosptp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://exp3.eurosptp.com/

Response headers

server
nginx
date
Tue, 01 Jun 2021 20:45:13 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
pma
popmyads.com/x/ Frame 8BCA 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://popmyads.com/x/pma
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/popmyads.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4436 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
f73eb854ba041fae2c2ff7bae977b44e7849ce7988bc965d7d5861d32c969011

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=A1os%2F6gr86bH5YcmcNnt3Q0TWlOuSg8O8%2FI2GlFeYkxfz%2FHRdM43TZHuGqoiRYHByO41va0rKpLCiK0BxZONj%2BohRM6nwVZpcfcH%2FwnPCuQmrRKiae%2BBojWMDm9uEbIfK6O2zGZz"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
658b48ce4ac3dfd3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6aebd4eb0000dfd3b1b2b000000001
code.js
myolnyr5bsk18.com/lv/esnk/1845135/ Frame 1CF4 		98 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myolnyr5bsk18.com/lv/esnk/1845135/code.js
Requested by
Host: www.interclics.com
URL: https://www.interclics.com/cinema.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
cee6ac6bead150d908b8a00a65f48630a72ba6e4215385fad324365bda7dc238
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.interclics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 28 May 2021 09:53:15 GMT
Server
nginx
ETag
W/"60b0bd8b-188e5"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
1795679
oranegfodnd.com/get/ Frame 1CF4 		7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oranegfodnd.com/get/1795679?zoneid=1795679&jp=_clgw09ukzg5vjjfjea1uu7&nojs=0&ix=0&t=1&x=801&y=801&wcks=1&wgl=1&cnvs=1
Requested by
Host: www.interclics.com
URL: https://www.interclics.com/cinema.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
aebbf07e503507c01a6252ae0d66501886ac962a03c842f19cf34cd7a0231e57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.interclics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
bundle.min.js
browser.sentry-cdn.com/6.2.2/ Frame E61B 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e593e95cfe0f3335088d5643951e90c8b4b3a4dfbe773614bb0070d544edb02e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://www.adzbux.com
Referer
https://www.adzbux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 09:25:54 GMT
server
Fastly
age
7122889
etag
"a948fc086ec14683f3f2270913c7f702"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
20633
expires
Fri, 11 Mar 2022 10:10:24 GMT
b1896cb431cb16de34d161025acfdfdc.gif
bannerswall.ru/i/ Frame 9665 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bannerswall.ru/i/b1896cb431cb16de34d161025acfdfdc.gif
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:3a80:0:1::9e , Russian Federation, ASN201499 (FULLSPACE-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6259796263b853eaa4b183a938a28eefc4983680b0a2f0c22ebb3bd9355c1e04
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:51 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 May 2021 13:25:58 GMT
server
nginx/1.18.0
etag
"60b0ef66-1688b"
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
92299
expires
Wed, 01 Jun 2022 20:45:51 GMT
buyb.png
bannerswall.ru/img/ Frame 9665 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bannerswall.ru/img/buyb.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:3a80:0:1::9e , Russian Federation, ASN201499 (FULLSPACE-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
31894358fcbf290828372d631ae00781ef6cfd69a47a619bba82988e29395a8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 14 Feb 2021 07:46:42 GMT
server
nginx/1.18.0
etag
"6028d562-14b3"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5299
expires
Wed, 01 Jun 2022 20:45:51 GMT
tag.js
mc.yandex.ru/metrika/ Frame 9665 		216 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/?r=51425
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
14f5b9c2901a58cb9e77ccd997a844b32824e54b2e6626990e0e0ae5b962ae2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Mon, 31 May 2021 17:00:30 GMT
etag
"60ae3a7b-11182"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
70018
expires
Tue, 01 Jun 2021 21:45:13 GMT
icon-online.png
sharkpromotion.net/style/img/ Frame 9665 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/style/img/icon-online.png
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/style/style.css?t=1616814258
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
a3baf93dc1805c5b214b57f244f65065462ef7cfac80861589580b03a50aa8c3

Request headers

Referer
https://sharkpromotion.net/style/style.css?t=1616814258
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:13 GMT
Last-Modified
Wed, 26 Oct 2016 13:39:30 GMT
Server
nginx/1.18.0
ETag
"5810b212-2a9e"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10910
Expires
Tue, 08 Jun 2021 20:45:13 GMT
truncated
/ Frame 7A95 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
bundle.min.js
browser.sentry-cdn.com/6.2.2/ Frame 94CB 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e593e95cfe0f3335088d5643951e90c8b4b3a4dfbe773614bb0070d544edb02e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://www.adzbux.net
Referer
https://www.adzbux.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 09:25:54 GMT
server
Fastly
age
7122889
etag
"a948fc086ec14683f3f2270913c7f702"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
20633
expires
Fri, 11 Mar 2022 10:10:24 GMT
/
agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/ Frame 00CE 		373 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Requested by
Host: href.li
URL: https://href.li/?https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
9c45f55a2fd91525db981e41a2c4b77e4e4fcdbca5a12aa150c2cabffadcfbad

Request headers

:method
GET
:authority
agronews.com.pl
:scheme
https
:path
/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-type
text/html; charset=UTF-8
content-length
54738
access-control-allow-origin
*
cache-control
max-age=3, must-revalidate
content-encoding
gzip
server
IdeaWebServer/2.0.5
vary
Accept-Encoding, Cookie
/
agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/ Frame 47B9 		383 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Requested by
Host: href.li
URL: https://href.li/?https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
cc174df93bac3c69f9fcdacd5235775b28afa91f98a49ea4bd308de16e73f6c2

Request headers

:method
GET
:authority
agronews.com.pl
:scheme
https
:path
/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-type
text/html; charset=UTF-8
content-length
58679
access-control-allow-origin
*
cache-control
max-age=3, must-revalidate
content-encoding
gzip
server
IdeaWebServer/2.0.5
vary
Accept-Encoding, Cookie
/
agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/ Frame 19D1 		374 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Requested by
Host: href.li
URL: https://href.li/?https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
5bdaf670940fca1ba7fb2c8d57d21531ca4c030f72e01176a5505e2a29bd8233

Request headers

:method
GET
:authority
agronews.com.pl
:scheme
https
:path
/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-type
text/html; charset=UTF-8
content-length
55311
access-control-allow-origin
*
cache-control
max-age=3, must-revalidate
content-encoding
gzip
server
IdeaWebServer/2.0.5
vary
Accept-Encoding, Cookie
1
mc.yandex.com/watch/56460499/ Frame 1565
Redirect Chain
  • https://mc.yandex.com/watch/56460499?wmode=7&page-url=https%3A%2F%2Ftrafiframe.ru%2Fiframe.php&page-ref=https%3A%2F%2Fwww.cora-live.tk%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5...
  • https://mc.yandex.com/watch/56460499/1?wmode=7&page-url=https%3A%2F%2Ftrafiframe.ru%2Fiframe.php&page-ref=https%3A%2F%2Fwww.cora-live.tk%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0...
203 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/56460499/1?wmode=7&page-url=https%3A%2F%2Ftrafiframe.ru%2Fiframe.php&page-ref=https%3A%2F%2Fwww.cora-live.tk%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A1334056509743%3Ahid%3A425655252%3Az%3A120%3Ai%3A20210601224513%3Aet%3A1622580313%3Ac%3A1%3Arn%3A521571814%3Au%3A1622580313525379762%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1622580312056%3Ads%3A0%2C243%2C161%2C1%2C3%2C0%2C%2C605%2C1%2C%2C%2C%2C1070%3Adsn%3A0%2C243%2C161%2C1%2C2%2C0%2C%2C661%2C2%2C%2C%2C%2C1069%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622580313%3At%3AAuto-surfing%20sites
Requested by
Host: trafiframe.ru
URL: https://trafiframe.ru/iframe.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
22862a098d2b19f96e279368abf8d432f8db9b339282ac5df1bcb6ec9b637d4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trafiframe.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 01-Jun-2021 20:45:13 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://trafiframe.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
203
x-xss-protection
1; mode=block
expires
Tue, 01-Jun-2021 20:45:13 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Tue, 01-Jun-2021 20:45:13 GMT
location
/watch/56460499/1?wmode=7&page-url=https%3A%2F%2Ftrafiframe.ru%2Fiframe.php&page-ref=https%3A%2F%2Fwww.cora-live.tk%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A1334056509743%3Ahid%3A425655252%3Az%3A120%3Ai%3A20210601224513%3Aet%3A1622580313%3Ac%3A1%3Arn%3A521571814%3Au%3A1622580313525379762%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1622580312056%3Ads%3A0%2C243%2C161%2C1%2C3%2C0%2C%2C605%2C1%2C%2C%2C%2C1070%3Adsn%3A0%2C243%2C161%2C1%2C2%2C0%2C%2C661%2C2%2C%2C%2C%2C1069%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622580313%3At%3AAuto-surfing%20sites
strict-transport-security
max-age=31536000
access-control-allow-origin
https://trafiframe.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 01-Jun-2021 20:45:13 GMT
ajax_online.php
sharkpromotion.net/ajax/ Frame 9665 		0
0
ajax_online.php
sharkpromotion.net/ajax/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sharkpromotion.net/ajax/ajax_online.php
Protocol
HTTP/1.1
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 / PHP/5.3.3
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-requested-with
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.18.0
Date
Tue, 01 Jun 2021 20:45:16 GMT
Content-Type
text/html; charset=windows-1251
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.3.3
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Content-Encoding
gzip
advert.gif
mc.yandex.com/metrika/ Frame 1565 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: trafiframe.ru
URL: https://trafiframe.ru/iframe.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://trafiframe.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Mon, 31 May 2021 17:00:30 GMT
etag
"60ae3a7b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 01 Jun 2021 21:45:13 GMT
raw
api.allorigins.win/ Frame 8BCA 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.allorigins.win/raw?url=https://maquiags.com/serve/6123/4832/ZG9wbXljZGF2MWNiYjQ3NzU1MzM=/aHR0cHM6Ly9leHAzLmV1cm9zcHRwLmNvbS9wb3BteWFkcy5waHA=/1/1600x1200/0
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/popmyads.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fad32becc326f8e13001304844b160a358feb92f81ab8905e3866c324bffe763

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
via
allOrigins v2.5.1
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT, DELETE
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6aebd5d100001f358d9c2000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=58MsCq%2BHkycWflProNMgxztNq9ZOP5rRcXFTsNXdPUmqkgBNpwEwuNBIYSzpj9lJ%2BWheVVDYYQWkhXqo5YAuua9JqiSVaiPie%2Bx9J%2F9497PFV18gFOnKo8%2FFpSfEXrkwT9Wsifg3mKjY%2FadB"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://exp3.eurosptp.com
cache-control
public, max-age=3600, stale-if-error=600
access-control-allow-credentials
true
cf-ray
658b48cfbfc91f35-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Encoding, Accept
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 7816 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: nullrefer.com
URL: https://nullrefer.com/?https://serveur-gmod.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nullrefer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-request-id
0a6aebd5b600004e743d8f5000000001
last-modified
Fri, 28 May 2021 10:23:11 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"60b0c48f-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=l0Aa77ML2ayV4dkMT5W1srdhvoKhDn0feQm2DDwRB2s%2BnW1oQalbVGAIDSYpmMMbeE0xsoZBjfsSr4KoPhMq0cYkXU5PuTpQd2yb8Q1m8lr9VYFUwS7Rjof2H8LDuFKzpRp9VvtNUn19LVFO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
658b48cf88994e74-FRA
expires
Thu, 03 Jun 2021 20:45:13 GMT
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=1e86b52dba4f4154a0ee87b99af3da50&ufid=J1jHf8ZcEdSHw2ZXocxX&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__J1jHf8ZcEdSHw2ZXocxX&ref=www.adzbux.com&_=1622580313533&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
bc80089b5ea2318543012d9b12b853651a24c36cbc80b196e7663205d19b1a55

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:45 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&ufid=MKBZqw0DePmjm0ohGXyJ&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__MKBZqw0DePmjm0ohGXyJ&ref=www.adzbux.com&_=1622580313535&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
52ec6a3dfd614a7e3016715a541f96588ce256ee7c66a79e2697b920c12166aa

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:45 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
adp
ads.rekmob.com/m/ Frame 2854 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=0b9f3c2279244fff831c25aa0d5f7f54&ufid=hUt7nAxb5OktYpZBAZts&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__hUt7nAxb5OktYpZBAZts&ref=www.adzbux.com&_=1622580313537&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
993c2a0cb073e8a831f03f1eb518c3ac9bd7dafe52f98848c704eccb6e6c2d92

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:45 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
bundle.min.js
browser.sentry-cdn.com/6.2.2/ Frame D2CA 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e593e95cfe0f3335088d5643951e90c8b4b3a4dfbe773614bb0070d544edb02e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://www.adzbux.net
Referer
https://www.adzbux.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 09:25:54 GMT
server
Fastly
age
7122889
etag
"a948fc086ec14683f3f2270913c7f702"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
20633
expires
Fri, 11 Mar 2022 10:10:24 GMT
adp
ads.rekmob.com/m/ Frame 2854 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=536a874d2489404ea4758a28f8d8b1c6&ufid=UQ8pAuVAxqIf0oXJrOFX&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__UQ8pAuVAxqIf0oXJrOFX&ref=www.adzbux.com&_=1622580313539&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
a9971038d4218540d8db6a10ad22626bb50219d927686c344651f649b5872a1c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:45 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
lds.gif
g.cash-ads.com/img/ Frame 5DCB 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.cash-ads.com/img/lds.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=5YyiYC3y5xm9tk1wOiIG4HkRy6s3ZDl8kwfLplZ7Drg%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
nginx /
Resource Hash
5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=5YyiYC3y5xm9tk1wOiIG4HkRy6s3ZDl8kwfLplZ7Drg%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Thu, 21 Jan 2021 21:02:57 GMT
server
nginx
etag
"6009ec01-14bf"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
5311
x-xss-protection
1; mode=block
lds.gif
g.cash-ads.com/img/ Frame 4BF7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.cash-ads.com/img/lds.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=5YyiYC3y5xm9tk1wOiIG4I4eacT%2BYjPOf20Z5%2BB02ZE%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
nginx /
Resource Hash
5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=5YyiYC3y5xm9tk1wOiIG4I4eacT%2BYjPOf20Z5%2BB02ZE%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Thu, 21 Jan 2021 21:02:57 GMT
server
nginx
etag
"6009ec01-14bf"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
5311
x-xss-protection
1; mode=block
52739227
mc.yandex.com/watch/ Frame 9665 		203 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/52739227?wmode=7&page-url=https%3A%2F%2Fsharkpromotion.net%2F%3Fr%3D51425&page-ref=https%3A%2F%2Fwww.cora-live.tk%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A821%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A806926051101%3Ahid%3A383481831%3Az%3A120%3Ai%3A20210601224513%3Aet%3A1622580314%3Ac%3A1%3Arn%3A118646685%3Au%3A1622580314343923724%3Aw%3A1x150%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1622580312056%3Ads%3A0%2C177%2C121%2C4%2C2%2C0%2C%2C982%2C0%2C%2C%2C%2C1295%3Adsn%3A0%2C176%2C121%2C4%2C2%2C0%2C%2C991%2C0%2C%2C%2C%2C1295%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622580314%3At%3ASHARKPROMOTION.NET%20%7C%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
b4b4e92e695487596ef5ed01d626a78fc727d234c63ee7805a64dd64ca58b129
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 01-Jun-2021 20:45:13 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
203
x-xss-protection
1; mode=block
expires
Tue, 01-Jun-2021 20:45:13 GMT
widget.css
static.arc.io/widget/css/ Frame 51E3 		84 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/css/widget.css?fd8fd2c
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cafaaa9b989a8e48ee553971cf9b972b2d8f3e8fdddbd06a8147d0ec0498e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:25 GMT
content-encoding
br
vary
Accept-Encoding
age
517249
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:46 GMT
server
AmazonS3
etag
W/"a923e8363c5b89f335d13ce57f2f1fa8"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
wY6nVm1Us1KW8_wYx6y9rbR7lOkk3KkENGaTpL8JQz2s4UZEb6ymRA==
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 51E3 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
521193
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
631
cf-request-id
0a6aebd60400001f31c83c5000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-732"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QCYeiqsGTd91fHU2hBVzd%2FFEnKhLV6ArYdyGfQX6R%2FACBNXnzb%2FWCwDlWfSuIsQaRpMPvIXKU%2Bl2U3j4AepVpY2kk4QyQhFzBflSoWd6oUF2jZS5NjNEjLwk2dXyK5eFr62petktqqq9Op%2BtJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
658b48d00f751f31-FRA
expires
Sun, 22 May 2022 20:45:13 GMT
widget.css
static.arc.io/widget/css/ Frame 13DA 		84 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/css/widget.css?fd8fd2c
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cafaaa9b989a8e48ee553971cf9b972b2d8f3e8fdddbd06a8147d0ec0498e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:25 GMT
content-encoding
br
vary
Accept-Encoding
age
517249
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:46 GMT
server
AmazonS3
etag
W/"a923e8363c5b89f335d13ce57f2f1fa8"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ViupuUhDKX0iWakMVcaMQleNK3rD_kvAVS_i3E2bexIylM7xtk_jMA==
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 13DA 		2 KB
952 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
521193
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
631
cf-request-id
0a6aebd60800001f3195841000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-732"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=c0wKxOiWPZCJoXpFsFTVTuMO0fCDJQtsyABYh2UhX3MRA8Dz0NCBgsA%2FR1mSN32X6K5HVUE7w62h%2FHNL5W81DVcEW0xtko7nr7NVsZoFmnmPQK6PZzS%2FhwkGfe5X6lZKLSFIFr8Isi%2BxSG8P2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
658b48d00f801f31-FRA
expires
Sun, 22 May 2022 20:45:13 GMT
truncated
/ Frame 51E3 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 13DA 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 13DA 		277 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 13DA 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 13DA 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 13DA 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 13DA 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 13DA 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
advert.gif
mc.yandex.com/metrika/ Frame 9665 		43 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Mon, 31 May 2021 17:00:30 GMT
etag
"60ae3a7b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 01 Jun 2021 21:45:13 GMT
counter.js
secure.statcounter.com/counter/ Frame 7816 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.statcounter.com/counter/counter.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
410a0b1644ab7de97e4d8088844919e862487baef25ec58a2e410f12d27f1fbc

Request headers

Referer
https://nullrefer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 May 2021 09:30:46 GMT
server
cloudflare
age
40003
etag
W/"609e4346-98df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43200
cf-ray
658b48d098c2d47b-HAM
cf-request-id
0a6aebd65d0000d47b43b97000000001
expires
Tue, 01 Jun 2021 21:38:30 GMT
style.min.css
c0.wp.com/c/5.7.2/wp-includes/css/dist/block-library/ Frame 47B9 		57 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.2/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Tue, 06 Apr 2021 23:50:28 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:13 GMT
slick.min.css
agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/ Frame 47B9 		1 KB
689 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/slick.min.css?ver=3.2.5
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0bd6c704f22ed2da38fcd5c2eadd9876364dfe2c16e20f04324bc9f2efdfc2de

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
jquery.bxslider.min.css
agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/ Frame 47B9 		3 KB
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/jquery.bxslider.min.css?ver=3.2.5
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
c7deb5defd711fa044fb6b9bb0cf662d5274334b873343d6b5d1368c05d89d56

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
font-awesome.min.css
agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/ Frame 47B9 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/font-awesome.min.css?ver=3.2.5
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
jquery.fancybox.min.css
agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/ Frame 47B9 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/jquery.fancybox.min.css?ver=3.2.5
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
wp-carousel-pro-public.min.css
agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/ Frame 47B9 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/wp-carousel-pro-public.min.css?ver=3.2.5
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
bb1a5dc31def473a0cdd06e7f3a1484c59aaf12797a081bc815938dec3d8e64b

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
style.css
agronews.com.pl/wp-content/plugins/td-composer/td-multi-purpose/ Frame 47B9 		36 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=78be34af347704c29acc8080ee49e259
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:15 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
css
fonts.googleapis.com/ Frame 47B9 		22 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
39dac4aacdf98688d9e6b54f1fbe092ba61b324a45701049ac9fe16f4a260145
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 20:45:13 GMT
server
ESF
date
Tue, 01 Jun 2021 20:45:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Jun 2021 20:45:13 GMT
style.css
agronews.com.pl/wp-content/plugins/newsletter/ Frame 47B9 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/newsletter/style.css?ver=7.1.8
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Wed, 19 May 2021 09:07:21 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
font-awesome.css
agronews.com.pl/wp-content/plugins/td-composer/assets/fonts/font-awesome/ Frame 47B9 		43 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=78be34af347704c29acc8080ee49e259
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
222ee58618ed44bc79102e6264212216d442ce197d15cb2c7d1a7d760281a34b

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:15 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
style.css
agronews.com.pl/wp-content/themes/Newspaper/ Frame 47B9 		145 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/themes/Newspaper/style.css?ver=10.4
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
4f9ce710d5a6b3d5561a358aa787adc26fb02aed068ab385dfce0beb1908d207

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:06 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
ytprefs.min.css
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/styles/ Frame 47B9 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/styles/ytprefs.min.css?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
b21127e786e95583fff0f6298c1da349929ae4a73b3e168b6124bf2e12e9d19c

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
lity.min.css
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ Frame 47B9 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/lity.min.css?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
1d88db407cf3c60be4d258f7cd3c0b6a464df0ce77153fed90afbe103fee6d96

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
embdyn.min.css
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ Frame 47B9 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/embdyn.min.css?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0df3837f84f65fc5b2ad9daa176d034c678cb49d837422242eee9c05b887f875

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
css
fonts.googleapis.com/ Frame 47B9 		6 KB
679 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A600%7COpen+Sans%3A600%7COpen+Sans%3A400n%7COpen+Sans%3A600%7COpen+Sans%3A400%7COpen+Sans%3A600%7COpen+Sans%3A400%7COpen+Sans%3A600%7COpen+Sans%3A400%7COpen+Sans%3A400%7COpen+Sans%3A700%7COpen+Sans%3A600
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7cb3c067cd4e881adbe56c6d5f8e90651c9c9f2997837f1938b6c7cf185357f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 19:50:53 GMT
server
ESF
date
Tue, 01 Jun 2021 20:45:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Jun 2021 20:45:13 GMT
js_composer.min.css
agronews.com.pl/wp-content/plugins/js_composer/assets/css/ Frame 47B9 		474 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
97b5b6bb0bfd4413504da4a5b78546698c75a127fff51b095080ee7fd3b8ec0c

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 27 Feb 2021 00:37:47 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
td_legacy_main.css
agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ Frame 47B9 		158 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=78be34af347704c29acc8080ee49e259
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
2fb6845235e01e747416824c40ea0122d7df3e5fb96301ccebb8da8a0f55d64d

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:15 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
td_standard_pack_main.css
agronews.com.pl/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ Frame 47B9 		715 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=eccb2c408442ac58c2bcf4360ad09738
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:02:22 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
jetpack.css
c0.wp.com/p/jetpack/9.7/css/ Frame 47B9 		76 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.7/css/jetpack.css
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
177b4773b237fa63062f913ed377e24540f843cda864a8d271c5ca083c18a9c6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Tue, 27 Apr 2021 15:29:25 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:13 GMT
related-posts.min.js
c0.wp.com/p/jetpack/9.7/_inc/build/related-posts/ Frame 47B9 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.7/_inc/build/related-posts/related-posts.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
fc2e4fd761c3a7833d11973c14ace3a38828e52a56f1be8c5ba3ab7fe0376bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Tue, 23 Feb 2021 16:08:42 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:13 GMT
jquery.min.js
c0.wp.com/c/5.7.2/wp-includes/js/jquery/ Frame 47B9 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Wed, 07 Oct 2020 16:33:25 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:13 GMT
jquery-migrate.min.js
c0.wp.com/c/5.7.2/wp-includes/js/jquery/ Frame 47B9 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:13 GMT
gtm4wp-form-move-tracker.js
agronews.com.pl/wp-content/plugins/duracelltomi-google-tag-manager/js/ Frame 47B9 		2 KB
512 B 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.13.1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
dfbdff6c9f2de2d75edb5ae49d26a9c0af81801b17de08739e32b738ef23058e

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 14:05:09 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
lity.min.js
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ Frame 47B9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/lity.min.js?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
afb85cc0ede42e76244969d3d277ec8a7c2cc1a8117f980e45075488cf15e4e2

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
ytprefs.min.js
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ Frame 47B9 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ytprefs.min.js?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
a18f9c3a1e3721d25d5b26a3ee4540f079de7edf9e0a3275434a22b6e6c718f6

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
embdyn.min.js
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ Frame 47B9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/embdyn.min.js?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
dcd562713fb2316f867c04239cde88bb6d54cc1b75c0f2e5f13b57ec9c0a7027

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
js
www.googletagmanager.com/gtag/ Frame 47B9 		86 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-951869502
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c7363d7dcad34e0fae539bf7bd958f916edf04b1b399901c0c74d5c12d2493c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34578
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 20:23:47 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Jun 2021 20:45:14 GMT
wp-emoji-release.min.js
agronews.com.pl/wp-includes/js/ Frame 47B9 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 21:35:42 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
js
www.googletagmanager.com/gtag/ Frame 47B9 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-5356948-1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e1e05b929669a36b7f2617c337567d71cde9cd065b89e13f7bd5ba198a84dbe4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35959
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 20:23:47 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Jun 2021 20:45:14 GMT
/
serveur-gmod.com/ Frame 7816 		571 B
676 B 		Document
General
Check archive.org
Download Go to
Full URL
https://serveur-gmod.com/
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.182.63.16 , France, ASN16276 (OVH, FR),
Reverse DNS
serveur-public.com
Software
nginx/1.14.1 /
Resource Hash
cb2eefac19ff7b31a539bda42ee0f2e51fff3189ee478449f46423db296edabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
serveur-gmod.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nullrefer.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nullrefer.com/

Response headers

server
nginx/1.14.1
date
Tue, 01 Jun 2021 20:45:14 GMT
content-type
text/html
content-length
571
strict-transport-security
max-age=31536000
style.min.css
c0.wp.com/c/5.7.2/wp-includes/css/dist/block-library/ Frame 19D1 		57 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.2/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Tue, 06 Apr 2021 23:50:28 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:13 GMT
slick.min.css
agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/ Frame 19D1 		1 KB
703 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/slick.min.css?ver=3.2.5
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0bd6c704f22ed2da38fcd5c2eadd9876364dfe2c16e20f04324bc9f2efdfc2de

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
jquery.bxslider.min.css
agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/ Frame 19D1 		3 KB
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/jquery.bxslider.min.css?ver=3.2.5
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
c7deb5defd711fa044fb6b9bb0cf662d5274334b873343d6b5d1368c05d89d56

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
font-awesome.min.css
agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/ Frame 19D1 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/font-awesome.min.css?ver=3.2.5
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
jquery.fancybox.min.css
agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/ Frame 19D1 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/jquery.fancybox.min.css?ver=3.2.5
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
wp-carousel-pro-public.min.css
agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/ Frame 19D1 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/wp-carousel-pro-public.min.css?ver=3.2.5
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
bb1a5dc31def473a0cdd06e7f3a1484c59aaf12797a081bc815938dec3d8e64b

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
style.css
agronews.com.pl/wp-content/plugins/td-composer/td-multi-purpose/ Frame 19D1 		36 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=78be34af347704c29acc8080ee49e259
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:15 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
css
fonts.googleapis.com/ Frame 19D1 		22 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
39dac4aacdf98688d9e6b54f1fbe092ba61b324a45701049ac9fe16f4a260145
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 20:45:13 GMT
server
ESF
date
Tue, 01 Jun 2021 20:45:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Jun 2021 20:45:13 GMT
style.css
agronews.com.pl/wp-content/plugins/newsletter/ Frame 19D1 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/newsletter/style.css?ver=7.1.8
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Wed, 19 May 2021 09:07:21 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
font-awesome.css
agronews.com.pl/wp-content/plugins/td-composer/assets/fonts/font-awesome/ Frame 19D1 		43 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=78be34af347704c29acc8080ee49e259
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
222ee58618ed44bc79102e6264212216d442ce197d15cb2c7d1a7d760281a34b

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:15 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
style.css
agronews.com.pl/wp-content/themes/Newspaper/ Frame 19D1 		145 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/themes/Newspaper/style.css?ver=10.4
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
4f9ce710d5a6b3d5561a358aa787adc26fb02aed068ab385dfce0beb1908d207

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:06 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
ytprefs.min.css
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/styles/ Frame 19D1 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/styles/ytprefs.min.css?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
b21127e786e95583fff0f6298c1da349929ae4a73b3e168b6124bf2e12e9d19c

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
lity.min.css
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ Frame 19D1 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/lity.min.css?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
1d88db407cf3c60be4d258f7cd3c0b6a464df0ce77153fed90afbe103fee6d96

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
embdyn.min.css
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ Frame 19D1 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/embdyn.min.css?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0df3837f84f65fc5b2ad9daa176d034c678cb49d837422242eee9c05b887f875

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
css
fonts.googleapis.com/ Frame 19D1 		6 KB
679 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A600%7COpen+Sans%3A600%7COpen+Sans%3A400n%7COpen+Sans%3A600%7COpen+Sans%3A400%7COpen+Sans%3A600%7COpen+Sans%3A400%7COpen+Sans%3A600%7COpen+Sans%3A400%7COpen+Sans%3A400%7COpen+Sans%3A700%7COpen+Sans%3A600
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7cb3c067cd4e881adbe56c6d5f8e90651c9c9f2997837f1938b6c7cf185357f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 20:20:08 GMT
server
ESF
date
Tue, 01 Jun 2021 20:45:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Jun 2021 20:45:13 GMT
js_composer.min.css
agronews.com.pl/wp-content/plugins/js_composer/assets/css/ Frame 19D1 		474 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
97b5b6bb0bfd4413504da4a5b78546698c75a127fff51b095080ee7fd3b8ec0c

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 27 Feb 2021 00:37:47 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
td_legacy_main.css
agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ Frame 19D1 		158 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=78be34af347704c29acc8080ee49e259
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
2fb6845235e01e747416824c40ea0122d7df3e5fb96301ccebb8da8a0f55d64d

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:15 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
td_standard_pack_main.css
agronews.com.pl/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ Frame 19D1 		715 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=eccb2c408442ac58c2bcf4360ad09738
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:02:22 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
jetpack.css
c0.wp.com/p/jetpack/9.7/css/ Frame 19D1 		76 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.7/css/jetpack.css
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
177b4773b237fa63062f913ed377e24540f843cda864a8d271c5ca083c18a9c6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Tue, 27 Apr 2021 15:29:25 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:13 GMT
related-posts.min.js
c0.wp.com/p/jetpack/9.7/_inc/build/related-posts/ Frame 19D1 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.7/_inc/build/related-posts/related-posts.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
fc2e4fd761c3a7833d11973c14ace3a38828e52a56f1be8c5ba3ab7fe0376bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Tue, 23 Feb 2021 16:08:42 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:13 GMT
jquery.min.js
c0.wp.com/c/5.7.2/wp-includes/js/jquery/ Frame 19D1 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Wed, 07 Oct 2020 16:33:25 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:13 GMT
jquery-migrate.min.js
c0.wp.com/c/5.7.2/wp-includes/js/jquery/ Frame 19D1 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:13 GMT
gtm4wp-form-move-tracker.js
agronews.com.pl/wp-content/plugins/duracelltomi-google-tag-manager/js/ Frame 19D1 		2 KB
512 B 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.13.1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
dfbdff6c9f2de2d75edb5ae49d26a9c0af81801b17de08739e32b738ef23058e

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 14:05:09 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
lity.min.js
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ Frame 19D1 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/lity.min.js?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
afb85cc0ede42e76244969d3d277ec8a7c2cc1a8117f980e45075488cf15e4e2

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
ytprefs.min.js
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ Frame 19D1 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ytprefs.min.js?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
a18f9c3a1e3721d25d5b26a3ee4540f079de7edf9e0a3275434a22b6e6c718f6

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
embdyn.min.js
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ Frame 19D1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/embdyn.min.js?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
dcd562713fb2316f867c04239cde88bb6d54cc1b75c0f2e5f13b57ec9c0a7027

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
js
www.googletagmanager.com/gtag/ Frame 19D1 		86 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-951869502
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7233594edebb6702f495602e3643d704b06fe9e1d6a6a3f5c4b5213edf128668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34578
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 20:23:47 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Jun 2021 20:45:14 GMT
wp-emoji-release.min.js
agronews.com.pl/wp-includes/js/ Frame 19D1 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 21:35:42 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
js
www.googletagmanager.com/gtag/ Frame 19D1 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-5356948-1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b149cdaf8fa82fec79230f2584243c368905f3506316c83eacc774919d0e98a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35955
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 18:43:03 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Jun 2021 20:45:14 GMT
style.min.css
c0.wp.com/c/5.7.2/wp-includes/css/dist/block-library/ Frame 00CE 		57 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.2/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Tue, 06 Apr 2021 23:50:28 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:13 GMT
slick.min.css
agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/ Frame 00CE 		1 KB
689 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/slick.min.css?ver=3.2.5
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0bd6c704f22ed2da38fcd5c2eadd9876364dfe2c16e20f04324bc9f2efdfc2de

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
jquery.bxslider.min.css
agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/ Frame 00CE 		3 KB
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/jquery.bxslider.min.css?ver=3.2.5
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
c7deb5defd711fa044fb6b9bb0cf662d5274334b873343d6b5d1368c05d89d56

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
font-awesome.min.css
agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/ Frame 00CE 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/font-awesome.min.css?ver=3.2.5
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
jquery.fancybox.min.css
agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/ Frame 00CE 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/jquery.fancybox.min.css?ver=3.2.5
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
wp-carousel-pro-public.min.css
agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/ Frame 00CE 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/wp-carousel-pro/public/css/wp-carousel-pro-public.min.css?ver=3.2.5
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
bb1a5dc31def473a0cdd06e7f3a1484c59aaf12797a081bc815938dec3d8e64b

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
style.css
agronews.com.pl/wp-content/plugins/td-composer/td-multi-purpose/ Frame 00CE 		36 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=78be34af347704c29acc8080ee49e259
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:15 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
css
fonts.googleapis.com/ Frame 00CE 		22 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
39dac4aacdf98688d9e6b54f1fbe092ba61b324a45701049ac9fe16f4a260145
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 20:32:41 GMT
server
ESF
date
Tue, 01 Jun 2021 20:45:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Jun 2021 20:45:13 GMT
style.css
agronews.com.pl/wp-content/plugins/newsletter/ Frame 00CE 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/newsletter/style.css?ver=7.1.8
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Wed, 19 May 2021 09:07:21 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
font-awesome.css
agronews.com.pl/wp-content/plugins/td-composer/assets/fonts/font-awesome/ Frame 00CE 		43 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=78be34af347704c29acc8080ee49e259
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
222ee58618ed44bc79102e6264212216d442ce197d15cb2c7d1a7d760281a34b

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:15 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
style.css
agronews.com.pl/wp-content/themes/Newspaper/ Frame 00CE 		145 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/themes/Newspaper/style.css?ver=10.4
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
4f9ce710d5a6b3d5561a358aa787adc26fb02aed068ab385dfce0beb1908d207

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:06 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
ytprefs.min.css
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/styles/ Frame 00CE 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/styles/ytprefs.min.css?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
b21127e786e95583fff0f6298c1da349929ae4a73b3e168b6124bf2e12e9d19c

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
lity.min.css
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ Frame 00CE 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/lity.min.css?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
1d88db407cf3c60be4d258f7cd3c0b6a464df0ce77153fed90afbe103fee6d96

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
embdyn.min.css
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ Frame 00CE 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/embdyn.min.css?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0df3837f84f65fc5b2ad9daa176d034c678cb49d837422242eee9c05b887f875

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
css
fonts.googleapis.com/ Frame 00CE 		6 KB
679 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A600%7COpen+Sans%3A600%7COpen+Sans%3A400n%7COpen+Sans%3A600%7COpen+Sans%3A400%7COpen+Sans%3A600%7COpen+Sans%3A400%7COpen+Sans%3A600%7COpen+Sans%3A400%7COpen+Sans%3A400%7COpen+Sans%3A700%7COpen+Sans%3A600
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7cb3c067cd4e881adbe56c6d5f8e90651c9c9f2997837f1938b6c7cf185357f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 20:25:49 GMT
server
ESF
date
Tue, 01 Jun 2021 20:45:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Jun 2021 20:45:13 GMT
js_composer.min.css
agronews.com.pl/wp-content/plugins/js_composer/assets/css/ Frame 00CE 		474 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
97b5b6bb0bfd4413504da4a5b78546698c75a127fff51b095080ee7fd3b8ec0c

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 27 Feb 2021 00:37:47 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
td_legacy_main.css
agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ Frame 00CE 		158 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=78be34af347704c29acc8080ee49e259
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
2fb6845235e01e747416824c40ea0122d7df3e5fb96301ccebb8da8a0f55d64d

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:15 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
td_standard_pack_main.css
agronews.com.pl/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ Frame 00CE 		715 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=eccb2c408442ac58c2bcf4360ad09738
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:02:22 GMT
server
IdeaWebServer/2.0.5
content-type
text/css
jetpack.css
c0.wp.com/p/jetpack/9.7/css/ Frame 00CE 		76 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.7/css/jetpack.css
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
177b4773b237fa63062f913ed377e24540f843cda864a8d271c5ca083c18a9c6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Tue, 27 Apr 2021 15:29:25 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:13 GMT
related-posts.min.js
c0.wp.com/p/jetpack/9.7/_inc/build/related-posts/ Frame 00CE 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.7/_inc/build/related-posts/related-posts.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
fc2e4fd761c3a7833d11973c14ace3a38828e52a56f1be8c5ba3ab7fe0376bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Tue, 23 Feb 2021 16:08:42 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:13 GMT
jquery.min.js
c0.wp.com/c/5.7.2/wp-includes/js/jquery/ Frame 00CE 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Wed, 07 Oct 2020 16:33:25 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:13 GMT
jquery-migrate.min.js
c0.wp.com/c/5.7.2/wp-includes/js/jquery/ Frame 00CE 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:13 GMT
gtm4wp-form-move-tracker.js
agronews.com.pl/wp-content/plugins/duracelltomi-google-tag-manager/js/ Frame 00CE 		2 KB
512 B 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.13.1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
dfbdff6c9f2de2d75edb5ae49d26a9c0af81801b17de08739e32b738ef23058e

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 14:05:09 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
lity.min.js
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ Frame 00CE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/lity.min.js?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
afb85cc0ede42e76244969d3d277ec8a7c2cc1a8117f980e45075488cf15e4e2

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
ytprefs.min.js
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ Frame 00CE 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ytprefs.min.js?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
a18f9c3a1e3721d25d5b26a3ee4540f079de7edf9e0a3275434a22b6e6c718f6

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
embdyn.min.js
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ Frame 00CE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/embdyn.min.js?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
dcd562713fb2316f867c04239cde88bb6d54cc1b75c0f2e5f13b57ec9c0a7027

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
js
www.googletagmanager.com/gtag/ Frame 00CE 		86 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-951869502
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c7363d7dcad34e0fae539bf7bd958f916edf04b1b399901c0c74d5c12d2493c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34578
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 20:23:47 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Jun 2021 20:45:14 GMT
wp-emoji-release.min.js
agronews.com.pl/wp-includes/js/ Frame 00CE 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 21:35:42 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
js
www.googletagmanager.com/gtag/ Frame 00CE 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-5356948-1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b149cdaf8fa82fec79230f2584243c368905f3506316c83eacc774919d0e98a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35955
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 18:43:03 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Jun 2021 20:45:14 GMT
Agro-News-LOGO-bez-t%C5%82a-bia%C5%82e_200.png
agronews.com.pl/wp-content/uploads/ Frame 47B9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agronews.com.pl/wp-content/uploads/Agro-News-LOGO-bez-t%C5%82a-bia%C5%82e_200.png
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
9946801b6d0587f99b1e06055512628feb1be040dd524c6fb417b6a55b7f9ac6

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
last-modified
Wed, 07 Nov 2018 13:37:49 GMT
server
IdeaWebServer/2.0.5
content-length
4113
content-type
image/png
lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 227D 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by
Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.8ade32c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b

Request headers

Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:58 GMT
content-encoding
br
vary
Accept-Encoding
age
2316196
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
s4GTtTQGmDHszmAjwBlmjwsKehz83tbSKvl0HDn9sXOEUt-mXoZjxw==
/
g.cash-ads.com/ Frame 5DCB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/?nc=F%2BN5TYbQxSxDgVdO2HBjZcum3nuTpjIWjA8UVYRIP%2Bk%3D
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
nginx /
Resource Hash
b48b78d547dbf35086ab30aea13f96f09b633b41780f0c9dabb2f60cb0bf0cd0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=F%2BN5TYbQxSxDgVdO2HBjZcum3nuTpjIWjA8UVYRIP%2Bk%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/?nc=5YyiYC3y5xm9tk1wOiIG4HkRy6s3ZDl8kwfLplZ7Drg%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g.cash-ads.com/?nc=5YyiYC3y5xm9tk1wOiIG4HkRy6s3ZDl8kwfLplZ7Drg%3D

Response headers

server
nginx
date
Tue, 01 Jun 2021 20:45:13 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
/
g.cash-ads.com/ Frame 4BF7 		1 KB
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/?nc=F%2BN5TYbQxSxDgVdO2HBjZeH7Se7BlO3rmBYpDrtTWSE%3D
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
nginx /
Resource Hash
185bc85c79a5c02c477e228a56304d1bd570005fc866ab2afe513163962a254b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=F%2BN5TYbQxSxDgVdO2HBjZeH7Se7BlO3rmBYpDrtTWSE%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/?nc=5YyiYC3y5xm9tk1wOiIG4I4eacT%2BYjPOf20Z5%2BB02ZE%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g.cash-ads.com/?nc=5YyiYC3y5xm9tk1wOiIG4I4eacT%2BYjPOf20Z5%2BB02ZE%3D

Response headers

server
nginx
date
Tue, 01 Jun 2021 20:45:13 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
Agro-News-LOGO-bez-t%C5%82a-bia%C5%82e_200.png
agronews.com.pl/wp-content/uploads/ Frame 19D1 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agronews.com.pl/wp-content/uploads/Agro-News-LOGO-bez-t%C5%82a-bia%C5%82e_200.png
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
9946801b6d0587f99b1e06055512628feb1be040dd524c6fb417b6a55b7f9ac6

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
last-modified
Wed, 07 Nov 2018 13:37:49 GMT
server
IdeaWebServer/2.0.5
content-length
4113
content-type
image/png
Agro-News-LOGO-bez-t%C5%82a-bia%C5%82e_200.png
agronews.com.pl/wp-content/uploads/ Frame 00CE 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agronews.com.pl/wp-content/uploads/Agro-News-LOGO-bez-t%C5%82a-bia%C5%82e_200.png
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
9946801b6d0587f99b1e06055512628feb1be040dd524c6fb417b6a55b7f9ac6

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
last-modified
Wed, 07 Nov 2018 13:37:49 GMT
server
IdeaWebServer/2.0.5
content-length
4113
content-type
image/png
bnpp_agroMaszyny_agronews_1000x200.jpg
i2.wp.com/agronews.com.pl/wp-content/uploads/ Frame 19D1 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/agronews.com.pl/wp-content/uploads/bnpp_agroMaszyny_agronews_1000x200.jpg?w=696&ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
6a92f850f710273b82c8266b188b5e8236e4dadb7555bcfd18b8651999ff81d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 01:55:17 GMT
server
nginx
etag
"905a69aa31123cea"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/bnpp_agroMaszyny_agronews_1000x200.jpg>; rel="canonical"
content-length
20050
expires
Fri, 12 May 2023 13:55:17 GMT
B25863051.302957292;dc_pre=CNbth9qm9_ACFWvuuwgdyKkHbg;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/ Frame 19D1
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25863051.302957292;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25863051.302957292;dc_pre=CNbth9qm9_ACFWvuuwgdyKkHbg;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rd...
42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25863051.302957292;dc_pre=CNbth9qm9_ACFWvuuwgdyKkHbg;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25863051.302957292;dc_pre=CNbth9qm9_ACFWvuuwgdyKkHbg;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bnpp_agroMaszyny_agronews_1000x200.jpg
i2.wp.com/agronews.com.pl/wp-content/uploads/ Frame 00CE 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/agronews.com.pl/wp-content/uploads/bnpp_agroMaszyny_agronews_1000x200.jpg?w=696&ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
6a92f850f710273b82c8266b188b5e8236e4dadb7555bcfd18b8651999ff81d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 01:55:17 GMT
server
nginx
etag
"905a69aa31123cea"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/bnpp_agroMaszyny_agronews_1000x200.jpg>; rel="canonical"
content-length
20050
expires
Fri, 12 May 2023 13:55:17 GMT
B25863051.302957292;dc_pre=COCdodqm9_ACFVaFgwcdDFAOeg;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/ Frame 00CE
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25863051.302957292;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25863051.302957292;dc_pre=COCdodqm9_ACFVaFgwcdDFAOeg;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25863051.302957292;dc_pre=COCdodqm9_ACFVaFgwcdDFAOeg;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25863051.302957292;dc_pre=COCdodqm9_ACFVaFgwcdDFAOeg;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bnpp_agroMaszyny_agronews_1000x200.jpg
i2.wp.com/agronews.com.pl/wp-content/uploads/ Frame 47B9 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/agronews.com.pl/wp-content/uploads/bnpp_agroMaszyny_agronews_1000x200.jpg?w=696&ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
6a92f850f710273b82c8266b188b5e8236e4dadb7555bcfd18b8651999ff81d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 01:55:17 GMT
server
nginx
etag
"905a69aa31123cea"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/bnpp_agroMaszyny_agronews_1000x200.jpg>; rel="canonical"
content-length
20050
expires
Fri, 12 May 2023 13:55:17 GMT
B25863051.302957292;dc_pre=CMed-Nmm9_ACFROD3godRu0DFw;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/ Frame 47B9
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25863051.302957292;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25863051.302957292;dc_pre=CMed-Nmm9_ACFROD3godRu0DFw;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rd...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25863051.302957292;dc_pre=CMed-Nmm9_ACFROD3godRu0DFw;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25863051.302957292;dc_pre=CMed-Nmm9_ACFROD3godRu0DFw;dc_trk_aid=495626465;dc_trk_cid=150530632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.jpg
img.youtube.com/vi/ICfwHZMYPdo/ Frame 47B9
Redirect Chain
  • https://i0.wp.com/img.youtube.com/vi/ICfwHZMYPdo/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/ICfwHZMYPdo/default.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/ICfwHZMYPdo/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
662f24e5731e96f655b93893c2cf53b25bc647adad77c665a6fea568833257e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:29:05 GMT
x-content-type-options
nosniff
server
sffe
age
969
etag
"1620988311"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2873
x-xss-protection
0
expires
Tue, 01 Jun 2021 22:29:05 GMT

Redirect headers

x-nc
HIT vie 5
date
Tue, 01 Jun 2021 20:45:14 GMT
server
nginx
location
https://img.youtube.com/vi/ICfwHZMYPdo/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/ZebfYY4_sbc/ Frame 47B9
Redirect Chain
  • https://i2.wp.com/img.youtube.com/vi/ZebfYY4_sbc/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/ZebfYY4_sbc/default.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/ZebfYY4_sbc/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffd8785700b0ad5088311cadea40e1fe5234f83dc19b2a4ff11fa6c71f283208
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:59:52 GMT
x-content-type-options
nosniff
server
sffe
age
2722
etag
"1621094404"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3838
x-xss-protection
0
expires
Tue, 01 Jun 2021 21:59:52 GMT

Redirect headers

x-nc
HIT vie 7
date
Tue, 01 Jun 2021 20:45:14 GMT
server
nginx
location
https://img.youtube.com/vi/ZebfYY4_sbc/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/VKDhIZmcVlU/ Frame 47B9
Redirect Chain
  • https://i1.wp.com/img.youtube.com/vi/VKDhIZmcVlU/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/VKDhIZmcVlU/default.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/VKDhIZmcVlU/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be945fe4482c19e13e960e0a016fa308c35c8356cb44af80f9811052f75cd47b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:32:35 GMT
x-content-type-options
nosniff
server
sffe
age
760
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3817
x-xss-protection
0
expires
Tue, 01 Jun 2021 22:32:35 GMT

Redirect headers

x-nc
HIT vie 2
date
Tue, 01 Jun 2021 20:45:15 GMT
server
nginx
location
https://img.youtube.com/vi/VKDhIZmcVlU/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/NUSuhg-i-xE/ Frame 47B9
Redirect Chain
  • https://i1.wp.com/img.youtube.com/vi/NUSuhg-i-xE/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/NUSuhg-i-xE/default.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/NUSuhg-i-xE/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baaec164f60b7ee17eb4f4ae810c1d3a82963798c8000280f72ae53ccbede515
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:42:31 GMT
x-content-type-options
nosniff
server
sffe
age
3764
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3076
x-xss-protection
0
expires
Tue, 01 Jun 2021 21:42:31 GMT

