urlscan.io logo urlscan.io
SecurityTrails logo

hasvworasdy.6f.sk Open in urlscan Pro
2a01:28:ca:63:120:114::  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pmnt.pl/2onbe
Effective URL: http://hasvworasdy.6f.sk/bens.htm
Submission: On June 13 via manual from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 6 countries across 16 domains to perform 45 HTTP transactions. The main IP is 2a01:28:ca:63:120:114::, located in Czech Republic and belongs to SUPERNETWORK (^_^)/, CZ. The main domain is hasvworasdy.6f.sk.
This is the only time hasvworasdy.6f.sk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3036::681f:4664 (United States)

ASN13335 (CLOUDFLARENET, US)
pmnt.pl
3    183.111.141.61 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
twr.kr
1    2a01:28:ca:63:120:114:: (Czech Republic)

ASN39392 (SUPERNETWORK (^_^)/, CZ)
hasvworasdy.6f.sk
13    2a01:28:ca:63:120:104:: (Czech Republic)

ASN39392 (SUPERNETWORK (^_^)/, CZ)
www.endora.cz
7    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
www.googletagservices.com
2    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
3    2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    77.75.77.243 (Czech Republic)

ASN43037 (SEZNAM-, CZ)
PTR: c.imedia.cz
c.imedia.cz
1    216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f2.1e100.net
www.googleadservices.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
13 www.endora.cz hasvworasdy.6f.sk
pagead2.googlesyndication.com
4 c.imedia.cz 2 redirects hasvworasdy.6f.sk
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.googleadservices.com
4 pagead2.googlesyndication.com hasvworasdy.6f.sk
pagead2.googlesyndication.com
3 www.google.com 1 redirects hasvworasdy.6f.sk
3 twr.kr 1 redirects twr.kr
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google.de hasvworasdy.6f.sk
2 www.facebook.com connect.facebook.net
2 www.google-analytics.com 1 redirects hasvworasdy.6f.sk
2 connect.facebook.net hasvworasdy.6f.sk
connect.facebook.net
2 www.googletagmanager.com 1 redirects hasvworasdy.6f.sk
2 apis.google.com hasvworasdy.6f.sk
apis.google.com
1 stats.g.doubleclick.net 1 redirects
1 www.googletagservices.com pagead2.googlesyndication.com
1 www.googleadservices.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 hasvworasdy.6f.sk twr.kr
1 pmnt.pl 1 redirects
45 21
Subject Issuer Validity Valid
*.apis.google.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-05-14 -
2020-08-05		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
c.imedia.cz
Let's Encrypt Authority X3		 2020-03-31 -
2020-06-29		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://hasvworasdy.6f.sk/bens.htm
Frame ID: AAB1240FA5389D18E2B0FCFA5EEA69EF
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200609/r20190131/zrt_lookup.html
Frame ID: 5E204163ED5D6CF58E407A8B3C447A74
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5207119889962754&output=html&h=250&slotname=8624521180&adk=157814446&adf=677210104&w=250&lmt=1592056330&psa=0&guci=1.2.0.0.2.2.0.0&format=250x250&url=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm&flash=0&wgl=1&adsid=NT&dt=1592056330742&bpp=21&bdt=362&idt=129&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5720938843364&frm=20&pv=2&ga_vid=820063477.1592056331&ga_sid=1592056331&ga_hid=1157750982&ga_fc=0&iag=0&icsg=8431616&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1137&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1047705600829655&pem=137&ref=http%3A%2F%2Ftwr.kr%2Fq5Wy&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=1&uci=a!1&fsb=1&xpc=TUOGzaTenT&p=http%3A//hasvworasdy.6f.sk&dtd=146
Frame ID: 24CB5DD52C5816F25AE6392C5A3C6FCC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5207119889962754&output=html&adk=1812271804&adf=3025194257&lmt=1592056330&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1592056330814&bpp=2&bdt=435&idt=92&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=250x250&nras=1&correlator=5720938843364&frm=20&pv=1&ga_vid=820063477.1592056331&ga_sid=1592056331&ga_hid=1157750982&ga_fc=0&iag=0&icsg=8598366208&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1047705600829655&pem=137&ref=http%3A%2F%2Ftwr.kr%2Fq5Wy&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=1&uci=a!1&fsb=1&dtd=98
Frame ID: 6FC1EC2BF34C7A8D19BF20BD776084E3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=1409391765942444&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3eab778209c4a8%26domain%3Dhasvworasdy.6f.sk%26origin%3Dhttp%253A%252F%252Fhasvworasdy.6f.sk%252Ff38aafdd2f3e388%26relation%3Dparent.parent&container_width=292&header=false&height=239&href=http%3A%2F%2Fwww.facebook.com%2Fendora.cz&locale=cs_CZ&sdk=joey&show_border=false&show_faces=true&stream=false&width=292
Frame ID: DB3C98CDEC312B39F29324777FC93CD7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: C016BD6D8E64B9193A19ADE0C7634C62
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://pmnt.pl/2onbe HTTP 301
    http://twr.kr/q5Wy Page URL
  2. http://twr.kr/q5Wy?ckattempt=1 HTTP 301
    http://hasvworasdy.6f.sk/bens.htm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

45
Requests

58 %
HTTPS

83 %
IPv6

16
Domains

21
Subdomains

16
IPs

6
Countries

852 kB
Transfer

2441 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pmnt.pl/2onbe HTTP 301
    http://twr.kr/q5Wy Page URL
  2. http://twr.kr/q5Wy?ckattempt=1 HTTP 301
    http://hasvworasdy.6f.sk/bens.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://pmnt.pl/2onbe HTTP 301
  • http://twr.kr/q5Wy
Request Chain 14
  • http://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5 HTTP 302
  • https://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5
Request Chain 16
  • http://connect.facebook.net/cs_CZ/all.js HTTP 307
  • https://connect.facebook.net/cs_CZ/all.js
Request Chain 27
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 28
  • http://c.imedia.cz/js/retargeting.js HTTP 301
  • https://c.imedia.cz/js/retargeting.js
Request Chain 34
  • http://www.google-analytics.com/r/collect?v=1&_v=j82&a=1157750982&t=pageview&_s=1&dl=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm&dr=http%3A%2F%2Ftwr.kr%2Fq5Wy&ul=en-us&de=UTF-8&dt=Dom%C3%A9na%20odstavena%7C%20Endora.cz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAAB~&jid=1751150381&gjid=197388763&cid=820063477.1592056331&tid=UA-5967828-26&_gid=35509172.1592056331&_r=1&gtm=2wg6405S8CZ5&z=577352370 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1157750982&t=pageview&_s=1&dl=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm&dr=http%3A%2F%2Ftwr.kr%2Fq5Wy&ul=en-us&de=UTF-8&dt=Dom%C3%A9na%20odstavena%7C%20Endora.cz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAAB~&jid=1751150381&gjid=197388763&cid=820063477.1592056331&tid=UA-5967828-26&_gid=35509172.1592056331&_r=1&gtm=2wg6405S8CZ5&z=577352370 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5967828-26&cid=820063477.1592056331&jid=1751150381&_gid=35509172.1592056331&gjid=197388763&_v=j82&z=577352370 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5967828-26&cid=820063477.1592056331&jid=1751150381&_v=j82&z=577352370 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5967828-26&cid=820063477.1592056331&jid=1751150381&_v=j82&z=577352370&slf_rd=1&random=3959688963
Request Chain 35
  • http://c.imedia.cz/retargeting?id=15330&category=&itemId=&url=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm HTTP 301
  • https://c.imedia.cz/retargeting?id=15330&category=&itemId=&url=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
q5Wy
twr.kr/
Redirect Chain
  • https://pmnt.pl/2onbe
  • http://twr.kr/q5Wy
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://twr.kr/q5Wy
Protocol
HTTP/1.1
Server
183.111.141.61 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
cd122b5072611af7000cf8171b027bd9b5f4e1221cbc3188a286af79b231b8bd

Request headers

Host
twr.kr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Sat, 13 Jun 2020 13:52:07 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control
no-cache
Content-Encoding
gzip

Redirect headers

status
301
date
Sat, 13 Jun 2020 13:52:08 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d10ffebdf33fe2da065efadf1f5aedab11592056327; expires=Mon, 13-Jul-20 13:52:07 GMT; path=/; domain=.pmnt.pl; HttpOnly; SameSite=Lax SERVERID17573=2120203|XuTaC|XuTaC; path=/
location
http://twr.kr/q5Wy
cf-ray
5a2c4a51aec90746-FRA
cf-cache-status
DYNAMIC
cf-request-id
034f8cc70d00000746831f9200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-iplb-instance
17180
x-powered-by
PHP/7.0
vary
Accept-Encoding
server
cloudflare
cupid.js
twr.kr/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://twr.kr/cupid.js
Requested by
Host: twr.kr
URL: http://twr.kr/q5Wy
Protocol
HTTP/1.1
Server
183.111.141.61 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://twr.kr/q5Wy
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Jun 2020 13:52:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Jul 2014 06:43:12 GMT
Server
nginx
ETag
W/"53c61f00-79c6"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Connection
keep-alive
Primary Request bens.htm
hasvworasdy.6f.sk/
Redirect Chain
  • http://twr.kr/q5Wy?ckattempt=1
  • http://hasvworasdy.6f.sk/bens.htm
18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://hasvworasdy.6f.sk/bens.htm
Requested by
Host: twr.kr
URL: http://twr.kr/q5Wy
Protocol
HTTP/1.1
Server
2a01:28:ca:63:120:114:: , Czech Republic, ASN39392 (SUPERNETWORK (^_^)/, CZ),
Reverse DNS
Software
nginx /
Resource Hash
efa87a768f0148054b815e1ff077efaddaed43f9dd8b7cf24333c869b6e62490

Request headers

Host
hasvworasdy.6f.sk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://twr.kr/q5Wy
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://twr.kr/q5Wy