Redirect headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:15 GMT
server
nginx
location
https://img.youtube.com/vi/NUSuhg-i-xE/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/MzwB-VR5BVM/ Frame 47B9
Redirect Chain
  • https://i1.wp.com/img.youtube.com/vi/MzwB-VR5BVM/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/MzwB-VR5BVM/default.jpg
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/MzwB-VR5BVM/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
968e8d0d507b7c84da4a128efaa9cdf89e808961c71aaaa33c5b5ef2ef458cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:42:31 GMT
x-content-type-options
nosniff
server
sffe
age
3764
etag
"1614601589"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2319
x-xss-protection
0
expires
Tue, 01 Jun 2021 21:42:31 GMT

Redirect headers

x-nc
HIT vie 3
date
Tue, 01 Jun 2021 20:45:15 GMT
server
nginx
location
https://img.youtube.com/vi/MzwB-VR5BVM/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/6wLvFLyOSi8/ Frame 47B9
Redirect Chain
  • https://i1.wp.com/img.youtube.com/vi/6wLvFLyOSi8/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/6wLvFLyOSi8/default.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/6wLvFLyOSi8/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a53b34c41a76e9ebdcd533835092a8a47fd7571f9e8b591c1a6587a7d014ffe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:55:16 GMT
x-content-type-options
nosniff
server
sffe
age
2999
etag
"1612527837"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3552
x-xss-protection
0
expires
Tue, 01 Jun 2021 21:55:16 GMT

Redirect headers

x-nc
HIT vie 8
date
Tue, 01 Jun 2021 20:45:15 GMT
server
nginx
location
https://img.youtube.com/vi/6wLvFLyOSi8/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/-wUIl-jd52k/ Frame 47B9
Redirect Chain
  • https://i1.wp.com/img.youtube.com/vi/-wUIl-jd52k/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/-wUIl-jd52k/default.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/-wUIl-jd52k/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0619df7be981b1d80145d579e58ae4541dfe1266adb8a23f97e35edccc83bcda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:07:38 GMT
x-content-type-options
nosniff
server
sffe
age
2257
etag
"1609233509"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
expires
Tue, 01 Jun 2021 22:07:38 GMT

Redirect headers

x-nc
HIT vie 3
date
Tue, 01 Jun 2021 20:45:15 GMT
server
nginx
location
https://img.youtube.com/vi/-wUIl-jd52k/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/JX2o9pE0ndU/ Frame 47B9
Redirect Chain
  • https://i0.wp.com/img.youtube.com/vi/JX2o9pE0ndU/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/JX2o9pE0ndU/default.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/JX2o9pE0ndU/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f9103b45370ba4dfb4d90e051ad55eaa56a2c35d25d80d4de2737c25f152f66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:53:18 GMT
x-content-type-options
nosniff
server
sffe
age
6716
etag
"1608396843"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4175
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:53:18 GMT

Redirect headers

x-nc
HIT vie 2
date
Tue, 01 Jun 2021 20:45:14 GMT
server
nginx
location
https://img.youtube.com/vi/JX2o9pE0ndU/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/ce8lSVJBqs8/ Frame 47B9
Redirect Chain
  • https://i2.wp.com/img.youtube.com/vi/ce8lSVJBqs8/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/ce8lSVJBqs8/default.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/ce8lSVJBqs8/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0527f074d0854fe174ef893c594cc0bd9bf4967cf7995b206a188ea836446dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:22:05 GMT
vary
Origin
server
sffe
age
4989
etag
"0"
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
content-type
image/jpeg
cache-control
public, max-age=7200
x-content-type-options
nosniff
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2862
x-xss-protection
0
expires
Tue, 01 Jun 2021 21:22:05 GMT

Redirect headers

x-nc
HIT vie 3
date
Tue, 01 Jun 2021 20:45:14 GMT
server
nginx
location
https://img.youtube.com/vi/ce8lSVJBqs8/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/akhYyRbY6Iw/ Frame 47B9
Redirect Chain
  • https://i1.wp.com/img.youtube.com/vi/akhYyRbY6Iw/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/akhYyRbY6Iw/default.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/akhYyRbY6Iw/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02e21d79fbe3a940fc0724716754d3d98089fb985dc6ff16f1f4e945ad8e1d5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:15:36 GMT
x-content-type-options
nosniff
server
sffe
age
1779
etag
"1608565439"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3509
x-xss-protection
0
expires
Tue, 01 Jun 2021 22:15:36 GMT

Redirect headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:15 GMT
server
nginx
location
https://img.youtube.com/vi/akhYyRbY6Iw/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
t.php
c.statcounter.com/ Frame 7816 		407 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=11231575&u1=na&java=1&security=96323b3b&sc_snum=1&sess=b731b1&p=0&jg=undefined&rr=undefined&resolution=1600&h=1200&camefrom=&u=https%3A//nullrefer.com/%3Fhttps%3A//serveur-gmod.com/&t=Nullrefer.com%20Anonym%20Link&invisible=1&sc_rum_e_s=941&sc_rum_e_e=946&sc_rum_f_s=0&sc_rum_f_e=822&get_config=true
Requested by
Host: secure.statcounter.com
URL: https://secure.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba01b31c930d6f7657b7ab0d483a45590323f79da7d60feb8662ac934cc1ecb1

Request headers

Referer
https://nullrefer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
658b48d1abb2d47b-HAM
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin
https://nullrefer.com
access-control-allow-credentials
true
content-type
application/json
cf-request-id
0a6aebd7070000d47b9d330000000001
expires
Mon, 26 Jul 1997 05:00:00 GMT
lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 3D9A 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by
Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.8ade32c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b

Request headers

Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:58 GMT
content-encoding
br
vary
Accept-Encoding
age
2316196
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
TOEH94flHSZHu_Mdc0mp_zCetxUyfi67aEOcJ47sDU_ap-UK237ZYA==
default.jpg
img.youtube.com/vi/ICfwHZMYPdo/ Frame 19D1
Redirect Chain
  • https://i0.wp.com/img.youtube.com/vi/ICfwHZMYPdo/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/ICfwHZMYPdo/default.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/ICfwHZMYPdo/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
662f24e5731e96f655b93893c2cf53b25bc647adad77c665a6fea568833257e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:29:05 GMT
x-content-type-options
nosniff
server
sffe
age
969
etag
"1620988311"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2873
x-xss-protection
0
expires
Tue, 01 Jun 2021 22:29:05 GMT

Redirect headers

x-nc
HIT vie 5
date
Tue, 01 Jun 2021 20:45:14 GMT
server
nginx
location
https://img.youtube.com/vi/ICfwHZMYPdo/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/ZebfYY4_sbc/ Frame 19D1
Redirect Chain
  • https://i2.wp.com/img.youtube.com/vi/ZebfYY4_sbc/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/ZebfYY4_sbc/default.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/ZebfYY4_sbc/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffd8785700b0ad5088311cadea40e1fe5234f83dc19b2a4ff11fa6c71f283208
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:59:52 GMT
x-content-type-options
nosniff
server
sffe
age
2722
etag
"1621094404"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3838
x-xss-protection
0
expires
Tue, 01 Jun 2021 21:59:52 GMT

Redirect headers

x-nc
HIT vie 7
date
Tue, 01 Jun 2021 20:45:14 GMT
server
nginx
location
https://img.youtube.com/vi/ZebfYY4_sbc/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/VKDhIZmcVlU/ Frame 19D1
Redirect Chain
  • https://i1.wp.com/img.youtube.com/vi/VKDhIZmcVlU/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/VKDhIZmcVlU/default.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/VKDhIZmcVlU/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be945fe4482c19e13e960e0a016fa308c35c8356cb44af80f9811052f75cd47b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:32:35 GMT
x-content-type-options
nosniff
server
sffe
age
760
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3817
x-xss-protection
0
expires
Tue, 01 Jun 2021 22:32:35 GMT

Redirect headers

x-nc
HIT vie 2
date
Tue, 01 Jun 2021 20:45:15 GMT
server
nginx
location
https://img.youtube.com/vi/VKDhIZmcVlU/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/NUSuhg-i-xE/ Frame 19D1
Redirect Chain
  • https://i1.wp.com/img.youtube.com/vi/NUSuhg-i-xE/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/NUSuhg-i-xE/default.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/NUSuhg-i-xE/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baaec164f60b7ee17eb4f4ae810c1d3a82963798c8000280f72ae53ccbede515
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:42:31 GMT
x-content-type-options
nosniff
server
sffe
age
3764
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3076
x-xss-protection
0
expires
Tue, 01 Jun 2021 21:42:31 GMT

Redirect headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:15 GMT
server
nginx
location
https://img.youtube.com/vi/NUSuhg-i-xE/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/MzwB-VR5BVM/ Frame 19D1
Redirect Chain
  • https://i1.wp.com/img.youtube.com/vi/MzwB-VR5BVM/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/MzwB-VR5BVM/default.jpg
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/MzwB-VR5BVM/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
968e8d0d507b7c84da4a128efaa9cdf89e808961c71aaaa33c5b5ef2ef458cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:42:31 GMT
x-content-type-options
nosniff
server
sffe
age
3764
etag
"1614601589"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2319
x-xss-protection
0
expires
Tue, 01 Jun 2021 21:42:31 GMT

Redirect headers

x-nc
HIT vie 3
date
Tue, 01 Jun 2021 20:45:15 GMT
server
nginx
location
https://img.youtube.com/vi/MzwB-VR5BVM/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/6wLvFLyOSi8/ Frame 19D1
Redirect Chain
  • https://i1.wp.com/img.youtube.com/vi/6wLvFLyOSi8/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/6wLvFLyOSi8/default.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/6wLvFLyOSi8/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a53b34c41a76e9ebdcd533835092a8a47fd7571f9e8b591c1a6587a7d014ffe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:55:16 GMT
x-content-type-options
nosniff
server
sffe
age
2999
etag
"1612527837"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3552
x-xss-protection
0
expires
Tue, 01 Jun 2021 21:55:16 GMT

Redirect headers

x-nc
HIT vie 8
date
Tue, 01 Jun 2021 20:45:15 GMT
server
nginx
location
https://img.youtube.com/vi/6wLvFLyOSi8/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/-wUIl-jd52k/ Frame 19D1
Redirect Chain
  • https://i1.wp.com/img.youtube.com/vi/-wUIl-jd52k/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/-wUIl-jd52k/default.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/-wUIl-jd52k/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0619df7be981b1d80145d579e58ae4541dfe1266adb8a23f97e35edccc83bcda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:07:38 GMT
x-content-type-options
nosniff
server
sffe
age
2257
etag
"1609233509"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
expires
Tue, 01 Jun 2021 22:07:38 GMT

Redirect headers

x-nc
HIT vie 3
date
Tue, 01 Jun 2021 20:45:15 GMT
server
nginx
location
https://img.youtube.com/vi/-wUIl-jd52k/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/JX2o9pE0ndU/ Frame 19D1
Redirect Chain
  • https://i0.wp.com/img.youtube.com/vi/JX2o9pE0ndU/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/JX2o9pE0ndU/default.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/JX2o9pE0ndU/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f9103b45370ba4dfb4d90e051ad55eaa56a2c35d25d80d4de2737c25f152f66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:53:18 GMT
x-content-type-options
nosniff
server
sffe
age
6716
etag
"1608396843"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4175
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:53:18 GMT

Redirect headers

x-nc
HIT vie 2
date
Tue, 01 Jun 2021 20:45:14 GMT
server
nginx
location
https://img.youtube.com/vi/JX2o9pE0ndU/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/ce8lSVJBqs8/ Frame 19D1
Redirect Chain
  • https://i2.wp.com/img.youtube.com/vi/ce8lSVJBqs8/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/ce8lSVJBqs8/default.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/ce8lSVJBqs8/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0527f074d0854fe174ef893c594cc0bd9bf4967cf7995b206a188ea836446dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:22:05 GMT
vary
Origin
server
sffe
age
4989
etag
"0"
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
content-type
image/jpeg
cache-control
public, max-age=7200
x-content-type-options
nosniff
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2862
x-xss-protection
0
expires
Tue, 01 Jun 2021 21:22:05 GMT

Redirect headers

x-nc
HIT vie 3
date
Tue, 01 Jun 2021 20:45:14 GMT
server
nginx
location
https://img.youtube.com/vi/ce8lSVJBqs8/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/akhYyRbY6Iw/ Frame 19D1
Redirect Chain
  • https://i1.wp.com/img.youtube.com/vi/akhYyRbY6Iw/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/akhYyRbY6Iw/default.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/akhYyRbY6Iw/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02e21d79fbe3a940fc0724716754d3d98089fb985dc6ff16f1f4e945ad8e1d5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:15:36 GMT
x-content-type-options
nosniff
server
sffe
age
1779
etag
"1608565439"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3509
x-xss-protection
0
expires
Tue, 01 Jun 2021 22:15:36 GMT

Redirect headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:15 GMT
server
nginx
location
https://img.youtube.com/vi/akhYyRbY6Iw/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/ICfwHZMYPdo/ Frame 00CE
Redirect Chain
  • https://i0.wp.com/img.youtube.com/vi/ICfwHZMYPdo/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/ICfwHZMYPdo/default.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/ICfwHZMYPdo/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
662f24e5731e96f655b93893c2cf53b25bc647adad77c665a6fea568833257e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:29:05 GMT
x-content-type-options
nosniff
server
sffe
age
969
etag
"1620988311"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2873
x-xss-protection
0
expires
Tue, 01 Jun 2021 22:29:05 GMT

Redirect headers

x-nc
HIT vie 5
date
Tue, 01 Jun 2021 20:45:14 GMT
server
nginx
location
https://img.youtube.com/vi/ICfwHZMYPdo/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/ZebfYY4_sbc/ Frame 00CE
Redirect Chain
  • https://i2.wp.com/img.youtube.com/vi/ZebfYY4_sbc/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/ZebfYY4_sbc/default.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/ZebfYY4_sbc/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffd8785700b0ad5088311cadea40e1fe5234f83dc19b2a4ff11fa6c71f283208
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:59:52 GMT
x-content-type-options
nosniff
server
sffe
age
2722
etag
"1621094404"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3838
x-xss-protection
0
expires
Tue, 01 Jun 2021 21:59:52 GMT

Redirect headers

x-nc
HIT vie 7
date
Tue, 01 Jun 2021 20:45:14 GMT
server
nginx
location
https://img.youtube.com/vi/ZebfYY4_sbc/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/VKDhIZmcVlU/ Frame 00CE
Redirect Chain
  • https://i1.wp.com/img.youtube.com/vi/VKDhIZmcVlU/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/VKDhIZmcVlU/default.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/VKDhIZmcVlU/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be945fe4482c19e13e960e0a016fa308c35c8356cb44af80f9811052f75cd47b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:32:35 GMT
x-content-type-options
nosniff
server
sffe
age
760
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3817
x-xss-protection
0
expires
Tue, 01 Jun 2021 22:32:35 GMT

Redirect headers

x-nc
HIT vie 2
date
Tue, 01 Jun 2021 20:45:15 GMT
server
nginx
location
https://img.youtube.com/vi/VKDhIZmcVlU/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/NUSuhg-i-xE/ Frame 00CE
Redirect Chain
  • https://i1.wp.com/img.youtube.com/vi/NUSuhg-i-xE/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/NUSuhg-i-xE/default.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/NUSuhg-i-xE/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baaec164f60b7ee17eb4f4ae810c1d3a82963798c8000280f72ae53ccbede515
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:42:31 GMT
x-content-type-options
nosniff
server
sffe
age
3764
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3076
x-xss-protection
0
expires
Tue, 01 Jun 2021 21:42:31 GMT

Redirect headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:15 GMT
server
nginx
location
https://img.youtube.com/vi/NUSuhg-i-xE/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/MzwB-VR5BVM/ Frame 00CE
Redirect Chain
  • https://i1.wp.com/img.youtube.com/vi/MzwB-VR5BVM/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/MzwB-VR5BVM/default.jpg
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/MzwB-VR5BVM/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
968e8d0d507b7c84da4a128efaa9cdf89e808961c71aaaa33c5b5ef2ef458cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:42:31 GMT
x-content-type-options
nosniff
server
sffe
age
3764
etag
"1614601589"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2319
x-xss-protection
0
expires
Tue, 01 Jun 2021 21:42:31 GMT

Redirect headers

x-nc
HIT vie 3
date
Tue, 01 Jun 2021 20:45:15 GMT
server
nginx
location
https://img.youtube.com/vi/MzwB-VR5BVM/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/6wLvFLyOSi8/ Frame 00CE
Redirect Chain
  • https://i1.wp.com/img.youtube.com/vi/6wLvFLyOSi8/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/6wLvFLyOSi8/default.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/6wLvFLyOSi8/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a53b34c41a76e9ebdcd533835092a8a47fd7571f9e8b591c1a6587a7d014ffe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:55:16 GMT
x-content-type-options
nosniff
server
sffe
age
2999
etag
"1612527837"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3552
x-xss-protection
0
expires
Tue, 01 Jun 2021 21:55:16 GMT

Redirect headers

x-nc
HIT vie 8
date
Tue, 01 Jun 2021 20:45:15 GMT
server
nginx
location
https://img.youtube.com/vi/6wLvFLyOSi8/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/-wUIl-jd52k/ Frame 00CE
Redirect Chain
  • https://i1.wp.com/img.youtube.com/vi/-wUIl-jd52k/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/-wUIl-jd52k/default.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/-wUIl-jd52k/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0619df7be981b1d80145d579e58ae4541dfe1266adb8a23f97e35edccc83bcda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:07:38 GMT
x-content-type-options
nosniff
server
sffe
age
2257
etag
"1609233509"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
expires
Tue, 01 Jun 2021 22:07:38 GMT

Redirect headers

x-nc
HIT vie 3
date
Tue, 01 Jun 2021 20:45:15 GMT
server
nginx
location
https://img.youtube.com/vi/-wUIl-jd52k/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/JX2o9pE0ndU/ Frame 00CE
Redirect Chain
  • https://i0.wp.com/img.youtube.com/vi/JX2o9pE0ndU/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/JX2o9pE0ndU/default.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/JX2o9pE0ndU/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f9103b45370ba4dfb4d90e051ad55eaa56a2c35d25d80d4de2737c25f152f66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:53:18 GMT
x-content-type-options
nosniff
server
sffe
age
6716
etag
"1608396843"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4175
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:53:18 GMT

Redirect headers

x-nc
HIT vie 2
date
Tue, 01 Jun 2021 20:45:14 GMT
server
nginx
location
https://img.youtube.com/vi/JX2o9pE0ndU/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/ce8lSVJBqs8/ Frame 00CE
Redirect Chain
  • https://i2.wp.com/img.youtube.com/vi/ce8lSVJBqs8/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/ce8lSVJBqs8/default.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/ce8lSVJBqs8/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0527f074d0854fe174ef893c594cc0bd9bf4967cf7995b206a188ea836446dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:22:05 GMT
vary
Origin
server
sffe
age
4989
etag
"0"
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
content-type
image/jpeg
cache-control
public, max-age=7200
x-content-type-options
nosniff
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2862
x-xss-protection
0
expires
Tue, 01 Jun 2021 21:22:05 GMT

Redirect headers

x-nc
HIT vie 3
date
Tue, 01 Jun 2021 20:45:14 GMT
server
nginx
location
https://img.youtube.com/vi/ce8lSVJBqs8/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
default.jpg
img.youtube.com/vi/akhYyRbY6Iw/ Frame 00CE
Redirect Chain
  • https://i1.wp.com/img.youtube.com/vi/akhYyRbY6Iw/default.jpg?w=696&ssl=1
  • https://img.youtube.com/vi/akhYyRbY6Iw/default.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/akhYyRbY6Iw/default.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02e21d79fbe3a940fc0724716754d3d98089fb985dc6ff16f1f4e945ad8e1d5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:15:36 GMT
x-content-type-options
nosniff
server
sffe
age
1779
etag
"1608565439"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3509
x-xss-protection
0
expires
Tue, 01 Jun 2021 22:15:36 GMT

Redirect headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:15 GMT
server
nginx
location
https://img.youtube.com/vi/akhYyRbY6Iw/default.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
AZOTY-Polifoska-Krzem-baner-300x600-1.jpg
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 47B9 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/AZOTY-Polifoska-Krzem-baner-300x600-1.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
2058d60d1e7067253ac10becec81179f0ffee53bd779dbfb356ad19ad4a999f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 4
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Sat, 15 May 2021 05:22:57 GMT
server
nginx
etag
"e3f71a5663313d3f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/AZOTY-Polifoska-Krzem-baner-300x600-1.jpg>; rel="canonical"
content-length
16190
expires
Mon, 15 May 2023 17:22:57 GMT
300x600-Ulotka-ASF-PIO.jpg
i1.wp.com/agronews.com.pl/wp-content/uploads/ Frame 47B9 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/agronews.com.pl/wp-content/uploads/300x600-Ulotka-ASF-PIO.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
a4ce20b4b2e355fd474072d3afc0106bf0142b6c69789b87f5e31df1b52e949c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 10 May 2021 16:16:28 GMT
server
nginx
etag
"3dfd5ede0d8d2eac"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/300x600-Ulotka-ASF-PIO.jpg>; rel="canonical"
content-length
21114
expires
Thu, 11 May 2023 04:16:28 GMT
Dekalb_Excited_2020_300x600.jpg
i1.wp.com/agronews.com.pl/wp-content/uploads/ Frame 47B9 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/agronews.com.pl/wp-content/uploads/Dekalb_Excited_2020_300x600.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
2d296b4efe9b7e7dca25be8520a9a44dc3d34ab7efc62006f796781f679a2749
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 7
date
Tue, 01 Jun 2021 20:45:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 May 2021 22:00:35 GMT
server
nginx
etag
"7be969b36df49c6a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/Dekalb_Excited_2020_300x600.jpg>; rel="canonical"
content-length
46198
expires
Thu, 01 Jun 2023 10:00:35 GMT
B25764214.302870472;dc_pre=CMGljNqm9_ACFVMF4AodD5wEyQ;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/ Frame 47B9
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25764214.302870472;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;...
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25764214.302870472;dc_pre=CMGljNqm9_ACFVMF4AodD5wEyQ;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_fo...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25764214.302870472;dc_pre=CMGljNqm9_ACFVMF4AodD5wEyQ;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25764214.302870472;dc_pre=CMGljNqm9_ACFVMF4AodD5wEyQ;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ButeoStart_2020_300x600.jpg
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 47B9 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/ButeoStart_2020_300x600.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
0007fbba0a7eedeb9864dc4feed1e99365492381eea8eedfd5930ece6d1955c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 4
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 May 2021 22:00:35 GMT
server
nginx
etag
"ff6a97b1a3ceafbe"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/ButeoStart_2020_300x600.jpg>; rel="canonical"
content-length
34566
expires
Thu, 01 Jun 2023 10:00:35 GMT
B25857693.303061777;dc_pre=CJDYjdqm9_ACFVyK_QcdrkIOng;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/ Frame 47B9
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25857693.303061777;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;...
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25857693.303061777;dc_pre=CJDYjdqm9_ACFVyK_QcdrkIOng;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_fo...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25857693.303061777;dc_pre=CJDYjdqm9_ACFVyK_QcdrkIOng;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25857693.303061777;dc_pre=CJDYjdqm9_ACFVyK_QcdrkIOng;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zaslepka_BNPParibas_agroofensywa_300x600_v4.png
i2.wp.com/agronews.com.pl/wp-content/banners/ Frame 47B9 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/agronews.com.pl/wp-content/banners/zaslepka_BNPParibas_agroofensywa_300x600_v4.png?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
700d3566cb16050575516075f9358d9654a42ef1ee2f43dee9c736ad2f9cedf1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 3
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Feb 2021 22:13:52 GMT
server
nginx
etag
"1a4f8af161550239"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/banners/zaslepka_BNPParibas_agroofensywa_300x600_v4.png>; rel="canonical"
content-length
28490
expires
Sat, 25 Feb 2023 10:13:52 GMT
B25455579.296658109;dc_pre=CJ_Zjdqm9_ACFWzsuwgdwUMNmQ;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/ Frame 47B9
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25455579.296658109;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25455579.296658109;dc_pre=CJ_Zjdqm9_ACFWzsuwgdwUMNmQ;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25455579.296658109;dc_pre=CJ_Zjdqm9_ACFWzsuwgdwUMNmQ;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25455579.296658109;dc_pre=CJ_Zjdqm9_ACFWzsuwgdwUMNmQ;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Corteva-Pioneer-PT303-300x600-2.jpg
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 47B9 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/Corteva-Pioneer-PT303-300x600-2.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
8aff203a63d5ce7918a47c7bb16db99b489d2f85eeabf2835343c929714094df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 3
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 May 2021 14:48:05 GMT
server
nginx
etag
"53c76deafcd9af05"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/Corteva-Pioneer-PT303-300x600-2.jpg>; rel="canonical"
content-length
28232
expires
Mon, 29 May 2023 02:48:05 GMT
Timac_TOPPHOS_zboze_300x600_07052021_DMa.jpg
i2.wp.com/agronews.com.pl/wp-content/uploads/ Frame 47B9 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/agronews.com.pl/wp-content/uploads/Timac_TOPPHOS_zboze_300x600_07052021_DMa.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
9b4d746c12dca1c165acb7190423dbac3764ea0dc6a89bfb4cf2ee004ec6b578
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 8
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 15:36:24 GMT
server
nginx
etag
"028a68fdc83facbf"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/Timac_TOPPHOS_zboze_300x600_07052021_DMa.jpg>; rel="canonical"
content-length
42118
expires
Sat, 13 May 2023 03:36:24 GMT
Kaltor_poland_web-banner_300x600px.jpg
i2.wp.com/agronews.com.pl/wp-content/uploads/ Frame 47B9 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/agronews.com.pl/wp-content/uploads/Kaltor_poland_web-banner_300x600px.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
71dfb47384bdf24d5d1c5ee19b115f9529c2e26f87c8d6852bbd569a4db256ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 7
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Mar 2021 02:06:44 GMT
server
nginx
etag
"30e52a948f3dd565"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/Kaltor_poland_web-banner_300x600px.jpg>; rel="canonical"
content-length
43780
expires
Sun, 26 Mar 2023 14:06:44 GMT
300x600_gif_tempo_kocazz-1.gif
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 47B9 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/300x600_gif_tempo_kocazz-1.gif?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
cbd2dad0f925275ed9db15d8870bbdc6292157f894c5d8613ffa4049295b1d0e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 6
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 May 2021 22:00:35 GMT
server
nginx
etag
"6f453d0738b083bb"
access-control-allow-methods
GET, HEAD
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/300x600_gif_tempo_kocazz-1.gif>; rel="canonical"
content-length
110824
expires
Thu, 01 Jun 2023 10:00:35 GMT
AgroKolo250_white.png
agronews.com.pl/wp-content/uploads/ Frame 47B9 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agronews.com.pl/wp-content/uploads/AgroKolo250_white.png
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
475c7fc53daa99be1bda2b6636346d3ebf52b3c9d29b6ba279efe45ef154aaf3

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
last-modified
Fri, 29 Nov 2019 22:05:58 GMT
server
IdeaWebServer/2.0.5
content-length
50425
content-type
image/png
photon.min.js
c0.wp.com/p/jetpack/9.7/_inc/build/photon/ Frame 47B9 		758 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.7/_inc/build/photon/photon.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:13 GMT
jquery.adrotate.dyngroup.js
agronews.com.pl/wp-content/plugins/adrotate-pro/library/ Frame 47B9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/adrotate-pro/library/jquery.adrotate.dyngroup.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
f7eb60b8faf448ef52cd9ce138f103b1ef2eb2c3cde81a7024b94bac40009c5c

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
jquery.adrotate.clicktracker.js
agronews.com.pl/wp-content/plugins/adrotate-pro/library/ Frame 47B9 		373 B
449 B 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/adrotate-pro/library/jquery.adrotate.clicktracker.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
84cd0fb32bf843e30cc16d02263c6105d6c3acf7526ef55faea1afaadcd57b64

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
underscore.min.js
c0.wp.com/c/5.7.2/wp-includes/js/ Frame 47B9 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.2/wp-includes/js/underscore.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
br
last-modified
Thu, 25 Mar 2021 20:02:19 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:14 GMT
js_posts_autoload.min.js
agronews.com.pl/wp-content/plugins/td-cloud-library/assets/js/ Frame 47B9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=9cac60bff796053a9968481412a5897a
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:43 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
tagdiv_theme.min.js
agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/js/ Frame 47B9 		256 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=10.4
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0fbd125fd5fe62fb74b3392cb3b0f23c69697d0c314d3db386b126e00dec7fb0

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:15 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
comment-reply.min.js
c0.wp.com/c/5.7.2/wp-includes/js/ Frame 47B9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.2/wp-includes/js/comment-reply.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
br
last-modified
Thu, 25 Mar 2021 20:02:19 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:14 GMT
intersectionobserver-polyfill.min.js
agronews.com.pl/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ Frame 47B9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/intersectionobserver-polyfill.min.js?ver=1.1.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Wed, 05 May 2021 02:05:11 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
lazy-images.min.js
agronews.com.pl/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ Frame 47B9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/lazy-images.min.js?ver=1.1.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Wed, 05 May 2021 02:05:11 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
fitvids.min.js
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ Frame 47B9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/fitvids.min.js?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
js_files_for_front.min.js
agronews.com.pl/wp-content/plugins/td-cloud-library/assets/js/ Frame 47B9 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=9cac60bff796053a9968481412a5897a
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
a4802468ac5765eaeaba478c94dcf0ed809eda836befde3519c337062df21711

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:43 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
wp-embed.min.js
c0.wp.com/c/5.7.2/wp-includes/js/ Frame 47B9 		1 KB
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.2/wp-includes/js/wp-embed.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:14 GMT
form.js
agronews.com.pl/wp-content/plugins/akismet/_inc/ Frame 47B9 		700 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/akismet/_inc/form.js?ver=4.1.9
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 02:05:07 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
e-202122.js
stats.wp.com/ Frame 47B9 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202122.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie
date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 23 May 2022 01:33:17 GMT
AZOTY-Polifoska-Krzem-baner-300x600-1.jpg
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 19D1 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/AZOTY-Polifoska-Krzem-baner-300x600-1.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
2058d60d1e7067253ac10becec81179f0ffee53bd779dbfb356ad19ad4a999f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 4
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Sat, 15 May 2021 05:22:57 GMT
server
nginx
etag
"e3f71a5663313d3f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/AZOTY-Polifoska-Krzem-baner-300x600-1.jpg>; rel="canonical"
content-length
16190
expires
Mon, 15 May 2023 17:22:57 GMT
300x600-Ulotka-ASF-PIO.jpg
i1.wp.com/agronews.com.pl/wp-content/uploads/ Frame 19D1 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/agronews.com.pl/wp-content/uploads/300x600-Ulotka-ASF-PIO.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
a4ce20b4b2e355fd474072d3afc0106bf0142b6c69789b87f5e31df1b52e949c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 10 May 2021 16:16:28 GMT
server
nginx
etag
"3dfd5ede0d8d2eac"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/300x600-Ulotka-ASF-PIO.jpg>; rel="canonical"
content-length
21114
expires
Thu, 11 May 2023 04:16:28 GMT
ButeoStart_2020_300x600.jpg
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 19D1 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/ButeoStart_2020_300x600.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
0007fbba0a7eedeb9864dc4feed1e99365492381eea8eedfd5930ece6d1955c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 4
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 May 2021 22:00:35 GMT
server
nginx
etag
"ff6a97b1a3ceafbe"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/ButeoStart_2020_300x600.jpg>; rel="canonical"
content-length
34566
expires
Thu, 01 Jun 2023 10:00:35 GMT
B25857693.303061777;dc_pre=CJXvh9qm9_ACFYPhuwgdnOgGww;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/ Frame 19D1
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25857693.303061777;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;...
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25857693.303061777;dc_pre=CJXvh9qm9_ACFYPhuwgdnOgGww;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_fo...
42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25857693.303061777;dc_pre=CJXvh9qm9_ACFYPhuwgdnOgGww;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25857693.303061777;dc_pre=CJXvh9qm9_ACFYPhuwgdnOgGww;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dekalb_Excited_2020_300x600.jpg
i1.wp.com/agronews.com.pl/wp-content/uploads/ Frame 19D1 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/agronews.com.pl/wp-content/uploads/Dekalb_Excited_2020_300x600.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
2d296b4efe9b7e7dca25be8520a9a44dc3d34ab7efc62006f796781f679a2749
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 7
date
Tue, 01 Jun 2021 20:45:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 May 2021 22:00:35 GMT
server
nginx
etag
"7be969b36df49c6a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/Dekalb_Excited_2020_300x600.jpg>; rel="canonical"
content-length
46198
expires
Thu, 01 Jun 2023 10:00:35 GMT
B25764214.302870472;dc_pre=CMToh9qm9_ACFTXXEQgddXsCQw;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/ Frame 19D1
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25764214.302870472;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;...
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25764214.302870472;dc_pre=CMToh9qm9_ACFTXXEQgddXsCQw;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_fo...
42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25764214.302870472;dc_pre=CMToh9qm9_ACFTXXEQgddXsCQw;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25764214.302870472;dc_pre=CMToh9qm9_ACFTXXEQgddXsCQw;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zaslepka_BNPParibas_agroofensywa_300x600_v4.png
i2.wp.com/agronews.com.pl/wp-content/banners/ Frame 19D1 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/agronews.com.pl/wp-content/banners/zaslepka_BNPParibas_agroofensywa_300x600_v4.png?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
700d3566cb16050575516075f9358d9654a42ef1ee2f43dee9c736ad2f9cedf1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 3
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Feb 2021 22:13:52 GMT
server
nginx
etag
"1a4f8af161550239"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/banners/zaslepka_BNPParibas_agroofensywa_300x600_v4.png>; rel="canonical"
content-length
28490
expires
Sat, 25 Feb 2023 10:13:52 GMT
B25455579.296658109;dc_pre=CLXqh9qm9_ACFTTauwgdGLwFbg;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/ Frame 19D1
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25455579.296658109;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25455579.296658109;dc_pre=CLXqh9qm9_ACFTTauwgdGLwFbg;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rd...
42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25455579.296658109;dc_pre=CLXqh9qm9_ACFTTauwgdGLwFbg;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25455579.296658109;dc_pre=CLXqh9qm9_ACFTTauwgdGLwFbg;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Corteva-Pioneer-PT303-300x600-2.jpg
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 19D1 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/Corteva-Pioneer-PT303-300x600-2.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
8aff203a63d5ce7918a47c7bb16db99b489d2f85eeabf2835343c929714094df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 3
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 May 2021 14:48:05 GMT
server
nginx
etag
"53c76deafcd9af05"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/Corteva-Pioneer-PT303-300x600-2.jpg>; rel="canonical"
content-length
28232
expires
Mon, 29 May 2023 02:48:05 GMT
Timac_TOPPHOS_zboze_300x600_07052021_DMa.jpg
i2.wp.com/agronews.com.pl/wp-content/uploads/ Frame 19D1 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/agronews.com.pl/wp-content/uploads/Timac_TOPPHOS_zboze_300x600_07052021_DMa.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
9b4d746c12dca1c165acb7190423dbac3764ea0dc6a89bfb4cf2ee004ec6b578
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 8
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 15:36:24 GMT
server
nginx
etag
"028a68fdc83facbf"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/Timac_TOPPHOS_zboze_300x600_07052021_DMa.jpg>; rel="canonical"
content-length
42118
expires
Sat, 13 May 2023 03:36:24 GMT
Kaltor_poland_web-banner_300x600px.jpg
i2.wp.com/agronews.com.pl/wp-content/uploads/ Frame 19D1 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/agronews.com.pl/wp-content/uploads/Kaltor_poland_web-banner_300x600px.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
71dfb47384bdf24d5d1c5ee19b115f9529c2e26f87c8d6852bbd569a4db256ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 7
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Mar 2021 02:06:44 GMT
server
nginx
etag
"30e52a948f3dd565"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/Kaltor_poland_web-banner_300x600px.jpg>; rel="canonical"
content-length
43780
expires
Sun, 26 Mar 2023 14:06:44 GMT
300x600_gif_tempo_kocazz-1.gif
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 19D1 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/300x600_gif_tempo_kocazz-1.gif?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
cbd2dad0f925275ed9db15d8870bbdc6292157f894c5d8613ffa4049295b1d0e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 6
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 May 2021 22:00:35 GMT
server
nginx
etag
"6f453d0738b083bb"
access-control-allow-methods
GET, HEAD
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/300x600_gif_tempo_kocazz-1.gif>; rel="canonical"
content-length
110824
expires
Thu, 01 Jun 2023 10:00:35 GMT
AgroKolo250_white.png
agronews.com.pl/wp-content/uploads/ Frame 19D1 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agronews.com.pl/wp-content/uploads/AgroKolo250_white.png
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
475c7fc53daa99be1bda2b6636346d3ebf52b3c9d29b6ba279efe45ef154aaf3

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
last-modified
Fri, 29 Nov 2019 22:05:58 GMT
server
IdeaWebServer/2.0.5
content-length
50425
content-type
image/png
photon.min.js
c0.wp.com/p/jetpack/9.7/_inc/build/photon/ Frame 19D1 		758 B
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.7/_inc/build/photon/photon.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:13 GMT
jquery.adrotate.dyngroup.js
agronews.com.pl/wp-content/plugins/adrotate-pro/library/ Frame 19D1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/adrotate-pro/library/jquery.adrotate.dyngroup.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
f7eb60b8faf448ef52cd9ce138f103b1ef2eb2c3cde81a7024b94bac40009c5c

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
jquery.adrotate.clicktracker.js
agronews.com.pl/wp-content/plugins/adrotate-pro/library/ Frame 19D1 		373 B
449 B 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/adrotate-pro/library/jquery.adrotate.clicktracker.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
84cd0fb32bf843e30cc16d02263c6105d6c3acf7526ef55faea1afaadcd57b64

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
underscore.min.js
c0.wp.com/c/5.7.2/wp-includes/js/ Frame 19D1 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.2/wp-includes/js/underscore.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
br
last-modified
Thu, 25 Mar 2021 20:02:19 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:14 GMT
js_posts_autoload.min.js
agronews.com.pl/wp-content/plugins/td-cloud-library/assets/js/ Frame 19D1 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=9cac60bff796053a9968481412a5897a
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:43 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
tagdiv_theme.min.js
agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/js/ Frame 19D1 		256 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=10.4
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0fbd125fd5fe62fb74b3392cb3b0f23c69697d0c314d3db386b126e00dec7fb0

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:15 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
comment-reply.min.js
c0.wp.com/c/5.7.2/wp-includes/js/ Frame 19D1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.2/wp-includes/js/comment-reply.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
br
last-modified
Thu, 25 Mar 2021 20:02:19 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:14 GMT
intersectionobserver-polyfill.min.js
agronews.com.pl/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ Frame 19D1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/intersectionobserver-polyfill.min.js?ver=1.1.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Wed, 05 May 2021 02:05:11 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
lazy-images.min.js
agronews.com.pl/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ Frame 19D1 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/lazy-images.min.js?ver=1.1.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Wed, 05 May 2021 02:05:11 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
fitvids.min.js
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ Frame 19D1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/fitvids.min.js?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
js_files_for_front.min.js
agronews.com.pl/wp-content/plugins/td-cloud-library/assets/js/ Frame 19D1 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=9cac60bff796053a9968481412a5897a
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
a4802468ac5765eaeaba478c94dcf0ed809eda836befde3519c337062df21711

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:43 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
wp-embed.min.js
c0.wp.com/c/5.7.2/wp-includes/js/ Frame 19D1 		1 KB
696 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.2/wp-includes/js/wp-embed.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:14 GMT
form.js
agronews.com.pl/wp-content/plugins/akismet/_inc/ Frame 19D1 		700 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/akismet/_inc/form.js?ver=4.1.9
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 02:05:07 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
e-202122.js
stats.wp.com/ Frame 19D1 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202122.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie
date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 23 May 2022 01:33:17 GMT
AZOTY-Polifoska-Krzem-baner-300x600-1.jpg
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 00CE 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/AZOTY-Polifoska-Krzem-baner-300x600-1.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
2058d60d1e7067253ac10becec81179f0ffee53bd779dbfb356ad19ad4a999f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 4
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Sat, 15 May 2021 05:22:57 GMT
server
nginx
etag
"e3f71a5663313d3f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/AZOTY-Polifoska-Krzem-baner-300x600-1.jpg>; rel="canonical"
content-length
16190
expires
Mon, 15 May 2023 17:22:57 GMT
300x600-Ulotka-ASF-PIO.jpg
i1.wp.com/agronews.com.pl/wp-content/uploads/ Frame 00CE 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/agronews.com.pl/wp-content/uploads/300x600-Ulotka-ASF-PIO.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
a4ce20b4b2e355fd474072d3afc0106bf0142b6c69789b87f5e31df1b52e949c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 10 May 2021 16:16:28 GMT
server
nginx
etag
"3dfd5ede0d8d2eac"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/300x600-Ulotka-ASF-PIO.jpg>; rel="canonical"
content-length
21114
expires
Thu, 11 May 2023 04:16:28 GMT
Dekalb_Excited_2020_300x600.jpg
i1.wp.com/agronews.com.pl/wp-content/uploads/ Frame 00CE 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/agronews.com.pl/wp-content/uploads/Dekalb_Excited_2020_300x600.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
2d296b4efe9b7e7dca25be8520a9a44dc3d34ab7efc62006f796781f679a2749
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 7
date
Tue, 01 Jun 2021 20:45:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 May 2021 22:00:35 GMT
server
nginx
etag
"7be969b36df49c6a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/Dekalb_Excited_2020_300x600.jpg>; rel="canonical"
content-length
46198
expires
Thu, 01 Jun 2023 10:00:35 GMT
B25764214.302870472;dc_pre=CNufodqm9_ACFVyK_QcdrkIOng;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/ Frame 00CE
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25764214.302870472;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;...
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25764214.302870472;dc_pre=CNufodqm9_ACFVyK_QcdrkIOng;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_fo...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25764214.302870472;dc_pre=CNufodqm9_ACFVyK_QcdrkIOng;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25764214.302870472;dc_pre=CNufodqm9_ACFVyK_QcdrkIOng;dc_trk_aid=495540341;dc_trk_cid=150447821;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ButeoStart_2020_300x600.jpg
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 00CE 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/ButeoStart_2020_300x600.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
0007fbba0a7eedeb9864dc4feed1e99365492381eea8eedfd5930ece6d1955c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 4
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 May 2021 22:00:35 GMT
server
nginx
etag
"ff6a97b1a3ceafbe"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/ButeoStart_2020_300x600.jpg>; rel="canonical"
content-length
34566
expires
Thu, 01 Jun 2023 10:00:35 GMT
B25857693.303061777;dc_pre=CKCiodqm9_ACFTTauwgdGLwFbg;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/ Frame 00CE
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25857693.303061777;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;...
  • https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25857693.303061777;dc_pre=CKCiodqm9_ACFTTauwgdGLwFbg;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_fo...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25857693.303061777;dc_pre=CKCiodqm9_ACFTTauwgdGLwFbg;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N8473.2417512AGRONEWS/B25857693.303061777;dc_pre=CKCiodqm9_ACFTTauwgdGLwFbg;dc_trk_aid=495537185;dc_trk_cid=150479050;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zaslepka_BNPParibas_agroofensywa_300x600_v4.png
i2.wp.com/agronews.com.pl/wp-content/banners/ Frame 00CE 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/agronews.com.pl/wp-content/banners/zaslepka_BNPParibas_agroofensywa_300x600_v4.png?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
700d3566cb16050575516075f9358d9654a42ef1ee2f43dee9c736ad2f9cedf1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 3
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Feb 2021 22:13:52 GMT
server
nginx
etag
"1a4f8af161550239"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/banners/zaslepka_BNPParibas_agroofensywa_300x600_v4.png>; rel="canonical"
content-length
28490
expires
Sat, 25 Feb 2023 10:13:52 GMT
B25455579.296658109;dc_pre=CPKkodqm9_ACFWvuuwgdyKkHbg;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/ Frame 00CE
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25455579.296658109;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25455579.296658109;dc_pre=CPKkodqm9_ACFWvuuwgdyKkHbg;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25455579.296658109;dc_pre=CPKkodqm9_ACFWvuuwgdyKkHbg;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1072251.1920408AGRONEWS.COM.PL/B25455579.296658109;dc_pre=CPKkodqm9_ACFWvuuwgdyKkHbg;dc_trk_aid=489708175;dc_trk_cid=146462383;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Corteva-Pioneer-PT303-300x600-2.jpg
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 00CE 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/Corteva-Pioneer-PT303-300x600-2.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
8aff203a63d5ce7918a47c7bb16db99b489d2f85eeabf2835343c929714094df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 3
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 May 2021 14:48:05 GMT
server
nginx
etag
"53c76deafcd9af05"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/Corteva-Pioneer-PT303-300x600-2.jpg>; rel="canonical"
content-length
28232
expires
Mon, 29 May 2023 02:48:05 GMT
Timac_TOPPHOS_zboze_300x600_07052021_DMa.jpg
i2.wp.com/agronews.com.pl/wp-content/uploads/ Frame 00CE 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/agronews.com.pl/wp-content/uploads/Timac_TOPPHOS_zboze_300x600_07052021_DMa.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
9b4d746c12dca1c165acb7190423dbac3764ea0dc6a89bfb4cf2ee004ec6b578
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 8
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 15:36:24 GMT
server
nginx
etag
"028a68fdc83facbf"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/Timac_TOPPHOS_zboze_300x600_07052021_DMa.jpg>; rel="canonical"
content-length
42118
expires
Sat, 13 May 2023 03:36:24 GMT
Kaltor_poland_web-banner_300x600px.jpg
i2.wp.com/agronews.com.pl/wp-content/uploads/ Frame 00CE 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/agronews.com.pl/wp-content/uploads/Kaltor_poland_web-banner_300x600px.jpg?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
71dfb47384bdf24d5d1c5ee19b115f9529c2e26f87c8d6852bbd569a4db256ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 7
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Mar 2021 02:06:44 GMT
server
nginx
etag
"30e52a948f3dd565"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/Kaltor_poland_web-banner_300x600px.jpg>; rel="canonical"
content-length
43780
expires
Sun, 26 Mar 2023 14:06:44 GMT
300x600_gif_tempo_kocazz-1.gif
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 00CE 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/300x600_gif_tempo_kocazz-1.gif?ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
cbd2dad0f925275ed9db15d8870bbdc6292157f894c5d8613ffa4049295b1d0e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 6
date
Tue, 01 Jun 2021 20:45:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 May 2021 22:00:35 GMT
server
nginx
etag
"6f453d0738b083bb"
access-control-allow-methods
GET, HEAD
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/300x600_gif_tempo_kocazz-1.gif>; rel="canonical"
content-length
110824
expires
Thu, 01 Jun 2023 10:00:35 GMT
AgroKolo250_white.png
agronews.com.pl/wp-content/uploads/ Frame 00CE 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agronews.com.pl/wp-content/uploads/AgroKolo250_white.png
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
475c7fc53daa99be1bda2b6636346d3ebf52b3c9d29b6ba279efe45ef154aaf3

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
last-modified
Fri, 29 Nov 2019 22:05:58 GMT
server
IdeaWebServer/2.0.5
content-length
50425
content-type
image/png
photon.min.js
c0.wp.com/p/jetpack/9.7/_inc/build/photon/ Frame 00CE 		758 B
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.7/_inc/build/photon/photon.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:13 GMT
jquery.adrotate.dyngroup.js
agronews.com.pl/wp-content/plugins/adrotate-pro/library/ Frame 00CE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/adrotate-pro/library/jquery.adrotate.dyngroup.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
f7eb60b8faf448ef52cd9ce138f103b1ef2eb2c3cde81a7024b94bac40009c5c

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
jquery.adrotate.clicktracker.js
agronews.com.pl/wp-content/plugins/adrotate-pro/library/ Frame 00CE 		373 B
449 B 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/adrotate-pro/library/jquery.adrotate.clicktracker.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
84cd0fb32bf843e30cc16d02263c6105d6c3acf7526ef55faea1afaadcd57b64

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 09:56:57 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
underscore.min.js
c0.wp.com/c/5.7.2/wp-includes/js/ Frame 00CE 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.2/wp-includes/js/underscore.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
br
last-modified
Thu, 25 Mar 2021 20:02:19 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:14 GMT
js_posts_autoload.min.js
agronews.com.pl/wp-content/plugins/td-cloud-library/assets/js/ Frame 00CE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=9cac60bff796053a9968481412a5897a
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:43 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
tagdiv_theme.min.js
agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/js/ Frame 00CE 		256 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=10.4
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0fbd125fd5fe62fb74b3392cb3b0f23c69697d0c314d3db386b126e00dec7fb0

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:15 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
comment-reply.min.js
c0.wp.com/c/5.7.2/wp-includes/js/ Frame 00CE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.2/wp-includes/js/comment-reply.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
br
last-modified
Thu, 25 Mar 2021 20:02:19 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:14 GMT
intersectionobserver-polyfill.min.js
agronews.com.pl/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ Frame 00CE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/intersectionobserver-polyfill.min.js?ver=1.1.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Wed, 05 May 2021 02:05:11 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
lazy-images.min.js
agronews.com.pl/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ Frame 00CE 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/lazy-images.min.js?ver=1.1.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Wed, 05 May 2021 02:05:11 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
fitvids.min.js
agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ Frame 00CE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/fitvids.min.js?ver=13.4.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 06:08:10 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
js_files_for_front.min.js
agronews.com.pl/wp-content/plugins/td-cloud-library/assets/js/ Frame 00CE 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=9cac60bff796053a9968481412a5897a
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
a4802468ac5765eaeaba478c94dcf0ed809eda836befde3519c337062df21711

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 15:01:43 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
wp-embed.min.js
c0.wp.com/c/5.7.2/wp-includes/js/ Frame 00CE 		1 KB
696 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7.2/wp-includes/js/wp-embed.min.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:14 GMT
form.js
agronews.com.pl/wp-content/plugins/akismet/_inc/ Frame 00CE 		700 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/plugins/akismet/_inc/form.js?ver=4.1.9
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 02:05:07 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
e-202122.js
stats.wp.com/ Frame 00CE 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202122.js
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie
date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 23 May 2022 01:33:17 GMT
lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 2533 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by
Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.8ade32c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b

Request headers

Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:58 GMT
content-encoding
br
vary
Accept-Encoding
age
2316196
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
tKWZyVr-KpknkOJdIfDue9RkVwRrbx4UfTWhHRvpV2deM-iOqYSWew==
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nai=&si=33151&pn=&h=250&w=300&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1480
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48d27e154174-HAM
content-length
1146
cf-request-id
0a6aebd78a00004174ee3cc000000001
expires
Tue, 01 Jun 2021 22:45:14 GMT
bi.js
cdn.runative-syndicate.com/sdk/v1/ Frame 5621 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.runative-syndicate.com/sdk/v1/bi.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.110 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
c54b644fd5c4c94f49cc8bde286802266cbb733d557d4fed43cc705b95d1de3d

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Wed, 17 Feb 2021 13:10:31 GMT
server
nginx
age
9008805
etag
W/"602d15c7-1931"
vary
Accept-Encoding
content-type
application/javascript
x-robots-tag
noindex, nofollow
rs-b.png
adimg.rekmob.com/logos/ Frame 5621 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 e61ad774b1bb9761f20e1bb4c1d6c734.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27233
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
E_oBu-1L4HdseKvnvprb-dZD9L6W4hDgqxVYGke7rmh-O_Sf0EVMRA==
imp
ads.rekmob.com/m/ Frame 5621 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=1e86b52dba4f4154a0ee87b99af3da50&udid=97ad56e064b94e10a2671eab26f64739&rid=NjBiNjljNTkwY2YyOWJmZWZiY2I0OGY2&adId=MTQ3Mw==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:45 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
bovl1.gif
g.cash-ads.com/img/ Frame 4BF7 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.cash-ads.com/img/bovl1.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=F%2BN5TYbQxSxDgVdO2HBjZeH7Se7BlO3rmBYpDrtTWSE%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
nginx /
Resource Hash
6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=F%2BN5TYbQxSxDgVdO2HBjZeH7Se7BlO3rmBYpDrtTWSE%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Fri, 11 Sep 2020 22:15:28 GMT
server
nginx
etag
"5f5bf700-41f"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
1055
x-xss-protection
1; mode=block
jquery.min.js
g.cash-ads.com/int/ Frame 4BF7 		84 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/int/jquery.min.js
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=F%2BN5TYbQxSxDgVdO2HBjZeH7Se7BlO3rmBYpDrtTWSE%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
nginx /
Resource Hash
7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=F%2BN5TYbQxSxDgVdO2HBjZeH7Se7BlO3rmBYpDrtTWSE%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 03 Nov 2020 05:45:55 GMT
server
nginx
etag
W/"5fa0ee93-14e08"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
r38oxwat.js
ad4m.at/ Frame 5DCB 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r38oxwat.js
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=F%2BN5TYbQxSxDgVdO2HBjZcum3nuTpjIWjA8UVYRIP%2Bk%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34021da19a421b1a1ca6dc54d5db69e246cfacf9a3572fdbef78eb6b85b31c59

Request headers

Referer
https://g.cash-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=blXP7A==, md5=0R3EtjItLivZ0VRUEvKCKA==
date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
66692
x-guploader-uploadid
ABg5-UxKsJ3-fYCjN4WtUEKWukxnMUFARYI0IqqfpDSkuLIJV8N0aXpH7VyPbk99179ZCxRFl3HGuua446IIu7aku0E
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6aebd77f00006491719c9000000001
last-modified
Thu, 06 May 2021 17:28:22 GMT
server
cloudflare
etag
W/"d11dc4b6322d2e2bd9d1545412f28228"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eKrTKsoQtzTI6a5oqEJbijEqXAjc08vB5juRI84g65xYP6Qkg7rTilnx60yrN9IJQ9cvRFPkrNGqfkjYsYz9K%2BRTdOJKAntqk5eRRtDMXWa7VeJVT6E3VZRMuxlo4pYE"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620322101984123
content-type
application/javascript; charset=utf-8
expires
Tue, 01 Jun 2021 02:13:41 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12047
cf-ray
658b48d26a306491-FRA
cf-bgj
minify
bovl1.gif
g.cash-ads.com/img/ Frame 5DCB 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.cash-ads.com/img/bovl1.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=F%2BN5TYbQxSxDgVdO2HBjZcum3nuTpjIWjA8UVYRIP%2Bk%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
nginx /
Resource Hash
6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=F%2BN5TYbQxSxDgVdO2HBjZcum3nuTpjIWjA8UVYRIP%2Bk%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Fri, 11 Sep 2020 22:15:28 GMT
server
nginx
etag
"5f5bf700-41f"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
1055
x-xss-protection
1; mode=block
jquery.min.js
g.cash-ads.com/int/ Frame 5DCB 		84 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/int/jquery.min.js
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=F%2BN5TYbQxSxDgVdO2HBjZcum3nuTpjIWjA8UVYRIP%2Bk%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
nginx /
Resource Hash
7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=F%2BN5TYbQxSxDgVdO2HBjZcum3nuTpjIWjA8UVYRIP%2Bk%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
content-encoding
gzip
last-modified
Tue, 03 Nov 2020 05:45:55 GMT
server
nginx
etag
W/"5fa0ee93-14e08"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
b2.gif
g.cash-ads.com/img/ Frame 5DCB 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.cash-ads.com/img/b2.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=F%2BN5TYbQxSxDgVdO2HBjZcum3nuTpjIWjA8UVYRIP%2Bk%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
nginx /
Resource Hash
36ba7545f1bd869f5d3abcc2e0c4e1072a33be1da4934214011a8c4399438e0f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=F%2BN5TYbQxSxDgVdO2HBjZcum3nuTpjIWjA8UVYRIP%2Bk%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Fri, 11 Sep 2020 22:38:47 GMT
server
nginx
etag
"5f5bfc77-1cf3"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
7411
x-xss-protection
1; mode=block
b1.gif
g.cash-ads.com/img/ Frame 4BF7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.cash-ads.com/img/b1.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=F%2BN5TYbQxSxDgVdO2HBjZeH7Se7BlO3rmBYpDrtTWSE%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
nginx /
Resource Hash
03120703c21912aa70cfb42757526df8de22fc1f4c479f1487992cc60d601fc3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=F%2BN5TYbQxSxDgVdO2HBjZeH7Se7BlO3rmBYpDrtTWSE%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Fri, 11 Sep 2020 22:37:01 GMT
server
nginx
etag
"5f5bfc0d-12fc"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
4860
x-xss-protection
1; mode=block
bovl1.gif
g.cash-ads.com/img/ Frame 4BF7 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.cash-ads.com/img/bovl1.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=F%2BN5TYbQxSxDgVdO2HBjZeH7Se7BlO3rmBYpDrtTWSE%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
nginx /
Resource Hash
6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=F%2BN5TYbQxSxDgVdO2HBjZeH7Se7BlO3rmBYpDrtTWSE%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:13 GMT
last-modified
Fri, 11 Sep 2020 22:15:28 GMT
server
nginx
etag
"5f5bf700-41f"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
1055
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ Frame 47B9 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PT73ND5
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Agro-News-LOGO-bez-t%C5%82a-bia%C5%82e_200.png
agronews.com.pl/wp-content/uploads/ Frame 47B9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agronews.com.pl/wp-content/uploads/Agro-News-LOGO-bez-t%C5%82a-bia%C5%82e_200.png
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
9946801b6d0587f99b1e06055512628feb1be040dd524c6fb417b6a55b7f9ac6

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
last-modified
Wed, 07 Nov 2018 13:37:49 GMT
server
IdeaWebServer/2.0.5
content-length
4113
content-type
image/png
truncated
/ Frame 47B9 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
newspaper.woff
agronews.com.pl/wp-content/themes/Newspaper/images/icons/ Frame 47B9 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/wp-content/themes/Newspaper/style.css?ver=10.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Request headers

Origin
https://agronews.com.pl
Referer
https://agronews.com.pl/wp-content/themes/Newspaper/style.css?ver=10.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
last-modified
Thu, 01 Apr 2021 15:01:06 GMT
server
IdeaWebServer/2.0.5
content-length
24864
content-type
application/octet-stream
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 47B9 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:15:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
5389
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
expires
Wed, 01 Jun 2022 19:15:25 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 47B9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 01:46:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:26 GMT
server
sffe
age
68303
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14956
x-xss-protection
0
expires
Wed, 01 Jun 2022 01:46:51 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 47B9 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 08:33:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
age
43922
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
expires
Wed, 01 Jun 2022 08:33:12 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 47B9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 07:37:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
age
47291
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
expires
Wed, 01 Jun 2022 07:37:03 GMT
mem5YaGs126MiZpBA-UNirkOXOhpOqc.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 47B9 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOXOhpOqc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d8ea031a330add9781fc795e3eb65238b4f3501647ea40558035d5d5fad268
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:32:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:22 GMT
server
sffe
age
601988
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
expires
Wed, 25 May 2022 21:32:06 GMT
mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 47B9 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdd3f533cbb03aa426012b4b7b2a2a0b3e6d474733891f74e225bbd58538c145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:32:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:55 GMT
server
sffe
age
601988
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11708
x-xss-protection
0
expires
Wed, 25 May 2022 21:32:06 GMT
mem8YaGs126MiZpBA-UFW50bbck.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 47B9 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFW50bbck.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:32:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:25 GMT
server
sffe
age
601988
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11316
x-xss-protection
0
expires
Wed, 25 May 2022 21:32:06 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 47B9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 08:33:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
43900
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Wed, 01 Jun 2022 08:33:34 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 47B9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 10:13:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
383506
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Sat, 28 May 2022 10:13:28 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 47B9 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 10:13:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:52 GMT
server
sffe
age
383507
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11836
x-xss-protection
0
expires
Sat, 28 May 2022 10:13:27 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 47B9 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 03:56:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:33 GMT
server
sffe
age
406099
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11860
x-xss-protection
0
expires
Sat, 28 May 2022 03:56:55 GMT
like.php
www.facebook.com/plugins/ Frame 1CD6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?href=https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://agronews.com.pl/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://agronews.com.pl/

Response headers

pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
content-type
text/html;charset=utf-8
x-content-type-options
nosniff
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
x-fb-debug
DWzGxyUL/X0EGh8lijrKY/WHq2eDee2Gl1reZA0W+hTtdC6r6yuVRDsEiOmtUuzkny8mU4nYzURj3JcAP5agSQ==
content-length
0
date
Tue, 01 Jun 2021 20:45:14 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
truncated
/ Frame 47B9 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
gtm.js
www.googletagmanager.com/ Frame 19D1 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PT73ND5
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Agro-News-LOGO-bez-t%C5%82a-bia%C5%82e_200.png
agronews.com.pl/wp-content/uploads/ Frame 19D1 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agronews.com.pl/wp-content/uploads/Agro-News-LOGO-bez-t%C5%82a-bia%C5%82e_200.png
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
9946801b6d0587f99b1e06055512628feb1be040dd524c6fb417b6a55b7f9ac6

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
last-modified
Wed, 07 Nov 2018 13:37:49 GMT
server
IdeaWebServer/2.0.5
content-length
4113
content-type
image/png
PolaKlasyS.jpg
agronews.com.pl/wp-content/uploads/ Frame 47B9 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agronews.com.pl/wp-content/uploads/PolaKlasyS.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
8f775141edf206b7ef9b663dee9f0461d53c2f777823022497efdbb5843a176c

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
last-modified
Tue, 01 Jun 2021 13:14:45 GMT
server
IdeaWebServer/2.0.5
content-length
60211
content-type
image/jpeg
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 47B9 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 00:07:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:12 GMT
server
sffe
age
506236
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
expires
Fri, 27 May 2022 00:07:58 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 47B9 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:30 GMT
server
sffe
age
499332
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22572
x-xss-protection
0
expires
Fri, 27 May 2022 02:03:02 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v13/ Frame 47B9 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 02:03:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:03:59 GMT
server
sffe
age
499327
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39440
x-xss-protection
0
expires
Fri, 27 May 2022 02:03:07 GMT
S6u9w4BMUTPHh50XSwaPGR_p.woff2
fonts.gstatic.com/s/lato/v17/ Frame 47B9 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwaPGR_p.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c231bed4704b4d3db5350e6b08c88dd0ea7240374bfe6f9951b706dfa8901c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 02:03:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:23 GMT
server
sffe
age
499283
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5436
x-xss-protection
0
expires
Fri, 27 May 2022 02:03:51 GMT
BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2
fonts.gstatic.com/s/robotoslab/v13/ Frame 47B9 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc1fcdbf35ca3dc9d18408c78e0fdfbd1819e8b9a1d5e482f9f57404f2a8b93e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 10:03:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:51:53 GMT
server
sffe
age
211294
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23908
x-xss-protection
0
expires
Mon, 30 May 2022 10:03:40 GMT
S6u9w4BMUTPHh6UVSwaPGR_p.woff2
fonts.gstatic.com/s/lato/v17/ Frame 47B9 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwaPGR_p.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28927518b5750f500f8d606b8629cd40092c7f19d8d2e32c865c4902cd489543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 03:22:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:17 GMT
server
sffe
age
408149
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5360
x-xss-protection
0
expires
Sat, 28 May 2022 03:22:45 GMT
truncated
/ Frame 19D1 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
newspaper.woff
agronews.com.pl/wp-content/themes/Newspaper/images/icons/ Frame 19D1 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/wp-content/themes/Newspaper/style.css?ver=10.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Request headers

Origin
https://agronews.com.pl
Referer
https://agronews.com.pl/wp-content/themes/Newspaper/style.css?ver=10.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
last-modified
Thu, 01 Apr 2021 15:01:06 GMT
server
IdeaWebServer/2.0.5
content-length
24864
content-type
application/octet-stream
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 19D1 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:15:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
5389
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
expires
Wed, 01 Jun 2022 19:15:25 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 19D1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 01:46:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:26 GMT
server
sffe
age
68303
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14956
x-xss-protection
0
expires
Wed, 01 Jun 2022 01:46:51 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 19D1 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 08:33:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
age
43922
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
expires
Wed, 01 Jun 2022 08:33:12 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 19D1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 07:37:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
age
47291
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
expires
Wed, 01 Jun 2022 07:37:03 GMT
mem5YaGs126MiZpBA-UNirkOXOhpOqc.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 19D1 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOXOhpOqc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d8ea031a330add9781fc795e3eb65238b4f3501647ea40558035d5d5fad268
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:32:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:22 GMT
server
sffe
age
601988
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
expires
Wed, 25 May 2022 21:32:06 GMT
mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 19D1 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdd3f533cbb03aa426012b4b7b2a2a0b3e6d474733891f74e225bbd58538c145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:32:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:55 GMT
server
sffe
age
601988
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11708
x-xss-protection
0
expires
Wed, 25 May 2022 21:32:06 GMT
mem8YaGs126MiZpBA-UFW50bbck.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 19D1 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFW50bbck.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:32:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:25 GMT
server
sffe
age
601988
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11316
x-xss-protection
0
expires
Wed, 25 May 2022 21:32:06 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 19D1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 08:33:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
43900
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Wed, 01 Jun 2022 08:33:34 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 19D1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 10:13:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
383506
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Sat, 28 May 2022 10:13:28 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 19D1 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 10:13:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:52 GMT
server
sffe
age
383507
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11836
x-xss-protection
0
expires
Sat, 28 May 2022 10:13:27 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 19D1 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 03:56:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:33 GMT
server
sffe
age
406099
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11860
x-xss-protection
0
expires
Sat, 28 May 2022 03:56:55 GMT
truncated
/ Frame 19D1 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
like.php
www.facebook.com/plugins/ Frame 4D8E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?href=https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://agronews.com.pl/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://agronews.com.pl/

Response headers

pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
content-type
text/html;charset=utf-8
x-content-type-options
nosniff
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
x-fb-debug
+61w06wFnQkpVM0mbEItAHsWUIAZb8Dee0VUacP40GqERgWUNXIalzv1ZrZ/lroWi0eHkjpmNWrb6bAYbuLNSw==
content-length
0
date
Tue, 01 Jun 2021 20:45:14 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
/
agronews.com.pl/artykul/zasilek-opiekunczy-dla-rolnikow-przedluzony/embed/ Frame 009D 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/artykul/zasilek-opiekunczy-dla-rolnikow-przedluzony/embed/
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
e51d54f3f5ae1c75149d06daa4b93a976576b1a0e7d3612222ac7cbe8ddf9950

Request headers

:method
GET
:authority
agronews.com.pl
:scheme
https
:path
/artykul/zasilek-opiekunczy-dla-rolnikow-przedluzony/embed/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-type
text/html; charset=UTF-8
content-length
6992
access-control-allow-origin
*
cache-control
max-age=3, must-revalidate
content-encoding
gzip
server
IdeaWebServer/2.0.5
vary
Accept-Encoding, Cookie
truncated
/ Frame 47B9 		125 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cc9f7888aa74f17e27205ad59ecf79db56b25123b30aa7913b5a6617206b58a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
elements.png
agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ Frame 47B9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=78be34af347704c29acc8080ee49e259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c

Request headers

Referer
https://agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=78be34af347704c29acc8080ee49e259
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
last-modified
Thu, 01 Apr 2021 15:01:15 GMT
server
IdeaWebServer/2.0.5
content-length
4149
content-type
image/png
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 47B9 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 06:30:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
51271
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Wed, 01 Jun 2022 06:30:43 GMT
PolaKlasyS.jpg
agronews.com.pl/wp-content/uploads/ Frame 19D1 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agronews.com.pl/wp-content/uploads/PolaKlasyS.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
8f775141edf206b7ef9b663dee9f0461d53c2f777823022497efdbb5843a176c

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
last-modified
Tue, 01 Jun 2021 13:14:45 GMT
server
IdeaWebServer/2.0.5
content-length
60211
content-type
image/jpeg
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 19D1 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 00:07:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:12 GMT
server
sffe
age
506236
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
expires
Fri, 27 May 2022 00:07:58 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 19D1 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:30 GMT
server
sffe
age
499332
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22572
x-xss-protection
0
expires
Fri, 27 May 2022 02:03:02 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v13/ Frame 19D1 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 02:03:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:03:59 GMT
server
sffe
age
499327
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39440
x-xss-protection
0
expires
Fri, 27 May 2022 02:03:07 GMT
S6u9w4BMUTPHh6UVSwaPGR_p.woff2
fonts.gstatic.com/s/lato/v17/ Frame 19D1 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwaPGR_p.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28927518b5750f500f8d606b8629cd40092c7f19d8d2e32c865c4902cd489543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 03:22:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:17 GMT
server
sffe
age
408149
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5360
x-xss-protection
0
expires
Sat, 28 May 2022 03:22:45 GMT
BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2
fonts.gstatic.com/s/robotoslab/v13/ Frame 19D1 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc1fcdbf35ca3dc9d18408c78e0fdfbd1819e8b9a1d5e482f9f57404f2a8b93e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 10:03:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:51:53 GMT
server
sffe
age
211294
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23908
x-xss-protection
0
expires
Mon, 30 May 2022 10:03:40 GMT
S6u9w4BMUTPHh50XSwaPGR_p.woff2
fonts.gstatic.com/s/lato/v17/ Frame 19D1 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwaPGR_p.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c231bed4704b4d3db5350e6b08c88dd0ea7240374bfe6f9951b706dfa8901c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 02:03:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:23 GMT
server
sffe
age
499283
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5436
x-xss-protection
0
expires
Fri, 27 May 2022 02:03:51 GMT
frame.html
ad4m.at/ Frame 95CB 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r38oxwat.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g.cash-ads.com/

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Tue, 01 Jun 2021 21:45:14 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
776958
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
0a6aebda02000016eeb683b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EceuwOHZToeId9vGCA9JIPooqUYc5tRI3svgo4SJN6V7y55uYk3XjZavDWmPqG8ye1xDZ%2FfDnRhq9yreanRFvzy3iCqp9PAPH5XO3kLjAI6ONAqM33sbdGLoHF5rFKbF"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
658b48d66cbd16ee-FRA
content-encoding
br
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=0b9f3c2279244fff831c25aa0d5f7f54&nai=&si=33151&pn=&h=600&w=160&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1480
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48d66b864174-HAM
content-length
1146
cf-request-id
0a6aebd9ff000041743f3d8000000001
expires
Tue, 01 Jun 2021 22:45:14 GMT
n.js
cdn.runative-syndicate.com/sdk/v1/ Frame F071 		17 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.runative-syndicate.com/sdk/v1/n.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.110 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
6be018cf63d68429cc6f5c49caa24448469db98e412beba3bc99ac033ced43da

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Wed, 17 Feb 2021 13:10:31 GMT
server
nginx
age
9008805
etag
W/"602d15c7-44f3"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
8713
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1480
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48d69c454174-HAM
content-length
1146
cf-request-id
0a6aebda220000417417a83000000001
expires
Tue, 01 Jun 2021 22:45:14 GMT
rs-b.png
adimg.rekmob.com/logos/ Frame 8B49 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 e61ad774b1bb9761f20e1bb4c1d6c734.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27233
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
10tLJV8yc7HUL1XShYVSPhfGmgTi_TDlHarUxwJU0fH51Qw3o8ZyIw==
a6ef61b5aa4d4a35995bc18d04125b93
adimg.rekmob.com/ Frame 8B49 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/a6ef61b5aa4d4a35995bc18d04125b93
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3e048568ec73a37d3de0f63e7812bd07756797f6b82a84053ac56e9c28d6e37

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 15:47:33 GMT
Via
1.1 e61ad774b1bb9761f20e1bb4c1d6c734.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:21:42 GMT
Server
AmazonS3
Age
17911
ETag
"7be928384c3265ed526e5c5e5c519349"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
12001
X-Amz-Cf-Id
DcZFv0HEcvkZE0zVNhGOjvw6GZm2lX6mzwipkY0VcJfUW1QSwuRRpg==
imp
ads.rekmob.com/m/ Frame 8B49 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&udid=ead846147b6d4abcb429e334ca55626a&rid=NjBiNjljNWEwY2YyYWJkZGRmM2ZjYjY1&adId=MTM2OQ==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:45 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=536a874d2489404ea4758a28f8d8b1c6&nai=&si=33151&pn=&h=60&w=468&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1480
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48d6ac6e4174-HAM
content-length
1146
cf-request-id
0a6aebda2b000041743917a000000001
expires
Tue, 01 Jun 2021 22:45:14 GMT
n.js
cdn.runative-syndicate.com/sdk/v1/ Frame B73F 		17 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.runative-syndicate.com/sdk/v1/n.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.110 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
6be018cf63d68429cc6f5c49caa24448469db98e412beba3bc99ac033ced43da

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
last-modified
Wed, 17 Feb 2021 13:10:31 GMT
server
nginx
age
9008805
etag
W/"602d15c7-44f3"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
8713
truncated
/ Frame 19D1 		125 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cc9f7888aa74f17e27205ad59ecf79db56b25123b30aa7913b5a6617206b58a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
elements.png
agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ Frame 19D1 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=78be34af347704c29acc8080ee49e259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c

Request headers

Referer
https://agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=78be34af347704c29acc8080ee49e259
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
last-modified
Thu, 01 Apr 2021 15:01:15 GMT
server
IdeaWebServer/2.0.5
content-length
4149
content-type
image/png
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 19D1 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 06:30:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
51271
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Wed, 01 Jun 2022 06:30:43 GMT
rs-b.png
adimg.rekmob.com/logos/ Frame F071 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 e61ad774b1bb9761f20e1bb4c1d6c734.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27233
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
ibqOoJ_Lrol3hJjmbQSuV7H0bRVa5nsEiEF6boJ7esU1m-1dexDSAA==
rs-b.png
adimg.rekmob.com/logos/ Frame B73F 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 e61ad774b1bb9761f20e1bb4c1d6c734.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27233
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
YzTTRmDheQB-8pzeygpKzLD1vg5LxT9SJmJxGgI6FdHQ8P5oJonYMg==
truncated
/ Frame 47B9 		101 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
flimpobj.js
pixel.yabidos.com/ Frame 2854 		30 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622580314619&ver1=2.2.3&qid=230383f5530383f5434353&rnd=mgdsousk4qmz&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nai=&si=33151&pn=&h=250&w=300&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1594
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48d74e704174-HAM
content-length
23972
cf-request-id
0a6aebda8e000041745a3e9000000001
expires
Tue, 01 Jun 2021 22:45:14 GMT
gtm.js
www.googletagmanager.com/ Frame 00CE 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PT73ND5
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
js
www.googletagmanager.com/gtag/ Frame 47B9 		86 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-951869502&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5356948-1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a78e4c5477bc21a573c4246d05897a32c2960f7db89ac5eb5d49ceb74ff8813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34583
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 20:23:47 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Jun 2021 20:45:14 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 47B9 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-951869502
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
264ec87b36604aa5a7cf8752a6be767e4cf135a6c27b0c06ba248af23bfadab7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14047
x-xss-protection
0
server
cafe
etag
12385995306639061375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 20:45:15 GMT
analytics.js
www.google-analytics.com/ Frame 47B9 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5356948-1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5631
date
Tue, 01 Jun 2021 19:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 01 Jun 2021 21:11:23 GMT
7a59f4ee8243465197d99ee2959f6ef7.html
run-syndicate.com/iframes2/ Frame 98BB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=0&clientjs=1&w=1600&h=1200
Requested by
Host: cdn.runative-syndicate.com
URL: https://cdn.runative-syndicate.com/sdk/v1/bi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.25 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.25.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
run-syndicate.com
:scheme
https
:path
/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=0&clientjs=1&w=1600&h=1200
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://exp3.eurosptp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://exp3.eurosptp.com/

Response headers

server
nginx
date
Tue, 01 Jun 2021 20:45:15 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding *
cache-control
no-cache, no-store, no-transform, must-revalidate no-transform
pragma
no-cache
expires
0
x-api-version
2
link
<https://lcdn.runative-syndicate.com/sdk/v1/b.b.js>; rel=preload; as=script, <https://lcdn.runative-syndicate.com/images/6/5/cbb3916f0cb87c847926a98e38a3f33f9b8b42/300x250.jpg>; rel=preload; as=image
x-request-id
6f4709e74dad1aae
set-cookie
ts_uid=4009debd-5000-40ec-bf09-959b0249a5af; expires=Wed, 01 Dec 2021 20:45:15 GMT; domain=.run-syndicate.com; path=/; HttpOnly; secure; SameSite=None bfq=e0SIEaFjSxcWIsYUPJiwDMMufRQE; expires=Wed, 02 Jun 2021 20:45:15 GMT; domain=.runative-syndicate.com; path=/; secure; SameSite=None
x-robots-tag
none noindex, nofollow
report-to
{ "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding
gzip
/
sharkpromotion.net/socket.io/ Frame 9665 		0
0
micro.png
agronews.com.pl/wp-content/uploads/ Frame 47B9 		376 KB
377 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agronews.com.pl/wp-content/uploads/micro.png
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
862cc7981457916d0c21bbc32eca1f19801c9eb0d2cea34079ca71e93bd93578

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
last-modified
Sun, 14 Mar 2021 20:42:50 GMT
server
IdeaWebServer/2.0.5
content-length
385231
content-type
image/png
187979501_203578804918695_8663512522223641239_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 47B9 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/187979501_203578804918695_8663512522223641239_n.jpg?_nc_cat=106&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=lpuQsTISD2QAX-ZDkj1&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=45cc77f389f9b522ef3b599f2dc8a868&oe=60BAB339
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a6a56704d49b22424d80972fc40e6b065314b885a984acad75848b86d01df8c0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1449268747
date
Tue, 01 Jun 2021 20:45:14 GMT
x-fb-trip-id
2050670934
last-modified
Thu, 20 May 2021 13:46:11 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
514752602
x-fb-config-version-olb-prod
1116
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
90894
185342455_116984110504682_8198450152631622256_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 47B9 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/185342455_116984110504682_8198450152631622256_n.jpg?_nc_cat=110&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=oqM4oipjzbEAX9lTLJa&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=73ba0cfe1c91dd223c47726e5eed543d&oe=60BB9978
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
659e277e9d9726aab04002fa1ace26df8087e1b68ef2c6a20c94031d6b04d613

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3267586562
date
Tue, 01 Jun 2021 20:45:14 GMT
x-fb-trip-id
2050670934
last-modified
Fri, 14 May 2021 15:29:47 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3911918889
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
87036
183226574_4311553238879436_7015651509410239956_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 47B9 		210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/183226574_4311553238879436_7015651509410239956_n.jpg?_nc_cat=102&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=j78ddoZsXAwAX_XW5uh&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=4998fb8e6749dea61eb1ed7f0318ad86&oe=60BA83A8
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0b0bce5c097458742047962ea0d502dad059206a5e49aaa7f6279fc204f59e6b

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3022049261
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Sun, 09 May 2021 13:32:15 GMT
content-length
214557
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3935903195
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
178362282_136301381842602_4386328602268810321_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 47B9 		173 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/178362282_136301381842602_4386328602268810321_n.jpg?_nc_cat=105&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=ETXN1mrK-LEAX9c7To4&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=897c0afd469da4e2f584498f67a3b409&oe=60BC617A
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9a305b0450944be3f5442a1349f4b2eb6d18ec50a00054cca22c0cba0725de89

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3837840311
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Wed, 28 Apr 2021 12:06:26 GMT
content-length
176808
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3653560865
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
178984000_454840462453767_6142395590857229050_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 47B9 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/178984000_454840462453767_6142395590857229050_n.jpg?_nc_cat=107&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=xcpJblTjngkAX-uJTHQ&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=58bcda144c9597c22701706a0732b8e8&oe=60BBAD9B
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e9e530354a3005b79d5fe0dc9636da43f50763bdfbba3b7ec543f1fdfa2ab94

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
385827249
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Tue, 27 Apr 2021 12:24:37 GMT
content-length
168245
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3270019843
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
172700076_495102434822742_5198796028307782750_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 47B9 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/172700076_495102434822742_5198796028307782750_n.jpg?_nc_cat=106&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=q0UmsCRgTMAAX-qMwJZ&_nc_oc=AQncrnypar98YpUIU3NfzQvj-SBtRE3FomylOwAYhkCtUyNB2K0uaEb2loGBcUNZF0xNnZ6G3zMWm-MIf9uXc6zP&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=afc12d3faaf798115c72352dea76ef31&oe=60BBFEE2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
944e218fdec2f09248bb6c3bd391779e40e6feee9a3433a55ef13895f8feae5a

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3951844102
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Thu, 15 Apr 2021 07:26:39 GMT
content-length
172365
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4281295478
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
169268698_898168867613860_6264375193905329231_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 47B9 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/169268698_898168867613860_6264375193905329231_n.jpg?_nc_cat=104&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=xVieAI24YhMAX_fcHEM&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=36fedc555e2009ff3fa9b2078a2a524f&oe=60BA9FAB
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1e9000d90b63c02a2427c356d020024c340be2d66836bb1c827c60df623b6576

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3589619809
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Sun, 04 Apr 2021 19:36:11 GMT
content-length
99812
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2288409197
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
166050226_288667275990289_3354462577070467886_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 47B9 		241 KB
241 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/166050226_288667275990289_3354462577070467886_n.jpg?_nc_cat=109&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=rAOTzjdbd_UAX8FAS9g&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=ff0dfb0938795b1cc2a348f62c58bbf5&oe=60BC515F
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2d8e7ee9659e13cfcf85e5f57ebde3a3ab2fab91a1acf015336ba6583eca5c13

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1714170293
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Sun, 28 Mar 2021 07:33:22 GMT
content-length
246845
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4215677532
x-fb-config-version-olb-prod
1118
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
164766130_433476374610911_8123915025956431724_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 47B9 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/164766130_433476374610911_8123915025956431724_n.jpg?_nc_cat=100&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=xvg35DLEw28AX8U_aLn&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=9331ef8d4b74579b47dab30f15a6c5bf&oe=60BAE668
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
24d4c4d03f59daf992858d326e51cc94db014c16877067152ece4a0ea9458fe3

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1418726050
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Sat, 27 Mar 2021 14:18:43 GMT
content-length
120123
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3636585163
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
160217035_482694366195798_6311273287064027073_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 47B9 		207 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/160217035_482694366195798_6311273287064027073_n.jpg?_nc_cat=111&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=p0-eFMKjDFkAX8A4KS3&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=db407d8d300c7f6b363bb3a2b00bb357&oe=60BC04EA
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00fbbc9455b9422725e70f1ddbd572f43c07194b295b41df5e6afd91980dc92a

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
2817106651
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Sun, 14 Mar 2021 13:06:51 GMT
content-length
211512
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1262634641
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 47B9 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 21:18:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:42 GMT
server
sffe
age
84412
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11768
x-xss-protection
0
expires
Tue, 31 May 2022 21:18:22 GMT
truncated
/ Frame 00CE 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
newspaper.woff
agronews.com.pl/wp-content/themes/Newspaper/images/icons/ Frame 00CE 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/wp-content/themes/Newspaper/style.css?ver=10.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Request headers

Origin
https://agronews.com.pl
Referer
https://agronews.com.pl/wp-content/themes/Newspaper/style.css?ver=10.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:14 GMT
last-modified
Thu, 01 Apr 2021 15:01:06 GMT
server
IdeaWebServer/2.0.5
content-length
24864
content-type
application/octet-stream
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 00CE 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:15:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
5389
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
expires
Wed, 01 Jun 2022 19:15:25 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 00CE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 01:46:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:26 GMT
server
sffe
age
68303
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14956
x-xss-protection
0
expires
Wed, 01 Jun 2022 01:46:51 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 00CE 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 08:33:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
age
43922
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
expires
Wed, 01 Jun 2022 08:33:12 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 00CE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 07:37:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
age
47291
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
expires
Wed, 01 Jun 2022 07:37:03 GMT
mem5YaGs126MiZpBA-UNirkOXOhpOqc.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 00CE 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOXOhpOqc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d8ea031a330add9781fc795e3eb65238b4f3501647ea40558035d5d5fad268
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:32:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:22 GMT
server
sffe
age
601988
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
expires
Wed, 25 May 2022 21:32:06 GMT
mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 00CE 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdd3f533cbb03aa426012b4b7b2a2a0b3e6d474733891f74e225bbd58538c145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:32:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:55 GMT
server
sffe
age
601988
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11708
x-xss-protection
0
expires
Wed, 25 May 2022 21:32:06 GMT
mem8YaGs126MiZpBA-UFW50bbck.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 00CE 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFW50bbck.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:32:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:25 GMT
server
sffe
age
601988
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11316
x-xss-protection
0
expires
Wed, 25 May 2022 21:32:06 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 00CE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 08:33:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
43900
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Wed, 01 Jun 2022 08:33:34 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 00CE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 10:13:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
383506
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Sat, 28 May 2022 10:13:28 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 00CE 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 10:13:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:52 GMT
server
sffe
age
383507
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11836
x-xss-protection
0
expires
Sat, 28 May 2022 10:13:27 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 00CE 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 03:56:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:33 GMT
server
sffe
age
406099
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11860
x-xss-protection
0
expires
Sat, 28 May 2022 03:56:55 GMT
truncated
/ Frame 00CE 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
like.php
www.facebook.com/plugins/ Frame F248 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?href=https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://agronews.com.pl/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://agronews.com.pl/

Response headers

pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
content-type
text/html;charset=utf-8
x-content-type-options
nosniff
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
x-fb-debug
SoquGhR8o2ngv7Ap0yZQmOJJ/BUtaMj2TCQy5aKtj+9QIVtEYDCHFZ+IXh3lzWU0f4WWbVGppUd5bKHX6ChvWw==
content-length
0
date
Tue, 01 Jun 2021 20:45:14 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
/
agronews.com.pl/artykul/asf-co-ze-swiniami-na-wybiegach/embed/ Frame 5BD4 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/artykul/asf-co-ze-swiniami-na-wybiegach/embed/
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
866acda5759c8895048fb4c7090acfd35aa1104dbed3bc8ba4f8aeab97e83482

Request headers

:method
GET
:authority
agronews.com.pl
:scheme
https
:path
/artykul/asf-co-ze-swiniami-na-wybiegach/embed/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-type
text/html; charset=UTF-8
content-length
7007
access-control-allow-origin
*
cache-control
max-age=3, must-revalidate
content-encoding
gzip
server
IdeaWebServer/2.0.5
vary
Accept-Encoding, Cookie
truncated
/ Frame 19D1 		101 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
conversion_async.js
www.googleadservices.com/pagead/ Frame 19D1 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-951869502
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
264ec87b36604aa5a7cf8752a6be767e4cf135a6c27b0c06ba248af23bfadab7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14047
x-xss-protection
0
server
cafe
etag
12385995306639061375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 20:45:15 GMT
js
www.googletagmanager.com/gtag/ Frame 19D1 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-5356948-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-951869502
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ab149faece15085b417647aace495f54d5b2eb22f604ffda20f9e581532ad485
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35944
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 18:43:03 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Jun 2021 20:45:14 GMT
analytics.js
www.google-analytics.com/ Frame 19D1 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5356948-1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5631
date
Tue, 01 Jun 2021 19:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 01 Jun 2021 21:11:23 GMT
n.css
cdn.run-syndicate.com/sdk/v1/ Frame F071 		0
0
imp
ads.rekmob.com/m/ Frame F071 		0
0
n.css
cdn.run-syndicate.com/sdk/v1/ Frame B73F 		0
0
imp
ads.rekmob.com/m/ Frame B73F 		0
0
PolaKlasyS.jpg
agronews.com.pl/wp-content/uploads/ Frame 00CE 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agronews.com.pl/wp-content/uploads/PolaKlasyS.jpg
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
8f775141edf206b7ef9b663dee9f0461d53c2f777823022497efdbb5843a176c

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Tue, 01 Jun 2021 13:14:45 GMT
server
IdeaWebServer/2.0.5
content-length
60211
content-type
image/jpeg
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 00CE 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 00:07:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:12 GMT
server
sffe
age
506237
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
expires
Fri, 27 May 2022 00:07:58 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 00CE 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:30 GMT
server
sffe
age
499333
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22572
x-xss-protection
0
expires
Fri, 27 May 2022 02:03:02 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v13/ Frame 00CE 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 02:03:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:03:59 GMT
server
sffe
age
499328
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39440
x-xss-protection
0
expires
Fri, 27 May 2022 02:03:07 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 00CE 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 06:30:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
51272
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Wed, 01 Jun 2022 06:30:43 GMT
S6u9w4BMUTPHh6UVSwaPGR_p.woff2
fonts.gstatic.com/s/lato/v17/ Frame 00CE 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwaPGR_p.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28927518b5750f500f8d606b8629cd40092c7f19d8d2e32c865c4902cd489543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 03:22:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:17 GMT
server
sffe
age
408150
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5360
x-xss-protection
0
expires
Sat, 28 May 2022 03:22:45 GMT
S6u9w4BMUTPHh50XSwaPGR_p.woff2
fonts.gstatic.com/s/lato/v17/ Frame 00CE 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwaPGR_p.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c231bed4704b4d3db5350e6b08c88dd0ea7240374bfe6f9951b706dfa8901c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 02:03:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:23 GMT
server
sffe
age
499284
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5436
x-xss-protection
0
expires
Fri, 27 May 2022 02:03:51 GMT
BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2
fonts.gstatic.com/s/robotoslab/v13/ Frame 00CE 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc1fcdbf35ca3dc9d18408c78e0fdfbd1819e8b9a1d5e482f9f57404f2a8b93e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 10:03:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:51:53 GMT
server
sffe
age
211295
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23908
x-xss-protection
0
expires
Mon, 30 May 2022 10:03:40 GMT
micro.png
agronews.com.pl/wp-content/uploads/ Frame 19D1 		376 KB
377 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agronews.com.pl/wp-content/uploads/micro.png
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
862cc7981457916d0c21bbc32eca1f19801c9eb0d2cea34079ca71e93bd93578

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Sun, 14 Mar 2021 20:42:50 GMT
server
IdeaWebServer/2.0.5
content-length
385231
content-type
image/png
187979501_203578804918695_8663512522223641239_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 19D1 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/187979501_203578804918695_8663512522223641239_n.jpg?_nc_cat=106&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=lpuQsTISD2QAX-ZDkj1&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=45cc77f389f9b522ef3b599f2dc8a868&oe=60BAB339
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a6a56704d49b22424d80972fc40e6b065314b885a984acad75848b86d01df8c0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1449268747
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Thu, 20 May 2021 13:46:11 GMT
content-length
90894
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
514752602
x-fb-config-version-olb-prod
1116
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
185342455_116984110504682_8198450152631622256_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 19D1 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/185342455_116984110504682_8198450152631622256_n.jpg?_nc_cat=110&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=oqM4oipjzbEAX9lTLJa&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=73ba0cfe1c91dd223c47726e5eed543d&oe=60BB9978
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
659e277e9d9726aab04002fa1ace26df8087e1b68ef2c6a20c94031d6b04d613

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3267586562
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Fri, 14 May 2021 15:29:47 GMT
content-length
87036
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3911918889
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
183226574_4311553238879436_7015651509410239956_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 19D1 		210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/183226574_4311553238879436_7015651509410239956_n.jpg?_nc_cat=102&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=j78ddoZsXAwAX_XW5uh&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=4998fb8e6749dea61eb1ed7f0318ad86&oe=60BA83A8
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0b0bce5c097458742047962ea0d502dad059206a5e49aaa7f6279fc204f59e6b

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3022049261
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Sun, 09 May 2021 13:32:15 GMT
content-length
214557
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3935903195
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
178362282_136301381842602_4386328602268810321_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 19D1 		173 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/178362282_136301381842602_4386328602268810321_n.jpg?_nc_cat=105&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=ETXN1mrK-LEAX9c7To4&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=897c0afd469da4e2f584498f67a3b409&oe=60BC617A
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9a305b0450944be3f5442a1349f4b2eb6d18ec50a00054cca22c0cba0725de89

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3837840311
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Wed, 28 Apr 2021 12:06:26 GMT
content-length
176808
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3653560865
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
178984000_454840462453767_6142395590857229050_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 19D1 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/178984000_454840462453767_6142395590857229050_n.jpg?_nc_cat=107&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=xcpJblTjngkAX-uJTHQ&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=58bcda144c9597c22701706a0732b8e8&oe=60BBAD9B
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e9e530354a3005b79d5fe0dc9636da43f50763bdfbba3b7ec543f1fdfa2ab94

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
385827249
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Tue, 27 Apr 2021 12:24:37 GMT
content-length
168245
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3270019843
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
172700076_495102434822742_5198796028307782750_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 19D1 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/172700076_495102434822742_5198796028307782750_n.jpg?_nc_cat=106&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=q0UmsCRgTMAAX-qMwJZ&_nc_oc=AQncrnypar98YpUIU3NfzQvj-SBtRE3FomylOwAYhkCtUyNB2K0uaEb2loGBcUNZF0xNnZ6G3zMWm-MIf9uXc6zP&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=afc12d3faaf798115c72352dea76ef31&oe=60BBFEE2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
944e218fdec2f09248bb6c3bd391779e40e6feee9a3433a55ef13895f8feae5a

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3951844102
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Thu, 15 Apr 2021 07:26:39 GMT
content-length
172365
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4281295478
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
169268698_898168867613860_6264375193905329231_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 19D1 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/169268698_898168867613860_6264375193905329231_n.jpg?_nc_cat=104&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=xVieAI24YhMAX_fcHEM&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=36fedc555e2009ff3fa9b2078a2a524f&oe=60BA9FAB
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1e9000d90b63c02a2427c356d020024c340be2d66836bb1c827c60df623b6576

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3589619809
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Sun, 04 Apr 2021 19:36:11 GMT
content-length
99812
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2288409197
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
166050226_288667275990289_3354462577070467886_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 19D1 		241 KB
241 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/166050226_288667275990289_3354462577070467886_n.jpg?_nc_cat=109&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=rAOTzjdbd_UAX8FAS9g&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=ff0dfb0938795b1cc2a348f62c58bbf5&oe=60BC515F
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2d8e7ee9659e13cfcf85e5f57ebde3a3ab2fab91a1acf015336ba6583eca5c13

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1714170293
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Sun, 28 Mar 2021 07:33:22 GMT
content-length
246845
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4215677532
x-fb-config-version-olb-prod
1118
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
164766130_433476374610911_8123915025956431724_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 19D1 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/164766130_433476374610911_8123915025956431724_n.jpg?_nc_cat=100&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=xvg35DLEw28AX8U_aLn&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=9331ef8d4b74579b47dab30f15a6c5bf&oe=60BAE668
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
24d4c4d03f59daf992858d326e51cc94db014c16877067152ece4a0ea9458fe3

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1418726050
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Sat, 27 Mar 2021 14:18:43 GMT
content-length
120123
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3636585163
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
160217035_482694366195798_6311273287064027073_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 19D1 		207 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/160217035_482694366195798_6311273287064027073_n.jpg?_nc_cat=111&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=p0-eFMKjDFkAX8A4KS3&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=db407d8d300c7f6b363bb3a2b00bb357&oe=60BC04EA
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00fbbc9455b9422725e70f1ddbd572f43c07194b295b41df5e6afd91980dc92a

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
2817106651
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Sun, 14 Mar 2021 13:06:51 GMT
content-length
211512
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1262634641
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 19D1 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 21:18:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:42 GMT
server
sffe
age
84413
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11768
x-xss-protection
0
expires
Tue, 31 May 2022 21:18:22 GMT
jetpack.css
c0.wp.com/p/jetpack/9.7/css/ Frame 009D 		76 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.7/css/jetpack.css
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/zasilek-opiekunczy-dla-rolnikow-przedluzony/embed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
177b4773b237fa63062f913ed377e24540f843cda864a8d271c5ca083c18a9c6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
br
last-modified
Tue, 27 Apr 2021 15:29:25 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:15 GMT
AgroKolo300_white.png
i2.wp.com/agronews.com.pl/wp-content/uploads/ Frame 009D 		858 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/agronews.com.pl/wp-content/uploads/AgroKolo300_white.png?fit=32%2C32&ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/zasilek-opiekunczy-dla-rolnikow-przedluzony/embed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
e08e7d91daec4fd11cd6d056de9d5fab3449ad83cce189ed3e74f7698257f7ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
x-content-type-options
nosniff
x-bytes-saved
1434
content-length
858
x-nc
HIT vie 5
last-modified
Fri, 29 May 2020 00:35:46 GMT
server
nginx
etag
"600c2a9a95cf40b2"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/AgroKolo300_white.png>; rel="canonical"
expires
Sun, 29 May 2022 12:35:46 GMT
wp-emoji-release.min.js
agronews.com.pl/wp-includes/js/ Frame 009D 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/zasilek-opiekunczy-dla-rolnikow-przedluzony/embed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 21:35:42 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
truncated
/ Frame 00CE 		125 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cc9f7888aa74f17e27205ad59ecf79db56b25123b30aa7913b5a6617206b58a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
elements.png
agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ Frame 00CE 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=78be34af347704c29acc8080ee49e259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c

Request headers

Referer
https://agronews.com.pl/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=78be34af347704c29acc8080ee49e259
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Thu, 01 Apr 2021 15:01:15 GMT
server
IdeaWebServer/2.0.5
content-length
4149
content-type
image/png
truncated
/ Frame 009D 		196 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eab8de27de645e5b26b6cbd48545a6997f72956e40401714a0be09b2e2fa8d58

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 009D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
/
ads.rekmob.com/m/props/ Frame 2854 		271 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101739
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
429870d686efc9fbf3477266c4e558849ac6001e4f8fc3b0f586cba547f95178