Response headers

Server
nginx
Date
Sat, 13 Jun 2020 13:52:10 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5d5ab281-4958"
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Sat, 13 Jun 2020 13:52:08 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP='NOI CURa ADMa DEVa TAIa OUR DELa BUS IND PHY ONL UNI COM NAV INT DEM PRE'
X-Powered-By
PHP/5.3.13p1
Set-Cookie
S6L_LANG=en; expires=Mon, 22-Apr-2030 13:52:08 GMT; path=/; domain=.twr.kr S6L_LANG=en; expires=Mon, 22-Apr-2030 13:52:08 GMT; path=/; domain=.twr.kr S6L_LANG=en; expires=Mon, 22-Apr-2030 13:52:08 GMT; path=/; domain=.twr.kr S6L_LANG=en; expires=Mon, 22-Apr-2030 13:52:08 GMT; path=/; domain=.twr.kr S6L_LANG=en; expires=Mon, 22-Apr-2030 13:52:08 GMT; path=/; domain=.twr.kr
Location
http://hasvworasdy.6f.sk/bens.htm
webloader-web.css
www.endora.cz/webtemp/css/web/ 		422 KB
100 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.endora.cz/webtemp/css/web/webloader-web.css?1559213366
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
HTTP/1.1
Server
2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK (^_^)/, CZ),
Reverse DNS
Software
nginx /
Resource Hash
007dc5d2b2927209e39f13e8ecc9c4fc82215f36051b5496f91b912a2e32fd00

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Jun 2020 13:52:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jun 2020 11:23:51 GMT
Server
nginx
ETag
W/"5ee0c2c7-6982b"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2419200
Transfer-Encoding
chunked
Connection
keep-alive
webloader-webHead.js
www.endora.cz/webtemp/css/webHead/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://www.endora.cz/webtemp/css/webHead/webloader-webHead.js?1523432989
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
HTTP/1.1
Server
2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK (^_^)/, CZ),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
endoracz-freehosting-webhosting-zdarma.png
www.endora.cz/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.endora.cz/images/endoracz-freehosting-webhosting-zdarma.png
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
HTTP/1.1
Server
2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK (^_^)/, CZ),
Reverse DNS
Software
nginx /
Resource Hash
81fd6754b3fc11fa383c5655a45f905a2c010c27676d42c89b32aae1a168a078

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Jun 2020 13:52:10 GMT
Last-Modified
Thu, 18 Jun 2015 08:29:07 GMT
Server
nginx
ETag
"55828153-259d"
Content-Type
image/png
Cache-Control
max-age=2419200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9629
ico-hosted.png
www.endora.cz/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.endora.cz/images/ico-hosted.png
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
HTTP/1.1
Server
2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK (^_^)/, CZ),
Reverse DNS
Software
nginx /
Resource Hash
305f3d591b84041067571faecc77ae1f74e52fc857f1bc54b7ab9c9033962ccc

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Jun 2020 13:52:10 GMT
Last-Modified
Thu, 18 Jun 2015 08:29:07 GMT
Server
nginx
ETag
"55828153-6c2"
Content-Type
image/png
Cache-Control
max-age=2419200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1730
ico-newfast.png
www.endora.cz/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.endora.cz/images/ico-newfast.png
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
HTTP/1.1
Server
2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK (^_^)/, CZ),
Reverse DNS
Software
nginx /
Resource Hash
cd8e50622016ad57ca0fbbccee2690d504552b1ce0848142c442c127b8325178

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Jun 2020 13:52:10 GMT
Last-Modified
Thu, 18 Jun 2015 08:29:07 GMT
Server
nginx
ETag
"55828153-d81"
Content-Type
image/png
Cache-Control
max-age=2419200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3457
ico-registeredcz.png
www.endora.cz/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.endora.cz/images/ico-registeredcz.png
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
HTTP/1.1
Server
2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK (^_^)/, CZ),
Reverse DNS
Software
nginx /
Resource Hash
ef7a81264afb7408d3d24b684d6ea42daba371c0abfaa142bcf4f66313c5718c

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Jun 2020 13:52:10 GMT
Last-Modified
Thu, 18 Jun 2015 08:29:07 GMT
Server
nginx
ETag
"55828153-84f"
Content-Type
image/png
Cache-Control
max-age=2419200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2127
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		109 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
HTTP/1.1
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d76c431ad28fb8834fd91eaaef6f9fb5a429e5b796d2c0a79fdfa9d31377132c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Sat, 13 Jun 2020 13:52:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
6676592450518915597
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
40197
X-XSS-Protection
0
Expires
Sat, 13 Jun 2020 13:52:10 GMT
platebni-metody-freehostingu.png
www.endora.cz/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.endora.cz/images/platebni-metody-freehostingu.png
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
HTTP/1.1
Server
2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK (^_^)/, CZ),
Reverse DNS
Software
nginx /
Resource Hash
8f708832c181e1694851f65a5d041591e94a24aabbc33e404fdac944e91c6eaa

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Jun 2020 13:52:10 GMT
Last-Modified
Thu, 18 Jun 2015 08:29:07 GMT
Server
nginx
ETag
"55828153-17d9"
Content-Type
image/png
Cache-Control
max-age=2419200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6105
gopay.png
www.endora.cz/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.endora.cz/images/gopay.png
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
HTTP/1.1
Server
2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK (^_^)/, CZ),
Reverse DNS
Software
nginx /
Resource Hash
77c33447aa8f6fef0a8068a95394b7c91b0ab176664f90a51a21492d72ab4a3d

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Jun 2020 13:52:10 GMT
Last-Modified
Thu, 25 Jun 2015 08:20:43 GMT
Server
nginx
ETag
"558bb9db-b4a"
Content-Type
image/png
Cache-Control
max-age=2419200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2890
plusone.js
apis.google.com/js/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f649957f4fc091425a4bf4381bbfa94e1b2dd3ed13c3e49e039adfc7a04f2d8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Id+n3fuj/3d2gihC1sO43w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Jun 2020 13:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"bf671b405a6ba42bf04812eca7f9b45e"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-Id+n3fuj/3d2gihC1sO43w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sat, 13 Jun 2020 13:52:10 GMT
api.js
www.google.com/recaptcha/ 		676 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a20a5beb76d49b7e858e96c5e60b8433db79bee65f68f5fc5d1a6d989a0d3f30
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Jun 2020 13:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
448
x-xss-protection
1; mode=block
expires
Sat, 13 Jun 2020 13:52:10 GMT
webloader-web.js
www.endora.cz/webtemp/js/web/ 		612 KB
205 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.endora.cz/webtemp/js/web/webloader-web.js?1560241543
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
HTTP/1.1
Server
2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK (^_^)/, CZ),
Reverse DNS
Software
nginx /
Resource Hash
14c9216fede333008c6ccd4ccfcc47a04213fd091f041128e839daeafb70c5d6

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Jun 2020 13:52:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jun 2020 11:23:51 GMT
Server
nginx
ETag
W/"5ee0c2c7-98fe4"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=29030400
Transfer-Encoding
chunked
Connection
keep-alive
gtm.js
www.googletagmanager.com/
Redirect Chain
  • http://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5
  • https://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5
122 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fc2e8c35cb3ee2d8d91f1892e839e0ab7194cd839fb4955f8ba4709a43cd2e71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Jun 2020 13:52:10 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43482
x-xss-protection
0
last-modified
Sat, 13 Jun 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Jun 2020 13:52:10 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5
Date
Sat, 13 Jun 2020 13:52:10 GMT
Server
Google Tag Manager
Content-Length
250
X-XSS-Protection
0
Content-Type
text/html; charset=UTF-8
webloader-webPrint-print.css
www.endora.cz/webtemp/css/webPrint/ 		195 B
456 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.endora.cz/webtemp/css/webPrint/webloader-webPrint-print.css?1523432989
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
HTTP/1.1
Server
2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK (^_^)/, CZ),
Reverse DNS
Software
nginx /
Resource Hash
0307813a544ed1fa8a8606edbdb10257272ff314a13d5d11d494a91bacd56600

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Jun 2020 13:52:10 GMT
Last-Modified
Wed, 10 Jun 2020 11:23:51 GMT
Server
nginx
ETag
"5ee0c2c7-c3"
Content-Type
text/css
Cache-Control
max-age=2419200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
195
all.js
connect.facebook.net/cs_CZ/
Redirect Chain
  • http://connect.facebook.net/cs_CZ/all.js
  • https://connect.facebook.net/cs_CZ/all.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/cs_CZ/all.js
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df82a1665d0a9ef8826dcb227b465530a56bff36682b079623eec454f6dd00ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Yb+3+1go8qMFgCWUkMgFDw==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=3600
content-length
1779
etag
"7e06d6a998122e2b947cafad173da012"
x-fb-debug
QMsh/0r2M2xxXZ5RzrhYN2cRbXJZgp53o54+vczfJO82fcar3JpMxoX/5cX4ytnHN8InbZ+X4RXWByFSnbltWQ==
x-fb-trip-id
664085054
x-fb-content-md5
3ea32864204cf2cd22fd192e496c2716
x-frame-options
DENY
date
Sat, 13 Jun 2020 13:52:10 GMT, Sat, 13 Jun 2020 13:52:10 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 13 Jun 2020 13:59:19 GMT

Redirect headers

Location
https://connect.facebook.net/cs_CZ/all.js#xfbml=1&appId=1409391765942444
Non-Authoritative-Reason
HSTS
header-bg-2.png
www.endora.cz/assets/web/css/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.endora.cz/assets/web/css/header-bg-2.png
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
HTTP/1.1
Server
2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK (^_^)/, CZ),
Reverse DNS
Software
nginx /
Resource Hash
a6dc9b82f3a0c52addc43d1deedca36c606befc3a0bad4f29f9365701c32d165

Request headers

Referer
http://www.endora.cz/webtemp/css/web/webloader-web.css?1559213366
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Jun 2020 13:52:10 GMT
Last-Modified
Wed, 11 Apr 2018 07:49:49 GMT
Server
nginx
ETag
"5acdbe1d-7a1"
Content-Type
image/png
Cache-Control
max-age=2419200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1953
slider-controls.png
www.endora.cz/assets/web/css/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.endora.cz/assets/web/css/slider-controls.png
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
HTTP/1.1
Server
2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK (^_^)/, CZ),
Reverse DNS
Software
nginx /
Resource Hash
0e9da5da7346dd8033a870e67fa01e5e379ad0dc2eb49563ec3e5f0b09c03140

Request headers

Referer
http://www.endora.cz/webtemp/css/web/webloader-web.css?1559213366
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Jun 2020 13:52:10 GMT
Last-Modified
Wed, 11 Apr 2018 07:49:49 GMT
Server
nginx
ETag
"5acdbe1d-6d4"
Content-Type
image/png
Cache-Control
max-age=2419200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1748
integrator.js
adservice.google.de/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hasvworasdy.6f.sk
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Jun 2020 13:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hasvworasdy.6f.sk
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Jun 2020 13:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/ 		218 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea35b3b9523fb354a768e5b791c030e25f769f399258c69527088b3d43ac31a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Jun 2020 13:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
83998
x-xss-protection
0
server
cafe
etag
18154689148218973145
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Jun 2020 13:52:10 GMT
socials.png
www.endora.cz/assets/web/css/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.endora.cz/assets/web/css/socials.png
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK (^_^)/, CZ),
Reverse DNS
Software
nginx /
Resource Hash
a3e0cc1523fbef6a99b0c19bfdfdaf832e7c747d0f98183a3ea26343e14fee8b