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:46 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
flimpobj.js
pixel.yabidos.com/ Frame 2854 		30 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622580315054&ver1=2.2.3&qid=230383f5530383f5434353&rnd=b8s7z19oskth&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=0b9f3c2279244fff831c25aa0d5f7f54&nai=&si=33151&pn=&h=600&w=160&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1595
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48da0f984174-HAM
content-length
23972
cf-request-id
0a6aebdc4700004174748f8000000001
expires
Tue, 01 Jun 2021 22:45:15 GMT
vbl.gif
pre.glotgrx.com/ Frame 2854 		26 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622580315222&rnd=b8s7z19oskth&ifm=1&uai=1&cid=544&s=www.adzbux.com&p=43285&x=rekmob&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2445
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48da58992c52-FRA
content-length
26
cf-request-id
0a6aebdc7a00002c52e28b5000000001
expires
Tue, 01 Jun 2021 22:45:15 GMT
nflrc.gif
pre.glotgrx.com/ Frame 2854 		26 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622580315216173&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=www.adzbux.com&x=rekmob&cid=544&od1=&od2=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=b8s7z19oskth&impid=&tps=29&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=212.102.38.150&ci=&pp=&bp=&w=728&h=90&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=5&icpl=28&icp=https%253A//www.cora-live.tk&irfl=27&irf=https%253A//www.adzbux.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-14-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=413x99&gpu=undefined&ncf=4g_9.8_undefined_null_0_undefined_false&fli=3429136985&flerr=0&trim=&fio=13
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2445
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48da589c2c52-FRA
content-length
26
cf-request-id
0a6aebdc7a00002c52899c5000000001
expires
Tue, 01 Jun 2021 22:45:15 GMT
popmyads.png
whos.amung.us/swidget/ Frame 3F74 		0
0
/
ads.rekmob.com/m/props/ Frame 2854 		270 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101741
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
f67871a227d63cd3691dcecbdf5e15e6a6fd839b917e1a607e65dd1528cace0d

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:46 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
truncated
/ Frame 00CE 		101 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
js
www.googletagmanager.com/gtag/ Frame 00CE 		86 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-951869502&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5356948-1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
86c9eb06a3e6a353d6fa7c9ca2d7893f3ed6ed9f2333a64890294b383b8be823
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34584
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 20:23:47 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Jun 2021 20:45:15 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 00CE 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-951869502
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
264ec87b36604aa5a7cf8752a6be767e4cf135a6c27b0c06ba248af23bfadab7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14047
x-xss-protection
0
server
cafe
etag
12385995306639061375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 20:45:15 GMT
analytics.js
www.google-analytics.com/ Frame 00CE 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5356948-1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5632
date
Tue, 01 Jun 2021 19:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 01 Jun 2021 21:11:23 GMT
404
popmyads.com/ Frame 3F74
Redirect Chain
  • https://maquiags.com/gget
  • https://popmyads.com/404?dsc6123
837 B
913 B 		Document
General
Check archive.org
Download Go to
Full URL
https://popmyads.com/404?dsc6123
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4436 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
ee753ae9bc8a63c26a8cfad53c2beb154512129a84273a655ebd4c5d3602c6b1

Request headers

:method
GET
:authority
popmyads.com
:scheme
https
:path
/404?dsc6123
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://exp3.eurosptp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=7d4364b654e14cb3af46950144a2d11cc712513c-1622580313-1800-AVF5//UHQPnsXLxs4FeBNxN4sSZcfgS5dT89OV82EmZy2/ONcBYUJuS6CBlTEXfBsEGpXZmH+XrX4cTAwhPQ7BA=
Upgrade-Insecure-Requests
1
Origin
https://exp3.eurosptp.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://exp3.eurosptp.com/

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.1.33
cf-cache-status
DYNAMIC
cf-request-id
0a6aebdd1d00004edf123ec000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dtv7XWWltJ%2FhNkDnxzD02SbgYUBiZsRsITX0TR47omB2uPItwovjQSvGCUAsJ4D2T1D1R8GHEGagzQKdCOKOyM5IuwTcVLGS6yMt10lz7QcrJK7bXrG7rB6FlNJRgwHzhT%2Frle%2Bg"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48db6b3f4edf-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Tue, 01 Jun 2021 20:45:15 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.1.33
set-cookie
wGprrBLT=2; expires=Tue, 01-Jun-2021 20:45:17 GMT; Max-Age=2; path=/
location
https://popmyads.com/404?dsc6123
cf-cache-status
DYNAMIC
cf-request-id
0a6aebdce300004ed442929000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DR25CxKTvNcPzxMGmoR%2BSBrY8rYdqXZU6Xke0Edjp%2FzG5dxmC%2BEzKO395unjz1ZOj%2BY5VVgGNJHHPq68lNcM6kLzfk32S6R%2BwZewmouURrG1PU3Uyvim%2BjG8UakHX6nIbmmkIfFl"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48db08e04ed4-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
micro.png
agronews.com.pl/wp-content/uploads/ Frame 00CE 		376 KB
377 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agronews.com.pl/wp-content/uploads/micro.png
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
862cc7981457916d0c21bbc32eca1f19801c9eb0d2cea34079ca71e93bd93578

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Sun, 14 Mar 2021 20:42:50 GMT
server
IdeaWebServer/2.0.5
content-length
385231
content-type
image/png
187979501_203578804918695_8663512522223641239_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 00CE 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/187979501_203578804918695_8663512522223641239_n.jpg?_nc_cat=106&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=lpuQsTISD2QAX-ZDkj1&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=45cc77f389f9b522ef3b599f2dc8a868&oe=60BAB339
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a6a56704d49b22424d80972fc40e6b065314b885a984acad75848b86d01df8c0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1449268747
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Thu, 20 May 2021 13:46:11 GMT
content-length
90894
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
514752602
x-fb-config-version-olb-prod
1116
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
185342455_116984110504682_8198450152631622256_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 00CE 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/185342455_116984110504682_8198450152631622256_n.jpg?_nc_cat=110&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=oqM4oipjzbEAX9lTLJa&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=73ba0cfe1c91dd223c47726e5eed543d&oe=60BB9978
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
659e277e9d9726aab04002fa1ace26df8087e1b68ef2c6a20c94031d6b04d613

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3267586562
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Fri, 14 May 2021 15:29:47 GMT
content-length
87036
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3911918889
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
183226574_4311553238879436_7015651509410239956_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 00CE 		210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/183226574_4311553238879436_7015651509410239956_n.jpg?_nc_cat=102&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=j78ddoZsXAwAX_XW5uh&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=4998fb8e6749dea61eb1ed7f0318ad86&oe=60BA83A8
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0b0bce5c097458742047962ea0d502dad059206a5e49aaa7f6279fc204f59e6b

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3022049261
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Sun, 09 May 2021 13:32:15 GMT
content-length
214557
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3935903195
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
178362282_136301381842602_4386328602268810321_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 00CE 		173 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/178362282_136301381842602_4386328602268810321_n.jpg?_nc_cat=105&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=ETXN1mrK-LEAX9c7To4&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=897c0afd469da4e2f584498f67a3b409&oe=60BC617A
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9a305b0450944be3f5442a1349f4b2eb6d18ec50a00054cca22c0cba0725de89

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3837840311
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Wed, 28 Apr 2021 12:06:26 GMT
content-length
176808
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3653560865
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
178984000_454840462453767_6142395590857229050_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 00CE 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/178984000_454840462453767_6142395590857229050_n.jpg?_nc_cat=107&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=xcpJblTjngkAX-uJTHQ&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=58bcda144c9597c22701706a0732b8e8&oe=60BBAD9B
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e9e530354a3005b79d5fe0dc9636da43f50763bdfbba3b7ec543f1fdfa2ab94

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
385827249
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Tue, 27 Apr 2021 12:24:37 GMT
content-length
168245
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3270019843
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
172700076_495102434822742_5198796028307782750_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 00CE 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/172700076_495102434822742_5198796028307782750_n.jpg?_nc_cat=106&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=q0UmsCRgTMAAX-qMwJZ&_nc_oc=AQncrnypar98YpUIU3NfzQvj-SBtRE3FomylOwAYhkCtUyNB2K0uaEb2loGBcUNZF0xNnZ6G3zMWm-MIf9uXc6zP&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=afc12d3faaf798115c72352dea76ef31&oe=60BBFEE2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
944e218fdec2f09248bb6c3bd391779e40e6feee9a3433a55ef13895f8feae5a

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3951844102
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Thu, 15 Apr 2021 07:26:39 GMT
content-length
172365
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4281295478
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
169268698_898168867613860_6264375193905329231_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 00CE 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/169268698_898168867613860_6264375193905329231_n.jpg?_nc_cat=104&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=xVieAI24YhMAX_fcHEM&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=36fedc555e2009ff3fa9b2078a2a524f&oe=60BA9FAB
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1e9000d90b63c02a2427c356d020024c340be2d66836bb1c827c60df623b6576

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3589619809
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Sun, 04 Apr 2021 19:36:11 GMT
content-length
99812
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2288409197
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
166050226_288667275990289_3354462577070467886_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 00CE 		241 KB
241 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/166050226_288667275990289_3354462577070467886_n.jpg?_nc_cat=109&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=rAOTzjdbd_UAX8FAS9g&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=ff0dfb0938795b1cc2a348f62c58bbf5&oe=60BC515F
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2d8e7ee9659e13cfcf85e5f57ebde3a3ab2fab91a1acf015336ba6583eca5c13

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1714170293
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Sun, 28 Mar 2021 07:33:22 GMT
content-length
246845
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4215677532
x-fb-config-version-olb-prod
1118
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
164766130_433476374610911_8123915025956431724_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 00CE 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/164766130_433476374610911_8123915025956431724_n.jpg?_nc_cat=100&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=xvg35DLEw28AX8U_aLn&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=9331ef8d4b74579b47dab30f15a6c5bf&oe=60BAE668
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
24d4c4d03f59daf992858d326e51cc94db014c16877067152ece4a0ea9458fe3

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1418726050
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Sat, 27 Mar 2021 14:18:43 GMT
content-length
120123
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3636585163
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
160217035_482694366195798_6311273287064027073_n.jpg
scontent-waw1-1.cdninstagram.com/v/t51.29350-15/ Frame 00CE 		207 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-waw1-1.cdninstagram.com/v/t51.29350-15/160217035_482694366195798_6311273287064027073_n.jpg?_nc_cat=111&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=p0-eFMKjDFkAX8A4KS3&_nc_ht=scontent-waw1-1.cdninstagram.com&oh=db407d8d300c7f6b363bb3a2b00bb357&oe=60BC04EA
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f216:c4:face:b00c:0:43fe Warsaw, Poland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00fbbc9455b9422725e70f1ddbd572f43c07194b295b41df5e6afd91980dc92a

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
2817106651
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Sun, 14 Mar 2021 13:06:51 GMT
content-length
211512
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1262634641
x-fb-config-version-olb-prod
1116
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 00CE 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CLato%3A700%2C900%2C400%7CRoboto+Slab%3A400%2C700%2C800&display=swap&ver=10.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://agronews.com.pl
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 21:18:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:42 GMT
server
sffe
age
84413
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11768
x-xss-protection
0
expires
Tue, 31 May 2022 21:18:22 GMT
/
ads.rekmob.com/m/props/ Frame 2854 		272 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101742
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
a4b0d4bdd00ad184b5fdbd07013558393dacc7003aa8a76805c249a018b406e8

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:46 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/951869502/ Frame 47B9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/951869502/?random=1622580315397&cv=9&fst=1622580315397&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5q1&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fagronews.com.pl%2Fartykul%2Fnierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi%2F&tiba=Nier%C3%B3wna%20walka%20o%20s%C5%82uszne%20odszkodowanie%20za%20wyw%C5%82aszczenie%20pod%20drogi%20-%20AgroNews%20-%20Wiadomo%C5%9Bci%20rolnicze%20-%20Ceny%20rolne&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe8d490d77b4d1c2a7456c906ff8b7133f08d01c4556750d528f3b5c54b2e4be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1154
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=1e86b52dba4f4154a0ee87b99af3da50&ufid=GWQLKbbbj51PSH2ScWdj&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__GWQLKbbbj51PSH2ScWdj&ref=www.adzbux.com&_=1622580315414&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
23c7c2f09890e35ff54685df82dcef7a86b7b742d0078f20c9ec242bc98c9b09

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:46 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/951869502/ Frame 19D1 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/951869502/?random=1622580315416&cv=9&fst=1622580315416&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5q1&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fagronews.com.pl%2Fartykul%2Fwnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia%2F&tiba=Wnioski%20o%20zwrot%20podatku%20akcyzowego%20za%20paliwo%20rolnicze%20od%203%20sierpnia%20-%20AgroNews%20-%20Wiadomo%C5%9Bci%20rolnicze%20-%20Ceny%20rolne&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14c8dd26115ce6a11858dd03494bb7937ee50b58cc3442933347ba6fe2d30f87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1145
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 009D 		397 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
jetpack.css
c0.wp.com/p/jetpack/9.7/css/ Frame 5BD4 		76 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.7/css/jetpack.css
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/asf-co-ze-swiniami-na-wybiegach/embed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
177b4773b237fa63062f913ed377e24540f843cda864a8d271c5ca083c18a9c6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
br
last-modified
Tue, 27 Apr 2021 15:29:25 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:45:15 GMT
AgroKolo300_white.png
i2.wp.com/agronews.com.pl/wp-content/uploads/ Frame 5BD4 		858 B
895 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/agronews.com.pl/wp-content/uploads/AgroKolo300_white.png?fit=32%2C32&ssl=1
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/asf-co-ze-swiniami-na-wybiegach/embed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
e08e7d91daec4fd11cd6d056de9d5fab3449ad83cce189ed3e74f7698257f7ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
x-content-type-options
nosniff
x-bytes-saved
1434
content-length
858
x-nc
HIT vie 5
last-modified
Fri, 29 May 2020 00:35:46 GMT
server
nginx
etag
"600c2a9a95cf40b2"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/AgroKolo300_white.png>; rel="canonical"
expires
Sun, 29 May 2022 12:35:46 GMT
wp-emoji-release.min.js
agronews.com.pl/wp-includes/js/ Frame 5BD4 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/asf-co-ze-swiniami-na-wybiegach/embed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 21:35:42 GMT
server
IdeaWebServer/2.0.5
content-type
application/javascript
/
ads.rekmob.com/m/props/ Frame 2854 		270 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101743
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
67a7eb7a5a506154a6f9c7e8bdb601a1ba7c1d035174185bbefb7e4c92318cbe

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:46 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
vbl.gif
pre.glotgrx.com/ Frame 2854 		26 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622580315492&rnd=b8s7z19oskth&ifm=1&uai=1&cid=544&s=www.adzbux.com&p=43285&x=rekmob&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2445
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48dbec232c52-FRA
content-length
26
cf-request-id
0a6aebdd6f00002c52c78e0000000001
expires
Tue, 01 Jun 2021 22:45:15 GMT
nflrc.gif
pre.glotgrx.com/ Frame 2854 		26 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=162258031548525&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=www.adzbux.com&x=rekmob&cid=544&od1=&od2=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=b8s7z19oskth&impid=&tps=29&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=212.102.38.150&ci=&pp=&bp=&w=728&h=90&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=5&icpl=28&icp=https%253A//www.cora-live.tk&irfl=27&irf=https%253A//www.adzbux.com/&cty=4&fcs=0&flky=&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=413x99&gpu=undefined&ncf=4g_9.8_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1-27-v8&trim=&fio=15
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2445
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48dbec252c52-FRA
content-length
26
cf-request-id
0a6aebdd7000002c52f9001000000001
expires
Tue, 01 Jun 2021 22:45:15 GMT
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&ufid=IdIoSXX5yGJlok7BD1wL&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__IdIoSXX5yGJlok7BD1wL&ref=www.adzbux.com&_=1622580315505&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
2e340b69c74498a1c2dbdd94e91e42684ce3730b77f68322e511c7f43c7257d5

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:47 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
truncated
/ Frame 5BD4 		196 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eab8de27de645e5b26b6cbd48545a6997f72956e40401714a0be09b2e2fa8d58

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 5BD4 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=0b9f3c2279244fff831c25aa0d5f7f54&ufid=hSjnouOjqCqOAc3fC1jh&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__hSjnouOjqCqOAc3fC1jh&ref=www.adzbux.com&_=1622580315571&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
eead63b6817e51292fb66232576ab95859ee6f5c5a897e75da2fb67d4e0de59b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:47 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/951869502/ Frame 00CE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/951869502/?random=1622580315576&cv=9&fst=1622580315576&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5q1&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fagronews.com.pl%2Fartykul%2Fwsparcie-dla-producentow-trzody-potrzebne-na-juz%2F&tiba=Wsparcie%20dla%20producent%C3%B3w%20trzody%20potrzebne%20na%20ju%C5%BC!%20-%20AgroNews%20-%20Wiadomo%C5%9Bci%20rolnicze%20-%20Ceny%20rolne&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6526b138462092a125410a3056065734a9487f699bca6a26c8676eda6ac9fcc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1135
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=536a874d2489404ea4758a28f8d8b1c6&ufid=XwIk5yiE43mzD5u7vPWp&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__XwIk5yiE43mzD5u7vPWp&ref=www.adzbux.com&_=1622580315578&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
d7438dbebb1a6b0619a381d2ca20d965dfb2270b42ed88d054d0ce294bbecba9

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:47 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
truncated
/ Frame 5BD4 		397 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
/
www.google.com/pagead/1p-user-list/951869502/ Frame 19D1 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/951869502/?random=1622580315416&cv=9&fst=1622577600000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5q1&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fagronews.com.pl%2Fartykul%2Fwnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia%2F&tiba=Wnioski%20o%20zwrot%20podatku%20akcyzowego%20za%20paliwo%20rolnicze%20od%203%20sierpnia%20-%20AgroNews%20-%20Wiadomo%C5%9Bci%20rolnicze%20-%20Ceny%20rolne&async=1&fmt=3&is_vtc=1&random=3465701997&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/951869502/ Frame 19D1 		42 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/951869502/?random=1622580315416&cv=9&fst=1622577600000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5q1&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fagronews.com.pl%2Fartykul%2Fwnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia%2F&tiba=Wnioski%20o%20zwrot%20podatku%20akcyzowego%20za%20paliwo%20rolnicze%20od%203%20sierpnia%20-%20AgroNews%20-%20Wiadomo%C5%9Bci%20rolnicze%20-%20Ceny%20rolne&async=1&fmt=3&is_vtc=1&random=3465701997&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
frame.html
ad4mat.net/ Frame B384 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4mat.net/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r38oxwat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
ad4mat.net
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g.cash-ads.com/

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=502:658b48dc9d504a56:FRA; path=/; expires=Tue, 01-Jun-21 20:45:45 GMT cf_use_ob=443; path=/; expires=Tue, 01-Jun-21 20:45:45 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
658b48dc9d504a56-FRA
server
cloudflare
/
www.google.com/pagead/1p-user-list/951869502/ Frame 47B9 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/951869502/?random=1622580315397&cv=9&fst=1622577600000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5q1&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fagronews.com.pl%2Fartykul%2Fnierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi%2F&tiba=Nier%C3%B3wna%20walka%20o%20s%C5%82uszne%20odszkodowanie%20za%20wyw%C5%82aszczenie%20pod%20drogi%20-%20AgroNews%20-%20Wiadomo%C5%9Bci%20rolnicze%20-%20Ceny%20rolne&async=1&fmt=3&is_vtc=1&random=1046394899&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/951869502/ Frame 47B9 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/951869502/?random=1622580315397&cv=9&fst=1622577600000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5q1&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fagronews.com.pl%2Fartykul%2Fnierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi%2F&tiba=Nier%C3%B3wna%20walka%20o%20s%C5%82uszne%20odszkodowanie%20za%20wyw%C5%82aszczenie%20pod%20drogi%20-%20AgroNews%20-%20Wiadomo%C5%9Bci%20rolnicze%20-%20Ceny%20rolne&async=1&fmt=3&is_vtc=1&random=1046394899&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bootstrap.min.css
popmyads.com/dashboard/bootstrap/css/ Frame 3F74 		104 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://popmyads.com/dashboard/bootstrap/css/bootstrap.min.css
Requested by
Host: popmyads.com
URL: https://popmyads.com/404?dsc6123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4436 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f61350bc40d801c8fa2b14d71dec2b79a720ac264c71b807ddb73d378af9850

Request headers

Referer
https://popmyads.com/404?dsc6123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2166
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6aebddd200004edf2e8ed000000001
last-modified
Thu, 07 Sep 2017 01:18:58 GMT
server
cloudflare
etag
W/"1a046-5588f3ea32480"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=t630xu%2FUnCgiDOrPG2QG4iCchu5c6EQjMhiyaAdYmM99vc82%2BAS%2F%2FhfSbPvb%2BVTsCUgIM7e8LG5uLFgyWdxJtmmLoOwMelf47DBawFHgvlwws1xXuTy3hVkBApsH6ruXTi6%2FIm8Q"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
658b48dc8e604edf-FRA
bootstrap-responsive.min.css
popmyads.com/dashboard/bootstrap/css/ Frame 3F74 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://popmyads.com/dashboard/bootstrap/css/bootstrap-responsive.min.css
Requested by
Host: popmyads.com
URL: https://popmyads.com/404?dsc6123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4436 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4289c63fd2b0ae5926316028943355967883265d9907d35e3c3effe4c3a09cd4

Request headers

Referer
https://popmyads.com/404?dsc6123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2156
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6aebddd200004edf19850000000001
last-modified
Thu, 07 Sep 2017 01:18:58 GMT
server
cloudflare
etag
W/"41ab-5588f3ea32480"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Zn7H7g%2BNLuO5fg4Hm2DhQqvBFmiA%2B0ti9XlJ4tM9LhtMKCWCBWjd7FigI1n8VIg%2BmlW78WmucETKkCPHuiIsLFiOpMVQMNN%2BuPvfhrVRxDLKFONo7WpubvWvVWmqX6lNpZL7rUgS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
658b48dc8e644edf-FRA
style.css
popmyads.com/dashboard/css/ Frame 3F74 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://popmyads.com/dashboard/css/style.css
Requested by
Host: popmyads.com
URL: https://popmyads.com/404?dsc6123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4436 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bc4a8c6d724075c74427caf23af8f977bb340c649a9d64b6613ba4b92e695c0

Request headers

Referer
https://popmyads.com/404?dsc6123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2108
cf-polished
origSize=64686
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6aebddd300004edf0826b000000001
last-modified
Tue, 10 Oct 2017 12:00:14 GMT
server
cloudflare
etag
W/"fcae-55b300cbfaf80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pKmK%2FW0SYrHnMYrio30Uluoi782TieCTEdhOlSfzAkV%2FWcrrJHxO1CJm0jJHW7mm3fW9nQE83bTDCY0%2BdmPQpg4zWWoK3lHmxFyH8VgkUub8HGRtp7%2B6%2FBlYzH2QtvLrnOIGd1%2FL"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
658b48dc8e664edf-FRA
cf-bgj
minify
css
fonts.googleapis.com/ Frame 3F74 		702 B
370 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Jockey+One
Requested by
Host: popmyads.com
URL: https://popmyads.com/404?dsc6123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
faa8b66c1a42db56dc217f07c7e1cb9a00f9235c425f165e800f515d2891af95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://popmyads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 20:32:04 GMT
server
ESF
date
Tue, 01 Jun 2021 20:45:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Jun 2021 20:45:15 GMT
1442.png
widgets.amung.us/small/14/ Frame 3F74
Redirect Chain
  • https://whos.amung.us/swidget/popmyads404.png
  • https://widgets.amung.us/small/14/1442.png
335 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/small/14/1442.png
Requested by
Host: popmyads.com
URL: https://popmyads.com/404?dsc6123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fac04740d62c7ca2d14f8dbd16d0ae722257d28da00c9469b00662f7f91d27e

Request headers

Referer
https://popmyads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
cf-cache-status
HIT
age
128746
content-length
335
cf-request-id
0a6aebdecb000005f904a48000000001
last-modified
Sun, 13 Jun 2010 09:48:30 GMT
server
cloudflare
etag
"4c14a96e-14f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
658b48de18f305f9-FRA
expires
Tue, 01 Jun 2021 08:59:29 GMT

Redirect headers

location
https://widgets.amung.us/small/14/1442.png
date
Tue, 01 Jun 2021 20:45:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
g.gif
pixel.wp.com/ Frame 47B9 		50 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.7&blog=170162756&post=75551&tz=2&srv=agronews.com.pl&host=agronews.com.pl&ref=&fcp=0&rand=0.7865320522359474
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
/
agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/ Frame 47B9 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/?relatedposts=1
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/9.7/_inc/build/related-posts/related-posts.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
a07303996efa31ac37c6bf6db915dceb59e9f12fd93efaac31ad8ccfef1f85f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-requested-with
XMLHttpRequest

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
IdeaWebServer/2.0.5
vary
Accept-Encoding, Cookie
content-type
application/json; charset=utf-8
g.gif
pixel.wp.com/ Frame 00CE 		50 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.7&blog=170162756&post=74976&tz=2&srv=agronews.com.pl&host=agronews.com.pl&ref=&fcp=0&rand=0.3959027805241946
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
/
agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/ Frame 00CE 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/?relatedposts=1
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/9.7/_inc/build/related-posts/related-posts.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
dc4a76496e96c51cf259b4f3cfc196e631b405c901cbfa27926711e119743caa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-requested-with
XMLHttpRequest

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
IdeaWebServer/2.0.5
vary
Accept-Encoding, Cookie
content-type
application/json; charset=utf-8
g.gif
pixel.wp.com/ Frame 19D1 		50 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.7&blog=170162756&post=75094&tz=2&srv=agronews.com.pl&host=agronews.com.pl&ref=&fcp=0&rand=0.8512768861576707
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
/
agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/ Frame 19D1 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/?relatedposts=1
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/9.7/_inc/build/related-posts/related-posts.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
ad15e2d778cd29fb13cc4b8fcd09da6e01880b743e311d02b2e7ea15b9967f1f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-requested-with
XMLHttpRequest

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
IdeaWebServer/2.0.5
vary
Accept-Encoding, Cookie
content-type
application/json; charset=utf-8
player_api
www.youtube.com/ Frame 47B9 		980 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api?_=1622580314021
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c47d2f26c45aa2edee7054b2eaea7935b3a114adc98042c8f801f4b263f1e33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:45:15 GMT
admin-ajax.php
agronews.com.pl/wp-admin/ Frame 47B9 		15 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=10.4
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
2650fda530afb9e25947fb66b7eb7990edf85d817b91cded5e69963d53889bc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://agronews.com.pl/artykul/nierowna-walka-o-sluszne-odszkodowanie-za-wywlaszczenie-pod-drogi/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
server
IdeaWebServer/2.0.5
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://agronews.com.pl, *
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
player_api
www.youtube.com/ Frame 00CE 		980 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api?_=1622580314758
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c47d2f26c45aa2edee7054b2eaea7935b3a114adc98042c8f801f4b263f1e33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:45:15 GMT
admin-ajax.php
agronews.com.pl/wp-admin/ Frame 00CE 		15 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=10.4
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
c5ce22124e1d78fa124c381be7da81755523a66bcf616d0c3957ea9c6deea59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
server
IdeaWebServer/2.0.5
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://agronews.com.pl, *
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
player_api
www.youtube.com/ Frame 19D1 		980 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api?_=1622580314306
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c47d2f26c45aa2edee7054b2eaea7935b3a114adc98042c8f801f4b263f1e33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:45:15 GMT
admin-ajax.php
agronews.com.pl/wp-admin/ Frame 19D1 		15 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://agronews.com.pl/wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=10.4
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.161.255.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082618.home.pl
Software
IdeaWebServer/2.0.5 /
Resource Hash
872daeb20fac8402eb5ac8def08cadbca046ad09cb9096a28e63db7a2762d7e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://agronews.com.pl/artykul/wnioski-o-zwrot-podatku-akcyzowego-za-paliwo-rolnicze-od-3-sierpnia/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
server
IdeaWebServer/2.0.5
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://agronews.com.pl, *
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
56460499
mc.yandex.com/webvisor/ Frame 1565 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/56460499?wmode=0&wv-part=1&wv-hit=425655252&page-url=https%3A%2F%2Ftrafiframe.ru%2Fiframe.php&rn=869715468&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1622580316%3Aw%3A0x0%3Av%3A530%3Az%3A120%3Ai%3A20210601224515%3Au%3A1622580313525379762%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1622580316
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trafiframe.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Tue, 01-Jun-2021 20:45:15 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://trafiframe.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 01-Jun-2021 20:45:15 GMT
56460499
mc.yandex.com/webvisor/ Frame 1565 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/56460499?wmode=0&wv-part=1&wv-hit=425655252&page-url=https%3A%2F%2Ftrafiframe.ru%2Fiframe.php&rn=1033306789&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1622580316%3Aw%3A0x0%3Av%3A530%3Az%3A120%3Ai%3A20210601224515%3Au%3A1622580313525379762%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1622580316
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trafiframe.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:15 GMT
last-modified
Tue, 01-Jun-2021 20:45:15 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://trafiframe.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 01-Jun-2021 20:45:15 GMT
/
www.google.com/pagead/1p-user-list/951869502/ Frame 00CE 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/951869502/?random=1622580315576&cv=9&fst=1622577600000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5q1&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fagronews.com.pl%2Fartykul%2Fwsparcie-dla-producentow-trzody-potrzebne-na-juz%2F&tiba=Wsparcie%20dla%20producent%C3%B3w%20trzody%20potrzebne%20na%20ju%C5%BC!%20-%20AgroNews%20-%20Wiadomo%C5%9Bci%20rolnicze%20-%20Ceny%20rolne&async=1&fmt=3&is_vtc=1&random=3231219413&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/951869502/ Frame 00CE 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/951869502/?random=1622580315576&cv=9&fst=1622577600000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5q1&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fagronews.com.pl%2Fartykul%2Fwsparcie-dla-producentow-trzody-potrzebne-na-juz%2F&tiba=Wsparcie%20dla%20producent%C3%B3w%20trzody%20potrzebne%20na%20ju%C5%BC!%20-%20AgroNews%20-%20Wiadomo%C5%9Bci%20rolnicze%20-%20Ceny%20rolne&async=1&fmt=3&is_vtc=1&random=3231219413&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: agronews.com.pl
URL: https://agronews.com.pl/artykul/wsparcie-dla-producentow-trzody-potrzebne-na-juz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
error_big.png
popmyads.com/dashboard/img/ Frame 3F74 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popmyads.com/dashboard/img/error_big.png
Requested by
Host: popmyads.com
URL: https://popmyads.com/dashboard/css/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4436 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c7678c897eef56940c85ccfdcc81ef648cd6724bf362f2bd94d613cbb067f50

Request headers

Referer
https://popmyads.com/dashboard/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1636
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4278
cf-request-id
0a6aebdec400004edf5d2ef000000001
last-modified
Thu, 07 Sep 2017 01:18:58 GMT
server
cloudflare
etag
"10b6-5588f3ea32480"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2JfGf7OAXeIsQnluhlvq%2Fc%2BCg31I%2BT1YS1OKdhnoMGjMjHw2S02QZgwbnALDwEE86cH4cg%2F8yzV5U29J8Kg7FaXZsbRwUGFQ7YGzslSkaz8%2FLSbuKEpoCbbNwAsP9UFuCSLBwla3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
658b48de0a4c4edf-FRA
HTxpL2g2KjCFj4x8WI6AnIHxHA.woff2
fonts.gstatic.com/s/jockeyone/v10/ Frame 3F74 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/jockeyone/v10/HTxpL2g2KjCFj4x8WI6AnIHxHA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jockey+One
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4f46a79c33683b25de91cf8ca2b970f69bbf80a195ee2873401df23cbf1c5c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://popmyads.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 05:32:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 06:20:28 GMT
server
sffe
age
54755
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9300
x-xss-protection
0
expires
Wed, 01 Jun 2022 05:32:40 GMT
www-widgetapi.js
www.youtube.com/s/player/0b643cd1/www-widgetapi.vflset/ Frame 47B9 		122 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api?_=1622580314021
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cda094b418f993e9af91feb07b3b5c09c5244cb83acd6d34d9217a8f689e9f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 17:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
11774
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41231
x-xss-protection
0
expires
Wed, 01 Jun 2022 17:29:01 GMT
rs-b.png
adimg.rekmob.com/logos/ Frame D7D8 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 e61ad774b1bb9761f20e1bb4c1d6c734.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27234
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
BYjFBfEk0z9aavi6fIsL6_SuTIULsxaLa-Nu_mylzkM9L1gHdQmuwA==
2e630aeb4a40478e989c620cb82e8065
adimg.rekmob.com/ Frame D7D8 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/2e630aeb4a40478e989c620cb82e8065
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84b2b9345e9b1f9f7560f2ce69ff573ba6158d91921779c97350eccbb965e94a

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 18:01:39 GMT
Via
1.1 07cb86faf6a141962da4e2d7c85db039.cloudfront.net (CloudFront)
Last-Modified
Thu, 13 Jun 2019 11:46:49 GMT
Server
AmazonS3
Age
9833
ETag
"d7c08a0f024d55ff27b9457e408bd6d5"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
36826
X-Amz-Cf-Id
7P0cK27t3sFOYktdQtxlcY50AclylNyUGvHDh8YOEAPRXkomyzqzDw==
imp
ads.rekmob.com/m/ Frame D7D8 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=1e86b52dba4f4154a0ee87b99af3da50&udid=3624c97ec94e4a88bcc387c040668f18&rid=NjBiNjljNWIwY2YyZTgyNTU5MTQ0NDM4&adId=MTM2NA==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:47 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
www-widgetapi.js
www.youtube.com/s/player/0b643cd1/www-widgetapi.vflset/ Frame 00CE 		122 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api?_=1622580314758
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cda094b418f993e9af91feb07b3b5c09c5244cb83acd6d34d9217a8f689e9f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 17:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
11774
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41231
x-xss-protection
0
expires
Wed, 01 Jun 2022 17:29:01 GMT
www-widgetapi.js
www.youtube.com/s/player/0b643cd1/www-widgetapi.vflset/ Frame 19D1 		122 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api?_=1622580314306
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cda094b418f993e9af91feb07b3b5c09c5244cb83acd6d34d9217a8f689e9f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 17:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
11774
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41231
x-xss-protection
0
expires
Wed, 01 Jun 2022 17:29:01 GMT
a6ef61b5aa4d4a35995bc18d04125b93
adimg.rekmob.com/ Frame 2590 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/a6ef61b5aa4d4a35995bc18d04125b93
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3e048568ec73a37d3de0f63e7812bd07756797f6b82a84053ac56e9c28d6e37

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 15:47:33 GMT
Via
1.1 78a48d8d46b0e5cf69ec8a7f633776e1.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:21:42 GMT
Server
AmazonS3
Age
17912
ETag
"7be928384c3265ed526e5c5e5c519349"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
12001
X-Amz-Cf-Id
xT1QepZMsDF0S19B3ZFmhqQcRt2GMSHU6vsQG9D2JPkXgf_1S5YBPg==
rs-b.png
adimg.rekmob.com/logos/ Frame 2590 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 e61ad774b1bb9761f20e1bb4c1d6c734.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27234
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
sgNxCzK6SQNo88x94RlW0hZlIlOMjx_g2pWJbyvccV0OyRDGW2Y2aw==
imp
ads.rekmob.com/m/ Frame 2590 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&udid=d5eca3d4ae814b52a0333af3be0ae1b6&rid=NjBiNjljNWIwY2YyYmVmMTBjOGUxNjIx&adId=MTM2OQ==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:47 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
rs-b.png
adimg.rekmob.com/logos/ Frame 5738 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 78a48d8d46b0e5cf69ec8a7f633776e1.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27234
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
XxDxavQPnIzy1sqaq5oAAr4osopnj-6_6lj17T87-vl6UG6Dej5Z-A==
6453e71f2fc743c495dfb4a701a51d13
adimg.rekmob.com/ Frame 5738 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d5b9c9d218e12f741a78d93c812ff284a41a94d7dc2eca88a3c9428d03ecee7

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 14:16:05 GMT
Via
1.1 07cb86faf6a141962da4e2d7c85db039.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:16:13 GMT
Server
AmazonS3
Age
23363
ETag
"529f2354ce0808bc9fdd7b911d8c10da"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8069
X-Amz-Cf-Id
UY8O3k37x-ZOikmZumHK0X8Mt_2vjyTasv8J1szF4zc1JHVQAIYjkg==
imp
ads.rekmob.com/m/ Frame 5738 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=0b9f3c2279244fff831c25aa0d5f7f54&udid=2824b6c1074547aaac1ebd6ddd926206&rid=NjBiNjljNWIwY2YyYmVmMTBjOGUxNjI0&adId=MTM3Mg==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:47 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
flimpobj.js
pixel.yabidos.com/ Frame 2854 		30 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622580315895&ver1=2.2.3&qid=230383f5530383f5434353&rnd=2xldpwp4ccak&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nai=&si=33151&pn=&h=250&w=300&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1595
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48de8d674174-HAM
content-length
23972
cf-request-id
0a6aebdf120000417427a8b000000001
expires
Tue, 01 Jun 2021 22:45:15 GMT
flimpobj.js
pixel.yabidos.com/ Frame 2854 		30 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622580315919&ver1=2.2.3&qid=230383f5530383f5434353&rnd=q0jr0oy1rui0&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1595
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48de9d8d4174-HAM
content-length
23972
cf-request-id
0a6aebdf1b0000417469184000000001
expires
Tue, 01 Jun 2021 22:45:15 GMT
ICfwHZMYPdo
www.youtube.com/embed/ Frame 29B1 		51 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
abc039e81d533d83c566597a96b28527523111af764a4040372ce9b1f322febb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://agronews.com.pl/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
YSC=03kvXmrYC6c; VISITOR_INFO1_LIVE=ENzQie7doGU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://agronews.com.pl/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 01 Jun 2021 20:45:15 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
CONSENT=PENDING+729; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ICfwHZMYPdo
www.youtube.com/embed/ Frame 5263 		54 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
62abb36f1ecb6e6230896539c99ea42e4282d8ff7163337536de7c3eb54e4b43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://agronews.com.pl/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
YSC=03kvXmrYC6c; VISITOR_INFO1_LIVE=ENzQie7doGU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://agronews.com.pl/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 01 Jun 2021 20:45:15 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
CONSENT=PENDING+359; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ICfwHZMYPdo
www.youtube.com/embed/ Frame 64BA 		54 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
918a4e39ff2b96c71faedd3fb66b92d8d6ba148b074e56e3e859430216421eb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://agronews.com.pl/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
YSC=03kvXmrYC6c; VISITOR_INFO1_LIVE=ENzQie7doGU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://agronews.com.pl/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 01 Jun 2021 20:45:16 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
CONSENT=PENDING+313; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rs-b.png
adimg.rekmob.com/logos/ Frame 484E 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 e61ad774b1bb9761f20e1bb4c1d6c734.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27234
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
kdnLPlr5wxgMU2kjKlS6h1XBzFIBhYA5G4V1Mml8Zbn7MaSWIgxaKQ==
5cd4030f5e814adf8b0ac59f14899340
adimg.rekmob.com/ Frame 484E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ebd675c552a02d9fd8df7e9e919adbcaa204aeed0490881a7bf64f61cdd5b776

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 18:54:12 GMT
Via
1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:21:16 GMT
Server
AmazonS3
Age
6665
ETag
"dcd2f41c062246be1f6c22954db863c3"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8005
X-Amz-Cf-Id
QamC-rICBhihXwhb4MghC8hiJtbkS2S3h54cfxhSuhcjALQftbOfNg==
imp
ads.rekmob.com/m/ Frame 484E 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=536a874d2489404ea4758a28f8d8b1c6&udid=c2bba189210545ca8f9371741d3f42b0&rid=NjBiNjljNWIwY2YyYjI2MDRhNTM0YjE1&adId=MTM2OA==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:47 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
vbl.gif
pre.glotgrx.com/ Frame 2854 		26 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622580316010&rnd=q0jr0oy1rui0&ifm=1&uai=1&cid=544&s=www.adzbux.com&p=43285&x=rekmob&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:16 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2446
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48df1c002c52-FRA
content-length
26
cf-request-id
0a6aebdf7200002c52c7916000000001
expires
Tue, 01 Jun 2021 22:45:16 GMT
nflrc.gif
pre.glotgrx.com/ Frame 2854 		26 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622580316002542&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=www.adzbux.com&x=rekmob&cid=544&od1=&od2=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=q0jr0oy1rui0&impid=&tps=44&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=212.102.38.150&ci=&pp=&bp=&w=728&h=90&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=5&icpl=28&icp=https%253A//www.cora-live.tk&irfl=27&irf=https%253A//www.adzbux.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-14-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=413x99&gpu=undefined&ncf=4g_9.8_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=16
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:16 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2446
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48df1c032c52-FRA
content-length
26
cf-request-id
0a6aebdf7300002c52d93b3000000001
expires
Tue, 01 Jun 2021 22:45:16 GMT
flimpobj.js
pixel.yabidos.com/ Frame 2854 		30 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622580315978&ver1=2.2.3&qid=230383f5530383f5434353&rnd=f9cj2pxx2klx&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=536a874d2489404ea4758a28f8d8b1c6&nai=&si=33151&pn=&h=60&w=468&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1596
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48df3fdc4174-HAM
content-length
23972
cf-request-id
0a6aebdf8000004174efa52000000001
expires
Tue, 01 Jun 2021 22:45:16 GMT
vbl.gif
pre.glotgrx.com/ Frame 2854 		26 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622580316047&rnd=f9cj2pxx2klx&ifm=1&uai=1&cid=544&s=www.adzbux.com&p=43285&x=rekmob&adtg=536a874d2489404ea4758a28f8d8b1c6&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:16 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2446
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48df5c892c52-FRA
content-length
26
cf-request-id
0a6aebdf9600002c52cf93f000000001
expires
Tue, 01 Jun 2021 22:45:16 GMT
nflrc.gif
pre.glotgrx.com/ Frame 2854 		26 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622580316040373&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=www.adzbux.com&x=rekmob&cid=544&od1=&od2=&adtg=536a874d2489404ea4758a28f8d8b1c6&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=f9cj2pxx2klx&impid=&tps=45&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=212.102.38.150&ci=&pp=&bp=&w=468&h=60&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=5&icpl=28&icp=https%253A//www.cora-live.tk&irfl=27&irf=https%253A//www.adzbux.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-14-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=413x99&gpu=undefined&ncf=4g_9.8_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=15
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:16 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2446
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48df5c8b2c52-FRA
content-length
26
cf-request-id
0a6aebdf9600002c52ec3fc000000001
expires
Tue, 01 Jun 2021 22:45:16 GMT
vbl.gif
pre.glotgrx.com/ Frame 2854 		26 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622580316101&rnd=f9cj2pxx2klx&ifm=1&uai=1&cid=544&s=www.adzbux.com&p=43285&x=rekmob&adtg=536a874d2489404ea4758a28f8d8b1c6&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:16 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2446
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48dfad5f2c52-FRA
content-length
26
cf-request-id
0a6aebdfcb00002c52c8268000000001
expires
Tue, 01 Jun 2021 22:45:16 GMT
nflrc.gif
pre.glotgrx.com/ Frame 2854 		26 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622580316094332&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=www.adzbux.com&x=rekmob&cid=544&od1=&od2=&adtg=536a874d2489404ea4758a28f8d8b1c6&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=f9cj2pxx2klx&impid=&tps=45&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=212.102.38.150&ci=&pp=&bp=&w=468&h=60&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=5&icpl=28&icp=https%253A//www.cora-live.tk&irfl=27&irf=https%253A//www.adzbux.com/&cty=4&fcs=0&flky=&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=413x99&gpu=undefined&ncf=4g_9.8_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1-27-v8&trim=&fio=12
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:16 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2446
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48dfad612c52-FRA
content-length
26
cf-request-id
0a6aebdfcc00002c52f6b02000000001
expires
Tue, 01 Jun 2021 22:45:16 GMT
www-player-webp.css
www.youtube.com/s/player/0b643cd1/ Frame 29B1 		356 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5b5fab3b788b3161871e2509cbaaa55f9b73fae0aae0459211269320f11ab5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 04:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
59849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46118
x-xss-protection
0
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jun 2022 04:07:47 GMT
www-embed-player.js
www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/ Frame 29B1 		193 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8883a14e28c43192e52a115f6abc8f72909088d49d13752a913816614c984a31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:33:26 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
7910
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65035
x-xss-protection
0
expires
Wed, 01 Jun 2022 18:33:26 GMT
base.js
www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/ Frame 29B1 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5cd7b3a4c5496d4c699526a6882f4a609682c49ffe34462ac9be3304b97bb62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 17:41:15 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
11041
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1671434
x-xss-protection
0
expires
Wed, 01 Jun 2022 17:41:15 GMT
fetch-polyfill.js
www.youtube.com/s/player/0b643cd1/fetch-polyfill.vflset/ Frame 29B1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:36:08 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
7748
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Wed, 01 Jun 2022 18:36:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 29B1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 05:13:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
55911
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Wed, 01 Jun 2022 05:13:25 GMT
www-player-webp.css
www.youtube.com/s/player/0b643cd1/ Frame 5263 		356 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5b5fab3b788b3161871e2509cbaaa55f9b73fae0aae0459211269320f11ab5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 04:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
59849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46118
x-xss-protection
0
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jun 2022 04:07:47 GMT
www-embed-player.js
www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/ Frame 5263 		193 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8883a14e28c43192e52a115f6abc8f72909088d49d13752a913816614c984a31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:33:26 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
7910
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65035
x-xss-protection
0
expires
Wed, 01 Jun 2022 18:33:26 GMT
base.js
www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/ Frame 5263 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5cd7b3a4c5496d4c699526a6882f4a609682c49ffe34462ac9be3304b97bb62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 17:41:15 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
11041
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1671434
x-xss-protection
0
expires
Wed, 01 Jun 2022 17:41:15 GMT
fetch-polyfill.js
www.youtube.com/s/player/0b643cd1/fetch-polyfill.vflset/ Frame 5263 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:36:08 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
7748
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Wed, 01 Jun 2022 18:36:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5263 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 05:13:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
55911
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Wed, 01 Jun 2022 05:13:25 GMT
www-player-webp.css
www.youtube.com/s/player/0b643cd1/ Frame 64BA 		356 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5b5fab3b788b3161871e2509cbaaa55f9b73fae0aae0459211269320f11ab5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 04:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
59849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46118
x-xss-protection
0
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jun 2022 04:07:47 GMT
www-embed-player.js
www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/ Frame 64BA 		193 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8883a14e28c43192e52a115f6abc8f72909088d49d13752a913816614c984a31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:33:26 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
7910
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65035
x-xss-protection
0
expires
Wed, 01 Jun 2022 18:33:26 GMT
base.js
www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/ Frame 64BA 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5cd7b3a4c5496d4c699526a6882f4a609682c49ffe34462ac9be3304b97bb62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 17:41:15 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
11041
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1671434
x-xss-protection
0
expires
Wed, 01 Jun 2022 17:41:15 GMT
fetch-polyfill.js
www.youtube.com/s/player/0b643cd1/fetch-polyfill.vflset/ Frame 64BA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:36:08 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
7748
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Wed, 01 Jun 2022 18:36:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 64BA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 05:13:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
55911
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Wed, 01 Jun 2022 05:13:25 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 29B1 		113 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d1ee2e8f3547662a0dc78ce1b6789ca97696d2dff12f29e31ee5af9ef0643bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 29B1 		29 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:41:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
254
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:56:02 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 5263 		113 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51fce6e16a8d20e68a93aaa0449bca3a4a2c6cc1cd1a1f9363fbc4cf1c1602d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 5263 		29 B
87 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:41:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
254
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:56:02 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 64BA 		113 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b76d30d40d59331b214f5bf91642ecff20081cc6063180111ecfbb573955af9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 64BA 		29 B
52 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:41:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
254
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:56:02 GMT
remote.js
www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/ Frame 29B1 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
168850c920ff331bd5d294b1a84972f74fa847bc89fd7a2d70b5e1480d2728c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 03:21:41 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
62615
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30984
x-xss-protection
0
expires
Wed, 01 Jun 2022 03:21:41 GMT
9RqR_46y14lOLTgsoa1biLhp441rUfLtAxLiebZ8deA.js
www.google.com/js/th/ Frame 29B1 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/9RqR_46y14lOLTgsoa1biLhp441rUfLtAxLiebZ8deA.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f51a91ff8eb2d7894e2d382ca1ad5b88b869e38d6b51f2ed0312e279b67c75e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 09:03:53 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:30:00 GMT
server
sffe
age
42083
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13516
x-xss-protection
0
expires
Wed, 01 Jun 2022 09:03:53 GMT
embed.js
www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/ Frame 29B1 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc8995800462e967657ce7a6d242f5226c5e0bdb2ca9e9947f238078b7566bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 15:32:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
18793
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7471
x-xss-protection
0
expires
Wed, 01 Jun 2022 15:32:03 GMT
remote.js
www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/ Frame 5263 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
168850c920ff331bd5d294b1a84972f74fa847bc89fd7a2d70b5e1480d2728c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 03:21:41 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
62615
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30984
x-xss-protection
0
expires
Wed, 01 Jun 2022 03:21:41 GMT
9RqR_46y14lOLTgsoa1biLhp441rUfLtAxLiebZ8deA.js
www.google.com/js/th/ Frame 5263 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/9RqR_46y14lOLTgsoa1biLhp441rUfLtAxLiebZ8deA.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f51a91ff8eb2d7894e2d382ca1ad5b88b869e38d6b51f2ed0312e279b67c75e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 09:03:53 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:30:00 GMT
server
sffe
age
42083
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13516
x-xss-protection
0
expires
Wed, 01 Jun 2022 09:03:53 GMT
embed.js
www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/ Frame 5263 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc8995800462e967657ce7a6d242f5226c5e0bdb2ca9e9947f238078b7566bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 15:32:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
18793
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7471
x-xss-protection
0
expires
Wed, 01 Jun 2022 15:32:03 GMT
truncated
/ Frame 29B1 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwnjJ6FPETm9uX9UMYcJdhIpIb8RjL1CBRb_Ehyk1ug=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 29B1 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwnjJ6FPETm9uX9UMYcJdhIpIb8RjL1CBRb_Ehyk1ug=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7c181caf455760e09a9490686d05799427548a18cb22d850aa5231151f59f15d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:16:38 GMT
x-content-type-options
nosniff
age
5318
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4672
x-xss-protection
0
server
fife
etag
"v128"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 01 Jun 2021 23:04:44 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/ICfwHZMYPdo/ Frame 29B1 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/ICfwHZMYPdo/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a8ea9a72694ad2dba6812fae4e00e57019a40547eed99111806a6af9a28296b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:09:28 GMT
x-content-type-options
nosniff
server
sffe
age
5748
etag
"1620988311"
vary
Origin
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102454
x-xss-protection
0
expires
Tue, 01 Jun 2021 21:09:28 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 29B1 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:33:01 GMT
server
sffe
age
499334
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11936
x-xss-protection
0
expires
Fri, 27 May 2022 02:03:02 GMT
truncated
/ Frame 5263 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwnjJ6FPETm9uX9UMYcJdhIpIb8RjL1CBRb_Ehyk1ug=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 5263 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwnjJ6FPETm9uX9UMYcJdhIpIb8RjL1CBRb_Ehyk1ug=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7c181caf455760e09a9490686d05799427548a18cb22d850aa5231151f59f15d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:16:38 GMT
x-content-type-options
nosniff
age
5318
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4672
x-xss-protection
0
server
fife
etag
"v128"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 01 Jun 2021 23:04:44 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/ICfwHZMYPdo/ Frame 5263 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/ICfwHZMYPdo/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a8ea9a72694ad2dba6812fae4e00e57019a40547eed99111806a6af9a28296b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:09:28 GMT
x-content-type-options
nosniff
server
sffe
age
5748
etag
"1620988311"
vary
Origin
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102454
x-xss-protection
0
expires
Tue, 01 Jun 2021 21:09:28 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5263 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:33:01 GMT
server
sffe
age
499334
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11936
x-xss-protection
0
expires
Fri, 27 May 2022 02:03:02 GMT
remote.js
www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/ Frame 64BA 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
168850c920ff331bd5d294b1a84972f74fa847bc89fd7a2d70b5e1480d2728c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 03:21:41 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
62615
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30984
x-xss-protection
0
expires
Wed, 01 Jun 2022 03:21:41 GMT
9RqR_46y14lOLTgsoa1biLhp441rUfLtAxLiebZ8deA.js
www.google.com/js/th/ Frame 64BA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/9RqR_46y14lOLTgsoa1biLhp441rUfLtAxLiebZ8deA.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f51a91ff8eb2d7894e2d382ca1ad5b88b869e38d6b51f2ed0312e279b67c75e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 09:03:53 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:30:00 GMT
server
sffe
age
42083
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13516
x-xss-protection
0
expires
Wed, 01 Jun 2022 09:03:53 GMT
embed.js
www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/ Frame 64BA 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc8995800462e967657ce7a6d242f5226c5e0bdb2ca9e9947f238078b7566bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 15:32:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
18793
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7471
x-xss-protection
0
expires
Wed, 01 Jun 2022 15:32:03 GMT
gate.php
linkslot.ru/ 		0
0
truncated
/ Frame 64BA 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwnjJ6FPETm9uX9UMYcJdhIpIb8RjL1CBRb_Ehyk1ug=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 64BA 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwnjJ6FPETm9uX9UMYcJdhIpIb8RjL1CBRb_Ehyk1ug=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7c181caf455760e09a9490686d05799427548a18cb22d850aa5231151f59f15d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:16:38 GMT
x-content-type-options
nosniff
age
5318
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4672
x-xss-protection
0
server
fife
etag
"v128"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 01 Jun 2021 23:04:44 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/ICfwHZMYPdo/ Frame 64BA 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/ICfwHZMYPdo/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a8ea9a72694ad2dba6812fae4e00e57019a40547eed99111806a6af9a28296b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:09:28 GMT
x-content-type-options
nosniff
server
sffe
age
5748
etag
"1620988311"
vary
Origin
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102454
x-xss-protection
0
expires
Tue, 01 Jun 2021 21:09:28 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 64BA 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:33:01 GMT
server
sffe
age
499334
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11936
x-xss-protection
0
expires
Fri, 27 May 2022 02:03:02 GMT
gate.php
linkslot.ru/ 		2 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d2=dae2dc98d5d6dbdb8eded1ddcd91dfd08da5989baf93a98b978b938e958da39d9bac96aa989a9994a09e9f
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.14
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.14
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ny6cg6ybuAfJbIzFDBXQYUGKMCR%2BddOUyqrhEKve5F7IJE3yrNknlZ%2BeXBfuek8fqCaXaP%2F1FIKYt8j8eWZ84Tq1%2B%2BGas4hcUAgZls8Bd2VYmw0kFKUZwueHjIu2Wvfeun8fNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
658b48e319694d89-FRA
content-length
2
cf-request-id
0a6aebe1ef00004d8972988000000001
0.php
s4.histats.com/stats/ Frame 2854 		68 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?2577526&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mEurosPTP%20-%20Gagnez%20de%20l%27argent%20facilement%20adz&@n0&@ohttps%3A%2F%2Fwww.adzbux.com%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-37771884&@b3:1622580317&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fexp3.eurosptp.com%2Fpage.php%3Ffr&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.251.190 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns546644.ip-158-69-251.net
Software
/
Resource Hash
907092c0b22ae0e7a53cb3faf29a87a86bbba8fa9798cee9c6e3c10260039ead