Request headers

Referer
http://www.endora.cz/webtemp/css/web/webloader-web.css?1559213366
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Jun 2020 13:52:10 GMT
Last-Modified
Wed, 11 Apr 2018 07:49:49 GMT
Server
nginx
ETag
"5acdbe1d-309f"
Content-Type
image/png
Cache-Control
max-age=2419200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12447
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200609/r20190131/ Frame 5E20 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200609/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200609/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://hasvworasdy.6f.sk/bens.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://hasvworasdy.6f.sk/bens.htm

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 10 Jun 2020 18:34:26 GMT
expires
Wed, 24 Jun 2020 18:34:26 GMT
content-type
text/html; charset=UTF-8
etag
12274286891180784318
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4510
x-xss-protection
0
cache-control
public, max-age=1209600
age
242264
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.pYPiPEsIel4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOey13j2hPNXahsyr0hsvfbpOW7OQ/ 		141 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.pYPiPEsIel4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOey13j2hPNXahsyr0hsvfbpOW7OQ/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2468d5c2d1a7f80ac57cb119957d349af6330773f9faeb7b66aadfdbbf2e617c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 13:03:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 May 2020 22:21:36 GMT
server
sffe
age
175743
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50596
x-xss-protection
0
expires
Fri, 11 Jun 2021 13:03:07 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/2diXFiiA9NsPIBTU15LG6xPf/ 		310 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/2diXFiiA9NsPIBTU15LG6xPf/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c521581b808702299ee8b8948ae8e90ae270ea93206bb1f95846843e0efee725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 02:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Jun 2020 19:45:58 GMT
server
sffe
age
214354
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125146
x-xss-protection
0
expires
Fri, 11 Jun 2021 02:19:36 GMT
all.js
connect.facebook.net/cs_CZ/ 		191 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/cs_CZ/all.js?hash=df13285a471bea5065107aa4cab1aa7d&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/cs_CZ/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9d6f53e6c78537d6fb4e055929666198b5625fea4f1078b2488470edc024f549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://hasvworasdy.6f.sk/bens.htm
Origin
http://hasvworasdy.6f.sk

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
sk8Ayo6Rrnf8fnB0GHPPKw==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=3600
content-length
58544
etag
"c029a51ddc654bcd7b5642dcf50a7b03"
x-fb-debug
y4eR1EfmqTBS1tBQlGLl7Ei8hYXMAn9//BaBCYfacx/ELqGk2eUjXOxei7wb10ShQx/ROux15iCDFkn9xyF2VQ==
x-fb-trip-id
664085054
x-fb-content-md5
7ef8751bcb826e0a277fdba50859017f
x-frame-options
DENY
date
Sat, 13 Jun 2020 13:52:10 GMT, Sat, 13 Jun 2020 13:52:10 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Sun, 13 Jun 2021 13:13:25 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
4352
date
Sat, 13 Jun 2020 12:39:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Sat, 13 Jun 2020 14:39:38 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
retargeting.js
c.imedia.cz/js/
Redirect Chain
  • http://c.imedia.cz/js/retargeting.js
  • https://c.imedia.cz/js/retargeting.js
877 B
843 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.imedia.cz/js/retargeting.js
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
77.75.77.243 , Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS
c.imedia.cz
Software
nginx /
Resource Hash
8a71646996e8df345edcd82df30a0778b3d348350a52bf8a96c176b3c7eb1a6f

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Jun 2020 13:52:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Apr 2020 15:46:49 GMT
Server
nginx
ETag
W/"5e972c69-36d"
Vary
Accept-Encoding
P3P
CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
access-control-allow-origin
*
Cache-Control
no-cache, private, max-age=0, no-cache, no-store
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Expires
Sat, 13 Jun 2020 13:52:10 GMT

Redirect headers

Date
Sat, 13 Jun 2020 13:52:10 GMT
Server
nginx
P3P
CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
Location
https://c.imedia.cz/js/retargeting.js
Cache-Control
private, max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
162
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5
Protocol
HTTP/1.1
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
a693efa7265b630e27e537f6ba09c5558a23b9ed2f57abdbf417c237a50a5156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Sat, 13 Jun 2020 13:52:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
13497728949557021888
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
11020
X-XSS-Protection
0
Expires
Sat, 13 Jun 2020 13:52:10 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 24CB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5207119889962754&output=html&h=250&slotname=8624521180&adk=157814446&adf=677210104&w=250&lmt=1592056330&psa=0&guci=1.2.0.0.2.2.0.0&format=250x250&url=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm&flash=0&wgl=1&adsid=NT&dt=1592056330742&bpp=21&bdt=362&idt=129&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5720938843364&frm=20&pv=2&ga_vid=820063477.1592056331&ga_sid=1592056331&ga_hid=1157750982&ga_fc=0&iag=0&icsg=8431616&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1137&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1047705600829655&pem=137&ref=http%3A%2F%2Ftwr.kr%2Fq5Wy&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=1&uci=a!1&fsb=1&xpc=TUOGzaTenT&p=http%3A//hasvworasdy.6f.sk&dtd=146
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5207119889962754&output=html&h=250&slotname=8624521180&adk=157814446&adf=677210104&w=250&lmt=1592056330&psa=0&guci=1.2.0.0.2.2.0.0&format=250x250&url=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm&flash=0&wgl=1&adsid=NT&dt=1592056330742&bpp=21&bdt=362&idt=129&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5720938843364&frm=20&pv=2&ga_vid=820063477.1592056331&ga_sid=1592056331&ga_hid=1157750982&ga_fc=0&iag=0&icsg=8431616&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1137&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1047705600829655&pem=137&ref=http%3A%2F%2Ftwr.kr%2Fq5Wy&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=1&uci=a!1&fsb=1&xpc=TUOGzaTenT&p=http%3A//hasvworasdy.6f.sk&dtd=146
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://hasvworasdy.6f.sk/bens.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://hasvworasdy.6f.sk/bens.htm

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 13 Jun 2020 13:52:11 GMT
server
cafe
content-length
19312
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 13-Jun-2020 14:07:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 13 Jun 2020 13:52:11 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6808ddc10992310de1c9cf6f7ac0141ee82a8c5c4bf6aededc5d22d31b625468
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Jun 2020 13:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591975235565162"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27914
x-xss-protection
0
expires
Sat, 13 Jun 2020 13:52:10 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6FC1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5207119889962754&output=html&adk=1812271804&adf=3025194257&lmt=1592056330&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1592056330814&bpp=2&bdt=435&idt=92&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=250x250&nras=1&correlator=5720938843364&frm=20&pv=1&ga_vid=820063477.1592056331&ga_sid=1592056331&ga_hid=1157750982&ga_fc=0&iag=0&icsg=8598366208&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1047705600829655&pem=137&ref=http%3A%2F%2Ftwr.kr%2Fq5Wy&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=1&uci=a!1&fsb=1&dtd=98
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5207119889962754&output=html&adk=1812271804&adf=3025194257&lmt=1592056330&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1592056330814&bpp=2&bdt=435&idt=92&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=250x250&nras=1&correlator=5720938843364&frm=20&pv=1&ga_vid=820063477.1592056331&ga_sid=1592056331&ga_hid=1157750982&ga_fc=0&iag=0&icsg=8598366208&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1047705600829655&pem=137&ref=http%3A%2F%2Ftwr.kr%2Fq5Wy&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=1&uci=a!1&fsb=1&dtd=98
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://hasvworasdy.6f.sk/bens.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://hasvworasdy.6f.sk/bens.htm

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 13 Jun 2020 13:52:10 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 13-Jun-2020 14:07:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 13 Jun 2020 13:52:10 GMT
cache-control
private
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=1409391765942444&input_token&origin=1&redirect_uri=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/cs_CZ/all.js?hash=df13285a471bea5065107aa4cab1aa7d&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://hasvworasdy.6f.sk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
0
pragma
no-cache
x-fb-debug
UiDAkGNCv+7hpsZwlwl7FErqAdMI8crOd7Mbs2EbCiFULJrKppCJbBaKJC/vv2/TaQIMMlgtS/BR4ERIjnLlkg==
fb-s
unknown
cache-control
private, no-cache, no-store, must-revalidate
date
Sat, 13 Jun 2020 13:52:10 GMT, Sat, 13 Jun 2020 13:52:10 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://hasvworasdy.6f.sk
access-control-expose-headers
fb-s
fb-error-description
"This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j82&a=1157750982&t=pageview&_s=1&dl=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm&dr=http%3A%2F%2Ftwr.kr%2Fq5Wy&ul=en-us&de=UTF-8&dt=Dom%C3%A9na%20odsta...
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1157750982&t=pageview&_s=1&dl=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm&dr=http%3A%2F%2Ftwr.kr%2Fq5Wy&ul=en-us&de=UTF-8&dt=Dom%C3%A9na%20odst...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5967828-26&cid=820063477.1592056331&jid=1751150381&_gid=35509172.1592056331&gjid=197388763&_v=j82&z=577352370
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5967828-26&cid=820063477.1592056331&jid=1751150381&_v=j82&z=577352370
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5967828-26&cid=820063477.1592056331&jid=1751150381&_v=j82&z=577352370&slf_rd=1&random=3959688963
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5967828-26&cid=820063477.1592056331&jid=1751150381&_v=j82&z=577352370&slf_rd=1&random=3959688963
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jun 2020 13:52:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jun 2020 13:52:11 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5967828-26&cid=820063477.1592056331&jid=1751150381&_v=j82&z=577352370&slf_rd=1&random=3959688963
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
retargeting
c.imedia.cz/
Redirect Chain
  • http://c.imedia.cz/retargeting?id=15330&category=&itemId=&url=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm
  • https://c.imedia.cz/retargeting?id=15330&category=&itemId=&url=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm
43 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.imedia.cz/retargeting?id=15330&category=&itemId=&url=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
77.75.77.243 , Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS
c.imedia.cz
Software
nginx /
Resource Hash
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Jun 2020 13:52:11 GMT
Content-Encoding
deflate
Server
nginx
Vary
Accept-Encoding
P3P
CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
Cache-Control
private, max-age=0, no-cache, no-store
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
image/gif