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:16 GMT
Connection
close
Content-Length
68
Content-Type
text/html;charset=UTF-8
chicken.gif
oranegfodnd.com/ Frame 1CF4 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oranegfodnd.com/chicken.gif?z=1795679&pb=26550729fb42ecbc3b035d31a4d1cd211622587516&psp=aZX3Z7VcdToOs7UA0IEv_slBaxqfhUgcadeytyIGJ_o79ZKtEBt_K8efFN_vM0nNkD9ikhc_wxCiWjkE6kv0_8kkyHDE_CPnHKcXA7CXataIiYKdQVQHFNp2DBtYJuZa-gIkCF5xVVsupr1hglhlkQSPSWtI08JCza2pI1zHAI_wg-OILUkPSm47XvPiQocr1dUW3VHuSvKTSClBKvAyHHzqpO0681SArQ2HMlsgnq4QVXTu0zPFGzxcSveBf0FXYiizVwBhjSixDJuQhUUKDxWO_PqaCq-XcoD4UpIAFANYtHUhJBwhZrZqpX_14V8Ff3whXYPIIq5aSWaqRra2RtOQAnFOujeX9V3V8uV-yDr5in57lpj5Xb4KWvVcG5G7mbG_e_5iHOXRASTII5HEE2RwqfUI9zpIakb0U4JIJDHyf45ma1I2Q_VsDYHksJxTeoH45rJuN-2BkScMOOUl8YxYZ4pwl8wEmOvp-keBHYe8IQqEGkXRLhX4j8RhHrWcN_HdFY8uBcRxvUGvtwvXHIRSzYXg0CtE62z2-x7y-EArcOALnWn5ryASBQfY99BuhXgOzrmX-YVBgYnRqWypQBOUnBf707S5VRCDjFVsFT42M-3rOtnko7O-rSNv3n0zx1Z_mbSfOxBK8A1-r2SLNshTOgkcg10qEQurq7iLvK4h8ovUgUpsB12gC40s2UBqDRpFm99FzIZcVwPe8Ts0sX6mHMjOo7KUS3_bPzkTEAggBK3rnam2c7dv5Znoy2LsIRJ2BdQ8HGw28DNEUdz1_qh58X44tjrdux0fkjoJTM9TPGSwf3b0maPKv9jNML1iHerCZ7QBBD-9yEo8uXgNUpo00eSjVgax-OhWx9Wi918C_tzTX6yLw_FMdvKZ4z8LGICW2NJa5L1oyf_Tyw1-MLdkIVi_ixVDM1mDTc81hAUDmcf2UjZ-6wMvmFzm9BMeoiPWAhPnkD9yUDtSbLxpKDX7LqihcH9DaVDKMT5OaZ9WwbAkmmTCifP6-CglQGqLwzzwTU4oIkFvoM5UO2ZUu7MBZnO31KpmwcdcNKJxfqqKoptESkiY_9yWngUlaAT1qQhIaX3W6xabbtj2hKkSB-L4lTLCSLoRss0Nwt1_-4LyJ-ELf7aNUZzS2ifNAJdvEmPa1zAE2vt6xvEg9qjvMetq0hobcky5RC9qZXrUw51v9qT7QtFWAFWjYmXZ1MDyhBMqogI=
Requested by
Host: www.interclics.com
URL: https://www.interclics.com/cinema.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.interclics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:16 GMT
X-Content-Type-Options
nosniff
Server
nginx
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
swinie_406.jpg
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 47B9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/swinie_406.jpg?resize=100%2C70&ssl=1
Requested by
Host: www.surfujkase.pl
URL: https://www.surfujkase.pl/promuj2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
7c398b049183a89e1786b594bb5f32a5b4ff8532dc883cfa199c6c160ccdaf9a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 4
date
Tue, 01 Jun 2021 20:45:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 11:26:12 GMT
server
nginx
etag
"43be45abc2894e19"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/swinie_406.jpg>; rel="canonical"
content-length
2604
expires
Thu, 01 Jun 2023 23:26:12 GMT
swinie_406.jpg
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 00CE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/swinie_406.jpg?resize=100%2C70&ssl=1
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
7c398b049183a89e1786b594bb5f32a5b4ff8532dc883cfa199c6c160ccdaf9a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 4
date
Tue, 01 Jun 2021 20:45:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 11:26:12 GMT
server
nginx
etag
"43be45abc2894e19"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/swinie_406.jpg>; rel="canonical"
content-length
2604
expires
Thu, 01 Jun 2023 23:26:12 GMT
swinie_406.jpg
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 19D1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/swinie_406.jpg?resize=100%2C70&ssl=1
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
7c398b049183a89e1786b594bb5f32a5b4ff8532dc883cfa199c6c160ccdaf9a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 4
date
Tue, 01 Jun 2021 20:45:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 11:26:12 GMT
server
nginx
etag
"43be45abc2894e19"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/swinie_406.jpg>; rel="canonical"
content-length
2604
expires
Thu, 01 Jun 2023 23:26:12 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 64BA 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:45:16 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 29B1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:45:16 GMT
generate_204
www.youtube.com/ Frame 29B1 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?DLU3fQ
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:16 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 5263 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:45:16 GMT
generate_204
www.youtube.com/ Frame 5263 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?PZ6sQQ
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
www.youtube.com/ Frame 64BA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?bjS47g
Requested by
Host: www.adzbux.net
URL: https://www.adzbux.net/mass1.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
girl-4355476_1280.jpg
i1.wp.com/agronews.com.pl/wp-content/uploads/ Frame 19D1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/agronews.com.pl/wp-content/uploads/girl-4355476_1280.jpg?resize=100%2C70&ssl=1
Requested by
Host: www.adzbux.net
URL: https://www.adzbux.net/mass1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
321b8d24b30f939ed1adc119f9f625a377ac185697516619f4ee0901369f1cfc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 2
date
Tue, 01 Jun 2021 20:45:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 08:48:52 GMT
server
nginx
etag
"5f7da3ad417f0603"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/girl-4355476_1280.jpg>; rel="canonical"
content-length
2680
expires
Thu, 01 Jun 2023 20:48:52 GMT
girl-4355476_1280.jpg
i1.wp.com/agronews.com.pl/wp-content/uploads/ Frame 47B9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/agronews.com.pl/wp-content/uploads/girl-4355476_1280.jpg?resize=100%2C70&ssl=1
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
321b8d24b30f939ed1adc119f9f625a377ac185697516619f4ee0901369f1cfc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 2
date
Tue, 01 Jun 2021 20:45:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 08:48:52 GMT
server
nginx
etag
"5f7da3ad417f0603"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/girl-4355476_1280.jpg>; rel="canonical"
content-length
2680
expires
Thu, 01 Jun 2023 20:48:52 GMT
girl-4355476_1280.jpg
i1.wp.com/agronews.com.pl/wp-content/uploads/ Frame 00CE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/agronews.com.pl/wp-content/uploads/girl-4355476_1280.jpg?resize=100%2C70&ssl=1
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
321b8d24b30f939ed1adc119f9f625a377ac185697516619f4ee0901369f1cfc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 2
date
Tue, 01 Jun 2021 20:45:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 08:48:52 GMT
server
nginx
etag
"5f7da3ad417f0603"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/girl-4355476_1280.jpg>; rel="canonical"
content-length
2680
expires
Thu, 01 Jun 2023 20:48:52 GMT
/
ads.rekmob.com/m/props/ Frame 2854 		271 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101739
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
429870d686efc9fbf3477266c4e558849ac6001e4f8fc3b0f586cba547f95178

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:48 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
/
ads.rekmob.com/m/props/ Frame 2854 		270 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101741
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
f67871a227d63cd3691dcecbdf5e15e6a6fd839b917e1a607e65dd1528cace0d

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:48 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
/
ads.rekmob.com/m/props/ Frame 2854 		272 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101742
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
a4b0d4bdd00ad184b5fdbd07013558393dacc7003aa8a76805c249a018b406e8

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:48 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
/
ads.rekmob.com/m/props/ Frame 2854 		270 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101743
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
67a7eb7a5a506154a6f9c7e8bdb601a1ba7c1d035174185bbefb7e4c92318cbe

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:48 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
syncframe
gum.criteo.com/ Frame FB5D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.cora-live.tk
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=www.cora-live.tk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://exp3.eurosptp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://exp3.eurosptp.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1853
set-cookie
uid=fc159ee8-9d77-4930-bc13-d91172674437; expires=Wed, 01 Jun 2022 20:45:16 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Tue, 01 Jun 2021 20:45:16 GMT
content-length
1129
Hugo-Green-Solutions.jpg
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 47B9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/Hugo-Green-Solutions.jpg?resize=100%2C70&ssl=1
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
b82938401a39e495a19be870134695cd57f37cd943a48371a86ee2b046c27d11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 4
date
Tue, 01 Jun 2021 20:45:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 05:04:24 GMT
server
nginx
etag
"38f0561ab55db17d"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/Hugo-Green-Solutions.jpg>; rel="canonical"
content-length
1726
expires
Thu, 01 Jun 2023 17:04:24 GMT
Hugo-Green-Solutions.jpg
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 00CE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/Hugo-Green-Solutions.jpg?resize=100%2C70&ssl=1
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
b82938401a39e495a19be870134695cd57f37cd943a48371a86ee2b046c27d11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 4
date
Tue, 01 Jun 2021 20:45:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 05:04:24 GMT
server
nginx
etag
"38f0561ab55db17d"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/Hugo-Green-Solutions.jpg>; rel="canonical"
content-length
1726
expires
Thu, 01 Jun 2023 17:04:24 GMT
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=1e86b52dba4f4154a0ee87b99af3da50&ufid=fxCDHResdOiD120gzKzR&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__fxCDHResdOiD120gzKzR&ref=www.adzbux.com&_=1622580317207&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
693b076bc2f6263ebd9fc983c36a2804c3f5f6a042c00212608107ca389f822e

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:48 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&ufid=i6T6OFyLqojNaL5bS5EL&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__i6T6OFyLqojNaL5bS5EL&ref=www.adzbux.com&_=1622580317210&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
957b688bbb2d17733aafe0873a6ed5dc0a5e0ac223d6465cb31b5d48d8a6654a

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:48 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=0b9f3c2279244fff831c25aa0d5f7f54&ufid=Kws8OADMLjJ0DUIE42nD&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__Kws8OADMLjJ0DUIE42nD&ref=www.adzbux.com&_=1622580317216&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
12b21fd11562f2be792248650807b89a02bfbaa7f6b09409a6d2db204af866c4

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:48 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Hugo-Green-Solutions.jpg
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 19D1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/Hugo-Green-Solutions.jpg?resize=100%2C70&ssl=1
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
b82938401a39e495a19be870134695cd57f37cd943a48371a86ee2b046c27d11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 4
date
Tue, 01 Jun 2021 20:45:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 05:04:24 GMT
server
nginx
etag
"38f0561ab55db17d"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/Hugo-Green-Solutions.jpg>; rel="canonical"
content-length
1726
expires
Thu, 01 Jun 2023 17:04:24 GMT
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=536a874d2489404ea4758a28f8d8b1c6&ufid=UGtKn75lo8G04cVJRf3Q&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__UGtKn75lo8G04cVJRf3Q&ref=www.adzbux.com&_=1622580317224&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
4ad9d1a482a46247b3f2eb42cfc3745f4cb9464e52ecb7adb3eba180bf58e252

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:48 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
agroounia.jpg
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 47B9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/agroounia.jpg?resize=100%2C70&ssl=1
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
3b254b9ddda910b8d7b1afd0f98e5e0d7b43735b0b16d8165ffe14d7d588a261
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 4
date
Tue, 01 Jun 2021 20:45:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 04:52:55 GMT
server
nginx
etag
"c1c2c477b714b783"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/agroounia.jpg>; rel="canonical"
content-length
2662
expires
Thu, 01 Jun 2023 16:52:55 GMT
agroounia.jpg
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 00CE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/agroounia.jpg?resize=100%2C70&ssl=1
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
3b254b9ddda910b8d7b1afd0f98e5e0d7b43735b0b16d8165ffe14d7d588a261
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 4
date
Tue, 01 Jun 2021 20:45:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 04:52:55 GMT
server
nginx
etag
"c1c2c477b714b783"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/agroounia.jpg>; rel="canonical"
content-length
2662
expires
Thu, 01 Jun 2023 16:52:55 GMT
agroounia.jpg
i0.wp.com/agronews.com.pl/wp-content/uploads/ Frame 19D1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/agronews.com.pl/wp-content/uploads/agroounia.jpg?resize=100%2C70&ssl=1
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
3b254b9ddda910b8d7b1afd0f98e5e0d7b43735b0b16d8165ffe14d7d588a261
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agronews.com.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT vie 4
date
Tue, 01 Jun 2021 20:45:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 04:52:55 GMT
server
nginx
etag
"c1c2c477b714b783"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://agronews.com.pl/wp-content/uploads/agroounia.jpg>; rel="canonical"
content-length
2662
expires
Thu, 01 Jun 2023 16:52:55 GMT
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=536a874d2489404ea4758a28f8d8b1c6&nai=&si=33151&pn=&h=60&w=468&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1483
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48e7fe094174-HAM
content-length
1146
cf-request-id
0a6aebe4fe00004174453dc000000001
expires
Tue, 01 Jun 2021 22:45:17 GMT
5cd4030f5e814adf8b0ac59f14899340
adimg.rekmob.com/ Frame 28CD 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ebd675c552a02d9fd8df7e9e919adbcaa204aeed0490881a7bf64f61cdd5b776

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 18:54:12 GMT
Via
1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:21:16 GMT
Server
AmazonS3
Age
6666
ETag
"dcd2f41c062246be1f6c22954db863c3"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8005
X-Amz-Cf-Id
dlGa1CoRMTNE8eWbjJWmR9FaNLIQneRf_onYzRUJss51J5P4xFMZew==
rs-b.png
adimg.rekmob.com/logos/ Frame 28CD 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 e61ad774b1bb9761f20e1bb4c1d6c734.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27236
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
SvP1WgfLEm1JPi1v2C2Hb0-pF4-6qeHrJNuug4GasluMAGer5SC9UA==
imp
ads.rekmob.com/m/ Frame 28CD 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=536a874d2489404ea4758a28f8d8b1c6&udid=10906b7aa8f94801bd131ba9cae47e20&rid=NjBiNjljNWQwY2YyZTgyNTU5MTQ0NGU4&adId=MTM2OA==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:48 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=0b9f3c2279244fff831c25aa0d5f7f54&nai=&si=33151&pn=&h=600&w=160&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1483
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48e82ed74174-HAM
content-length
1146
cf-request-id
0a6aebe5190000417430a6c000000001
expires
Tue, 01 Jun 2021 22:45:17 GMT
6453e71f2fc743c495dfb4a701a51d13
adimg.rekmob.com/ Frame 50FF 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d5b9c9d218e12f741a78d93c812ff284a41a94d7dc2eca88a3c9428d03ecee7

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 14:16:05 GMT
Via
1.1 07cb86faf6a141962da4e2d7c85db039.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:16:13 GMT
Server
AmazonS3
Age
23365
ETag
"529f2354ce0808bc9fdd7b911d8c10da"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8069
X-Amz-Cf-Id
E4tctXQt2xqCK09gQjUONlWF9Yeenbt30GdoI_SyBmSeBGC8tSlPeg==
rs-b.png
adimg.rekmob.com/logos/ Frame 50FF 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 78a48d8d46b0e5cf69ec8a7f633776e1.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27236
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
sTy1304HILdwbGXEUF6e0OSPWKJI6DLEcGBdkPutyw-OsbV88a8HWg==
imp
ads.rekmob.com/m/ Frame 50FF 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=0b9f3c2279244fff831c25aa0d5f7f54&udid=b2c097285e874dff919f783ed2a556e8&rid=NjBiNjljNWQwY2YyN2IyMzZhMzhjM2Y1&adId=MTM3Mg==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:48 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1483
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48e83efc4174-HAM
content-length
1146
cf-request-id
0a6aebe520000041745287a000000001
expires
Tue, 01 Jun 2021 22:45:17 GMT
rs-b.png
adimg.rekmob.com/logos/ Frame 5FFC 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27236
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
C1ZWOQvhkK-JWyuyuMDc8f8yLEqbPzdBOoM8DBqeui6KvqGwcsQ2Lg==
5a1b9c9bcd394786b925816e44cc87a0
adimg.rekmob.com/ Frame 5FFC 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/5a1b9c9bcd394786b925816e44cc87a0
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd8d37964d54dedc218e5346e5442830ac85a24fec916f3f3a540d0f08037c33

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 15:53:35 GMT
Via
1.1 e61ad774b1bb9761f20e1bb4c1d6c734.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:22:03 GMT
Server
AmazonS3
Age
17505
ETag
"8bf981578b0ec356244ea5b3376c955c"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
27977
X-Amz-Cf-Id
9HH2IpTlAAI3ppmLusXIQatudWq5wxAMk_uXW4rfJiGrDFTSvuzIrA==
imp
ads.rekmob.com/m/ Frame 5FFC 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&udid=cc88411f80c547d496988c34368bcce0&rid=NjBiNjljNWQwY2YyZTgyNTU5MTQ0NGVm&adId=MTM3MA==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:48 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
flimpobj.js
pixel.yabidos.com/ Frame 2854 		30 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622580317484&ver1=2.2.3&qid=230383f5530383f5434353&rnd=cdtjn93snwje&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=536a874d2489404ea4758a28f8d8b1c6&nai=&si=33151&pn=&h=60&w=468&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1597
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48e85f7b4174-HAM
content-length
23972
cf-request-id
0a6aebe53800004174f2bac000000001
expires
Tue, 01 Jun 2021 22:45:17 GMT
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nai=&si=33151&pn=&h=250&w=300&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1483
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48e85f8b4174-HAM
content-length
1146
cf-request-id
0a6aebe53b00004174342c7000000001
expires
Tue, 01 Jun 2021 22:45:17 GMT
bi.js
cdn.runative-syndicate.com/sdk/v1/ Frame AB68 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.runative-syndicate.com/sdk/v1/bi.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.110 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
c54b644fd5c4c94f49cc8bde286802266cbb733d557d4fed43cc705b95d1de3d

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
content-encoding
gzip
last-modified
Wed, 17 Feb 2021 13:10:31 GMT
server
nginx
age
9008808
etag
W/"602d15c7-1931"
vary
Accept-Encoding
content-type
application/javascript
x-robots-tag
noindex, nofollow
rs-b.png
adimg.rekmob.com/logos/ Frame AB68 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27236
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
8v_tv-AEHZqxRwDLZWXb0FED9iwP7A8yoPXYakNKakX2Q_WZ1MOW2g==
imp
ads.rekmob.com/m/ Frame AB68 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=1e86b52dba4f4154a0ee87b99af3da50&udid=7d1a10583af6423590cfeef7efb56b91&rid=NjBiNjljNWQwY2YyOWJmZWZiY2I0YTVl&adId=MTQ3Mw==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:48 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
flimpobj.js
pixel.yabidos.com/ Frame 2854 		30 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622580317501&ver1=2.2.3&qid=230383f5530383f5434353&rnd=8pknw5k1beub&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=0b9f3c2279244fff831c25aa0d5f7f54&nai=&si=33151&pn=&h=600&w=160&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1597
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48e87fd54174-HAM
content-length
23972
cf-request-id
0a6aebe549000041740d3bf000000001
expires
Tue, 01 Jun 2021 22:45:17 GMT
vbl.gif
pre.glotgrx.com/ Frame 2854 		26 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622580317573&rnd=8pknw5k1beub&ifm=1&uai=1&cid=544&s=www.adzbux.com&p=43285&x=rekmob&adtg=1e86b52dba4f4154a0ee87b99af3da50&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass-rotator.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2447
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48e8db432c52-FRA
content-length
26
cf-request-id
0a6aebe58c00002c52f90d1000000001
expires
Tue, 01 Jun 2021 22:45:17 GMT
nflrc.gif
pre.glotgrx.com/ Frame 2854 		26 B
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622580317567924&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=www.adzbux.com&x=rekmob&cid=544&od1=&od2=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=8pknw5k1beub&impid=&tps=60&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=212.102.38.150&ci=&pp=&bp=&w=300&h=250&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=5&icpl=28&icp=https%253A//www.cora-live.tk&irfl=27&irf=https%253A//www.adzbux.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-14-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-3-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=413x99&gpu=undefined&ncf=4g_9.8_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=12
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass-rotator.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2447
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48e8db452c52-FRA
content-length
26
cf-request-id
0a6aebe58c00002c52cf9c7000000001
expires
Tue, 01 Jun 2021 22:45:17 GMT
vbl.gif
pre.glotgrx.com/ Frame 2854 		26 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622580317634&rnd=8pknw5k1beub&ifm=1&uai=1&cid=544&s=www.adzbux.com&p=43285&x=rekmob&adtg=1e86b52dba4f4154a0ee87b99af3da50&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass-rotator.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2447
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48e93c342c52-FRA
content-length
26
cf-request-id
0a6aebe5c800002c52f90d7000000001
expires
Tue, 01 Jun 2021 22:45:17 GMT
nflrc.gif
pre.glotgrx.com/ Frame 2854 		26 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622580317628536&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=www.adzbux.com&x=rekmob&cid=544&od1=&od2=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=8pknw5k1beub&impid=&tps=60&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=212.102.38.150&ci=&pp=&bp=&w=300&h=250&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=5&icpl=28&icp=https%253A//www.cora-live.tk&irfl=27&irf=https%253A//www.adzbux.com/&cty=4&fcs=0&flky=&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=413x99&gpu=undefined&ncf=4g_9.8_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1-27-v8&trim=&fio=12
Requested by
Host: www.adzbux.com
URL: https://www.adzbux.com/mass-rotator.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2447
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48e94c3b2c52-FRA
content-length
26
cf-request-id
0a6aebe5c800002c52f1aa6000000001
expires
Tue, 01 Jun 2021 22:45:17 GMT
7a59f4ee8243465197d99ee2959f6ef7.html
run-syndicate.com/iframes2/ Frame 90CA 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=0&clientjs=1&w=1600&h=1200
Requested by
Host: cdn.runative-syndicate.com
URL: https://cdn.runative-syndicate.com/sdk/v1/bi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.25 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.25.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
a2857c334873465c926d9ca0ba97ba051d533c506b611de3eddd56511024dafc

Request headers

:method
GET
:authority
run-syndicate.com
:scheme
https
:path
/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=0&clientjs=1&w=1600&h=1200
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://exp3.eurosptp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ts_uid=4009debd-5000-40ec-bf09-959b0249a5af
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://exp3.eurosptp.com/

Response headers

server
nginx
date
Tue, 01 Jun 2021 20:45:17 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding *
cache-control
no-cache, no-store, no-transform, must-revalidate no-transform
pragma
no-cache
expires
0
x-api-version
2
link
<https://lcdn.runative-syndicate.com/sdk/v1/b.b.js>; rel=preload; as=script, <https://lcdn.runative-syndicate.com/images/7/0/c3a9047b36cc38f4d0a9dfa353fb3097f34dee/300x250.jpg>; rel=preload; as=image
x-request-id
84fcd2bc0b1e4abd
set-cookie
ts_uid=4009debd-5000-40ec-bf09-959b0249a5af; expires=Wed, 01 Dec 2021 20:45:17 GMT; domain=.run-syndicate.com; path=/; HttpOnly; secure; SameSite=None bfq=e0SIEaFjSxcWIsYUPJiwDMMufRQE; expires=Wed, 02 Jun 2021 20:45:17 GMT; domain=.runative-syndicate.com; path=/; secure; SameSite=None
x-robots-tag
none noindex, nofollow
report-to
{ "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding
gzip
b.b.js
lcdn.runative-syndicate.com/sdk/v1/ Frame 90CA 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lcdn.runative-syndicate.com/sdk/v1/b.b.js
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.82.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
d7d6b4ac1019f487f26ab37a8eef1c80be8d6c213a98d875d8847e99288802c6

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
last-modified
Mon, 01 Jun 2020 09:16:15 GMT
server
nginx
age
29403479
etag
"5ed4c75f-100b"
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
4107
300x250.jpg
lcdn.runative-syndicate.com/images/7/0/c3a9047b36cc38f4d0a9dfa353fb3097f34dee/ Frame 90CA 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lcdn.runative-syndicate.com/images/7/0/c3a9047b36cc38f4d0a9dfa353fb3097f34dee/300x250.jpg
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.82.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
ccfbb3d483f039f314801bfb271c0365f5a213b54f01c68026c682a6c2b1338a

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
last-modified
Tue, 22 Dec 2020 11:15:18 GMT
server
nginx
age
13943364
etag
"5fe1d546-1cea"
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
7402
bannerNativeTrackImpression.js
lcdn.runative-syndicate.com/sdk/v1/ Frame 90CA 		655 B
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lcdn.runative-syndicate.com/sdk/v1/bannerNativeTrackImpression.js
Requested by
Host: run-syndicate.com
URL: https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=0&clientjs=1&w=1600&h=1200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.82.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
f870e36f1d8c5188723dd872a87705dfad89cabaf1c99ddd8ea7e0350fb48842

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
last-modified
Mon, 31 Aug 2020 07:23:11 GMT
server
nginx
age
23721278
etag
"5f4ca55f-28f"
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
655
n.css
lcdn.runative-syndicate.com/sdk/v1/ Frame 90CA 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lcdn.runative-syndicate.com/sdk/v1/n.css
Requested by
Host: run-syndicate.com
URL: https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=0&clientjs=1&w=1600&h=1200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.82.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
last-modified
Wed, 17 Feb 2021 15:07:12 GMT
server
nginx
age
9003821
etag
"602d3120-2055"
content-type
text/css
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
8277
native-banner-default.css
lcdn.runative-syndicate.com/sdk/v1/ Frame 90CA 		251 B
423 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lcdn.runative-syndicate.com/sdk/v1/native-banner-default.css
Requested by
Host: run-syndicate.com
URL: https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=0&clientjs=1&w=1600&h=1200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.82.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
ff9150f84253841e2097c26de1611c67aad46c758b1899c75800af0016e5c446

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
last-modified
Mon, 31 Aug 2020 07:23:11 GMT
server
nginx
age
23721277
etag
"5f4ca55f-fb"
content-type
text/css
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
251
widget.css
static.arc.io/widget/css/ Frame 2EC4 		84 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/css/widget.css?fd8fd2c
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cafaaa9b989a8e48ee553971cf9b972b2d8f3e8fdddbd06a8147d0ec0498e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:25 GMT
content-encoding
br
vary
Accept-Encoding
age
517253
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:46 GMT
server
AmazonS3
etag
W/"a923e8363c5b89f335d13ce57f2f1fa8"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
BWOwTbiB9KGdJjrXMxXCkmdcz0DiWoYGv4uC4gqqHC0M0HgS1aNX1Q==
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 2EC4 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?fd8fd2c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
521197
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
631
cf-request-id
0a6aebe6f50000dfa9a4218000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-732"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Vx7rjZ6uq4G3OLxWApqVI%2BposH0YScHmqPQ4sN2AqI2wZ%2BSnnjG4NuAm3UxEWZHEQNe%2BpXe9ysgYBRSSQC%2BGe8gP5Qa0weLEGPmHYw28yu1%2Ba%2FYNMd4ex819ifdZoAHRzA%2FszkYdLiNR3NqTFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
658b48eb2d98dfa9-FRA
expires
Sun, 22 May 2022 20:45:17 GMT
truncated
/ Frame 2EC4 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
widget.css
static.arc.io/widget/css/ Frame 922D 		84 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/css/widget.css?fd8fd2c
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cafaaa9b989a8e48ee553971cf9b972b2d8f3e8fdddbd06a8147d0ec0498e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:25 GMT
content-encoding
br
vary
Accept-Encoding
age
517253
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:46 GMT
server
AmazonS3
etag
W/"a923e8363c5b89f335d13ce57f2f1fa8"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
CVeNqdMIuzEipaF_3SF9khFRN-EIQPR-KsqAAWV5YVgx7LHcOQbTmA==
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 922D 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?fd8fd2c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
521197
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
631
cf-request-id
0a6aebe6f50000dfa9d7b37000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-732"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IM8W4GTmQeV1WPQFTbHWOsIqXn%2B3VHuya0n%2Fju5yFj18PhsB6%2BJNtdGBShw7cVkM6ffKtYLnxtTqZTxqvXbawD6I3uH4uEUspanhD1Kbm0qfBbR9lZ8XgUMxYpeyvBDGB1Pbav7G8XDVRgryjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
658b48eb2d9adfa9-FRA
expires
Sun, 22 May 2022 20:45:17 GMT
truncated
/ Frame 922D 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 922D 		277 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 922D 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 922D 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 922D 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 922D 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 922D 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
widget.css
static.arc.io/widget/css/ Frame A8EB 		84 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/css/widget.css?fd8fd2c
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cafaaa9b989a8e48ee553971cf9b972b2d8f3e8fdddbd06a8147d0ec0498e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:25 GMT
content-encoding
br
vary
Accept-Encoding
age
517253
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:46 GMT
server
AmazonS3
etag
W/"a923e8363c5b89f335d13ce57f2f1fa8"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
WNOIIqchG4OCkz-krb4Apedw3hz1CIebYV9e7tKH36eKvCUdQ20FHg==
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame A8EB 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?fd8fd2c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
521197
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
631
cf-request-id
0a6aebe6ff0000dfa9af3d0000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-732"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BXKDhYF2FMDkTUGSvZ4tmZdIzgtEb%2FhNd2I93rB3BPGaGaHM6k2vZrfATHqNkFD0ej4eaPHRoMXr7hDf52z0T2PE66kwDm9XYYpMSk9ZSl%2FvDtBNMvTZZXsT%2B5C1AR6HoDemWbfhIWkZtIKElQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
658b48eb3dbcdfa9-FRA
expires
Sun, 22 May 2022 20:45:17 GMT
truncated
/ Frame A8EB 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
widget.css
static.arc.io/widget/css/ Frame 966D 		84 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/css/widget.css?fd8fd2c
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?fd8fd2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cafaaa9b989a8e48ee553971cf9b972b2d8f3e8fdddbd06a8147d0ec0498e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:25 GMT
content-encoding
br
vary
Accept-Encoding
age
517253
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 20:49:46 GMT
server
AmazonS3
etag
W/"a923e8363c5b89f335d13ce57f2f1fa8"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
XJ4YmlgKKqU2RHgWrAVaYhN5yQgyQL5295Ea7I5FcFQ44k1cBtqAOQ==
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 966D 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?fd8fd2c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
521197
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
631
cf-request-id
0a6aebe7040000dfa939b05000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-732"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ST%2F6Syh9drNoKP9ZYrsAJVkKNk0fStD5Fy1Y%2FenssJLpYG6Oo9JydRt6d3Go7gmnAMkmh0wFGsi3DrSP9KD21ikZK2%2FSd0RGjJIzwB%2ByaJMb3fN%2BjqGwXO09zxlZJV%2F%2FbCwExxm5AfSVoEMjgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
658b48eb3dc4dfa9-FRA
expires
Sun, 22 May 2022 20:45:17 GMT
truncated
/ Frame 966D 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 966D 		277 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 966D 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 966D 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 966D 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 966D 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 966D 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
p.js
pixel-avg.runative-syndicate.com/api/v1/p/ Frame 90CA 		24 B
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-avg.runative-syndicate.com/api/v1/p/p.js?p=e0SEGUNHhI4YLETQOXNQxI0ZZm7IoCHGTAsYN8rMaEHDRg4bLXLAwBFSRpkaM26ImWFjzBgbM0QoDFNnjEMYM2CQwbFzTIuINcR0rGGmjMgyY260CEODxpgyZXDUIDMDh0yaZOwctJFRhkI4dcQcjBFDRsKBcOCQpREDxlcRc-AYRGjjBo0ZNOCWwUPni1y6ItzGgJhjpogxbdbqmFGjLYysZsgqFOPGzUGVFM8qbOOmoQ4ZM-DC6fy5Ro0cCuvIYXOQRsm7NVTLcIiGDh04c3S8eDFGTpkwdNLYKeMiDBs8Ys68cTHmTZsXTKAEWZNGTpgfdtKQKfNmDpM0c-j0cE5cThuObuaYucMiCHc2YdK4KfOlhXr2LJq8YcMmj5Ay5LhvvfamQCOM66ao440B85sCwTC-MKMONxq8g4s6YHjLhproeAOO-PLowQzrxKMCjTraEANDDWWwwY033HCiDu6GiJGOMtwYLwYWN6QDwTPKGM823OYoYYYgSpDBCCWNWM4F8eRIA44xDqSjueeaPNIIOIJD40gimpwjjTPcqAOOJuuYI0AlbVAzwCTIANMGHJySgQwZZFjphjGKqqEMl3Agg4YcUPKozjDCsEGMs3LAYYwwHC2LjBho0FApHHKoITQzyDDDKRjGEAOHG9p8U44456xTLzz1FINPPwEdQ1BCDaWThkQXbfTRSHGYtNJLb8h004g8BVVUUtuEVDH5ykx1BiJgtIzGMtpsowwV4ZQT2jG-GGMNO-4wQw0puowCjTRqoKIMPcRoIos7ggjCiBvOkDcIKdAIQog2mtDC3nvvTQKOKeS9og48ogh4CTVwo-OONud4YzWoniWiUrdkaBOOGMAUIwzLApzjMNIOgouM5xziC44ZXChjNe_mggPLNg6DlK4tEvpqBhZoYEE2G1i4gQUcWEjNLRbKSvqrGHiuNGnZYgiasKSLjiE1GSDbLE8WQuvaZxlkc7HroWUoWobUdGJhhoREW5vnvNaWraW1h7Zq7dQs7TkhvXrm2ameZfOo56Ff6zm1GhLa9GeeHftZthqCrmHoGnDoAiw5bkJIoQ8zn0wEiw6CwQUNZUOMtC_g8FyH0Vv0CC057FhMbRGSKpl10nNK3PQ66kjDIUthyIE7MchooQYNYegIhqRasEh4kVAT4y1Cw6ghDMkUmtKhs2RwIWMXrPoe-cPk-GJ7HUTo_vu3wsdhfBgOqyMMh_bTI43-wnihBtJBQOGK-aDsDnMAgROoAAK3kG4HIACgG2xAgwXi4YEpAEEQ1MKGMlyhDGJYQhrosD-VhM8G_lsCEqjQBCawAARsSMMaygCCIyRlDW-g4BDQIIfnlOEFmSKdC_DCw4mA4EFmQFAaQHgDEdpMcyIYghYO8wbzvcQhTSxfmQ6iqaCJgA1LLIITDsMdO3xBDHI4SNFEAMYv_KY1CJnc7uqkIYWQAYef845rFPIbyaSPSLnZzQtW1rKX4RAwM3MOdA5zB4dITUOHQUMisxY_hcwhdg7B4Y88JKAw2AFkZ0CQ8WAQAxeQwTpJMUgcl8idL4jyNwU5DB1qVpc8VS4nVFtIG2gDy7D1hG034KUZw0CGNJZBLl8IDllsEEtd0rIMYTxOgOgwMh1sgW1rk8HlRKC6N-AhDyZTCBqAwx05QDM0fVBAQAA%3D&r=1&s=ccad831af7b322f6f5689569cd04b0d404036ed082ba5056654abea4777bae6e1622580317&w=t
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.25 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.25.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:18 GMT
server
nginx
x-robots-tag
noindex, nofollow
content-length
24
content-type
text/javascript; charset=utf-8
/
sharkpromotion.net/socket.io/ Frame 9665 		0
0
rs
ad4m.at/ Frame 5DCB 		424 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r38oxwat.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b16d711e89bc346aa97e4e8afdec324961e93796fda45977e6e8469428832e8

Request headers

Referer
https://g.cash-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 01 Jun 2021 20:45:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
658b48ed3fed05d4-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bq4%2FGxUS%2BrqzlHGuSz0bnBnQoK9wVqeosGWCJwaoEx0ck%2BLCxeT9dXJHnDffA6%2BzkGcLhhv%2BBSTbtTcnXIK5ElMbfm9shM11yZ5UMEOBucbqsirE8T4H%2Ba0jQjrdhikD"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://g.cash-ads.com
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
rs-v23g
cf-request-id
0a6aebe848000005d48f88e000000001
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3-29
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://g.cash-ads.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 01 Jun 2021 20:45:18 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://g.cash-ads.com
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
rs-v23g
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a6aebe832000005d469016000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ef1S952wN9nuBVIybej7FJe8z9SDJWWbFqDWDReXfOFgMegEa9hwhxw%2B9b47R9WZsnnolcB6%2Fm0nq9CWfcIg0nv0GVvmB0yNBeVFZLFyJ19vBc647k6Q6OX1xYLKIU1H"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b48ed1f9105d4-FRA
rar
as.ad4m.at/ad/ Frame 8AEA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=34900%2C15823%2C34855&b=DZ97u3fwfxmgf3HmH9t1tQY4u4tVtdk%2CdpWxsEfkfzwMUEHjHwtEtb6YFKtRtmG%2C52JdHXfEf4dMHpH7HMt3tXZxcbtktxV&f=dpWxsEfkfkb8TEHjHwtqC3EBFKtRtmG%2CK74MuRfZf6grU5HMHktzCB9mhKtrt2w%2CpqG2u1fgfrKwCkH4HmtJCMX9ubt7tAE&c=728&d=90&e=&g=d1dcbaf6a3dba476e630295b6267f262%2F7774909048148328637&i=27800%2C20547%2C17738&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_IT_advancedad_728x90&y=0&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r38oxwat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43341eb2ffc3d0a6aae6f610a7c7d6d2c4a3d6391d5ca20d5f754fc9eaaf86f0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=34900%2C15823%2C34855&b=DZ97u3fwfxmgf3HmH9t1tQY4u4tVtdk%2CdpWxsEfkfzwMUEHjHwtEtb6YFKtRtmG%2C52JdHXfEf4dMHpH7HMt3tXZxcbtktxV&f=dpWxsEfkfkb8TEHjHwtqC3EBFKtRtmG%2CK74MuRfZf6grU5HMHktzCB9mhKtrt2w%2CpqG2u1fgfrKwCkH4HmtJCMX9ubt7tAE&c=728&d=90&e=&g=d1dcbaf6a3dba476e630295b6267f262%2F7774909048148328637&i=27800%2C20547%2C17738&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_IT_advancedad_728x90&y=0&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g.cash-ads.com/