Redirect headers

Date
Sat, 13 Jun 2020 13:52:11 GMT
Server
nginx
P3P
CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
Location
https://c.imedia.cz/retargeting?id=15330&category=&itemId=&url=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm
Cache-Control
private, max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
162
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/995118708/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/995118708/?random=1592056331198&cv=9&fst=1592056331198&num=1&label=hieZCISf0wQQ9JzB2gM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm&ref=http%3A%2F%2Ftwr.kr%2Fq5Wy&tiba=Dom%C3%A9na%20odstavena%7C%20Endora.cz&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3d7b73fe908d4ff88ee9cae60ac5be52b03e3804b1e2fb29ff42ba8d42913c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jun 2020 13:52:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1072
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/995118708/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/995118708/?random=1592056331198&cv=9&fst=1592053200000&num=1&label=hieZCISf0wQQ9JzB2gM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm&ref=http%3A%2F%2Ftwr.kr%2Fq5Wy&tiba=Dom%C3%A9na%20odstavena%7C%20Endora.cz&async=1&fmt=3&is_vtc=1&random=3584596857&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jun 2020 13:52:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/995118708/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/995118708/?random=1592056331198&cv=9&fst=1592053200000&num=1&label=hieZCISf0wQQ9JzB2gM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fhasvworasdy.6f.sk%2Fbens.htm&ref=http%3A%2F%2Ftwr.kr%2Fq5Wy&tiba=Dom%C3%A9na%20odstavena%7C%20Endora.cz&async=1&fmt=3&is_vtc=1&random=3584596857&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: hasvworasdy.6f.sk
URL: http://hasvworasdy.6f.sk/bens.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jun 2020 13:52:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200609&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a30818597b471ab572f6644f323f8c575a94186d47c1adc161ab0d3648e88473
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Jun 2020 13:52:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5549
x-xss-protection
0
like_box.php
www.facebook.com/plugins/ Frame DB3C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like_box.php?app_id=1409391765942444&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3eab778209c4a8%26domain%3Dhasvworasdy.6f.sk%26origin%3Dhttp%253A%252F%252Fhasvworasdy.6f.sk%252Ff38aafdd2f3e388%26relation%3Dparent.parent&container_width=292&header=false&height=239&href=http%3A%2F%2Fwww.facebook.com%2Fendora.cz&locale=cs_CZ&sdk=joey&show_border=false&show_faces=true&stream=false&width=292
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/cs_CZ/all.js?hash=df13285a471bea5065107aa4cab1aa7d&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like_box.php?app_id=1409391765942444&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3eab778209c4a8%26domain%3Dhasvworasdy.6f.sk%26origin%3Dhttp%253A%252F%252Fhasvworasdy.6f.sk%252Ff38aafdd2f3e388%26relation%3Dparent.parent&container_width=292&header=false&height=239&href=http%3A%2F%2Fwww.facebook.com%2Fendora.cz&locale=cs_CZ&sdk=joey&show_border=false&show_faces=true&stream=false&width=292
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://hasvworasdy.6f.sk/bens.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://hasvworasdy.6f.sk/bens.htm

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-type
text/html; charset="utf-8"
x-fb-debug
l4/XSLqFSqwSddl8gTYEEtX6Z54g5ypqDf8CkWnLyR1qdP6wcISPxDhHOEGlILtreKUudbbGESoB3ZBHOF+TWg==
date
Sat, 13 Jun 2020 13:52:11 GMT Sat, 13 Jun 2020 13:52:11 GMT
alt-svc
h3-27=":443"; ma=3600
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Jun 2020 13:52:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1591403518460474"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=3000
Accept-Ranges
bytes
Content-Length
5540
X-XSS-Protection
0
Expires
Sat, 13 Jun 2020 13:52:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame C016 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://hasvworasdy.6f.sk/bens.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://hasvworasdy.6f.sk/bens.htm

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Sat, 13 Jun 2020 12:52:51 GMT
expires
Sun, 13 Jun 2021 12:52:51 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3560
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200609&jk=1047705600829655&bg=!VValVk5Yj-_2zHNpq8QCAAAARFIAAAANmQF4gXwU36AkbbexTOiR0YawOJnjm5wX4QbN09pRWXD9vPeS54c3Rw0uIVBpW3nYIpNdNmaz--cicPHjV2VzmEMjcjUGv9ZaYDaVR_M9vrZ6hp-IgCYziWOXw5WzJNyz15Rj3WujjanbH2H6l1Gein1V9Ad9ZuI5RdggDfF5bgA6P1bU0LkRskqnflg2GT0NxsLgEW9b96A9t4f7pAN_CwLayfguueEXAbdb272702kz2cXO_H6n0lpObD8ZS519QbJGRYPxwKvSplvGBvX-RNgOxdZiacEGOkj5QfA8iZ_4vrJq0ZJMRiPoieUk-NRfS3IqEt9IAJOhNcjM4leC7upV070wA9UgYabQebEpPpbJHYLitFRmIcd0ufLQ37v9dAdAQrSRVk01TRSXbpAO7Ur_EhGr_WG2n--vSgy7fMBFLNKYKDUSdvX5tTkzpEIr2sIF05O9An1KgWSBedfGvNcQQZL8nvuOvJ7pjZnHk9Y4MQ_fuYCMloSspg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hasvworasdy.6f.sk/bens.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jun 2020 13:52:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars string| chatWindowUrl object| gapi object| ___jsl object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| LiveForm object| Nette function| _ function| popupFormOnClick function| showRemaining undefined| EndoraWebadminAjaxForms undefined| EndoraWebadmin undefined| bContainer undefined| bBox undefined| bTitle undefined| bItems function| handleMQL function| Class function| $ function| jQuery object| Select2 string| _determinate string| _indeterminate string| _update string| _type string| _click string| _touch string| _add string| _remove string| _callback string| _label string| _cursor boolean| _mobile function| Swiper function| RateYo object| popupMessages function| setConfirm object| FB function| postscribe object| google_tag_manager object| gadgets object| osapi object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ object| google_tag_data string| GoogleAnalyticsObject function| ga number| seznam_retargeting_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| recaptcha object| gaplugins object| gaData function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| seznam_dispatchedRetargetingIds function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUk4FR0zrljgPOHf8RRLtshJk0XhcYBccj15-KP6dr9XAhv-E3rgnp8iTNHO
.hasvworasdy.6f.sk/ Name: _gat_UA-5967828-26
Value: 1
.hasvworasdy.6f.sk/ Name: _gid
Value: GA1.3.35509172.1592056331
.hasvworasdy.6f.sk/ Name: _ga
Value: GA1.3.820063477.1592056331

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
apis.google.com
c.imedia.cz
connect.facebook.net
googleads.g.doubleclick.net
hasvworasdy.6f.sk
pagead2.googlesyndication.com
pmnt.pl
stats.g.doubleclick.net
tpc.googlesyndication.com
twr.kr
www.endora.cz
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
183.111.141.61
216.58.207.34
2606:4700:3036::681f:4664
2a00:1450:4001:808::2002
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:819::2004
2a00:1450:4001:820::2001
2a00:1450:4001:820::2003
2a00:1450:4001:821::2002
2a00:1450:4001:821::200e
2a00:1450:4001:824::2003
2a00:1450:400c:c00::9c
2a01:28:ca:63:120:104::
2a01:28:ca:63:120:114::
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
77.75.77.243
007dc5d2b2927209e39f13e8ecc9c4fc82215f36051b5496f91b912a2e32fd00
0307813a544ed1fa8a8606edbdb10257272ff314a13d5d11d494a91bacd56600
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0e9da5da7346dd8033a870e67fa01e5e379ad0dc2eb49563ec3e5f0b09c03140
14c9216fede333008c6ccd4ccfcc47a04213fd091f041128e839daeafb70c5d6
1f649957f4fc091425a4bf4381bbfa94e1b2dd3ed13c3e49e039adfc7a04f2d8
2468d5c2d1a7f80ac57cb119957d349af6330773f9faeb7b66aadfdbbf2e617c
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
305f3d591b84041067571faecc77ae1f74e52fc857f1bc54b7ab9c9033962ccc
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
6808ddc10992310de1c9cf6f7ac0141ee82a8c5c4bf6aededc5d22d31b625468
77c33447aa8f6fef0a8068a95394b7c91b0ab176664f90a51a21492d72ab4a3d
81fd6754b3fc11fa383c5655a45f905a2c010c27676d42c89b32aae1a168a078
8a71646996e8df345edcd82df30a0778b3d348350a52bf8a96c176b3c7eb1a6f
8f708832c181e1694851f65a5d041591e94a24aabbc33e404fdac944e91c6eaa
9d6f53e6c78537d6fb4e055929666198b5625fea4f1078b2488470edc024f549
a20a5beb76d49b7e858e96c5e60b8433db79bee65f68f5fc5d1a6d989a0d3f30
a30818597b471ab572f6644f323f8c575a94186d47c1adc161ab0d3648e88473
a3e0cc1523fbef6a99b0c19bfdfdaf832e7c747d0f98183a3ea26343e14fee8b
a693efa7265b630e27e537f6ba09c5558a23b9ed2f57abdbf417c237a50a5156
a6dc9b82f3a0c52addc43d1deedca36c606befc3a0bad4f29f9365701c32d165
c521581b808702299ee8b8948ae8e90ae270ea93206bb1f95846843e0efee725
cd122b5072611af7000cf8171b027bd9b5f4e1221cbc3188a286af79b231b8bd
cd8e50622016ad57ca0fbbccee2690d504552b1ce0848142c442c127b8325178
d76c431ad28fb8834fd91eaaef6f9fb5a429e5b796d2c0a79fdfa9d31377132c
df82a1665d0a9ef8826dcb227b465530a56bff36682b079623eec454f6dd00ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d7b73fe908d4ff88ee9cae60ac5be52b03e3804b1e2fb29ff42ba8d42913c4
ea35b3b9523fb354a768e5b791c030e25f769f399258c69527088b3d43ac31a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7a81264afb7408d3d24b684d6ea42daba371c0abfaa142bcf4f66313c5718c
efa87a768f0148054b815e1ff077efaddaed43f9dd8b7cf24333c869b6e62490
fc2e8c35cb3ee2d8d91f1892e839e0ab7194cd839fb4955f8ba4709a43cd2e71