Response headers

date
Tue, 01 Jun 2021 20:45:18 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a6aebe8640000649171a6f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
658b48ed6ad46491-FRA
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame 8AEA 		59 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34900%2C15823%2C34855&b=DZ97u3fwfxmgf3HmH9t1tQY4u4tVtdk%2CdpWxsEfkfzwMUEHjHwtEtb6YFKtRtmG%2C52JdHXfEf4dMHpH7HMt3tXZxcbtktxV&f=dpWxsEfkfkb8TEHjHwtqC3EBFKtRtmG%2CK74MuRfZf6grU5HMHktzCB9mhKtrt2w%2CpqG2u1fgfrKwCkH4HmtJCMX9ubt7tAE&c=728&d=90&e=&g=d1dcbaf6a3dba476e630295b6267f262%2F7774909048148328637&i=27800%2C20547%2C17738&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_IT_advancedad_728x90&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=34900%2C15823%2C34855&b=DZ97u3fwfxmgf3HmH9t1tQY4u4tVtdk%2CdpWxsEfkfzwMUEHjHwtEtb6YFKtRtmG%2C52JdHXfEf4dMHpH7HMt3tXZxcbtktxV&f=dpWxsEfkfkb8TEHjHwtqC3EBFKtRtmG%2CK74MuRfZf6grU5HMHktzCB9mhKtrt2w%2CpqG2u1fgfrKwCkH4HmtJCMX9ubt7tAE&c=728&d=90&e=&g=d1dcbaf6a3dba476e630295b6267f262%2F7774909048148328637&i=27800%2C20547%2C17738&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_IT_advancedad_728x90&y=0&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:18 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1160850
cf-polished
origSize=60706
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-request-id
0a6aebe884000016eef30a2000000001
cf-ray
658b48ed993216ee-FRA
expires
Tue, 01 Jun 2021 21:45:18 GMT
2CF0B069018CA57A0C118640C71335D83FBF3B39A8FD7AB235E0200446486C130AE9C5B74736A032492EBBAD69A5D95B76C82EBCE4144F53C75AD91698FC1C8E
assets.ad4m.at/logo/ Frame 8AEA 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/2CF0B069018CA57A0C118640C71335D83FBF3B39A8FD7AB235E0200446486C130AE9C5B74736A032492EBBAD69A5D95B76C82EBCE4144F53C75AD91698FC1C8E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34900%2C15823%2C34855&b=DZ97u3fwfxmgf3HmH9t1tQY4u4tVtdk%2CdpWxsEfkfzwMUEHjHwtEtb6YFKtRtmG%2C52JdHXfEf4dMHpH7HMt3tXZxcbtktxV&f=dpWxsEfkfkb8TEHjHwtqC3EBFKtRtmG%2CK74MuRfZf6grU5HMHktzCB9mhKtrt2w%2CpqG2u1fgfrKwCkH4HmtJCMX9ubt7tAE&c=728&d=90&e=&g=d1dcbaf6a3dba476e630295b6267f262%2F7774909048148328637&i=27800%2C20547%2C17738&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_IT_advancedad_728x90&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83f3cd991076b35105d46c1c5373bf814eab10ef1bacc1d525b1d107a06dd4bb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=VM5flw==, md5=r8L1q4NvnMP2SUCgH57FaQ==
date
Tue, 01 Jun 2021 20:45:18 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
523153
cf-polished
qual=85, origFmt=jpeg, origSize=12303
x-guploader-uploadid
ABg5-Uzbh4ISC3HbclYbkZSsmDwoZr0qDyVmuE_Pvkix7RJVag3tLy20sEue7FIL28BCgRMHSbELMq7lws1juqAEPsJb3TPUTg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7436
cf-request-id
0a6aebe88b000064915c9d2000000001
last-modified
Thu, 09 Jul 2020 12:56:09 GMT
server
cloudflare
etag
"afc2f5ab836f9cc3f64940a01f9ec569"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UvckIVxQklQNMj4b8zpyHaKYinpcfGmjurXPHXwWDyBjdNorh6NGuvo92SdEQ6UagksLJX98QXCqNnZNKhBXty9PaVzfNQOjndMgqF7Q1Zsvi4Y3ejnYfsTiY31S9VBmzoyh7O3VpA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1594299369181950
content-type
image/webp
expires
Wed, 02 Jun 2021 20:45:18 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
12303
accept-ranges
bytes
cf-ray
658b48edaaeb6491-FRA
cf-bgj
imgq:85,h2pri
E056A7698567563DD5022DFC2DB2F30422ACC21944B1916BC8A4BB787079374AB6C65078A1C5F6A0F6A8FB8E9C3859F11154D0189B746C16CEBFD91B3EDA9B58
assets.ad4m.at/product_image/ Frame 8AEA 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/E056A7698567563DD5022DFC2DB2F30422ACC21944B1916BC8A4BB787079374AB6C65078A1C5F6A0F6A8FB8E9C3859F11154D0189B746C16CEBFD91B3EDA9B58
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34900%2C15823%2C34855&b=DZ97u3fwfxmgf3HmH9t1tQY4u4tVtdk%2CdpWxsEfkfzwMUEHjHwtEtb6YFKtRtmG%2C52JdHXfEf4dMHpH7HMt3tXZxcbtktxV&f=dpWxsEfkfkb8TEHjHwtqC3EBFKtRtmG%2CK74MuRfZf6grU5HMHktzCB9mhKtrt2w%2CpqG2u1fgfrKwCkH4HmtJCMX9ubt7tAE&c=728&d=90&e=&g=d1dcbaf6a3dba476e630295b6267f262%2F7774909048148328637&i=27800%2C20547%2C17738&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_IT_advancedad_728x90&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f7794e1c647470f684b94be368e505d6e9685266aad6ac0c14898a4d64e2ce9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=0yq0Ag==, md5=mlEbUcVa6g7o7gKR1W6+CQ==
date
Tue, 01 Jun 2021 20:45:18 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
520530
cf-polished
qual=85, origFmt=jpeg, origSize=131780
x-guploader-uploadid
ABg5-UxgATEfZhnLv3aTbS3a5Cgg6K8g7M3pCeYtJzD5e1vEPLoyLGxOLyU0QSxhIXjdn2INz4eCYJUjnCsdcHLxMb5tKyEcIg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
56960
cf-request-id
0a6aebe88e000064917d173000000001
last-modified
Thu, 09 Jul 2020 13:07:21 GMT
server
cloudflare
etag
"9a511b51c55aea0ee8ee0291d56ebe09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ezPbZRWmi%2FpdmOaN4hCdhJlIomNDFr1kC3ow08zoL0Fn3QCjDudIVfKDtOuTMJKWIN6OqIOeuwZS7IwafQII3UbTXENzs8QMvFSvF1pjl57CETTrUeTKLEvW0jyaUVtzFlfvg1NswQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1594300041584319
content-type
image/webp
expires
Wed, 02 Jun 2021 20:45:18 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
131780
accept-ranges
bytes
cf-ray
658b48edaaf16491-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.zenaps.com/ Frame 8AEA
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2711551&v=9529&q=387910&r=412871&pv=1&pref3=oneidDZ97u3fwfxmgf3HmH9t1tQY4u4tVtdkoneid__cash_ads_IT_advancedad_728x90&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.zenaps.com/cshow.php?pvr=467dd5f0-c31a-11eb-9ae5-692d08e93505&v=9529&r=412871&q=387910&s=2711551&viewref3=oneidDZ97u3fwfxmgf3HmH9t1tQY4u4tVtdkoneid__cash_ads_IT_advancedad_728x90&pv=1&g...
43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zenaps.com/cshow.php?pvr=467dd5f0-c31a-11eb-9ae5-692d08e93505&v=9529&r=412871&q=387910&s=2711551&viewref3=oneidDZ97u3fwfxmgf3HmH9t1tQY4u4tVtdkoneid__cash_ads_IT_advancedad_728x90&pv=1&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34900%2C15823%2C34855&b=DZ97u3fwfxmgf3HmH9t1tQY4u4tVtdk%2CdpWxsEfkfzwMUEHjHwtEtb6YFKtRtmG%2C52JdHXfEf4dMHpH7HMt3tXZxcbtktxV&f=dpWxsEfkfkb8TEHjHwtqC3EBFKtRtmG%2CK74MuRfZf6grU5HMHktzCB9mhKtrt2w%2CpqG2u1fgfrKwCkH4HmtJCMX9ubt7tAE&c=728&d=90&e=&g=d1dcbaf6a3dba476e630295b6267f262%2F7774909048148328637&i=27800%2C20547%2C17738&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_IT_advancedad_728x90&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Jun 2021 20:45:18 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 01 Jun 2021 20:45:18 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.zenaps.com/cshow.php?pvr=467dd5f0-c31a-11eb-9ae5-692d08e93505&v=9529&r=412871&q=387910&s=2711551&viewref3=oneidDZ97u3fwfxmgf3HmH9t1tQY4u4tVtdkoneid__cash_ads_IT_advancedad_728x90&pv=1&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
2179EB771213BD2D3E1230040F8B062B41C0135C0A2E55846544C1BB83ECDBB03B32B47552DBEEF9F4D3834C2EF4D35856EF2ED398200FCF1485AC40FF146A5B
assets.ad4m.at/logo/ Frame 8AEA 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/2179EB771213BD2D3E1230040F8B062B41C0135C0A2E55846544C1BB83ECDBB03B32B47552DBEEF9F4D3834C2EF4D35856EF2ED398200FCF1485AC40FF146A5B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34900%2C15823%2C34855&b=DZ97u3fwfxmgf3HmH9t1tQY4u4tVtdk%2CdpWxsEfkfzwMUEHjHwtEtb6YFKtRtmG%2C52JdHXfEf4dMHpH7HMt3tXZxcbtktxV&f=dpWxsEfkfkb8TEHjHwtqC3EBFKtRtmG%2CK74MuRfZf6grU5HMHktzCB9mhKtrt2w%2CpqG2u1fgfrKwCkH4HmtJCMX9ubt7tAE&c=728&d=90&e=&g=d1dcbaf6a3dba476e630295b6267f262%2F7774909048148328637&i=27800%2C20547%2C17738&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_IT_advancedad_728x90&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
125400e56eefb2e81827c9086a0cbb75333bc9d4f62d1c8288561d0583793bc1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=JLW6ZA==, md5=bcRVXD5CPk5M6DoMMHJSiw==
date
Tue, 01 Jun 2021 20:45:18 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
527091
cf-polished
origFmt=png, origSize=35436
x-guploader-uploadid
ABg5-UwCzx0SkQ_QzsRNfvgnzCmrZ6I1iubBCoP6ccfb_P62HKbXkm_mqrhNrzjucI6h8PJ9whJEBgEhj2Wc7_YYnNJGpIQoSg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
13584
cf-request-id
0a6aebe88c0000649163815000000001
last-modified
Wed, 21 Oct 2020 10:47:23 GMT
server
cloudflare
etag
"6dc4555c3e423e4e4ce83a0c3072528b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jTTlOTpuYGhkq32eOmxutmtv0mTeKQWZE7cnqLxjksjVd%2FGwsEuRI4Rb2rCgVm47XwCTKl2Xp0qFhSzs6iJeq2eQZH8g5T6b8mxE0umgiqw0jgGtJNJCOSmCNKAcMy2X1qegbEZtTA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1603277243245719
content-type
image/webp
expires
Wed, 02 Jun 2021 20:45:18 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35436
accept-ranges
bytes
cf-ray
658b48edaaec6491-FRA
cf-bgj
imgq:85,h2pri
79E60ED8F325FEF053C93BE1DC95EEC83A117017642BCA5BFCB28843A6B377E8E178AA9AD69CF87B5A07BD621C8AA386B6B98717802CBDA0FEF75DC8FE6871E5
assets.ad4m.at/ Frame 8AEA 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/79E60ED8F325FEF053C93BE1DC95EEC83A117017642BCA5BFCB28843A6B377E8E178AA9AD69CF87B5A07BD621C8AA386B6B98717802CBDA0FEF75DC8FE6871E5
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34900%2C15823%2C34855&b=DZ97u3fwfxmgf3HmH9t1tQY4u4tVtdk%2CdpWxsEfkfzwMUEHjHwtEtb6YFKtRtmG%2C52JdHXfEf4dMHpH7HMt3tXZxcbtktxV&f=dpWxsEfkfkb8TEHjHwtqC3EBFKtRtmG%2CK74MuRfZf6grU5HMHktzCB9mhKtrt2w%2CpqG2u1fgfrKwCkH4HmtJCMX9ubt7tAE&c=728&d=90&e=&g=d1dcbaf6a3dba476e630295b6267f262%2F7774909048148328637&i=27800%2C20547%2C17738&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_IT_advancedad_728x90&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e6fa237809ab80cb72e43026bc16576abb172ff9fd0cde43522aec95fbaa87

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RzrCuw==, md5=5yaWiot3iWvRw4JXtnyhrQ==
date
Tue, 01 Jun 2021 20:45:18 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
519239
cf-polished
qual=85, origFmt=jpeg, origSize=132492
x-guploader-uploadid
ABg5-Uy4raPcinLuLQScjLol2SedPQwgopxyy8G2tCo6gjZM0LLMUM7nqdYsbFx3jN0HIcnX4NeXVS5Zbdt2rPMPoU2dIRbwxw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
58824
cf-request-id
0a6aebe88e0000649161094000000001
last-modified
Wed, 08 Jan 2020 15:22:47 GMT
server
cloudflare
etag
"e726968a8b77896bd1c38257b67ca1ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LXt%2BI%2FRYwxDoRpHc8MfwVRejt8DaLdUzmq%2BitXL5eTIgEjY8aVT97urzSKRZBjBmrQE4oQJxWMcDDdxfw3bl2DnZp%2FYoOrZegVT%2F7JLzfGwwFvgFiBSeoU5jXeVJciat7EUpufQTGw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1578496967129496
content-type
image/webp
expires
Wed, 02 Jun 2021 20:45:18 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
132492
accept-ranges
bytes
cf-ray
658b48edaaf26491-FRA
cf-bgj
imgq:85,h2pri
90
d2a54pfih9ionq.cloudfront.net/blank/gif/728/ Frame 8AEA
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2638561&v=17198&q=366377&r=412871&pref3=oneiddpWxsEfkfzwMUEHjHwtEtb6YFKtRtmGoneid__cash_ads_IT_advancedad_728x90&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://d2a54pfih9ionq.cloudfront.net/blank/gif/728/90
419 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2a54pfih9ionq.cloudfront.net/blank/gif/728/90
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34900%2C15823%2C34855&b=DZ97u3fwfxmgf3HmH9t1tQY4u4tVtdk%2CdpWxsEfkfzwMUEHjHwtEtb6YFKtRtmG%2C52JdHXfEf4dMHpH7HMt3tXZxcbtktxV&f=dpWxsEfkfkb8TEHjHwtqC3EBFKtRtmG%2CK74MuRfZf6grU5HMHktzCB9mhKtrt2w%2CpqG2u1fgfrKwCkH4HmtJCMX9ubt7tAE&c=728&d=90&e=&g=d1dcbaf6a3dba476e630295b6267f262%2F7774909048148328637&i=27800%2C20547%2C17738&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_IT_advancedad_728x90&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:e800:11:19ae:9580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
1773e418349e321a4286b6ed41eec506f805594ff8a94d7271807827ee766872

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 09:43:52 GMT
via
1.1 0e5084c3f3749abdd1195ad293d2faa2.cloudfront.net (CloudFront)
server
CloudFront
age
4014086
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
CDG52-P2
content-length
419
x-amz-cf-id
52Upo5upRmJ70w1oHXMnNCpHtVTJwI0jaoHE4pvDBcouUQ7h8CD1UA==

Redirect headers

Date
Tue, 01 Jun 2021 20:45:18 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://d2a54pfih9ionq.cloudfront.net/blank/gif/728/90
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
80DF43032D3BE3B2F2299AE1A839E913F820827A2E59C0B7D1FDFC0DDB63DE1A5D3B8F1911A4C36B0FF015737A061EBF5301A66DD37FDDA75C3B4AF9B97031A6
assets.ad4m.at/logo/ Frame 8AEA 		918 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/80DF43032D3BE3B2F2299AE1A839E913F820827A2E59C0B7D1FDFC0DDB63DE1A5D3B8F1911A4C36B0FF015737A061EBF5301A66DD37FDDA75C3B4AF9B97031A6
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34900%2C15823%2C34855&b=DZ97u3fwfxmgf3HmH9t1tQY4u4tVtdk%2CdpWxsEfkfzwMUEHjHwtEtb6YFKtRtmG%2C52JdHXfEf4dMHpH7HMt3tXZxcbtktxV&f=dpWxsEfkfkb8TEHjHwtqC3EBFKtRtmG%2CK74MuRfZf6grU5HMHktzCB9mhKtrt2w%2CpqG2u1fgfrKwCkH4HmtJCMX9ubt7tAE&c=728&d=90&e=&g=d1dcbaf6a3dba476e630295b6267f262%2F7774909048148328637&i=27800%2C20547%2C17738&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_IT_advancedad_728x90&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a36ced7e47387b5d733684bed1c8148e027d4c2a9ef8ac2d8f627ef050b695e4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=/yrttg==, md5=F2edw2fYPPZ+ApuzkrFHXQ==
date
Tue, 01 Jun 2021 20:45:18 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
520530
cf-polished
origFmt=png, origSize=1185
x-guploader-uploadid
ABg5-UyWIgJ5mRXjnDgN7_qlp2hS0OnwEnPtys9fu_4wicJhdJsHhT5hlMelUyEf5UKb2KbsXk5-DQR2T3-VMxPgz5w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
918
cf-request-id
0a6aebe88d00006491771c7000000001
last-modified
Wed, 08 Jul 2020 14:52:51 GMT
server
cloudflare
etag
"17679dc367d83cf67e029bb392b1475d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AzvJIQHm8dq4oKEnx0Pabal8ZR5MqUdaGBy5n0gvZ7e35tz9CC7Of2pF0cDBzRtF7z2CNQD%2BxRjHdGahKh3sr%2FRqV6H9V6mLi5HOVLaUM9jrfsd9t7usVNaIE8AFo2qg%2BieJpBpPQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1594219971761195
content-type
image/webp
expires
Wed, 02 Jun 2021 20:45:18 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
1185
accept-ranges
bytes
cf-ray
658b48edaaee6491-FRA
cf-bgj
imgq:85,h2pri
850200F48AB45847E5AC0B667FF2E2F3042054BA8D50856681CCA594C818F55CEF70D658938F683EC23537F4A96A6D10AA5BF8C7ABF10CC68F74C95B911C0239
assets.ad4m.at/product_image/ Frame 8AEA 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/850200F48AB45847E5AC0B667FF2E2F3042054BA8D50856681CCA594C818F55CEF70D658938F683EC23537F4A96A6D10AA5BF8C7ABF10CC68F74C95B911C0239
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34900%2C15823%2C34855&b=DZ97u3fwfxmgf3HmH9t1tQY4u4tVtdk%2CdpWxsEfkfzwMUEHjHwtEtb6YFKtRtmG%2C52JdHXfEf4dMHpH7HMt3tXZxcbtktxV&f=dpWxsEfkfkb8TEHjHwtqC3EBFKtRtmG%2CK74MuRfZf6grU5HMHktzCB9mhKtrt2w%2CpqG2u1fgfrKwCkH4HmtJCMX9ubt7tAE&c=728&d=90&e=&g=d1dcbaf6a3dba476e630295b6267f262%2F7774909048148328637&i=27800%2C20547%2C17738&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_IT_advancedad_728x90&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6464341d1c3714b3f8a60444045cd1e4c2d41a6e95c51ad2d3105b8184be96bb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=LN3pVA==, md5=aERHYaIYJs34ysl8v8rJvQ==
date
Tue, 01 Jun 2021 20:45:18 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1086040
cf-polished
qual=85, origFmt=jpeg, origSize=81320
x-guploader-uploadid
ABg5-UzkscK3Rq5ya3mv46XVQM5deVu0AafQtCMC8BF8sr5Bmk9MHb_onQ9FDm6LNp2guxII00FVhZ1ijgXuj9Umi2ZU-te4Yg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
26948
cf-request-id
0a6aebe88d00006491710d4000000001
last-modified
Wed, 08 Jul 2020 14:51:11 GMT
server
cloudflare
etag
"68444761a21826cdf8cac97cbfcac9bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=URM2O4XXhaoefItS6gKYtXLSTIWV67CSxeATyaBfIB88YJ0ME9XInWdX8zZHWVkeTp4JjNw28jnE%2FxRSVHpqbPWu55JD4K24DjGQ0ZJ4KoVe3xCoR64K4wMu0TFmuzprmpjTjMwcOg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1594219871156850
content-type
image/webp
expires
Wed, 02 Jun 2021 20:45:18 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
81320
accept-ranges
bytes
cf-ray
658b48edaaf06491-FRA
cf-bgj
imgq:85,h2pri
Telecom-TIM-80x50.png
ad.zanox.com/ppv/images/programs/2183/loghi/ Frame 8AEA
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2227945&v=9773&q=344675&r=412873&pref3=oneid52JdHXfEf4dMHpH7HMt3tXZxcbtktxVoneid__cash_ads_IT_advancedad_728x90&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.zenaps.com/cshow.php?pvr=46857710-c31a-11eb-906c-692d0dd6f317&v=9773&r=412873&q=344675&s=2227945&viewref3=oneid52JdHXfEf4dMHpH7HMt3tXZxcbtktxVoneid__cash_ads_IT_advancedad_728x90&gdpr=0...
  • https://ad.zanox.com/ppv/images/programs/2183/loghi/Telecom-TIM-80x50.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.zanox.com/ppv/images/programs/2183/loghi/Telecom-TIM-80x50.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34900%2C15823%2C34855&b=DZ97u3fwfxmgf3HmH9t1tQY4u4tVtdk%2CdpWxsEfkfzwMUEHjHwtEtb6YFKtRtmG%2C52JdHXfEf4dMHpH7HMt3tXZxcbtktxV&f=dpWxsEfkfkb8TEHjHwtqC3EBFKtRtmG%2CK74MuRfZf6grU5HMHktzCB9mhKtrt2w%2CpqG2u1fgfrKwCkH4HmtJCMX9ubt7tAE&c=728&d=90&e=&g=d1dcbaf6a3dba476e630295b6267f262%2F7774909048148328637&i=27800%2C20547%2C17738&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_IT_advancedad_728x90&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.249.67 , France, ASN47268 (ZANOX, FR),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
d380ce0111f6e11d838e1b155049088e7345880ed7cbb56a87cc007b42fd0863
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

send-same-site
1
Date
Tue, 01 Jun 2021 20:45:46 GMT
Via
10.30.0.113%1
Last-Modified
Fri, 15 Jan 2016 13:23:53 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"18ffd5fa974fd11:0"
Strict-Transport-Security
max-age=86400
P3P
policyref="http://ad.zanox.com/w3c/p3p.xml", CP="NOI CUR OUR STP"
jobs-at-zanox
https://www.zanox.com/jobs/international
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
2099

Redirect headers

Date
Tue, 01 Jun 2021 20:45:18 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://ad.zanox.com/ppv/images/programs/2183/loghi/Telecom-TIM-80x50.png
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
log_event
www.youtube.com/youtubei/v1/ Frame 29B1 		28 B
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
X-YouTube-Client-Version
1.20210526.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtFTnpRaWU3ZG9HVSjbuNqFBg%3D%3D
X-YouTube-Ad-Signals
dt=1622580316365&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C857%2C391&vis=1&wgl=true&ca_type=image&bid=ANyPxKqLh-1OQx3m2Zi3-4hQe5KKgWZswmmR9tJnEG3muIR_TB7tmnrdrwS5mCghXC1StA1icsiKrgw--NaRy_FwKOzt8gprZA

Response headers

date
Tue, 01 Jun 2021 20:45:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:45:18 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 5263 		28 B
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
X-YouTube-Client-Version
1.20210526.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtFTnpRaWU3ZG9HVSjbuNqFBg%3D%3D
X-YouTube-Ad-Signals
dt=1622580316409&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C857%2C391&vis=1&wgl=true&ca_type=image&bid=ANyPxKqXml95496VWADVPBrf5i4tN4jFSD-5o2mTZKHN_ppkdEO1OtA2jHGZDVp6tJjP8AIFvlHLiFMUQVJT5eOPZQCj2ZKlBg

Response headers

date
Tue, 01 Jun 2021 20:45:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:45:18 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 64BA 		28 B
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ICfwHZMYPdo?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fagronews.com.pl&widgetid=1
X-YouTube-Client-Version
1.20210526.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtFTnpRaWU3ZG9HVSjbuNqFBg%3D%3D
X-YouTube-Ad-Signals
dt=1622580316325&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C857%2C391&vis=1&wgl=true&ca_type=image&bid=ANyPxKqg2kcnu9ypd5KlkZXT_PEfJ1dRQzBGudq68P3bN5E2oUAYxAr_mXcKm9JORY7qUBi-4gFM9CqGlP7IL7cE9F4m4kW8eA

Response headers

date
Tue, 01 Jun 2021 20:45:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 01 Jun 2021 20:45:18 GMT
reklamstore.js
adserver.reklamstore.com/ Frame 2854 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:1400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
74222
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
content-length
29647
x-amz-cf-id
RqMdopvNf_k77BFEtKvvRp7eudQZVgTnl3F7qHLUdhPhXMeTkAJDBw==
publishertag.js
static.criteo.net/js/ld/ Frame 2854 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:18 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 02 Jun 2021 20:45:18 GMT
pix
ads.rekmob.com/retarget/ Frame 2854
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=reklamstore
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dreklamstore%26bsw_pa...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=0645a34b63824399acc7647fb439b948&ssp=reklamstore&bsw_param=4974bc1a-9a43-4775-ad36-7cefbae6831d&gdpr=&consent=&gdpr_pd=
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=4974bc1a-9a43-4775-ad36-7cefbae6831d&d=1
35 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/retarget/pix?id=bs&cv=4974bc1a-9a43-4775-ad36-7cefbae6831d&d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:50 GMT
Server
nginx/1.9.6
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

location
//ads.rekmob.com/retarget/pix?id=bs&cv=4974bc1a-9a43-4775-ad36-7cefbae6831d&d=1
date
Tue, 01 Jun 2021 20:45:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
ads.rekmob.com/m/props/ Frame 2854 		271 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101739
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
429870d686efc9fbf3477266c4e558849ac6001e4f8fc3b0f586cba547f95178

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:50 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 2854 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:1400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
74222
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
content-length
29647
x-amz-cf-id
mnJ-rCHkG2kgDolFzZgX9gB5F_96mXyrtzWF59Uc1rhqYxgLzbietQ==
/
ads.rekmob.com/m/props/ Frame 2854 		270 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101741
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
f67871a227d63cd3691dcecbdf5e15e6a6fd839b917e1a607e65dd1528cace0d

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:50 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 2854 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:1400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
74223
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
content-length
29647
x-amz-cf-id
nLkklAOSQ7_sclk7zhg7Mlaw3z2FgU19pBcwAy6ZMvirMFgvuZ6lsw==
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=1e86b52dba4f4154a0ee87b99af3da50&ufid=VlImy46sXYeyYDqmRw3L&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__VlImy46sXYeyYDqmRw3L&ref=www.adzbux.com&_=1622580319001&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
cf1967f31aeccbac87380ef66e678c75f0036bd0f82685059746a206d2536e62

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:50 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&ufid=zuiYhhZZHrWrOqL4ZHEa&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__zuiYhhZZHrWrOqL4ZHEa&ref=www.adzbux.com&_=1622580319025&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
91c728736ad58ea869ce4cb67c1bbeeef3295d46c8f7140812cfee5b96925622

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:50 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
publishertag.js
static.criteo.net/js/ld/ Frame 2854 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:19 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 02 Jun 2021 20:45:19 GMT
/
ads.rekmob.com/m/props/ Frame 2854 		272 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101742
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
a4b0d4bdd00ad184b5fdbd07013558393dacc7003aa8a76805c249a018b406e8

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:50 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 2854 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:1400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
74223
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
content-length
29647
x-amz-cf-id
XbwPsIAqpkP-jv68kT94m2aaW3fHWsTMaERijxdr5VR9g9LabPFh2Q==
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=0b9f3c2279244fff831c25aa0d5f7f54&ufid=vFPmiWUvg8o3telgCczP&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__vFPmiWUvg8o3telgCczP&ref=www.adzbux.com&_=1622580319061&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
50b1300d94fae1a2c45a216b02d038dbdb199b393924b61c6e609688a1ef03ea

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:50 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
ads.rekmob.com/m/props/ Frame 2854 		270 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101743
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
67a7eb7a5a506154a6f9c7e8bdb601a1ba7c1d035174185bbefb7e4c92318cbe

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:50 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
adp
ads.rekmob.com/m/ Frame 2854 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=536a874d2489404ea4758a28f8d8b1c6&ufid=hJs6Ff0Hb1yNDZna8x7X&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__hJs6Ff0Hb1yNDZna8x7X&ref=www.adzbux.com&_=1622580319102&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
314912a95591abfee085c893846b28f89e041ee04a45719e4f0e25f7ba4be0ba

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:50 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nai=&si=33151&pn=&h=250&w=300&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1485
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48f35a0d4174-HAM
content-length
1146
cf-request-id
0a6aebec180000417430b4d000000001
expires
Tue, 01 Jun 2021 22:45:19 GMT
2e630aeb4a40478e989c620cb82e8065
adimg.rekmob.com/ Frame DA8C 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/2e630aeb4a40478e989c620cb82e8065
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84b2b9345e9b1f9f7560f2ce69ff573ba6158d91921779c97350eccbb965e94a

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 18:01:39 GMT
Via
1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
Last-Modified
Thu, 13 Jun 2019 11:46:49 GMT
Server
AmazonS3
Age
9837
ETag
"d7c08a0f024d55ff27b9457e408bd6d5"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
36826
X-Amz-Cf-Id
VbHuqKg01KeeHgB-7IDfkm8CHhf1nZCBZFWP6LOmKA2JoqfrU4xfTw==
rs-b.png
adimg.rekmob.com/logos/ Frame DA8C 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 e61ad774b1bb9761f20e1bb4c1d6c734.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27238
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
9CFq_gFxjZU1otLAJU5m30d9ATTAlp28oaXIHs7LAmCU5TFV7fzzMQ==
imp
ads.rekmob.com/m/ Frame DA8C 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=1e86b52dba4f4154a0ee87b99af3da50&udid=5e9c40d6e6974c90b59b891841cdaf5c&rid=NjBiNjljNWYwY2YyMTQ1ZTQyMjY1ZWFi&adId=MTM2NA==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:50 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
flimpobj.js
pixel.yabidos.com/ Frame 2854 		30 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622580319277&ver1=2.2.3&qid=230383f5530383f5434353&rnd=in59qymhw33b&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nai=&si=33151&pn=&h=250&w=300&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1599
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48f38a9a4174-HAM
content-length
23972
cf-request-id
0a6aebec3800004174450bf000000001
expires
Tue, 01 Jun 2021 22:45:19 GMT
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1485
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48f39ab64174-HAM
content-length
1146
cf-request-id
0a6aebec3e000041741f9a8000000001
expires
Tue, 01 Jun 2021 22:45:19 GMT
5a1b9c9bcd394786b925816e44cc87a0
adimg.rekmob.com/ Frame 559A 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/5a1b9c9bcd394786b925816e44cc87a0
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd8d37964d54dedc218e5346e5442830ac85a24fec916f3f3a540d0f08037c33

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 15:53:35 GMT
Via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:22:03 GMT
Server
AmazonS3
Age
17508
ETag
"8bf981578b0ec356244ea5b3376c955c"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
27977
X-Amz-Cf-Id
QjDr1IokLv836E6fmqRBEeg5HJ-ASVVSlFPDZvJwEBZm5G5u6oOqRw==
rs-b.png
adimg.rekmob.com/logos/ Frame 559A 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 07cb86faf6a141962da4e2d7c85db039.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27238
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
Q_Km2_tulslBFx6-y9r07CtHFj7HM8089ef_GxSjfnbMcm8qZbJJBw==
imp
ads.rekmob.com/m/ Frame 559A 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&udid=7e3eedf5ef684969ace763fbbe9d7509&rid=NjBiNjljNWYwY2YyYjI2MDRhNTM0YmIy&adId=MTM3MA==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:50 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
vbl.gif
pre.glotgrx.com/ Frame 2854 		26 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622580319331&rnd=in59qymhw33b&ifm=1&uai=1&cid=544&s=www.adzbux.com&p=43285&x=rekmob&adtg=1e86b52dba4f4154a0ee87b99af3da50&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:19 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2449
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48f3dedc2c52-FRA
content-length
26
cf-request-id
0a6aebec6900002c52ad2a3000000001
expires
Tue, 01 Jun 2021 22:45:19 GMT
nflrc.gif
pre.glotgrx.com/ Frame 2854 		26 B
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622580319324800&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=www.adzbux.com&x=rekmob&cid=544&od1=&od2=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=in59qymhw33b&impid=&tps=71&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=212.102.38.150&ci=&pp=&bp=&w=300&h=250&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=5&icpl=28&icp=https%253A//www.cora-live.tk&irfl=27&irf=https%253A//www.adzbux.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-14-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-3-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=413x99&gpu=undefined&ncf=4g_9.8_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:19 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2449
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48f3dedd2c52-FRA
content-length
26
cf-request-id
0a6aebec6900002c52f5107000000001
expires
Tue, 01 Jun 2021 22:45:19 GMT
flimpobj.js
pixel.yabidos.com/ Frame 2854 		30 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622580319343&ver1=2.2.3&qid=230383f5530383f5434353&rnd=sm5p2r2t29kv&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1599
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48f3fbf94174-HAM
content-length
23972
cf-request-id
0a6aebec79000041742e88d000000001
expires
Tue, 01 Jun 2021 22:45:19 GMT
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=536a874d2489404ea4758a28f8d8b1c6&nai=&si=33151&pn=&h=60&w=468&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1485
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48f40c4d4174-HAM
content-length
1146
cf-request-id
0a6aebec8a000041743f1e2000000001
expires
Tue, 01 Jun 2021 22:45:19 GMT
n.js
cdn.runative-syndicate.com/sdk/v1/ Frame D84B 		17 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.runative-syndicate.com/sdk/v1/n.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.110 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
6be018cf63d68429cc6f5c49caa24448469db98e412beba3bc99ac033ced43da

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:19 GMT
content-encoding
gzip
last-modified
Wed, 17 Feb 2021 13:10:31 GMT
server
nginx
age
9008810
etag
W/"602d15c7-44f3"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
8713
rs-b.png
adimg.rekmob.com/logos/ Frame D84B 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27238
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
U9pPKaEguk6DPX7g4QEdOYz89wH7Oq0BbI-Okh-F7e-M3sY-cewDqw==
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=0b9f3c2279244fff831c25aa0d5f7f54&nai=&si=33151&pn=&h=600&w=160&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1485
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48f41c704174-HAM
content-length
1146
cf-request-id
0a6aebec93000041745292b000000001
expires
Tue, 01 Jun 2021 22:45:19 GMT
6453e71f2fc743c495dfb4a701a51d13
adimg.rekmob.com/ Frame 21D2 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d5b9c9d218e12f741a78d93c812ff284a41a94d7dc2eca88a3c9428d03ecee7

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 14:16:05 GMT
Via
1.1 07cb86faf6a141962da4e2d7c85db039.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:16:13 GMT
Server
AmazonS3
Age
23367
ETag
"529f2354ce0808bc9fdd7b911d8c10da"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8069
X-Amz-Cf-Id
3iUl9wk42zMu3_ygKBIvspD5UbwHt1SpE3bX1q9jzaBd-JaIbgIrng==
rs-b.png
adimg.rekmob.com/logos/ Frame 21D2 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27238
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
Ca0vTw4_Ksof-bU_66qEr3MgmZV0vb9bLxByjzncSNdyO9LhfxqY8w==
imp
ads.rekmob.com/m/ Frame 21D2 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=0b9f3c2279244fff831c25aa0d5f7f54&udid=44271e6134bd4ef8812c39afd68aa545&rid=NjBiNjljNWYwY2YyOGVjZTM2ZTE3MmU1&adId=MTM3Mg==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:50 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
vbl.gif
pre.glotgrx.com/ Frame 2854 		26 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622580319402&rnd=sm5p2r2t29kv&ifm=1&uai=1&cid=544&s=www.adzbux.com&p=43285&x=rekmob&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:19 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2449
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48f44fe02c52-FRA
content-length
26
cf-request-id
0a6aebecb000002c52f683d000000001
expires
Tue, 01 Jun 2021 22:45:19 GMT
nflrc.gif
pre.glotgrx.com/ Frame 2854 		26 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622580319394901&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=www.adzbux.com&x=rekmob&cid=544&od1=&od2=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=sm5p2r2t29kv&impid=&tps=74&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=212.102.38.150&ci=&pp=&bp=&w=728&h=90&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=5&icpl=28&icp=https%253A//www.cora-live.tk&irfl=27&irf=https%253A//www.adzbux.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-14-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=413x99&gpu=undefined&ncf=4g_9.8_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:19 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2449
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48f44fe42c52-FRA
content-length
26
cf-request-id
0a6aebecb000002c52b40a1000000001
expires
Tue, 01 Jun 2021 22:45:19 GMT
flimpobj.js
pixel.yabidos.com/ Frame 2854 		30 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622580319416&ver1=2.2.3&qid=230383f5530383f5434353&rnd=w39rqj7826sb&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=536a874d2489404ea4758a28f8d8b1c6&nai=&si=33151&pn=&h=60&w=468&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1599
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48f46d664174-HAM
content-length
23972
cf-request-id
0a6aebecc30000417410b82000000001
expires
Tue, 01 Jun 2021 22:45:19 GMT
n.css
cdn.run-syndicate.com/sdk/v1/ Frame D84B 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.run-syndicate.com/sdk/v1/n.css
Requested by
Host: cdn.runative-syndicate.com
URL: https://cdn.runative-syndicate.com/sdk/v1/n.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.110 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:20 GMT
last-modified
Wed, 17 Feb 2021 15:07:12 GMT
server
nginx
age
9004886
etag
"602d3120-2055"
content-type
text/css
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
8277
imp
ads.rekmob.com/m/ Frame D84B 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=536a874d2489404ea4758a28f8d8b1c6&udid=5b26745bf7e641c6b072e81921bdbf72&rid=NjBiNjljNWYwY2YyMzEyYTkyMGI0OWVk&adId=MTM0Nw==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:50 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
vbl.gif
pre.glotgrx.com/ Frame 2854 		26 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622580319472&rnd=w39rqj7826sb&ifm=1&uai=1&cid=544&s=www.adzbux.com&p=43285&x=rekmob&adtg=536a874d2489404ea4758a28f8d8b1c6&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:19 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2449
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48f4b8fa2c52-FRA
content-length
26
cf-request-id
0a6aebecf700002c52bf319000000001
expires
Tue, 01 Jun 2021 22:45:19 GMT
nflrc.gif
pre.glotgrx.com/ Frame 2854 		26 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=16225803194673&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=www.adzbux.com&x=rekmob&cid=544&od1=&od2=&adtg=536a874d2489404ea4758a28f8d8b1c6&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=w39rqj7826sb&impid=&tps=75&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=212.102.38.150&ci=&pp=&bp=&w=468&h=60&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=5&icpl=28&icp=https%253A//www.cora-live.tk&irfl=27&irf=https%253A//www.adzbux.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-14-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=413x99&gpu=undefined&ncf=4g_9.8_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:19 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2449
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48f4b8fc2c52-FRA
content-length
26
cf-request-id
0a6aebecf800002c5298ad5000000001
expires
Tue, 01 Jun 2021 22:45:19 GMT
reklamstore.js
adserver.reklamstore.com/ Frame 2854 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:1400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
74224
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
content-length
29647
x-amz-cf-id
FZ1PvvZvO8i-SJWuGBRWS-IujmX-_s-OodSmEaJA36o1Kc4hwHOTIw==
publishertag.js
static.criteo.net/js/ld/ Frame 2854 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:20 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 02 Jun 2021 20:45:20 GMT
pix
ads.rekmob.com/retarget/ Frame 2854
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=reklamstore
  • https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dreklamstore%26bsw_pa...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=dd9e365154294436a3d928eb6be4d8e4&ssp=reklamstore&bsw_param=646ff3e6-b9ac-4a2e-8106-7a1ceb7ae668&gdpr=&consent=&gdpr_pd=
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=646ff3e6-b9ac-4a2e-8106-7a1ceb7ae668&d=1
35 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/retarget/pix?id=bs&cv=646ff3e6-b9ac-4a2e-8106-7a1ceb7ae668&d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:52 GMT
Server
nginx/1.9.6
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

location
//ads.rekmob.com/retarget/pix?id=bs&cv=646ff3e6-b9ac-4a2e-8106-7a1ceb7ae668&d=1
date
Tue, 01 Jun 2021 20:45:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
ads.rekmob.com/m/props/ Frame 2854 		271 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101739
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
429870d686efc9fbf3477266c4e558849ac6001e4f8fc3b0f586cba547f95178

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:52 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 2854 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:1400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
74224
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
content-length
29647
x-amz-cf-id
PSEnNEfyrW5JeQlD0bHDDjbRMwxbBtA8Y29MNcMVn936o9spXb0_jA==
/
ads.rekmob.com/m/props/ Frame 2854 		270 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101741
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
f67871a227d63cd3691dcecbdf5e15e6a6fd839b917e1a607e65dd1528cace0d

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:52 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 2854 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:1400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
74225
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
content-length
29647
x-amz-cf-id
PYmcvbcHNH2FyukbMWDq3VYJ5BRNMCq1AgMj1izHfOSkUk7k7FOSlQ==
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=1e86b52dba4f4154a0ee87b99af3da50&ufid=DPKfZOrLrnxYSvj1A54p&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__DPKfZOrLrnxYSvj1A54p&ref=www.adzbux.com&_=1622580320989&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
5afdf1f0bb268de6b0c519d11899935c63ba73283c5c4bb7f1be930d146fc17b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:52 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&ufid=2rJ1wNnRQkPTrlKLFzCk&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__2rJ1wNnRQkPTrlKLFzCk&ref=www.adzbux.com&_=1622580321023&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
f05b2fdcf2dd72ccd9e51cf74ea7edc44a82438bcc569afdd39f913278193089

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:52 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
publishertag.js
static.criteo.net/js/ld/ Frame 2854 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:21 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 02 Jun 2021 20:45:21 GMT
/
ads.rekmob.com/m/props/ Frame 2854 		272 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101742
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
a4b0d4bdd00ad184b5fdbd07013558393dacc7003aa8a76805c249a018b406e8

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:52 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 2854 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:1400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
74225
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
content-length
29647
x-amz-cf-id
soYyOs_7eu1EIFB4TfiFCx1SlwzAwtq8X-59L05UpQw80sE6Wxz-7w==
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=0b9f3c2279244fff831c25aa0d5f7f54&ufid=mVtqDptKr3EYcQPsM7mZ&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__mVtqDptKr3EYcQPsM7mZ&ref=www.adzbux.com&_=1622580321059&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
d6962cf1aa749fbe4e5863524142c790d7dd09dfb9b0a6418c8b4b8dc6750831

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:52 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
ads.rekmob.com/m/props/ Frame 2854 		270 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101743
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
67a7eb7a5a506154a6f9c7e8bdb601a1ba7c1d035174185bbefb7e4c92318cbe

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:52 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=536a874d2489404ea4758a28f8d8b1c6&ufid=b18DpQcPwizGKtWzYay1&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__b18DpQcPwizGKtWzYay1&ref=www.adzbux.com&_=1622580321094&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
d50d1cc8ca616b25fdfa573a86c9db481db5166ed94c1837b2921c8411a80d13

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:52 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1487
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48ff6ffb4174-HAM
content-length
1146
cf-request-id
0a6aebf3a60000417434089000000001
expires
Tue, 01 Jun 2021 22:45:21 GMT
a6ef61b5aa4d4a35995bc18d04125b93
adimg.rekmob.com/ Frame 5F5A 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/a6ef61b5aa4d4a35995bc18d04125b93
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3e048568ec73a37d3de0f63e7812bd07756797f6b82a84053ac56e9c28d6e37

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 15:47:33 GMT
Via
1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:21:42 GMT
Server
AmazonS3
Age
17918
ETag
"7be928384c3265ed526e5c5e5c519349"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
12001
X-Amz-Cf-Id
jONGsadmCTrYEfsAIwgxY3aE6zVbupSiFE_bJ4YnmtYoXx6y9O3UUA==
rs-b.png
adimg.rekmob.com/logos/ Frame 5F5A 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 07cb86faf6a141962da4e2d7c85db039.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27240
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
63MEGtstVlxnaO8fgG8fQ2uy-fphmir5uISsBVe2WqRLWb4bzg4uGg==
imp
ads.rekmob.com/m/ Frame 5F5A 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&udid=d4ad7a5767a94b1dba97c61b7b706ea9&rid=NjBiNjljNjEwY2YyYWIzNTdiNmZlYzgx&adId=MTM2OQ==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:52 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
flimpobj.js
pixel.yabidos.com/ Frame 2854 		30 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622580321212&ver1=2.2.3&qid=230383f5530383f5434353&rnd=v1m8ym4od1u8&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1601
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b48ffa8b64174-HAM
content-length
23972
cf-request-id
0a6aebf3c900004174278fb000000001
expires
Tue, 01 Jun 2021 22:45:21 GMT
vbl.gif
pre.glotgrx.com/ Frame 2854 		26 B
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622580321283&rnd=v1m8ym4od1u8&ifm=1&uai=1&cid=544&s=www.adzbux.com&p=43285&x=rekmob&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:21 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2451
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b49001d6d2c52-FRA
content-length
26
cf-request-id
0a6aebf40c00002c52e19a0000000001
expires
Tue, 01 Jun 2021 22:45:21 GMT
nflrc.gif
pre.glotgrx.com/ Frame 2854 		26 B
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622580321276817&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=www.adzbux.com&x=rekmob&cid=544&od1=&od2=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=v1m8ym4od1u8&impid=&tps=85&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=212.102.38.150&ci=&pp=&bp=&w=728&h=90&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=5&icpl=28&icp=https%253A//www.cora-live.tk&irfl=27&irf=https%253A//www.adzbux.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-14-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=413x99&gpu=undefined&ncf=4g_9.8_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:21 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2451
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b49001d712c52-FRA
content-length
26
cf-request-id
0a6aebf40d00002c5292392000000001
expires
Tue, 01 Jun 2021 22:45:21 GMT
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nai=&si=33151&pn=&h=250&w=300&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1487
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b49003acb4174-HAM
content-length
1146
cf-request-id
0a6aebf4280000417474bcb000000001
expires
Tue, 01 Jun 2021 22:45:21 GMT
rs-b.png
adimg.rekmob.com/logos/ Frame 823C 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27240
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
ONBRQUK3LmuDyYvA83H546W49kzHikOO-4N0KPIG1ZNnwKQMSLvsfQ==
3e98d504e9b649c4b90348dbd73ebf0a
adimg.rekmob.com/ Frame 823C 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/3e98d504e9b649c4b90348dbd73ebf0a
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c3a7af4b5c014cb9378457992e04ccacdde9e15d47cf21ada01d6b56bbc60ce

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 15:40:17 GMT
Via
1.1 07cb86faf6a141962da4e2d7c85db039.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:18:03 GMT
Server
AmazonS3
Age
29916
ETag
"976f5c21a45780a23a87d284b8c8a7b6"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
11039
X-Amz-Cf-Id
ngXyGtH7-2hpK9hErFB7j0FisJC-abCLqx5wcamQ8y9QFv0_FVPFqg==
imp
ads.rekmob.com/m/ Frame 823C 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=1e86b52dba4f4154a0ee87b99af3da50&udid=5792ff7fc6b84a2babf8649ebe74f386&rid=NjBiNjljNjEwY2YyOGVjZTM2ZTE3M2Fl&adId=MTM2Mg==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:52 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=0b9f3c2279244fff831c25aa0d5f7f54&nai=&si=33151&pn=&h=600&w=160&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1487
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b49004ae24174-HAM
content-length
1146
cf-request-id
0a6aebf42c00004174451c8000000001
expires
Tue, 01 Jun 2021 22:45:21 GMT
6453e71f2fc743c495dfb4a701a51d13
adimg.rekmob.com/ Frame 8654 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d5b9c9d218e12f741a78d93c812ff284a41a94d7dc2eca88a3c9428d03ecee7

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 14:16:05 GMT
Via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:16:13 GMT
Server
AmazonS3
Age
23369
ETag
"529f2354ce0808bc9fdd7b911d8c10da"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8069
X-Amz-Cf-Id
8TX44bCDP9F6yOBDJ7KRXkouXZAZ2UWlYNUwceGg70L4jPOGM9qrsQ==
rs-b.png
adimg.rekmob.com/logos/ Frame 8654 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 e61ad774b1bb9761f20e1bb4c1d6c734.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27240
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
I9IBHbMxsA0HopYUXi-qUQxQ6y8rSXpUQsbc0HKRHEGIz7E3c-8UjQ==
imp
ads.rekmob.com/m/ Frame 8654 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=0b9f3c2279244fff831c25aa0d5f7f54&udid=9c6241c7c1cb46848fd7a484c2e7267f&rid=NjBiNjljNjEwY2YyYWIzNTdiNmZlYzkx&adId=MTM3Mg==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:52 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=536a874d2489404ea4758a28f8d8b1c6&nai=&si=33151&pn=&h=60&w=468&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1487
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b49005b0b4174-HAM
content-length
1146
cf-request-id
0a6aebf434000041740d192000000001
expires
Tue, 01 Jun 2021 22:45:21 GMT
5cd4030f5e814adf8b0ac59f14899340
adimg.rekmob.com/ Frame 8332 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ebd675c552a02d9fd8df7e9e919adbcaa204aeed0490881a7bf64f61cdd5b776

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 18:54:12 GMT
Via
1.1 78a48d8d46b0e5cf69ec8a7f633776e1.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:21:16 GMT
Server
AmazonS3
Age
6670
ETag
"dcd2f41c062246be1f6c22954db863c3"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8005
X-Amz-Cf-Id
3b6O9wkSbdb7K6OIso0A7WtaKlW29qAEqXdo0cJOEiBj-YMyKKy9BA==
rs-b.png
adimg.rekmob.com/logos/ Frame 8332 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27240
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
nwWKjKvhCHgdmXYV7BgU_fbdMiNljzBf3YtXCUI9YTimXxXjGhzi_Q==
imp
ads.rekmob.com/m/ Frame 8332 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=536a874d2489404ea4758a28f8d8b1c6&udid=2d8443818ea845cabdecd24603b5cb02&rid=NjBiNjljNjEwY2YyYWIzNTdiNmZlYzkw&adId=MTM2OA==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:52 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
flimpobj.js
pixel.yabidos.com/ Frame 2854 		30 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622580321339&ver1=2.2.3&qid=230383f5530383f5434353&rnd=kcunby70gwww&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nai=&si=33151&pn=&h=250&w=300&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1601
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b49006b4f4174-HAM
content-length
23972
cf-request-id
0a6aebf44700004174250e5000000001
expires
Tue, 01 Jun 2021 22:45:21 GMT
vbl.gif
pre.glotgrx.com/ Frame 2854 		26 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622580321391&rnd=kcunby70gwww&ifm=1&uai=1&cid=544&s=www.adzbux.com&p=43285&x=rekmob&adtg=1e86b52dba4f4154a0ee87b99af3da50&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:21 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2451
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b4900bf0b2c52-FRA
content-length
26
cf-request-id
0a6aebf47700002c52b4141000000001
expires
Tue, 01 Jun 2021 22:45:21 GMT
nflrc.gif
pre.glotgrx.com/ Frame 2854 		26 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622580321385490&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=www.adzbux.com&x=rekmob&cid=544&od1=&od2=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=kcunby70gwww&impid=&tps=89&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=212.102.38.150&ci=&pp=&bp=&w=300&h=250&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=5&icpl=28&icp=https%253A//www.cora-live.tk&irfl=27&irf=https%253A//www.adzbux.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-14-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-3-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=413x99&gpu=undefined&ncf=4g_9.8_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:21 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2451
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b4900bf102c52-FRA
content-length
26
cf-request-id
0a6aebf47800002c52bf3e7000000001
expires
Tue, 01 Jun 2021 22:45:21 GMT
/
sharkpromotion.net/socket.io/ Frame 9665 		0
0
ptpwynik2.php
www.surfujkase.pl/ Frame 2080 		122 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.surfujkase.pl/ptpwynik2.php?czas=1622580312&user=1&strona=6911&uv=1&pl=0&skad=www.adzbux.com
Requested by
Host: www.surfujkase.pl
URL: https://www.surfujkase.pl/promuj2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b3db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f6d257aa9baa6ff1f93429abdcd1aaa006ddf81edbf73241dde543d77777234

Request headers

:method
GET
:authority
www.surfujkase.pl
:scheme
https
:path
/ptpwynik2.php?czas=1622580312&user=1&strona=6911&uv=1&pl=0&skad=www.adzbux.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.surfujkase.pl/promuj2.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.surfujkase.pl/promuj2.php

Response headers

date
Tue, 01 Jun 2021 20:45:22 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
PHPSESSID=r14m03gofgs4oj59ma4vbclv4d; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0a6aebf77b0000c2ea58b28000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=A0wuuWeY%2BZiqLISs08300t44xvvdfT5FrW3H1hU3TEmidxzj6fFWhdiRIyyZt%2FQipaEq07zQgodluXZw6MgbbXtdRQJqz2H9AKVf2GFo9J%2BtAFurMq1bIscc0Pdx%2B9%2BMhM5NRsfF6pxMXsI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b49059e0bc2ea-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
ptpwynik2.php
www.surfujkase.pl/ Frame 1795 		124 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.surfujkase.pl/ptpwynik2.php?czas=1622580312&user=1&strona=7169&uv=1&pl=0&skad=www.adzbux.com
Requested by
Host: www.surfujkase.pl
URL: https://www.surfujkase.pl/promuj2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b3db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17789aa9efbc8d6f823a6f5c67ea6df01479ef595dbf391795b4d526e931cb71

Request headers

:method
GET
:authority
www.surfujkase.pl
:scheme
https
:path
/ptpwynik2.php?czas=1622580312&user=1&strona=7169&uv=1&pl=0&skad=www.adzbux.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.surfujkase.pl/promuj2.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.surfujkase.pl/promuj2.php

Response headers

date
Tue, 01 Jun 2021 20:45:22 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
PHPSESSID=erij6hug2nki5mtqanbnmppm2o; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0a6aebf77b0000c2ea7e128000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Wz8jmxICL2biSv%2F%2FszvaPz%2BTsxAQS62LY1sYpLyU%2FFpkav%2FmPRshcpFi5%2BgWfKR%2Fqs4Uw2o6iDW8vM3Os1saqPMXWVM7HsC4vz7DHbi4B6y6Lr%2F4xsoGbNmiTzDx8s4lyjVEsusKuoyQ82c%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b49059e0dc2ea-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
ptpwynik2.php
www.surfujkase.pl/ Frame BB99 		124 B
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.surfujkase.pl/ptpwynik2.php?czas=1622580312&user=1&strona=6951&uv=1&pl=0&skad=www.adzbux.net
Requested by
Host: www.surfujkase.pl
URL: https://www.surfujkase.pl/promuj2.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:b3db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17789aa9efbc8d6f823a6f5c67ea6df01479ef595dbf391795b4d526e931cb71

Request headers

:method
GET
:authority
www.surfujkase.pl
:scheme
https
:path
/ptpwynik2.php?czas=1622580312&user=1&strona=6951&uv=1&pl=0&skad=www.adzbux.net
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.surfujkase.pl/promuj2.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.surfujkase.pl/promuj2.php

Response headers

date
Tue, 01 Jun 2021 20:45:22 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
PHPSESSID=fdp0us4cpo8mr759u5ivoqt8br; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0a6aebf7b200004de29a0eb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YaK3mQorTyA80f6iueDVS6zj1pPmrhVMKNkNkOLzlPvyN4gY2HWXLbb04ZVqtFRESJlfyR2tewdEDEb5BLp3oSstOnVdx72SQ7iNjiKooBY7cPHyuoCHROThGaVU7hP3xsM5hX1v%2FD%2BSFrE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658b4905eb334de2-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
reklamstore.js
adserver.reklamstore.com/ Frame 2854 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:1400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
74226
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
content-length
29647
x-amz-cf-id
Bx8V3XDm0oljEFNL6cjvrUkUdggc7JtQ5cq251oYVSyISR55mwxRtg==
publishertag.js
static.criteo.net/js/ld/ Frame 2854 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:22 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 02 Jun 2021 20:45:22 GMT
pix
ads.rekmob.com/retarget/ Frame 2854
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=reklamstore
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=reklamstore&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=DeNKMOjwBNkqZW1xZyxpW599&ssp=reklamstore
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=646ff3e6-b9ac-4a2e-8106-7a1ceb7ae668&d=1
35 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/retarget/pix?id=bs&cv=646ff3e6-b9ac-4a2e-8106-7a1ceb7ae668&d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:54 GMT
Server
nginx/1.9.6
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

location
//ads.rekmob.com/retarget/pix?id=bs&cv=646ff3e6-b9ac-4a2e-8106-7a1ceb7ae668&d=1
date
Tue, 01 Jun 2021 20:45:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
ads.rekmob.com/m/props/ Frame 2854 		271 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101739
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
429870d686efc9fbf3477266c4e558849ac6001e4f8fc3b0f586cba547f95178

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:54 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 2854 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:1400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
74226
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
content-length
29647
x-amz-cf-id
LWXbDDYs6QTwSUZlPwFdyk5sqPCvneTSnoKBjICAjGfXGE60NiLxIQ==
/
ads.rekmob.com/m/props/ Frame 2854 		270 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101741
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
f67871a227d63cd3691dcecbdf5e15e6a6fd839b917e1a607e65dd1528cace0d

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:54 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 2854 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:1400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
74226
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
content-length
29647
x-amz-cf-id
sxFyRR1UF3Y88cywZJbe8U5OFgTpI5CWigQDfbpFVaSN9-ENz_OiBw==
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=1e86b52dba4f4154a0ee87b99af3da50&ufid=3b2RBYqeN1W3z2l3crpm&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__3b2RBYqeN1W3z2l3crpm&ref=www.adzbux.com&_=1622580322988&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
b348ba9ca0d5f1fbac96314281da0e13aece06c6e3b77e45aa78b617387be61c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:54 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&ufid=PNI68nUhFeWKjuCjyCdA&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__PNI68nUhFeWKjuCjyCdA&ref=www.adzbux.com&_=1622580323019&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
6164e77f57756c117c015ccd6ecaacec627d51f5526377031f111ed2cb1c4a64

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:54 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
publishertag.js
static.criteo.net/js/ld/ Frame 2854 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:23 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 02 Jun 2021 20:45:23 GMT
/
ads.rekmob.com/m/props/ Frame 2854 		272 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101742
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
a4b0d4bdd00ad184b5fdbd07013558393dacc7003aa8a76805c249a018b406e8

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:54 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 2854 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:1400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
74227
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
content-length
29647
x-amz-cf-id
Cb9__LhmQ6SJXkvTn1ZbH2a6sJ-g6yqO4-Z8r5hVclD9iXfqU4wcLQ==
/
ads.rekmob.com/m/props/ Frame 2854 		270 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101743
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
67a7eb7a5a506154a6f9c7e8bdb601a1ba7c1d035174185bbefb7e4c92318cbe

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:54 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=0b9f3c2279244fff831c25aa0d5f7f54&ufid=eYokqY8NjSON4HYUPPXY&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__eYokqY8NjSON4HYUPPXY&ref=www.adzbux.com&_=1622580323058&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
bb4197ba0c3167206dd28c1c61e663c3800849ef9fbdefe877380c88de7a157f

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:54 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=536a874d2489404ea4758a28f8d8b1c6&ufid=sICMsACzD1XxxipK12YP&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__sICMsACzD1XxxipK12YP&ref=www.adzbux.com&_=1622580323090&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
7742a2814dcb08047fda9492d4d64375adf11ae9f1409e8b31deb45b280de4b7

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:54 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nai=&si=33151&pn=&h=250&w=300&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1489
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b490c0e3e4174-HAM
content-length
1146
cf-request-id
0a6aebfb8200004174fb8c8000000001
expires
Tue, 01 Jun 2021 22:45:23 GMT
rs-b.png
adimg.rekmob.com/logos/ Frame CD0F 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 78a48d8d46b0e5cf69ec8a7f633776e1.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27242
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
48XIwU18uZR56rFH--y239ZAv_tDhVbN18IZkgkz8YEy8tyzQ6lFpw==
e5926316d63f494186a38cc60e6d8fd4
adimg.rekmob.com/ Frame CD0F 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/e5926316d63f494186a38cc60e6d8fd4
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc88d800d27ee6a73c545ef7d47d3bb64903c45818f2ae4e836114bc7d8a158f

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 02:49:21 GMT
Via
1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:18:48 GMT
Server
AmazonS3
Age
64595
ETag
"31125bec90c91b4779510c9cffb899d1"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
15319
X-Amz-Cf-Id
Qp1aojGbUaiuovTsoDCY4C8XBg9x5FU3OMJFmbGZ3fnULO82vn_r_A==
imp
ads.rekmob.com/m/ Frame CD0F 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=1e86b52dba4f4154a0ee87b99af3da50&udid=ce46458340084158ad166e9097d38211&rid=NjBiNjljNjMwY2YyYWJkZGRmM2ZjZjUy&adId=MTM2Mw==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:54 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
flimpobj.js
pixel.yabidos.com/ Frame 2854 		30 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622580323226&ver1=2.2.3&qid=230383f5530383f5434353&rnd=kgc07hx0vbgw&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nai=&si=33151&pn=&h=250&w=300&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1603
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b490c3ec64174-HAM
content-length
23972
cf-request-id
0a6aebfba4000041740039e000000001
expires
Tue, 01 Jun 2021 22:45:23 GMT
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1489
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b490c6f714174-HAM
content-length
1146
cf-request-id
0a6aebfbc50000417417a9e000000001
expires
Tue, 01 Jun 2021 22:45:23 GMT
a6ef61b5aa4d4a35995bc18d04125b93
adimg.rekmob.com/ Frame 6999 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/a6ef61b5aa4d4a35995bc18d04125b93
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3e048568ec73a37d3de0f63e7812bd07756797f6b82a84053ac56e9c28d6e37

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 15:47:33 GMT
Via
1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:21:42 GMT
Server
AmazonS3
Age
17920
ETag
"7be928384c3265ed526e5c5e5c519349"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
12001
X-Amz-Cf-Id
RfT4eqItd831twnAK_mACEkroZOy-1U7uIGpBqiMFTOsflOoK7_0oA==
rs-b.png
adimg.rekmob.com/logos/ Frame 6999 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 78a48d8d46b0e5cf69ec8a7f633776e1.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27242
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
YaJfjmCjCL0xTabkT0RvhRA67lgUPIpV4F2MjVuCnfLrTU4MjUWpgA==
imp
ads.rekmob.com/m/ Frame 6999 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&udid=84836780a1494f5f8ad03639a92011d4&rid=NjBiNjljNjMwY2YyYWJkZGRmM2ZjZjVj&adId=MTM2OQ==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:54 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
vbl.gif
pre.glotgrx.com/ Frame 2854 		26 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622580323287&rnd=kgc07hx0vbgw&ifm=1&uai=1&cid=544&s=www.adzbux.com&p=43285&x=rekmob&adtg=1e86b52dba4f4154a0ee87b99af3da50&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:23 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2453
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b490c9e3e2c52-FRA
content-length
26
cf-request-id
0a6aebfbdc00002c520585b000000001
expires
Tue, 01 Jun 2021 22:45:23 GMT
nflrc.gif
pre.glotgrx.com/ Frame 2854 		26 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622580323281383&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=www.adzbux.com&x=rekmob&cid=544&od1=&od2=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=kgc07hx0vbgw&impid=&tps=100&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=212.102.38.150&ci=&pp=&bp=&w=300&h=250&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=5&icpl=28&icp=https%253A//www.cora-live.tk&irfl=27&irf=https%253A//www.adzbux.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-14-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-3-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=413x99&gpu=undefined&ncf=4g_9.8_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:23 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2453
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b490c9e412c52-FRA
content-length
26
cf-request-id
0a6aebfbdd00002c52980dc000000001
expires
Tue, 01 Jun 2021 22:45:23 GMT
flimpobj.js
pixel.yabidos.com/ Frame 2854 		30 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622580323298&ver1=2.2.3&qid=230383f5530383f5434353&rnd=e2lo27x01pve&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1603
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b490ca8934174-HAM
content-length
23972
cf-request-id
0a6aebfbf1000041744f8d9000000001
expires
Tue, 01 Jun 2021 22:45:23 GMT
vbl.gif
pre.glotgrx.com/ Frame 2854 		26 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622580323359&rnd=e2lo27x01pve&ifm=1&uai=1&cid=544&s=www.adzbux.com&p=43285&x=rekmob&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:23 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2453
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b490d0f642c52-FRA
content-length
26
cf-request-id
0a6aebfc2700002c52b320b000000001
expires
Tue, 01 Jun 2021 22:45:23 GMT
nflrc.gif
pre.glotgrx.com/ Frame 2854 		26 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622580323354838&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=www.adzbux.com&x=rekmob&cid=544&od1=&od2=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=e2lo27x01pve&impid=&tps=101&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=212.102.38.150&ci=&pp=&bp=&w=728&h=90&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=5&icpl=28&icp=https%253A//www.cora-live.tk&irfl=27&irf=https%253A//www.adzbux.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-14-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=413x99&gpu=undefined&ncf=4g_9.8_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:23 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2453
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b490d0f652c52-FRA
content-length
26
cf-request-id
0a6aebfc2700002c52b4208000000001
expires
Tue, 01 Jun 2021 22:45:23 GMT
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=0b9f3c2279244fff831c25aa0d5f7f54&nai=&si=33151&pn=&h=600&w=160&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1489
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b490d2a2b4174-HAM
content-length
1146
cf-request-id
0a6aebfc340000417410971000000001
expires
Tue, 01 Jun 2021 22:45:23 GMT
6453e71f2fc743c495dfb4a701a51d13
adimg.rekmob.com/ Frame CBE7 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d5b9c9d218e12f741a78d93c812ff284a41a94d7dc2eca88a3c9428d03ecee7

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 14:16:05 GMT
Via
1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:16:13 GMT
Server
AmazonS3
Age
23371
ETag
"529f2354ce0808bc9fdd7b911d8c10da"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8069
X-Amz-Cf-Id
MoAhsT9ZdA22eyZHWsSfBv9LEwPTGGtRcwCqEU7EYxW2cspxIZg7vQ==
rs-b.png
adimg.rekmob.com/logos/ Frame CBE7 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 78a48d8d46b0e5cf69ec8a7f633776e1.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27242
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
xMgul_c4XAHLWlHASQsXG7VcetKNG4ih5dH_lyLktDGwTK9gyR6YBA==
imp
ads.rekmob.com/m/ Frame CBE7 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=0b9f3c2279244fff831c25aa0d5f7f54&udid=23f8d41dc7644befaa3a67a01b66570e&rid=NjBiNjljNjMwY2YyYmVmMTBjOGUxOGUz&adId=MTM3Mg==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:54 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=536a874d2489404ea4758a28f8d8b1c6&nai=&si=33151&pn=&h=60&w=468&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1489
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b490d3a5f4174-HAM
content-length
1146
cf-request-id
0a6aebfc410000417430921000000001
expires
Tue, 01 Jun 2021 22:45:23 GMT
5cd4030f5e814adf8b0ac59f14899340
adimg.rekmob.com/ Frame ED23 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ebd675c552a02d9fd8df7e9e919adbcaa204aeed0490881a7bf64f61cdd5b776

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 18:54:12 GMT
Via
1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:21:16 GMT
Server
AmazonS3
Age
6672
ETag
"dcd2f41c062246be1f6c22954db863c3"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8005
X-Amz-Cf-Id
FRgnVBFPrn9oLgqggd9BaqmNOW6N3uKfAR0OtuQmt26k0Iwe9DhCyw==
rs-b.png
adimg.rekmob.com/logos/ Frame ED23 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 e61ad774b1bb9761f20e1bb4c1d6c734.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27242
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
1GvyQs4RWuNevZgfkBk9OTJz3BEk-CEropzPRYUIzUQHC0Y8jtdsYA==
imp
ads.rekmob.com/m/ Frame ED23 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=536a874d2489404ea4758a28f8d8b1c6&udid=b7b86ca3ec3d4ed6b8b59a7c0ea1d820&rid=NjBiNjljNjMwY2YyYmVmMTBjOGUxOGU1&adId=MTM2OA==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:54 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
flimpobj.js
pixel.yabidos.com/ Frame 2854 		30 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622580323402&ver1=2.2.3&qid=230383f5530383f5434353&rnd=p09y7zahu9x8&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=0b9f3c2279244fff831c25aa0d5f7f54&nai=&si=33151&pn=&h=600&w=160&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1603
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b490d5ac04174-HAM
content-length
23972
cf-request-id
0a6aebfc54000041742d0bd000000001
expires
Tue, 01 Jun 2021 22:45:23 GMT
vbl.gif
pre.glotgrx.com/ Frame 2854 		26 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622580323457&rnd=p09y7zahu9x8&ifm=1&uai=1&cid=544&s=www.adzbux.com&p=43285&x=rekmob&adtg=0b9f3c2279244fff831c25aa0d5f7f54&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:23 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2453
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b490da8c62c52-FRA
content-length
26
cf-request-id
0a6aebfc8700002c52d928f000000001
expires
Tue, 01 Jun 2021 22:45:23 GMT
nflrc.gif
pre.glotgrx.com/ Frame 2854 		26 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622580323451820&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=www.adzbux.com&x=rekmob&cid=544&od1=&od2=&adtg=0b9f3c2279244fff831c25aa0d5f7f54&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=p09y7zahu9x8&impid=&tps=104&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=212.102.38.150&ci=&pp=&bp=&w=160&h=600&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=5&icpl=28&icp=https%253A//www.cora-live.tk&irfl=27&irf=https%253A//www.adzbux.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-14-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-3-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=413x99&gpu=undefined&ncf=4g_9.8_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:23 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2453
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b490da8c82c52-FRA
content-length
26
cf-request-id
0a6aebfc8b00002c52b3213000000001
expires
Tue, 01 Jun 2021 22:45:23 GMT
reklamstore.js
adserver.reklamstore.com/ Frame 2854 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:1400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
74228
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
content-length
29647
x-amz-cf-id
T1NMVn3hQT48Mzc7y0aV7XoXThQI8tUJ3K4XgMd6yVJIboedfNizDw==
publishertag.js
static.criteo.net/js/ld/ Frame 2854 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:24 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 02 Jun 2021 20:45:24 GMT
pix
ads.rekmob.com/retarget/ Frame 2854
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=reklamstore
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=646ff3e6-b9ac-4a2e-8106-7a1ceb7ae668
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=646ff3e6-b9ac-4a2e-8106-7a1ceb7ae668
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=e06958f5-4a01-49d0-9cdd-ffdaa7ccb634&ssp=reklamstore&expires=30&user_group=5&bsw_param=646ff3e6-b9ac-4a2e-8106-7a1ceb7ae668
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=e06958f5-4a01-49d0-9cdd-ffdaa7ccb634&ssp=reklamstore&expires=30&user_group=5&bsw_param=646ff3e6-b9ac-4a2e-8106-7a1ceb7ae668
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=03edb402-2acc-4bb6-82e3-10c03234ae05&d=1
35 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/retarget/pix?id=bs&cv=03edb402-2acc-4bb6-82e3-10c03234ae05&d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:56 GMT
Server
nginx/1.9.6
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

location
//ads.rekmob.com/retarget/pix?id=bs&cv=03edb402-2acc-4bb6-82e3-10c03234ae05&d=1
date
Tue, 01 Jun 2021 20:45:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
ads.rekmob.com/m/props/ Frame 2854 		271 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101739
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
429870d686efc9fbf3477266c4e558849ac6001e4f8fc3b0f586cba547f95178

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:56 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 2854 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:1400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
74228
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
content-length
29647
x-amz-cf-id
i8oKd2IquL3I_xCP3SnZiEHEpmRg6Y9ju52shyGpc3SOSgSQwDu9Sg==
/
ads.rekmob.com/m/props/ Frame 2854 		270 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101741
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
f67871a227d63cd3691dcecbdf5e15e6a6fd839b917e1a607e65dd1528cace0d

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:56 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 2854 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:1400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
74228
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
content-length
29647
x-amz-cf-id
5ec_4qffQZL0BtkA4Y_hl-z2-0xqBzrbyuWwD4vAspF1MRFo3zWukw==
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=1e86b52dba4f4154a0ee87b99af3da50&ufid=fkeaL2taiASKOePgGmBl&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__fkeaL2taiASKOePgGmBl&ref=www.adzbux.com&_=1622580324989&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
fc73c5b0bbe12f88d88b0f20271568c08b6f371539b9319839bbda3d8894cb86

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:56 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
publishertag.js
static.criteo.net/js/ld/ Frame 2854 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:25 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 02 Jun 2021 20:45:25 GMT
/
ads.rekmob.com/m/props/ Frame 2854 		272 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101742
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
a4b0d4bdd00ad184b5fdbd07013558393dacc7003aa8a76805c249a018b406e8

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:56 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 2854 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.cora-live.tk
URL: https://www.cora-live.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:1400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
74229
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
content-length
29647
x-amz-cf-id
T8YnowLFYUPZ0Wx9MB1Fkd5xtmgGlDxgUqFOqwq9JrMM8cU8Fvb2qg==
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&ufid=xLN8REekWofchMuWGJNd&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__xLN8REekWofchMuWGJNd&ref=www.adzbux.com&_=1622580325025&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
707a42c1563477b5ea5078a2e5850a38201e4ce29c6537e6c6a588793b72092a

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:56 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
ads.rekmob.com/m/props/ Frame 2854 		270 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/props/?regionId=1101743
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
67a7eb7a5a506154a6f9c7e8bdb601a1ba7c1d035174185bbefb7e4c92318cbe

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:56 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=0b9f3c2279244fff831c25aa0d5f7f54&ufid=h7hV17h2IWR1wuQIZWto&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__h7hV17h2IWR1wuQIZWto&ref=www.adzbux.com&_=1622580325068&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
67abd316f260c844f824de4f4e27d2ddd64c11ac142ee0d3f33be142ba2318e1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:56 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
adp
ads.rekmob.com/m/ Frame 2854 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rekmob.com/m/adp?uid=536a874d2489404ea4758a28f8d8b1c6&ufid=VJ3BKrrayEDwDxWRDBvD&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__VJ3BKrrayEDwDxWRDBvD&ref=www.adzbux.com&_=1622580325093&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
9152c651615b3595529300aafd0f857a7e57f566143ea96a62802f3a6997d5f1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:56 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
CZ
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nai=&si=33151&pn=&h=250&w=300&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1491
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b4918ec374174-HAM
content-length
1146
cf-request-id
0a6aec039000004174560f4000000001
expires
Tue, 01 Jun 2021 22:45:25 GMT
bi.js
cdn.runative-syndicate.com/sdk/v1/ Frame F2AC 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.runative-syndicate.com/sdk/v1/bi.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.110 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
c54b644fd5c4c94f49cc8bde286802266cbb733d557d4fed43cc705b95d1de3d

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:25 GMT
content-encoding
gzip
last-modified
Wed, 17 Feb 2021 13:10:31 GMT
server
nginx
age
9008816
etag
W/"602d15c7-1931"
vary
Accept-Encoding
content-type
application/javascript
x-robots-tag
noindex, nofollow
rs-b.png
adimg.rekmob.com/logos/ Frame F2AC 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27244
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
QAAtT3Bk6VcLNsSehh1a9raJHI7n9NbjILy4ZAaX93Z43H66IWcHig==
imp
ads.rekmob.com/m/ Frame F2AC 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=1e86b52dba4f4154a0ee87b99af3da50&udid=a022e99d3378404fa49aa4ccd484e6e9&rid=NjBiNjljNjUwY2YyYjI2MDRhNTM0Y2Zk&adId=MTQ3Mw==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:56 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1491
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b49191cc54174-HAM
content-length
1146
cf-request-id
0a6aec03ae0000417407bd6000000001
expires
Tue, 01 Jun 2021 22:45:25 GMT
5a1b9c9bcd394786b925816e44cc87a0
adimg.rekmob.com/ Frame 3BDE 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/5a1b9c9bcd394786b925816e44cc87a0
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd8d37964d54dedc218e5346e5442830ac85a24fec916f3f3a540d0f08037c33

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 15:53:35 GMT
Via
1.1 e61ad774b1bb9761f20e1bb4c1d6c734.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:22:03 GMT
Server
AmazonS3
Age
17513
ETag
"8bf981578b0ec356244ea5b3376c955c"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
27977
X-Amz-Cf-Id
NetAF5KBVMj5g-XNQoNA2pw7-Al4--__Afgr7BtWG_UYY5w85QOWUA==
rs-b.png
adimg.rekmob.com/logos/ Frame 3BDE 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27244
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
12Xxu0hqDNXiN-AarqF-BI1Zwi1k0LC_pL7-Ezu4DjWRmHLYteuKJA==
imp
ads.rekmob.com/m/ Frame 3BDE 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&udid=f63e6102b0ea45b8b3ac2bd5d56af505&rid=NjBiNjljNjUwY2YyYmVmMTBjOGUxOTg1&adId=MTM3MA==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:56 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=536a874d2489404ea4758a28f8d8b1c6&nai=&si=33151&pn=&h=60&w=468&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1491
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b49192cdc4174-HAM
content-length
1146
cf-request-id
0a6aec03b600004174400d7000000001
expires
Tue, 01 Jun 2021 22:45:25 GMT
5cd4030f5e814adf8b0ac59f14899340
adimg.rekmob.com/ Frame 8FE6 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ebd675c552a02d9fd8df7e9e919adbcaa204aeed0490881a7bf64f61cdd5b776

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 18:54:12 GMT
Via
1.1 78a48d8d46b0e5cf69ec8a7f633776e1.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:21:16 GMT
Server
AmazonS3
Age
6674
ETag
"dcd2f41c062246be1f6c22954db863c3"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8005
X-Amz-Cf-Id
UHPAWGIsoezGc0SlfRSy4WEc4kiXBhXGep55WEaxBwSBOo6TvFjm4Q==
rs-b.png
adimg.rekmob.com/logos/ Frame 8FE6 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27244
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
Bubu1NgTEoWfOyAsrF3cbKgTGqI0dIXUbusQOCSleSBbtBZ5LyA-Xw==
imp
ads.rekmob.com/m/ Frame 8FE6 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=536a874d2489404ea4758a28f8d8b1c6&udid=8375e618e79048d68f515676ba40ebd7&rid=NjBiNjljNjUwY2YyMTQ1ZTQyMjY2MTM1&adId=MTM2OA==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:56 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
flimpobj.js
pixel.yabidos.com/ Frame 2854 		30 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622580325292&ver1=2.2.3&qid=230383f5530383f5434353&rnd=7tas9747mqu0&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nai=&si=33151&pn=&h=250&w=300&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1605
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b49193d114174-HAM
content-length
23972
cf-request-id
0a6aec03c20000417452bee000000001
expires
Tue, 01 Jun 2021 22:45:25 GMT
fltiu.js
pixel.yabidos.com/ Frame 2854 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=0b9f3c2279244fff831c25aa0d5f7f54&nai=&si=33151&pn=&h=600&w=160&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1491
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b49193d124174-HAM
content-length
1146
cf-request-id
0a6aec03c20000417468276000000001
expires
Tue, 01 Jun 2021 22:45:25 GMT
6453e71f2fc743c495dfb4a701a51d13
adimg.rekmob.com/ Frame 226E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d5b9c9d218e12f741a78d93c812ff284a41a94d7dc2eca88a3c9428d03ecee7

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 14:16:05 GMT
Via
1.1 07cb86faf6a141962da4e2d7c85db039.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:16:13 GMT
Server
AmazonS3
Age
23373
ETag
"529f2354ce0808bc9fdd7b911d8c10da"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8069
X-Amz-Cf-Id
sMQ1-40dT7t-ar914jpSErJTT2Wyu1hMh4BJ_SefuCe_xzW_w7HDfg==
rs-b.png
adimg.rekmob.com/logos/ Frame 226E 		471 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adimg.rekmob.com/logos/rs-b.png
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 13:11:22 GMT
Via
1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
Last-Modified
Thu, 26 Jul 2018 10:20:15 GMT
Server
AmazonS3
Age
27244
ETag
"5965d59f86a925e809f20a75e26c9d0c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
471
X-Amz-Cf-Id
1QPsOxF5B5LsnIcJd4m8_K21aLm-p-dL4a5HnsXXNWJfXdkdFo97cw==
imp
ads.rekmob.com/m/ Frame 226E 		2 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.rekmob.com/m/imp?uid=0b9f3c2279244fff831c25aa0d5f7f54&udid=7987776f0ad64826ba38a96f6c51d31e&rid=NjBiNjljNjUwY2YyN2IyMzZhMzhjNzNk&adId=MTM3Mg==
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:09:56 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
CZ
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
7a59f4ee8243465197d99ee2959f6ef7.html
run-syndicate.com/iframes2/ Frame 6F3B 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=0&clientjs=1&w=1600&h=1200
Requested by
Host: cdn.runative-syndicate.com
URL: https://cdn.runative-syndicate.com/sdk/v1/bi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.25 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.25.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
4df269279203c13cfdfd6d46a10118c92b260e3fd135e58f1adcfe6063d271f5

Request headers

:method
GET
:authority
run-syndicate.com
:scheme
https
:path
/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=0&clientjs=1&w=1600&h=1200
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://exp3.eurosptp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://exp3.eurosptp.com/

Response headers

server
nginx
date
Tue, 01 Jun 2021 20:45:25 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding *
cache-control
no-cache, no-store, no-transform, must-revalidate no-transform
pragma
no-cache
expires
0
x-api-version
2
link
<https://lcdn.runative-syndicate.com/sdk/v1/b.b.js>; rel=preload; as=script, <https://lcdn.runative-syndicate.com/images/7/0/c3a9047b36cc38f4d0a9dfa353fb3097f34dee/300x250.jpg>; rel=preload; as=image
x-request-id
fdade1284f4ce414
set-cookie
ts_uid=b6d30cee-9167-4d82-ac62-d68e25408989; expires=Wed, 01 Dec 2021 20:45:25 GMT; domain=.run-syndicate.com; path=/; HttpOnly; secure; SameSite=None bfq=e0SIEaFjSxcWIsYUPJiwDMMufRQE; expires=Wed, 02 Jun 2021 20:45:25 GMT; domain=.runative-syndicate.com; path=/; secure; SameSite=None
x-robots-tag
none noindex, nofollow
report-to
{ "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding
gzip
flimpobj.js
pixel.yabidos.com/ Frame 2854 		30 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622580325325&ver1=2.2.3&qid=230383f5530383f5434353&rnd=w4x2jegpszcu&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=www.adzbux.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=212.102.38.150&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:29 GMT
server
cloudflare
age
1605
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b49195d7b4174-HAM
content-length
23972
cf-request-id
0a6aec03d7000041742d188000000001
expires
Tue, 01 Jun 2021 22:45:25 GMT
vbl.gif
pre.glotgrx.com/ Frame 2854 		26 B
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622580325391&rnd=w4x2jegpszcu&ifm=1&uai=1&cid=544&s=www.adzbux.com&p=43285&x=rekmob&adtg=536a874d2489404ea4758a28f8d8b1c6&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:25 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2455
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b4919be772c52-FRA
content-length
26
cf-request-id
0a6aec041600002c52c626d000000001
expires
Tue, 01 Jun 2021 22:45:25 GMT
nflrc.gif
pre.glotgrx.com/ Frame 2854 		26 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622580325384649&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=www.adzbux.com&x=rekmob&cid=544&od1=&od2=&adtg=536a874d2489404ea4758a28f8d8b1c6&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=w4x2jegpszcu&impid=&tps=118&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=212.102.38.150&ci=&pp=&bp=&w=468&h=60&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=5&icpl=28&icp=https%253A//www.cora-live.tk&irfl=27&irf=https%253A//www.adzbux.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-14-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=413x99&gpu=undefined&ncf=4g_9.8_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:25 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2455
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b4919be7a2c52-FRA
content-length
26
cf-request-id
0a6aec041600002c52a8ada000000001
expires
Tue, 01 Jun 2021 22:45:25 GMT
vbl.gif
pre.glotgrx.com/ Frame 2854 		26 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622580325425&rnd=w4x2jegpszcu&ifm=1&uai=1&cid=544&s=www.adzbux.com&p=43285&x=rekmob&adtg=536a874d2489404ea4758a28f8d8b1c6&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:25 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2455
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b4919feee2c52-FRA
content-length
26
cf-request-id
0a6aec043800002c52cc8c1000000001
expires
Tue, 01 Jun 2021 22:45:25 GMT
nflrc.gif
pre.glotgrx.com/ Frame 2854 		26 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622580325418942&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=www.adzbux.com&x=rekmob&cid=544&od1=&od2=&adtg=536a874d2489404ea4758a28f8d8b1c6&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=w4x2jegpszcu&impid=&tps=118&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=212.102.38.150&ci=&pp=&bp=&w=468&h=60&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=5&icpl=28&icp=https%253A//www.cora-live.tk&irfl=27&irf=https%253A//www.adzbux.com/&cty=4&fcs=0&flky=&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=413x99&gpu=undefined&ncf=4g_9.8_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1-27-v8&trim=&fio=13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://exp3.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:25 GMT
cf-cache-status
HIT
last-modified
Sun, 30 May 2021 17:16:19 GMT
server
cloudflare
age
2455
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
658b4919fef02c52-FRA
content-length
26
cf-request-id
0a6aec043900002c52c6270000000001
expires
Tue, 01 Jun 2021 22:45:25 GMT
b.b.js
lcdn.runative-syndicate.com/sdk/v1/ Frame 6F3B 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lcdn.runative-syndicate.com/sdk/v1/b.b.js
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.82.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
d7d6b4ac1019f487f26ab37a8eef1c80be8d6c213a98d875d8847e99288802c6

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:25 GMT
last-modified
Mon, 01 Jun 2020 09:16:15 GMT
server
nginx
age
29403487
etag
"5ed4c75f-100b"
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
4107
300x250.jpg
lcdn.runative-syndicate.com/images/7/0/c3a9047b36cc38f4d0a9dfa353fb3097f34dee/ Frame 6F3B 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lcdn.runative-syndicate.com/images/7/0/c3a9047b36cc38f4d0a9dfa353fb3097f34dee/300x250.jpg
Requested by
Host: exp3.eurosptp.com
URL: https://exp3.eurosptp.com/page.php?fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.82.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
ccfbb3d483f039f314801bfb271c0365f5a213b54f01c68026c682a6c2b1338a

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:25 GMT
last-modified
Tue, 22 Dec 2020 11:15:18 GMT
server
nginx
age
13943372
etag
"5fe1d546-1cea"
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
7402
bannerNativeTrackImpression.js
lcdn.runative-syndicate.com/sdk/v1/ Frame 6F3B 		655 B
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lcdn.runative-syndicate.com/sdk/v1/bannerNativeTrackImpression.js
Requested by
Host: run-syndicate.com
URL: https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=0&clientjs=1&w=1600&h=1200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.82.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
f870e36f1d8c5188723dd872a87705dfad89cabaf1c99ddd8ea7e0350fb48842

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:25 GMT
last-modified
Mon, 31 Aug 2020 07:23:11 GMT
server
nginx
age
23721286
etag
"5f4ca55f-28f"
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
655
n.css
lcdn.runative-syndicate.com/sdk/v1/ Frame 6F3B 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lcdn.runative-syndicate.com/sdk/v1/n.css
Requested by
Host: run-syndicate.com
URL: https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=0&clientjs=1&w=1600&h=1200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.82.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:25 GMT
last-modified
Wed, 17 Feb 2021 15:07:12 GMT
server
nginx
age
9003829
etag
"602d3120-2055"
content-type
text/css
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
8277
native-banner-default.css
lcdn.runative-syndicate.com/sdk/v1/ Frame 6F3B 		251 B
422 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lcdn.runative-syndicate.com/sdk/v1/native-banner-default.css
Requested by
Host: run-syndicate.com
URL: https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=0&clientjs=1&w=1600&h=1200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.82.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
ff9150f84253841e2097c26de1611c67aad46c758b1899c75800af0016e5c446

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:25 GMT
last-modified
Mon, 31 Aug 2020 07:23:11 GMT
server
nginx
age
23721285
etag
"5f4ca55f-fb"
content-type
text/css
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
251
p.js
pixel.runative-syndicate.com/api/v1/p/ Frame 6F3B 		24 B
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.runative-syndicate.com/api/v1/p/p.js?p=e0SEGUNHhI4YLETQOXNQBA4yNWzgkBFjRosbNMSUaUGjxowcLXLQqNhRzA2JN26Q0VjGjAiFYeqMcTgyjJkcFc20MIMDx5iOZMbYaIHDRpiLMcbIyIHjBo4ZSsfQjEnGzkEbMG7IUAinjpiDMWJUjAkHTlgaMWBwFTEHjkGENjLOIKmwDB46X9zCFaE2xg2QMEWMaXNWx4waaWFUfYlQoRg3bg7O2EoyoYg2bhrqkDGDLZzMm2vUyKGwjhw2B2kYzVjDtAyHaOjQgTNHx4sXY-SUCUMnjZ0yLsKwwSPmzBsXY960ecEESpA1aeSE-WEnDZkyb-YwSTOHTg_lwOW0uehmjpk7LIJgZxMmjZsyX1qYR8-iyRs2bPIIKSNn_vn0pkAjjOmmqOON_-qbgsAwvjCjDjcSvIOLOmBY66g66HgDjvby6MEM6byjAo062hCDQgtlsMGNN9xwog7shmiRjjLc-C4GFC-kg8AzyvhONtrmKGGGIEqQwQgjjTjOBe_kSAOOMQakI7nlkhzSCDh6Q2NIIpKcI40z3KgDjiTrmKM_I20ws78kyOByIhpIIkMGGW44aYwazKihDBvGgIiGHMpIDM4wwrBBjIqaGiOMpsQiIwYaLBzjqRxq6MwMMsyIE4YxxHAqzTXlaPNNHOKUYc4678xzzz7_DHTQUgs9NNGfGMXBUUglpdTSGTDVNNJOP1Vx0cLcC3PUGYhgMTIYy0izjTJMZNPNZNWwIowhiphhihakoKKNKpKogo4YtIiKiRvuCCIII244Y90gpEAjCCHaaEKLd-GFNwk4plj3ijrwiELfJJiwwYgwYkhzjjdOG6MMZImAVC0Z0oRD4WTFCCOy_uYQDLSD2CJjOYfugmMGF8o4Tbu34KCyDcEWhWuLhLiagQUaWHDNBhZuYAEHFkpTiwWxiObKIqJzjsG1GHj-i2igYyhNhsXIopOFzrDOWQbXVMTaZxmAZoqFGRaLimybb6aLbNdm4JkysoEGCefF0sKZKxpujhNn12jgmQafV8O5tBoSslTnmxPT2TWJdPa5Bhy66EoOmhwTYUPKw3qsMRhcsNC1wUD7Ao7Mdeg8xbx5FkEOOwwr264xQDbdcxjoAlqEOupIwyExbCCj7Ic5yqHpG4KiqAWCbJChBTImKoPrSHFoKgfBnnSoIhlcoNiFGXDQvgYYBJPjC-t1EAF77dfi3vulwzctDIfu0yON_MJ4oQbPQUDhivdGvmMOEDiBCiBQi-d2AAL-ucEGNDggHhaYAhAEwSxsKMMVyiCGJaSBDvejDPdsoL8lIIEKTWACC0DAhjSsoQwgOEIZxrCGN0BwCGiQw3LK8ALpec4FecvhVkCwIDMQKA0cvIEHY1Y5EQxBC4J5w_im4hAlii9MB6mU6tiAxCI4QTDYscMXxCCHg9yOi1_YTWoQUgOULK1UFlIIGWqouct5TAc5W51LYjOb2tzmBSZDmcpquBeXKYc5grmDQ5pmIcGgwZBUc19bWOeQGu5IQ_6BkAZbAAP8kUE6LjRIG5GInS9ocjcFEQwdYBYXOkGudlxTiClhg0qu4WCViYHbQMhAxjK45Qu9CYvyYjlLu3RxOP2hgxy3cDbPSE4EpHsDHvIQMoWggTfYkYMcb9AHBQQE&r=1&s=010ab51bb5384687c1ded5e27d1340fb28b544f34a160dd5df00ab693b887cad1622580325&w=t
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.198.68.43 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:45:25 GMT
server
nginx
x-robots-tag
noindex, nofollow
content-length
24
content-type
text/javascript; charset=utf-8
3eea8848118056f6940853f30f364218.gif
sharkpromotion.net/adv_banners/ Frame 9665 		293 KB
294 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/adv_banners/3eea8848118056f6940853f30f364218.gif
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/js/jquery/jquery-3.2.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
e12bf66ce4b8872eae53b9694352b4b421053974ca3935afb27fee6ca1d18117

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:26 GMT
Last-Modified
Wed, 19 May 2021 13:18:45 GMT
Server
nginx/1.18.0
ETag
"60a51035-49546"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
300358
Expires
Tue, 08 Jun 2021 20:45:26 GMT
ads.php
webtrafic.ru/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webtrafic.ru/ads.php?uid=1021&ads=2870&h=9d67eb43618f5fb81708231d7f09f3d1
Requested by
Host: webtrafic.ru
URL: https://webtrafic.ru/ads.php?uid=1021
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.249.138.135 , Russian Federation, ASN20485 (TRANSTELECOM Moscow, Russia, RU),
Reverse DNS
host.135.dynamic1.l2tp.subnets.svg.ttkdv.ru
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.cora-live.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 20:45:27 GMT
server
nginx/1.16.1
strict-transport-security
max-age=31536000;
content-type
text/html; charset=UTF-8
/
sharkpromotion.net/socket.io/ Frame 9665 		0
0
af9f9eb6cede254441c1507ddd259dea.gif
sharkpromotion.net/adv_banners/ Frame 9665 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/adv_banners/af9f9eb6cede254441c1507ddd259dea.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
ee13955c0886a18bb51a3709d0cf6af7f5907c4d327b89b36a6667364ff1fade

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:27 GMT
Last-Modified
Sun, 30 May 2021 21:05:36 GMT
Server
nginx/1.18.0
ETag
"60b3fe20-3319c"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
209308
Expires
Tue, 08 Jun 2021 20:45:27 GMT
57c0773a2243fdb564824be2a812e4b6.png
sharkpromotion.net/adv_banners/ Frame 9665 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/adv_banners/57c0773a2243fdb564824be2a812e4b6.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
f75cd0974bc5f07cf961b7a549dae79da312a66e50d41525d8169446ca0d0899

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:27 GMT
Last-Modified
Sat, 22 May 2021 19:04:35 GMT
Server
nginx/1.18.0
ETag
"60a955c3-21c7"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8647
Expires
Tue, 08 Jun 2021 20:45:27 GMT
/
payeer.com/ Frame 821F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://payeer.com/?session=2103954
Requested by
Host: trafiframe.ru
URL: https://trafiframe.ru/iframe.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.170.93.24 , Czech Republic, ASN2591 (IMPLETEC-AS, BG),
Reverse DNS
Software
iCore Proxy Module /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
payeer.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://trafiframe.ru/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://trafiframe.ru/

Response headers

Server
iCore Proxy Module
Date
Tue, 01 Jun 2021 20:45:27 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
bdbb934e5f6c8232a0fc4fef7d840048.gif
sharkpromotion.net/adv_banners/ Frame 9665 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharkpromotion.net/adv_banners/bdbb934e5f6c8232a0fc4fef7d840048.gif
Requested by
Host: sharkpromotion.net
URL: https://sharkpromotion.net/js/jquery/jquery-3.2.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.9.105 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
sharkpromotion.net
Software
nginx/1.18.0 /
Resource Hash
aebbcd2b05cae179f8c24bc2d17fdf2da53d81593b4e16e2e2d25813acadb224

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 20:45:28 GMT
Last-Modified
Sun, 30 May 2021 21:05:51 GMT
Server
nginx/1.18.0
ETag
"60b3fe2f-75cc"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30156
Expires
Tue, 08 Jun 2021 20:45:28 GMT
56460499
mc.yandex.com/webvisor/ Frame 1565 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/56460499?wmode=0&wv-part=2&wv-hit=425655252&page-url=https%3A%2F%2Ftrafiframe.ru%2Fiframe.php&rn=205709667&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1622580330%3Aw%3A0x0%3Av%3A530%3Az%3A120%3Ai%3A20210601224529%3Au%3A1622580313525379762%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1622580330
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trafiframe.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 20:45:29 GMT
last-modified
Tue, 01-Jun-2021 20:45:29 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://trafiframe.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 01-Jun-2021 20:45:29 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.surfujkase.pl
URL
https://www.surfujkase.pl/promuj2.php
Domain
www.surfujkase.pl
URL
https://www.surfujkase.pl/promuj2.php
Domain
www.epicrotator.com
URL
https://www.epicrotator.com/rotate.php
Domain
www.randomadz.com
URL
https://www.randomadz.com/rotate.php
Domain
static.a-ads.com
URL
https://static.a-ads.com/a-ads-banners/171433/160x600?region=eu-central-1
Domain
sharkpromotion.net
URL
https://sharkpromotion.net/?r=51425
Domain
trafiframe.ru
URL
https://trafiframe.ru/iframe.php
Domain
static.a-ads.com
URL
https://static.a-ads.com/a-ads-banners/116319/200x200?region=eu-central-1
Domain
arc.io
URL
https://arc.io/widget.min.js
Domain
www.globalrotator.com
URL
https://www.globalrotator.com/rotate.php
Domain
www.epicrotator.com
URL
https://www.epicrotator.com/rotate.php
Domain
www.randomadz.com
URL
https://www.randomadz.com/rotate.php
Domain
arc.io
URL
https://arc.io/widget.min.js
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js
Domain
worldofclix.com
URL
https://worldofclix.com/
Domain
www.adzbux.com
URL
https://www.adzbux.com/mass-rotator.php
Domain
www.globalrotator.com
URL
https://www.globalrotator.com/rotate.php
Domain
www.epicrotator.com
URL
https://www.epicrotator.com/rotate.php
Domain
www.randomadz.com
URL
https://www.randomadz.com/rotate.php
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700
Domain
oceanofgames.com
URL
https://oceanofgames.com/wp-content/uploads/2014/10/Midtown-Madness-1-Download-For-Free.jpg
Domain
oceanofgames.com
URL
https://oceanofgames.com/wp-content/uploads/2020/11/The-Waylanders-The-Corrupted-Coven-Early-Access-Free-Download-1-OceanofGames.com_.jpg
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700
Domain
sharkpromotion.net
URL
https://sharkpromotion.net/ajax/ajax_online.php
Domain
sharkpromotion.net
URL
https://sharkpromotion.net:3000/socket.io/?EIO=3&transport=polling&t=Nd9KiA_
Domain
cdn.run-syndicate.com
URL
https://cdn.run-syndicate.com/sdk/v1/n.css
Domain
ads.rekmob.com
URL
https://ads.rekmob.com/m/imp?uid=0b9f3c2279244fff831c25aa0d5f7f54&udid=d8f6020c93164725978bc445f0a9a9c5&rid=NjBiNjljNTkwY2YyYWIzNTdiNmZlOTY0&adId=MTM0Ng==
Domain
cdn.run-syndicate.com
URL
https://cdn.run-syndicate.com/sdk/v1/n.css
Domain
ads.rekmob.com
URL
https://ads.rekmob.com/m/imp?uid=536a874d2489404ea4758a28f8d8b1c6&udid=9663b75a8e544abda52b3f0687786d56&rid=NjBiNjljNWEwY2YyYWIzNTdiNmZlOTc0&adId=MTM0Nw==
Domain
whos.amung.us
URL
https://whos.amung.us/swidget/popmyads.png
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=dae2dc98d5d6dbdb8eded1ddcd91dfd08da5989baf93a88b978b938e958da39d9bac96aa989a9994a09e9f
Domain
sharkpromotion.net
URL
https://sharkpromotion.net:3000/socket.io/?EIO=3&transport=polling&t=Nd9Kj0W
Domain
sharkpromotion.net
URL
https://sharkpromotion.net:3000/socket.io/?EIO=3&transport=polling&t=Nd9Kjuf
Domain
sharkpromotion.net
URL
https://sharkpromotion.net:3000/socket.io/?EIO=3&transport=polling&t=Nd9Kl9t

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| monthFormat string| noThumbnail number| postPerPage boolean| fixedSidebar string| commentsSystem string| disqusShortname string| GoogleAnalyticsObject function| ga object| adsbygoogle object| messages number| cr_flowid string| cr_subkey number| cr_timelimit object| google_tag_manager object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| lSCoDe function| lsOrder function| lsStHex function| LiNKsloT string| welcome string| jZv string| Rt4 string| pMj string| Yre function| None string| C3U string| Qex string| BXW string| YMF string| f3S string| lsGT number| lsSY number| lsPZ number| lsMX number| lsMY string| lsPR function| lsRT object| lsHT object| lsDS object| lsDv string| lsLN string| lsID string| lsPD string| x string| lsRX number| lsT0 boolean| lsIFram string| hash string| lsNA number| fl function| lsSF function| lsMF string| xgY function| $ function| jQuery object| _0x2c02 object| _0x7bd6 function| _0x25d3 function| _0x182206 function| _0x15b683 number| postResults number| numOfPages object| pageOf undefined| noPage string| currentPage number| currentPageNo undefined| postLabel string| locationUrl string| home_page function| startPagination function| dataFeed function| pageCurrentBlogger function| getPage function| getLabelPage function| findPostDate object| at_block boolean| at_isFramed object| at_url object| at_banner number| at_timer_r function| at_req object| at_http number| at_timer_u function| at_update number| pageNumber number| pageStart number| lastPageNo number| pageEnd function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowByEmailView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices object| jQuery112406513610441457367 object| FB

19 Cookies

Domain/Path Name / Value
.run-syndicate.com/ Name: ts_uid
Value: 4009debd-5000-40ec-bf09-959b0249a5af
.popmyads.com/ Name: __cf_bm
Value: 7d4364b654e14cb3af46950144a2d11cc712513c-1622580313-1800-AVF5//UHQPnsXLxs4FeBNxN4sSZcfgS5dT89OV82EmZy2/ONcBYUJuS6CBlTEXfBsEGpXZmH+XrX4cTAwhPQ7BA=
.criteo.com/ Name: uid
Value: fc159ee8-9d77-4930-bc13-d91172674437
.eurosptp.com/ Name: visite24
Value: 1
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: ENzQie7doGU
.eurosptp.com/ Name: visite
Value: 24h
.trafiframe.ru/ Name: _ym_visorc
Value: w
.cora-live.tk/ Name: _gat_gtag_UA_114936408_9
Value: 1
.trafiframe.ru/ Name: _ym_isad
Value: 2
.trafiframe.ru/ Name: _ym_d
Value: 1622580313
.youtube.com/ Name: YSC
Value: 03kvXmrYC6c
core.arc.io/ Name: _immortal|Arc_nodeId
Value: Y4ye6kGsynyMSGjgtWM7oB
.eurosptp.com/ Name: visbl
Value: 2
.trafiframe.ru/ Name: _ym_uid
Value: 1622580313525379762
.cora-live.tk/ Name: _gat_blogger
Value: 1
.cora-live.tk/ Name: _gid
Value: GA1.2.642033752.1622580312
www.cora-live.tk/ Name: nova
Value: 2pp9shulbom000000000000000000000
.adzbux.com/ Name: __cf_bm
Value: 5c9fd144035a66b3cfeb1ff8db9dba34d8d2def0-1622580312-1800-AfVWPdrlESU9BOy44yBvsl7umF5iBhGVeXGxvvtd0OhixDi70fn7VkL6+4LxVN5YI1ArghPJayUaBG+E5f2P6Ug=
.cora-live.tk/ Name: _ga
Value: GA1.2.308665836.1622580312

160 Console Messages

Source Level URL
Text
console-api warning URL: https://static.arc.io/widget/js/core.js?fd8fd2c(Line 30)
Message:
Failed to install Arc's Service Worker. For installation help, see https://portal.arc.io/installation. Service Worker documentation: https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API/Using_Service_Workers#Why_is_my_service_worker_failing_to_register. TypeError Cannot read property 'removeItem' of null
console-api warning URL: https://static.arc.io/widget/js/core.js?fd8fd2c(Line 30)
Message:
Failed to install Arc's Service Worker. For installation help, see https://portal.arc.io/installation. Service Worker documentation: https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API/Using_Service_Workers#Why_is_my_service_worker_failing_to_register. TypeError Cannot read property 'removeItem' of null
console-api warning URL: https://static.arc.io/widget/js/core.js?fd8fd2c(Line 30)
Message:
Failed to install Arc's Service Worker. For installation help, see https://portal.arc.io/installation. Service Worker documentation: https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API/Using_Service_Workers#Why_is_my_service_worker_failing_to_register. TypeError Cannot read property 'removeItem' of null
console-api log (Line 1)
Message:
keyword false
console-api log (Line 1)
Message:
keyword false
console-api log (Line 1)
Message:
keyword false
console-api log (Line 1)
Message:
keyword false
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://static.arc.io/widget/js/widget-ui.js?fd8fd2c(Line 1)
Message:
Vue global error handler TypeError: Cannot convert undefined or null to object [object Object] mounted hook (Promise/async)
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000012936306331733936, size: 300x250
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery-migrate.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery-migrate.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 1.1760278483394487e-7, size: 160x600
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 728x90
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 1.1760278483394487e-7, size: 468x60
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://c0.wp.com/c/5.7.2/wp-includes/js/jquery/jquery-migrate.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 300x250
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 728x90
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 160x600
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 468x60
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log (Line 1)
Message:
keyword false
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 468x60
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011859160608612125, size: 160x600
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 728x90
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000012936306331733936, size: 300x250
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ytprefs.min.js?ver=13.4.2(Line 2)
Message:
Setting up YT API events: player_youtube_0
console-api log URL: https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ytprefs.min.js?ver=13.4.2(Line 2)
Message:
YT API init check
console-api log URL: https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ytprefs.min.js?ver=13.4.2(Line 2)
Message:
Setting up YT API events: player_youtube_0
console-api log URL: https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ytprefs.min.js?ver=13.4.2(Line 2)
Message:
YT API init check
console-api log URL: https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ytprefs.min.js?ver=13.4.2(Line 2)
Message:
Setting up YT API events: player_youtube_0
console-api log URL: https://agronews.com.pl/wp-content/plugins/youtube-embed-plus-pro/scripts/ytprefs.min.js?ver=13.4.2(Line 2)
Message:
YT API init check
console-api log URL: https://static.arc.io/widget/js/widget-ui.js?fd8fd2c(Line 1)
Message:
Vue global error handler TypeError: Cannot convert undefined or null to object [object Object] mounted hook (Promise/async)
console-api log URL: https://static.arc.io/widget/js/widget-ui.js?fd8fd2c(Line 1)
Message:
Vue global error handler TypeError: Cannot convert undefined or null to object [object Object] mounted hook (Promise/async)
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 300x250
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 728x90
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 1.1760278483394487e-7, size: 468x60
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 160x600
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 728x90
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 300x250
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 160x600
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 468x60
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 300x250
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 728x90
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 160x600
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 468x60
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000012936306331733936, size: 300x250
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 728x90
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011760278483394487, size: 468x60
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011859160608612125, size: 160x600
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
acceptable.a-ads.com
ad-slot.ru
ad.a-ads.com
ad.doubleclick.net
ad.zanox.com
ad4m.at
ad4mat.net
adimg.rekmob.com
ads.creative-serving.com
ads.rekmob.com
adserver.reklamstore.com
agronews.com.pl
ajax.cloudflare.com
ajax.googleapis.com
api.allorigins.win
arc.io
as.ad4m.at
assets.ad4m.at
audience.rtb.adp3.net
bannerswall.ru
browser.sentry-cdn.com
c.statcounter.com
c0.wp.com
cdn.run-syndicate.com
cdn.runative-syndicate.com
cdnjs.cloudflare.com
connect.facebook.net
core.arc.io
cutt.ly
d2a54pfih9ionq.cloudfront.net
exp3.eurosptp.com
fonts.googleapis.com
fonts.gstatic.com
g.cash-ads.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
href.li
i.ytimg.com
i0.wp.com
i1.wp.com
i2.wp.com
img.youtube.com
informer.yandex.ru
inv-nets.admixer.net
lcdn.runative-syndicate.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
linkslot.ru
maquiags.com
mc.yandex.com
mc.yandex.ru
moneyonlineinvestment.com
myolnyr5bsk18.com
nullrefer.com
oceanofgames.com
oranegfodnd.com
payeer.com
pixel-avg.runative-syndicate.com
pixel.runative-syndicate.com
pixel.wp.com
pixel.yabidos.com
popmyads.com
pre.glotgrx.com
push.multibux.org
run-syndicate.com
s10.histats.com
s4.histats.com
scontent-waw1-1.cdninstagram.com
secure.statcounter.com
serfnets.ru
serveur-gmod.com
sharkpromotion.net
stackpath.bootstrapcdn.com
static.a-ads.com
static.arc.io
static.criteo.net
static.doubleclick.net
static.surfe.pro
stats.wp.com
surfe.pro
surfujkase.pl
trafiframe.ru
webtrafic.ru
whos.amung.us
widgets.amung.us
worldofclix.com
www.adzbux.com
www.adzbux.net
www.awin1.com
www.blogger.com
www.cora-live.tk
www.epicrotator.com
www.facebook.com
www.free-kassa.ru
www.globalrotator.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.interclics.com
www.randomadz.com
www.skidrowcrack.com
www.surfujkase.pl
www.youtube.com
www.zenaps.com
x.bidswitch.net
yt3.ggpht.com
ads.rekmob.com
arc.io
cdn.run-syndicate.com
fonts.googleapis.com
linkslot.ru
oceanofgames.com
sharkpromotion.net
static.a-ads.com
trafiframe.ru
whos.amung.us
worldofclix.com
www.adzbux.com
www.epicrotator.com
www.globalrotator.com
www.google-analytics.com
www.randomadz.com
www.surfujkase.pl
104.111.239.217
104.16.200.58
104.22.53.65
109.206.162.83
142.250.186.38
142.250.74.194
143.204.98.70
146.0.227.107
146.185.142.91
158.69.251.190
176.9.125.108
176.99.9.105
188.165.137.78
192.0.76.3
192.0.77.2
192.0.77.37
192.0.78.27
193.29.104.118
195.201.242.31
195.216.249.67
2001:41d0:301:3::30
213.186.33.19
217.182.63.16
2600:9000:218f:1400:1c:4bbb:9180:93a1
2600:9000:218f:e800:11:19ae:9580:93a1
2606:4700:10::6816:1e8
2606:4700:10::6816:4aab
2606:4700:10::ac43:26f8
2606:4700:20::681a:c9
2606:4700:20::ac43:4a81
2606:4700:3030::6815:2631
2606:4700:3030::ac43:b3db
2606:4700:3031::6815:26dc
2606:4700:3032::6815:3da9
2606:4700:3032::6815:57ae
2606:4700:3032::ac43:c050
2606:4700:3033::6815:180d
2606:4700:3034::6815:4436
2606:4700:3034::6815:5c26
2606:4700:3034::ac43:8196
2606:4700:3035::6815:1b79
2606:4700:3035::6815:5080
2606:4700:3035::ac43:d7f5
2606:4700:3036::6815:3d6d
2606:4700:3037::6815:2905
2606:4700::6810:135e
2606:4700::6810:3f36
2606:4700::6810:a723
2606:4700::6812:acf
2a00:1450:4001:800::200e
2a00:1450:4001:801::2016
2a00:1450:4001:802::2002
2a00:1450:4001:802::200a
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2008
2a00:1450:4001:811::2003
2a00:1450:4001:813::2009
2a00:1450:4001:813::2013
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2006
2a00:1450:4001:830::200a
2a00:1450:4001:831::200e
2a02:2638:1::13
2a02:2638::3
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f216:c4:face:b00c:0:43fe
2a04:4e42:200::729
2a05:3a80:0:1::9e
3.127.51.194
37.139.1.242
38.122.162.115
46.105.201.240
46.4.104.25
52.222.149.110
52.222.149.119
52.29.176.117
62.249.138.135
67.202.94.93
8.241.82.249
8.253.95.110
85.114.134.182
88.198.68.43
89.161.255.72
93.170.93.24
0007fbba0a7eedeb9864dc4feed1e99365492381eea8eedfd5930ece6d1955c1
00304dee31424bc6a6600ff3c9a87e9ad14df79fa27357b29ded7133ba5e5f18
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e
00fbbc9455b9422725e70f1ddbd572f43c07194b295b41df5e6afd91980dc92a
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02e21d79fbe3a940fc0724716754d3d98089fb985dc6ff16f1f4e945ad8e1d5f
03120703c21912aa70cfb42757526df8de22fc1f4c479f1487992cc60d601fc3
04f16f38c5da1ee157d22fae7cd7bf6fa3e6af5f094b9c714cbf260c6533c867
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
0527f074d0854fe174ef893c594cc0bd9bf4967cf7995b206a188ea836446dce
0619df7be981b1d80145d579e58ae4541dfe1266adb8a23f97e35edccc83bcda
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
079aa61ede2ab44182deb255e8b2158f090fd121ed0abf1b6f12117d2e24a664
08d83396832457655f02a3dda3602efeafda0df47302150827ae7523d79c8554
09e4ac38344bc43a667ed48756e2f2c05a4ede9995510b94e1a3f65e5d0c8555
0b0bce5c097458742047962ea0d502dad059206a5e49aaa7f6279fc204f59e6b
0b2cb584d3ddae5cb48e5c017900b7edbfa1712e29ddff48464414b19a72a339
0b738234938f14fa8275347402ad6ce3719f8c7b745965308ad072d7d4205a95
0b76d30d40d59331b214f5bf91642ecff20081cc6063180111ecfbb573955af9
0bc936373732dd7d9ab96c3b970415946b4e6dba568f9eb64b1254e18427a0d5
0bd6c704f22ed2da38fcd5c2eadd9876364dfe2c16e20f04324bc9f2efdfc2de
0c231bed4704b4d3db5350e6b08c88dd0ea7240374bfe6f9951b706dfa8901c3
0c33677fab284805eb3bca37c22b8ec3f0699ee44ed87bd93070fdbf63fb9990
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d1ee2e8f3547662a0dc78ce1b6789ca97696d2dff12f29e31ee5af9ef0643bb
0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e
0df3837f84f65fc5b2ad9daa176d034c678cb49d837422242eee9c05b887f875
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0fbd125fd5fe62fb74b3392cb3b0f23c69697d0c314d3db386b126e00dec7fb0
107b5b6d1b4acdf6f07d7e33e9dbaf592a052f8aeff4984cdc17eb61402b4f38
11284a36e61efc8c52ef4209016895dfd06d664b3541da93cae80d4daafa1d7f
125400e56eefb2e81827c9086a0cbb75333bc9d4f62d1c8288561d0583793bc1
12b21fd11562f2be792248650807b89a02bfbaa7f6b09409a6d2db204af866c4
12ede549c3b4612e30042bb9a8ff52bc76061aedc479a40e9ea20af7ae17733a
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
14c8dd26115ce6a11858dd03494bb7937ee50b58cc3442933347ba6fe2d30f87
14f5b9c2901a58cb9e77ccd997a844b32824e54b2e6626990e0e0ae5b962ae2b
168850c920ff331bd5d294b1a84972f74fa847bc89fd7a2d70b5e1480d2728c2
1773e418349e321a4286b6ed41eec506f805594ff8a94d7271807827ee766872
17789aa9efbc8d6f823a6f5c67ea6df01479ef595dbf391795b4d526e931cb71
177b4773b237fa63062f913ed377e24540f843cda864a8d271c5ca083c18a9c6
185bc85c79a5c02c477e228a56304d1bd570005fc866ab2afe513163962a254b
18609b8d5fd5c0435b13933a0d05cbd33fe171b98608f835bfc3ae2948c29d22
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e
1ac5fd587ee98e49b60b128721f8ed6759fd9d90e68473985d3203452dd11d2d
1afc145c69299c944bb46b3f70853fdce15d8b64f27ce8363969f9d6e91a4981
1c0544e877f7c6419d443e66cc17d2a8c463826a0eba654437b6c177b169ccff
1d88db407cf3c60be4d258f7cd3c0b6a464df0ce77153fed90afbe103fee6d96
1e9000d90b63c02a2427c356d020024c340be2d66836bb1c827c60df623b6576
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147
2058d60d1e7067253ac10becec81179f0ffee53bd779dbfb356ad19ad4a999f7
222ee58618ed44bc79102e6264212216d442ce197d15cb2c7d1a7d760281a34b
223d03c5adcefb6eb18813dfd60dde36115184e51a1a53b267d07603f0510b4c
22862a098d2b19f96e279368abf8d432f8db9b339282ac5df1bcb6ec9b637d4a
22c93f75e3cde3ec94ae6ed1e0df8bd15cc80ce9b85876827646768ae917a09e
23c7c2f09890e35ff54685df82dcef7a86b7b742d0078f20c9ec242bc98c9b09
24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe
24d4c4d03f59daf992858d326e51cc94db014c16877067152ece4a0ea9458fe3
264ec87b36604aa5a7cf8752a6be767e4cf135a6c27b0c06ba248af23bfadab7
2650fda530afb9e25947fb66b7eb7990edf85d817b91cded5e69963d53889bc6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26f90feb6b962302e2e0cb7c63b23c2a9a962f3dc46d72f7ac8cb3ddf7348d5d
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c
28513542247e10b882e088a7eaf583e87d6ec6cd6affc8c8916d703fd3be9902
28927518b5750f500f8d606b8629cd40092c7f19d8d2e32c865c4902cd489543
28a25a48616d0b319a79623a9e6c2d9dd4d740d9f642d81968647fd7cf9506b0
28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878
2a881bb0c27788e87f84dbab80758002844891bf68f0bf4bde6991521b9d9bd2
2ab7bb4ef8660e45796d82167303bfe3b493f43348fffadce5ea673c0d1bc894
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b7c8f3411715d32d57e58a00c674e56eb1b180979447ff90a4a8533b5491580
2bb41414722d7276310934e4e35d05a74ba54050b1b6d0d39439d352368f34d8
2be2bcf2ce9f8cc89aab5c5fc1f4633a7c2f3e8cbed7f548896182b73ab4f413
2c5af47d9a8ea867422b0c54202d7b1b2a23f7928fe2102e08055f016e39663b
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d296b4efe9b7e7dca25be8520a9a44dc3d34ab7efc62006f796781f679a2749
2d2da6de75890af2103b060eb000ad3186dfaf045935b6024e48546d724ceea0
2d8e7ee9659e13cfcf85e5f57ebde3a3ab2fab91a1acf015336ba6583eca5c13
2dc91b7deab415797539622fd50d18e8f8b674ac37e525070b592ad3c7f8b96b
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e30ff33270fd8687b0eb4d12652bfd967f23975f158bf8da93bece2ba4ab947
2e340b69c74498a1c2dbdd94e91e42684ce3730b77f68322e511c7f43c7257d5
2fa997e09f206cb872e70d94837c6c32a5438f86a1c962886db3497b8af26d2f
2fac04740d62c7ca2d14f8dbd16d0ae722257d28da00c9469b00662f7f91d27e
2fb6845235e01e747416824c40ea0122d7df3e5fb96301ccebb8da8a0f55d64d
30080f4636ea37592bf515094a58139a55d257a2a7265afe8a23c16e1a283459
314912a95591abfee085c893846b28f89e041ee04a45719e4f0e25f7ba4be0ba
31894358fcbf290828372d631ae00781ef6cfd69a47a619bba82988e29395a8c
321b8d24b30f939ed1adc119f9f625a377ac185697516619f4ee0901369f1cfc
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
33ff83805a247c7983099c18a4f22bbde67fabd4eb5da1fccb7d55cb2025d683
34021da19a421b1a1ca6dc54d5db69e246cfacf9a3572fdbef78eb6b85b31c59
35a062aa170c4c24958380051d96a6ee99d90e67f7bcdfaf6a582313cfd4a4b3
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
36ba7545f1bd869f5d3abcc2e0c4e1072a33be1da4934214011a8c4399438e0f
37c4671396f1ec0d7c673159ca7272bd267e7ee9bafeabd4f7c16ba3f83e6038
39dac4aacdf98688d9e6b54f1fbe092ba61b324a45701049ac9fe16f4a260145
3a72ceecf1381c9d7f57373317b87ea0cf0c931872663dcf2ea54f7259e1e24b
3a78e4c5477bc21a573c4246d05897a32c2960f7db89ac5eb5d49ceb74ff8813
3b149cdaf8fa82fec79230f2584243c368905f3506316c83eacc774919d0e98a
3b254b9ddda910b8d7b1afd0f98e5e0d7b43735b0b16d8165ffe14d7d588a261
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bc4a8c6d724075c74427caf23af8f977bb340c649a9d64b6613ba4b92e695c0
3c04dc838b2345878b84da1b344c1dd260e7f57cdec0a24e0f4c07d9b387a5d7
3c2d401979d7270a07d5790ac6e5da5d809318b676abf8b7e44c363bee8933ba
3c7678c897eef56940c85ccfdcc81ef648cd6724bf362f2bd94d613cbb067f50
3cf45b4b0cb3c689b7fe53411e8d6c3d825e451a93c191a92c65cc2fc1fa9ede
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f6d257aa9baa6ff1f93429abdcd1aaa006ddf81edbf73241dde543d77777234
3f725322031d3e6f84d3b35d508846f5a51583a7b649502cadeb84a527bcbaf4
4035335c1b5b38a2b06e0f780f1ae522d09a6f375c2b014e683757751d5f8fa4
410a0b1644ab7de97e4d8088844919e862487baef25ec58a2e410f12d27f1fbc
426cc66e1caeae882eee4e798e82e1ef51662dff27d765ce285bd816ccf7ba45
4289c63fd2b0ae5926316028943355967883265d9907d35e3c3effe4c3a09cd4
429870d686efc9fbf3477266c4e558849ac6001e4f8fc3b0f586cba547f95178
42ceb5b26dc85772c3631da76c442a95860842eadb3ed1e4bccebf82edb14a7e
43341eb2ffc3d0a6aae6f610a7c7d6d2c4a3d6391d5ca20d5f754fc9eaaf86f0
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b
464d65970e869421632096d069c8836c814f6ff97420e6934b3e62612a49d1d5
46f5a60e217c1cee422d4445804845a414f6196c519e1271a8be5068454a4377
475c7fc53daa99be1bda2b6636346d3ebf52b3c9d29b6ba279efe45ef154aaf3
49a7a5d720f769b67e864725cd43fafd9212e25cc93ebb3a2945280034d72176
49a8b3ceb434623d189b48093c53cbe40be562b52d50a0f69ab65f57c9e9786b
4ad9d1a482a46247b3f2eb42cfc3745f4cb9464e52ecb7adb3eba180bf58e252
4b16d711e89bc346aa97e4e8afdec324961e93796fda45977e6e8469428832e8
4c2e6a69a80aaf22d8e624a49eedc1cd63efce124a3d02e6c8561aca65e55886
4da4e3880b3b2513a0a58bbf09bb2cd0a4873bf56a95712d6d1839b9f99dcc39
4df269279203c13cfdfd6d46a10118c92b260e3fd135e58f1adcfe6063d271f5
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4eed1a65ba188827087e0dc195feb90fce50180665c4cbd449c7e7edf06a917f
4f08dbf81c41d8b17540ed85fa39446f59c45877f9bc76b37cecf22074628f0b
4f61350bc40d801c8fa2b14d71dec2b79a720ac264c71b807ddb73d378af9850
4f9ce710d5a6b3d5561a358aa787adc26fb02aed068ab385dfce0beb1908d207
50b1300d94fae1a2c45a216b02d038dbdb199b393924b61c6e609688a1ef03ea
50ee7ab6c3a1270d630aee6823ff7052281c5a97a0f0075e89954d4f5988c5ed
51136c5dfc1447ed50c7b34cac414b012f39c63f81a541581d285aa8744c1318
51cd96815bdd1ed018e9de7476502efa8c9f129ec8735762b02379d628f72753
51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989
51fce6e16a8d20e68a93aaa0449bca3a4a2c6cc1cd1a1f9363fbc4cf1c1602d0
52ec6a3dfd614a7e3016715a541f96588ce256ee7c66a79e2697b920c12166aa
547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55656bf06bd70646e5bc4667a33ea6eb246b73f1d31c9e452a670a0abfd16030
55694b6e69a63a9c107ceb17c238459a7e20e03d10cf9b2626a20d56ab8bcd67
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
57bb569975a5f071f7e318123394f77e5c9b6e389712fe43cf6ede915a0bb5e6
58ddcfa3881de98d1bdbe63d7cd3f3731bc0cfaefc89104bd78a778f54fd141d
59a6d5113bd83c8f94dea733c15de42dd2f83558afb33cc102413895df19b206
5a2e2bcf9912ee707b709dad843b930c87f563967a0600064780dd344eb92fe5
5afdf1f0bb268de6b0c519d11899935c63ba73283c5c4bb7f1be930d146fc17b
5bb66f358aa9c078a032cf7d56612f584a891b6a6118ffc5d646e732fe0e1833
5bdaf670940fca1ba7fb2c8d57d21531ca4c030f72e01176a5505e2a29bd8233
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4
5e2756a25bc1f7d4c051342fac7c7d9deed845cd8d2def10081646c0bec3e215
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29
5f3a90f1931f9c20ddc7ec0e37d23bb81cb9280c638dfa54062f307550df7c93
5f9103b45370ba4dfb4d90e051ad55eaa56a2c35d25d80d4de2737c25f152f66
5fe45b31f926b323e3c5fd7d2ae947cb1ec0ddc3b53aef180cf2a75fa85b27fe
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6164e77f57756c117c015ccd6ecaacec627d51f5526377031f111ed2cb1c4a64
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
6259796263b853eaa4b183a938a28eefc4983680b0a2f0c22ebb3bd9355c1e04
62abb36f1ecb6e6230896539c99ea42e4282d8ff7163337536de7c3eb54e4b43
63dc986df9eed801db9d873b7c510934348c3edb736c49ef56d92dbd46443fda
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
642814e42f3c40a457d7995fbe18f981945a46ae5851dcc6e7c50fa74109634d
6464341d1c3714b3f8a60444045cd1e4c2d41a6e95c51ad2d3105b8184be96bb
6526b138462092a125410a3056065734a9487f699bca6a26c8676eda6ac9fcc9
659e277e9d9726aab04002fa1ace26df8087e1b68ef2c6a20c94031d6b04d613
662f24e5731e96f655b93893c2cf53b25bc647adad77c665a6fea568833257e4
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67a7eb7a5a506154a6f9c7e8bdb601a1ba7c1d035174185bbefb7e4c92318cbe
67abd316f260c844f824de4f4e27d2ddd64c11ac142ee0d3f33be142ba2318e1
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68391ae80fcc6244e67fc2f282ddd04fdc2b18b8c0317d90e8f59f13414f6a76
693b076bc2f6263ebd9fc983c36a2804c3f5f6a042c00212608107ca389f822e
6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3
6a3e56dc2d6d10e493702eb78292c839c3272690db61247f2354b809fdf91666
6a43b0f3b84c0f4704ffac94cd1ea8f58a8ccb628708311a784c537399681c2d
6a92f850f710273b82c8266b188b5e8236e4dadb7555bcfd18b8651999ff81d3
6ab968e3ded88d26e2dae763bfd7e5e5cd7bdbea3baed21bff5c8b75066ad9ae
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b3e012f4506ee657c139ef677a5b5e8ce4504655cb7ac403a2cfe6e5a1af425
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be018cf63d68429cc6f5c49caa24448469db98e412beba3bc99ac033ced43da
6c2610f340dc0b0764b14bd8f4212c7786fd8760bdd1c013a3c08a6de9081a46
6c3a7af4b5c014cb9378457992e04ccacdde9e15d47cf21ada01d6b56bbc60ce
6cc9f7888aa74f17e27205ad59ecf79db56b25123b30aa7913b5a6617206b58a
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
6d553c3ca954593882680041cf8acf5aa25cbf2fa4b974ce1a96aa6635bf46f0
6e9e530354a3005b79d5fe0dc9636da43f50763bdfbba3b7ec543f1fdfa2ab94
700d3566cb16050575516075f9358d9654a42ef1ee2f43dee9c736ad2f9cedf1
707a42c1563477b5ea5078a2e5850a38201e4ce29c6537e6c6a588793b72092a
715c6bae49a53616e78862cfab85684cc401e4ffc7665a516dcfda709dc0debb
71dfb47384bdf24d5d1c5ee19b115f9529c2e26f87c8d6852bbd569a4db256ff
7233594edebb6702f495602e3643d704b06fe9e1d6a6a3f5c4b5213edf128668
73f0f545d24761f4634e840838d3118cef1f8c1eca31cdf69aeabcce7365e115
74e9d197c84b4674008b5993fbbf8c4a39ce97fa7382338759ea4b08d6755c5b
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
7742a2814dcb08047fda9492d4d64375adf11ae9f1409e8b31deb45b280de4b7
7791226f40f7aac51843f5a0008290b1f7f79dba3f0a3e0e795e66db53a703ff
77a00e7745b474cd82b1868feef24bb022bb0e3f9e2992e1b90c324fa1c8d64b
7881ba745dd77f3506008c3e0c6208a429335935470e40d0b125fdf106088696
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a53b34c41a76e9ebdcd533835092a8a47fd7571f9e8b591c1a6587a7d014ffe
7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7
7b7df998a2bf189879437b331787a4a641af5842b5454f90599a11aa69cd429b
7ba57ba8c83b63763e70005c9b1840d8d7e8c71611969265aa5675aae93ead18
7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947
7c181caf455760e09a9490686d05799427548a18cb22d850aa5231151f59f15d
7c398b049183a89e1786b594bb5f32a5b4ff8532dc883cfa199c6c160ccdaf9a
7c555b29f11d54f5a0760c5b0ee4ff9f7fa66f96b45b186059cbcf56e22c517e
7cb3c067cd4e881adbe56c6d5f8e90651c9c9f2997837f1938b6c7cf185357f6
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7d91e0f207b3736b98b1681d857b81ed5fe009493b96eba4a65421f5ce15d4f5
7f1b840e7fe64080c79a2f1d946dbd74b76ea9880999a12637487e688490d670
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
804c488104b2fce78733953a181af8b70860d7dd9afe491866154172cbcc3a5e
81bafa851efd7bf585e984cc86db76679a9075d67bea0aa04f5804de781c1dc4
82e0f9f4ca0f3161f272a4722260fad74aaf4a6df389974d6603e40e39ea43c3
83f3cd991076b35105d46c1c5373bf814eab10ef1bacc1d525b1d107a06dd4bb
83f3d168c40a0c104bc911da2994a8a8a4d9fdd336b0c70c33e27e8d10b1e069
84b2b9345e9b1f9f7560f2ce69ff573ba6158d91921779c97350eccbb965e94a
84cd0fb32bf843e30cc16d02263c6105d6c3acf7526ef55faea1afaadcd57b64
84ed81a3036aeecfed391395e853d2d97e7624073a1f14e700f0d663f7eac41f
862cc7981457916d0c21bbc32eca1f19801c9eb0d2cea34079ca71e93bd93578
866acda5759c8895048fb4c7090acfd35aa1104dbed3bc8ba4f8aeab97e83482
86c9eb06a3e6a353d6fa7c9ca2d7893f3ed6ed9f2333a64890294b383b8be823
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
872daeb20fac8402eb5ac8def08cadbca046ad09cb9096a28e63db7a2762d7e6
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b
87d5ef022a7dcf0361ac7c406f0a85a16712db4e66ee2363941c2a9f412fb27a
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda
8883a14e28c43192e52a115f6abc8f72909088d49d13752a913816614c984a31
898204dfac6a9d1df2df0f5fd51d9710d193b3c43b9cb3f621ed07b8e5e65820
8aff203a63d5ce7918a47c7bb16db99b489d2f85eeabf2835343c929714094df
8be2a4d9b5c58396029b73f7f4786649bf20be679133cccf2130741f3786348d
8c47d2f26c45aa2edee7054b2eaea7935b3a114adc98042c8f801f4b263f1e33
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
8caec4f2567668ff5d4cc3a0cedb7a2a8f9a9c38759d08f08e032b880d9568d4
8cbe1cb46302dbf9b57be9189db96ac5afd7e009d3c9be4babe92c6bbb9239d4
8d07ef66745d81b4332a6472fe1b4336ff6cd028687ca3c3934409e4285dad9e
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8efd38d9b334b270b6850c12f56903dcb9fdbc40cc114b266a00a7b7be07dec0
8f775141edf206b7ef9b663dee9f0461d53c2f777823022497efdbb5843a176c
8f7794e1c647470f684b94be368e505d6e9685266aad6ac0c14898a4d64e2ce9
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2
907092c0b22ae0e7a53cb3faf29a87a86bbba8fa9798cee9c6e3c10260039ead
9152c651615b3595529300aafd0f857a7e57f566143ea96a62802f3a6997d5f1
918a4e39ff2b96c71faedd3fb66b92d8d6ba148b074e56e3e859430216421eb7
91c728736ad58ea869ce4cb67c1bbeeef3295d46c8f7140812cfee5b96925622
922928a8f6f3e0b9cfe1dc7daf5dbcbb2c84b18d7fbf10174052c33b013e6667
93454b20879fa1bb00c7dd9d3bc3cbcfb8f31cbb900f3d99252d9b4647336585
944e218fdec2f09248bb6c3bd391779e40e6feee9a3433a55ef13895f8feae5a
947c2097a472f2a7af11da74a31547a68773d30b7a30cab4354f0c833f307d50
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
957b688bbb2d17733aafe0873a6ed5dc0a5e0ac223d6465cb31b5d48d8a6654a
95a29b000e578fd31100a7503263c0c6944ad11c5d9a922619d7ab21f1757685
95dfea8f6ba26a382f5354d9b6c5dc6e83e459ac4503e0245945038f7e100825
95e496bbb822ef09ccdf06fc2f804bb195e6fd0632b09a43502f8f410f06c53f
968e8d0d507b7c84da4a128efaa9cdf89e808961c71aaaa33c5b5ef2ef458cfa
9690d10e55416d5928a5db2dcff5f32e3d9509d1aa55a5baed85933e045dcda3
96abb5b678adf9e5ac48c8e1a5a903671e7eae8c1d30fd3eb00a678b0cb06729
96f260924b26b97aac9a8416425cfffe385bbac29b67a28dd9f91330f8fb4f14
97b5b6bb0bfd4413504da4a5b78546698c75a127fff51b095080ee7fd3b8ec0c
9852ccf03b383d1b3855c1983e18258fbdf07999ff77a68327ed0413466db4f2
993c2a0cb073e8a831f03f1eb518c3ac9bd7dafe52f98848c704eccb6e6c2d92
9946801b6d0587f99b1e06055512628feb1be040dd524c6fb417b6a55b7f9ac6
999ffa23346cf591497108ad8250ab9162a768c9c523f74f6435bf54b47528f6
9a305b0450944be3f5442a1349f4b2eb6d18ec50a00054cca22c0cba0725de89
9a8ea9a72694ad2dba6812fae4e00e57019a40547eed99111806a6af9a28296b
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6
9b4d746c12dca1c165acb7190423dbac3764ea0dc6a89bfb4cf2ee004ec6b578
9c45f55a2fd91525db981e41a2c4b77e4e4fcdbca5a12aa150c2cabffadcfbad
9cda094b418f993e9af91feb07b3b5c09c5244cb83acd6d34d9217a8f689e9f1
9d5b9c9d218e12f741a78d93c812ff284a41a94d7dc2eca88a3c9428d03ecee7
9deb057310e3b86232068bc57f0603fbc6fe8ca5d3b58eb0d755341e7c47b246
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a07303996efa31ac37c6bf6db915dceb59e9f12fd93efaac31ad8ccfef1f85f3
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
a18f9c3a1e3721d25d5b26a3ee4540f079de7edf9e0a3275434a22b6e6c718f6
a1c4745047b83b5404f556b5e9c1ea4879619f274226ab4cb4bf691b67bbb5a2
a24361e8123c217d21726c53fb1e5e4268974ff6cb0177c8eb31c242791f6e95
a2810c8b66ea10a80b82977bf3ebf81cb00717244bf4cb5f6cf309168a546d03
a2857c334873465c926d9ca0ba97ba051d533c506b611de3eddd56511024dafc
a36ced7e47387b5d733684bed1c8148e027d4c2a9ef8ac2d8f627ef050b695e4
a3baf93dc1805c5b214b57f244f65065462ef7cfac80861589580b03a50aa8c3
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4802468ac5765eaeaba478c94dcf0ed809eda836befde3519c337062df21711
a4b0d4bdd00ad184b5fdbd07013558393dacc7003aa8a76805c249a018b406e8
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a4ce20b4b2e355fd474072d3afc0106bf0142b6c69789b87f5e31df1b52e949c
a6a56704d49b22424d80972fc40e6b065314b885a984acad75848b86d01df8c0
a772bfbd354ed84c115bcb746e9dc5a1b56a23a8b3be536a14a721e9395e0c9d
a7bb98cc95ca5dacac9435be8d9c75af43cdda11f9abc2df6a7b1075dd800726
a7e6fa237809ab80cb72e43026bc16576abb172ff9fd0cde43522aec95fbaa87
a8cb1a292789f28237522e7564bbe347e5eb9c76bec1f8e9d7a414ca4cff86ec
a97573fb98d12e72469bd719502cc07964386b1d274f46c8a1aecc246faf5916
a9971038d4218540d8db6a10ad22626bb50219d927686c344651f649b5872a1c
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
ab149faece15085b417647aace495f54d5b2eb22f604ffda20f9e581532ad485
aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c
abc039e81d533d83c566597a96b28527523111af764a4040372ce9b1f322febb
ad15e2d778cd29fb13cc4b8fcd09da6e01880b743e311d02b2e7ea15b9967f1f
addf01d9aa1e7918b31ff0959a8d3e937dc1dca07e8408a35025635dec7d962b
ae4bea7bccc1a5298b79c5af6b39e3353091fce64eece3c0759efc2b70736d3f
aebbcd2b05cae179f8c24bc2d17fdf2da53d81593b4e16e2e2d25813acadb224
aebbf07e503507c01a6252ae0d66501886ac962a03c842f19cf34cd7a0231e57
afb85cc0ede42e76244969d3d277ec8a7c2cc1a8117f980e45075488cf15e4e2
b0d4b1978c31347d88169c9dcbbb3223e251cc272d65f80a6b7b57cb9443ce3e
b0fb798a657e04acfe9906648682258ba7b35e508edcde6896bb49b197f4499a
b17edcf2228977512f0c4d80afe5ba02013f71d97239c6481476172a96c0fd75
b21127e786e95583fff0f6298c1da349929ae4a73b3e168b6124bf2e12e9d19c
b348ba9ca0d5f1fbac96314281da0e13aece06c6e3b77e45aa78b617387be61c
b3db3d53ed6fbb2b9cef73bf713902da2f4409ed642742c1b0fc4d90808fdab4
b4386ba53943af85eb560626f1997f4cbc6aedf40b6908a4e5b63f87545fd7e8
b48b78d547dbf35086ab30aea13f96f09b633b41780f0c9dabb2f60cb0bf0cd0
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
b4b4e92e695487596ef5ed01d626a78fc727d234c63ee7805a64dd64ca58b129
b5f0d0e75b7fbf6ea3c86ef17338e3c48a14d5e27429e6e693882167db9344e1
b731453e29d8246324bd7ec363e7acdcb8498e2ed086f31db2bcd8463604d20c
b731d10c00cc7128f14fb6cf3f533d443c0390c17da3f55566e66c72294618f4
b82938401a39e495a19be870134695cd57f37cd943a48371a86ee2b046c27d11
b9d8ea031a330add9781fc795e3eb65238b4f3501647ea40558035d5d5fad268
ba01b31c930d6f7657b7ab0d483a45590323f79da7d60feb8662ac934cc1ecb1
baaec164f60b7ee17eb4f4ae810c1d3a82963798c8000280f72ae53ccbede515
bb1a5dc31def473a0cdd06e7f3a1484c59aaf12797a081bc815938dec3d8e64b
bb4197ba0c3167206dd28c1c61e663c3800849ef9fbdefe877380c88de7a157f
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc39aef11760558299f967bdf23ab5959f984d15965888269eaf2a33e86fd72c
bc80089b5ea2318543012d9b12b853651a24c36cbc80b196e7663205d19b1a55
be4ba2c067449ee68cd89d090dd3176ae90de2ab061d751e123a33b27f2e0a87
be945fe4482c19e13e960e0a016fa308c35c8356cb44af80f9811052f75cd47b
c0520f17da2ae2ca792888c3846f26972de9e04873014214955ab404faa7897a
c06a52df3361df380a02a45159a0858d6f7cd8cbc3f71ff732a65d6c25ea6af6
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c332e2f07c8afb061e80de416b2caf95091d28516155e872dfd31456ae979424
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c542bde2532aaf7936ec455a94ef5b158229c0c036739e9b9804c1638448c244
c54b644fd5c4c94f49cc8bde286802266cbb733d557d4fed43cc705b95d1de3d
c5ce22124e1d78fa124c381be7da81755523a66bcf616d0c3957ea9c6deea59f
c6adeaeae279a56a81590a04f843968ec4f0e68ca219669f73a66d0f1cf12611
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c7363d7dcad34e0fae539bf7bd958f916edf04b1b399901c0c74d5c12d2493c2
c7deb5defd711fa044fb6b9bb0cf662d5274334b873343d6b5d1368c05d89d56
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2
ca4e6dc3179ff5a79b4858588cb2d7313fc1f9e5e782ce1e4dfc6088045a4eb5
cb2eefac19ff7b31a539bda42ee0f2e51fff3189ee478449f46423db296edabc
cbd2dad0f925275ed9db15d8870bbdc6292157f894c5d8613ffa4049295b1d0e
cc174df93bac3c69f9fcdacd5235775b28afa91f98a49ea4bd308de16e73f6c2
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc5a11ea472a6942fbdd5228e1eddbf70a9eb7dcf89d4df21523db20afd79c11
cc8995800462e967657ce7a6d242f5226c5e0bdb2ca9e9947f238078b7566bce
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ccfbb3d483f039f314801bfb271c0365f5a213b54f01c68026c682a6c2b1338a
cd0a43dde6ea96c9aa99adb178d2237c8fa09bee17cecd729c26cafdc0bde3b9
cda0df68d4e1a654e96e9769ddacfa5fc8e2049861374fc12556277d0d9d6b48
cdd3f533cbb03aa426012b4b7b2a2a0b3e6d474733891f74e225bbd58538c145
cee6ac6bead150d908b8a00a65f48630a72ba6e4215385fad324365bda7dc238
cf1967f31aeccbac87380ef66e678c75f0036bd0f82685059746a206d2536e62
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1ea1e5e79755bde453eee54fe6bc4ad0281bd9072c8b4bf05c75202d7af395d
d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322
d2886f7ba545449320a08019b6e8d41d9c3a1484e319d56674b7ac54e857f7e7
d356667bcf69fa80d76f36150e741f1bfb52f869c279e50489a6674172af19ab
d380ce0111f6e11d838e1b155049088e7345880ed7cbb56a87cc007b42fd0863
d42f042ed608b6961fa3d30ecbf836e83c9f107e6aebe828e7fb8cafaa98b16e
d4da16037687a3774d10c612b54842c55a416026402d8b6ed8259f7dc9e669a5
d50d1cc8ca616b25fdfa573a86c9db481db5166ed94c1837b2921c8411a80d13
d5b5fab3b788b3161871e2509cbaaa55f9b73fae0aae0459211269320f11ab5a
d6962cf1aa749fbe4e5863524142c790d7dd09dfb9b0a6418c8b4b8dc6750831
d7438dbebb1a6b0619a381d2ca20d965dfb2270b42ed88d054d0ce294bbecba9
d7cd2b8d92c8163b69b4c3848d47415a79bc52caebc7cc1abc9bc26e4196853e
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7d6b4ac1019f487f26ab37a8eef1c80be8d6c213a98d875d8847e99288802c6
d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525
d8cafaaa9b989a8e48ee553971cf9b972b2d8f3e8fdddbd06a8147d0ec0498e5
d94e6f09dd808c548c510a4587b95d6f367c464386f888667e534bc707153bb2
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
dbc56f395f77d153150b1b7fed67ffec03dc73522a2f879610cbb25a95ba02fd
dc2887db946eba4373a1b34ed18dd4fb99d5278e42fbf56fb84c7290cfea38f4
dc4a76496e96c51cf259b4f3cfc196e631b405c901cbfa27926711e119743caa
dc88d800d27ee6a73c545ef7d47d3bb64903c45818f2ae4e836114bc7d8a158f
dcd562713fb2316f867c04239cde88bb6d54cc1b75c0f2e5f13b57ec9c0a7027
dd8d37964d54dedc218e5346e5442830ac85a24fec916f3f3a540d0f08037c33
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de94b410e6c44216bd6cf0b1bfdc016b4144f6327e58090a730b69c43a1fb26b
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c
df918b2bb46327d9e1a0c4306ed31843a0286de8cbf701dd891215505d13d147
dfbdff6c9f2de2d75edb5ae49d26a9c0af81801b17de08739e32b738ef23058e
e05b218a03e31a6449e18887b1e6ad934cbc65caa880ae6be5135c40bf52ee76
e08e7d91daec4fd11cd6d056de9d5fab3449ad83cce189ed3e74f7698257f7ce
e12bf66ce4b8872eae53b9694352b4b421053974ca3935afb27fee6ca1d18117
e1537f025788a59780d6a261928ed46a56bfe6bb45b57778197a9bc3ae9f9087
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e1e05b929669a36b7f2617c337567d71cde9cd065b89e13f7bd5ba198a84dbe4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51d54f3f5ae1c75149d06daa4b93a976576b1a0e7d3612222ac7cbe8ddf9950
e593e95cfe0f3335088d5643951e90c8b4b3a4dfbe773614bb0070d544edb02e
e5cd7b3a4c5496d4c699526a6882f4a609682c49ffe34462ac9be3304b97bb62
e6235f861e373bda60b414e87e3b85eb1035e408ede6552bcaee4cdac089a422
e62c8cc9e9880002fee629cc8fde96a69f15b2f84ef795e946df567e6c61b264
e67a62c23c04cf1f7f2ae3615dc16e99ff318a5238a311287ce9dfc74d79ef36
e9bb70d6854dc3940429fe26bbc47843860be34124dc4f0af065c2023a1a258c
ea62fc8fcef4a384c88b9d6cb61cf3fb24c9f2dd2a3ec911cf63388ebd3a7cd3
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
eab8de27de645e5b26b6cbd48545a6997f72956e40401714a0be09b2e2fa8d58
ebd675c552a02d9fd8df7e9e919adbcaa204aeed0490881a7bf64f61cdd5b776
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857
ecb27879c669b3efe26467e7cc0168d7955b73aa22ca9fe786cc41458566545a
ed25e989d522973670b46aa097ce2b9199d97924b20ede490cd50f17b5192bf2
ed4105b36ad11fcc24381293553755e43df528793dc562df2c25227b1ebcd786
ee13955c0886a18bb51a3709d0cf6af7f5907c4d327b89b36a6667364ff1fade
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee753ae9bc8a63c26a8cfad53c2beb154512129a84273a655ebd4c5d3602c6b1
eead63b6817e51292fb66232576ab95859ee6f5c5a897e75da2fb67d4e0de59b
eec083b235053b4e5ce80f3fc79cf441474a3f12da5425475add4848b0bcfc29
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efaaa09c3b1e7b374e13123fe496ba19e53ac74386fa136d09fdb34701c76755
efbb9b7c14a08fd06196ad5c3bca10f1175a102c8399808c99ef31c0d17948b6
f05b2fdcf2dd72ccd9e51cf74ea7edc44a82438bcc569afdd39f913278193089
f076ff89285e564595a8004b584c7f1606e1d816c64fae893588e477f97458e0
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758
f26b9f182773582f327321f6185641581ebf7ce534eee8f89ee793f16a5e6d3f
f38dfdd0206574a65fa7b1eef853c39873116d6b864926c83f998901ac08a9b2
f392fb9446325049661e305ced5613607e4618364b3d5ff980f106b83697c7ce
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3e048568ec73a37d3de0f63e7812bd07756797f6b82a84053ac56e9c28d6e37
f3e506846f1adc9a51bce68a428b3b47bce0c4fd28f27600b3f8c3050c145600
f3fb0ca8e793d8b529a7e7abdaa270757ea9774e2998d2421591133860a22a08
f42f982d3cf93053a71b4b69f1e3e576ee87e829ac9d7df7e641cee7f6dd142e
f48b89e04ab809519139b43894b1ba505138e51536ada5d71157563d7873268b
f4f20111df93a4f108b52794147cfe79f6a5da05026365ebfd4ae30cec4d0442
f4f46a79c33683b25de91cf8ca2b970f69bbf80a195ee2873401df23cbf1c5c1
f51a91ff8eb2d7894e2d382ca1ad5b88b869e38d6b51f2ed0312e279b67c75e0
f67871a227d63cd3691dcecbdf5e15e6a6fd839b917e1a607e65dd1528cace0d
f73eb854ba041fae2c2ff7bae977b44e7849ce7988bc965d7d5861d32c969011
f75cd0974bc5f07cf961b7a549dae79da312a66e50d41525d8169446ca0d0899
f7eb60b8faf448ef52cd9ce138f103b1ef2eb2c3cde81a7024b94bac40009c5c
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01
f870e36f1d8c5188723dd872a87705dfad89cabaf1c99ddd8ea7e0350fb48842
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443
f953fbcd273689f6dd3fe4abf6ed64bddc3cb4c752cba2a4304b948d24dfd293
faa8b66c1a42db56dc217f07c7e1cb9a00f9235c425f165e800f515d2891af95
fad32becc326f8e13001304844b160a358feb92f81ab8905e3866c324bffe763
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b
fbaad5ed946f088a6a6eae87eeada389da5dc3a8acadb37c338a2097cc1137e8
fc1fcdbf35ca3dc9d18408c78e0fdfbd1819e8b9a1d5e482f9f57404f2a8b93e
fc2e4fd761c3a7833d11973c14ace3a38828e52a56f1be8c5ba3ab7fe0376bcc
fc73c5b0bbe12f88d88b0f20271568c08b6f371539b9319839bbda3d8894cb86
fca254618289bd652eee1a799b4d45bdf64d3af03ff2d953f918dea612974d2b
fca3897e87cf9d790a5d8b69bcbe6169347e9e6df2ea31baedaabf8372e081e8
fe8d490d77b4d1c2a7456c906ff8b7133f08d01c4556750d528f3b5c54b2e4be
ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3
ff8eee79afb5abc8901ad6fea16eeb929505971481694097a02d298b356f6b69
ff9150f84253841e2097c26de1611c67aad46c758b1899c75800af0016e5c446
ffd8785700b0ad5088311cadea40e1fe5234f83dc19b2a4ff11fa6c71f283208