tempprenmis.tk Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://in.sv/Wtb5fa-pge
Effective URL:
https://tempprenmis.tk/
Submission: On February 24 via api (February 24th 2022, 6:07:26 pm UTC) from PL — Scanned from DE

Summary HTTP 151 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 27 domains to perform 151 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is tempprenmis.tk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 22nd 2021. Valid for: a year.

This is the only time tempprenmis.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 41	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:e1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1 4	185.11.128.206 185.11.128.206	50599 (Autonomou...) (Autonomous System for Data Space Sp. z o.o.)
13	2606:4700:10:... 2606:4700:10::6816:28b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	146.59.30.108 146.59.30.108	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:fc00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3 11	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.103 185.86.139.103	201081 (SMARTADSE...) (SMARTADSERVER)
12	2606:4700::68... 2606:4700::6810:c40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
151	30

41 2a06:98c1:3120::7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

in.sv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tempprenmis.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:e1b (United States)

ASN13335 (CLOUDFLARENET, US)

img.wprost.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.11.128.206 (Poland) 1 redirects

ASN50599 (Autonomous System for Data Space Sp. z o.o., PL)
PTR: host-185-11-128-206.dataspace.pl

advice.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:10::6816:28b9 (United States)

ASN13335 (CLOUDFLARENET, US)

api.deep.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scoring.deep.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:fc00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.181.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.52 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6810:c40 (United States)

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	tempprenmis.tk tempprenmis.tk	553 KB
20	googlesyndication.com 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	99 KB
17	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	162 KB
15	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
13	deep.bi api.deep.bi — Cisco Umbrella Rank: 80155 scoring.deep.bi — Cisco Umbrella Rank: 141558	21 KB
12	bannerflow.net c.bannerflow.net — Cisco Umbrella Rank: 12742	158 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	4 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 59	2 KB
5	gemius.pl 1 redirects advice.hit.gemius.pl — Cisco Umbrella Rank: 541655 ls.hit.gemius.pl — Cisco Umbrella Rank: 13343	15 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	4 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	199 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	39 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	152 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 356	949 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 683 s.tribalfusion.com — Cisco Umbrella Rank: 1640	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6342	611 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	65 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	427 B
2	wprost.pl img.wprost.pl — Cisco Umbrella Rank: 512813	187 KB
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1193	75 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 288	460 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 21278	520 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	265 B
1	google.ru adservice.google.ru — Cisco Umbrella Rank: 22984	792 B
1	optad360.io get.optad360.io — Cisco Umbrella Rank: 25229	80 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	in.sv 1 redirects in.sv	506 B
151	27

	Domain	Requested by
40	tempprenmis.tk	tempprenmis.tk
15	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com tempprenmis.tk
12	c.bannerflow.net	s0.2mdn.net c.bannerflow.net
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	api.deep.bi	tempprenmis.tk api.deep.bi
8	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	scoring.deep.bi	api.deep.bi
4	www.google.com	tempprenmis.tk tpc.googlesyndication.com 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
4	connect.facebook.net	tempprenmis.tk connect.facebook.net
4	advice.hit.gemius.pl	1 redirects tempprenmis.tk advice.hit.gemius.pl
3	s0.2mdn.net	tempprenmis.tk s0.2mdn.net 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
3	securepubads.g.doubleclick.net	tempprenmis.tk securepubads.g.doubleclick.net
3	googleads.g.doubleclick.net	www.googleadservices.com 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com tempprenmis.tk
3	www.googletagmanager.com	tempprenmis.tk www.googletagmanager.com
2	eb2.3lift.com	2 redirects
2	googleads4.g.doubleclick.net	tempprenmis.tk
2	268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google.de	tempprenmis.tk
2	www.googletagservices.com	tempprenmis.tk 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
2	www.facebook.com	tempprenmis.tk
2	img.wprost.pl	tempprenmis.tk
1	ssbsync.smartadserver.com	268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	match.adsrvr.org	268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ru	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	get.optad360.io	tempprenmis.tk
1	ls.hit.gemius.pl	advice.hit.gemius.pl
1	www.googleadservices.com	www.googletagmanager.com
1	in.sv	1 redirects
151	37

This site contains links to these domains. Also see Links.

Domain
nieruchomosci.wprost.pl
www.allcon.pl
www.facebook.com
twitter.com
www.wykop.pl
www.linkedin.com
wwws.tumblr.com
pinterest.com
www.youtube.com
www.wprost.pl

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-12-22` - `2022-12-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-04` - `2022-03-04`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.optad360.io Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.com.ru GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://tempprenmis.tk/
Frame ID: B218792513218FA4169EE568EB973068
Requests: 94 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: EFB4F0AABB6AD5837D36CB489DF98457
Requests: 1 HTTP requests in this frame

Frame: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F1BCD418DA6D96D50C43648423BFD03B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 31D80F8ABAEC404BCB0C8036642FA275
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F3C6870B35D37C3D658A365E50129DC9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FD243E7BD923475E1FF046D45BA9D5D3
Requests: 2 HTTP requests in this frame

Frame: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6AA623142122ADFB642E40260696E8CC
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNub4gIQqqrjAhj9mti_ATAB&v=APEucNVLFDbZMhdQSU40FlSOQcw40b3auG8eJpONFukTvLC9V6pqV-Ylp2CxYuawTRhEVoRaFMm8QUTh7SakTqOSaw_9el2R9SukjYM0PR2kZdBaoPuwEInQAHtzshllqpWbKYT8BAetH9ynLNDhimnq0gZE8fbuBC-Qf9nMDT1Lo7gxtZQc0Ak
Frame ID: A38A1F36C55A1E92A1CCDC5ED14786FA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D0317531CAAB163B6F60232DF7A3BB0C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A2780B09F819D8CA5407D6D18E564B2D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5101414628303306752/300x600-Tfib100M10-mochila-tb-637328171216915634-8d1955f5-a51b-4871-a52a-10763db8cd14.html
Frame ID: F4322753EA879743FF86BF6E683865FA
Requests: 12 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/85e4d0ce-d229-4bd4-8d27-9456c25a87d7
Frame ID: 5525AF7EFB128BEA21DD0B3FE3E5ED36
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fmasmovil%2F5dc2d86a1cad1216d8498436%2Fimages%2Fe49e712e-3393-4ba4-bb68-bebccbdb6c28.png&w=504&h=480&q=85&f=webp&rt=contain
Frame ID: 1F299C66A33DC7BDAAF56F84849905B5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gdzie inwestować w Gdańsku? – Wiadomości Nieruchomości Wprost

Page URL History Show full URLs

https://in.sv/Wtb5fa-pge HTTP 302
https://tempprenmis.tk/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

151
Requests

93 %
HTTPS

66 %
IPv6

27
Domains

37
Subdomains

30
IPs

6
Countries

1772 kB
Transfer

4485 kB
Size

26
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://nieruchomosci.wprost.pl/wiadomosci
Title: Wiadomości

Search URL Search Domain Scan URL

URL: https://nieruchomosci.wprost.pl/inwestowanie-w-nieruchomosci
Title: Inwestowanie w nieruchomości

Search URL Search Domain Scan URL

URL: https://nieruchomosci.wprost.pl/budownictwo
Title: Budownictwo

Search URL Search Domain Scan URL

URL: https://nieruchomosci.wprost.pl/architektura
Title: Architektura

Search URL Search Domain Scan URL

URL: https://www.allcon.pl/mieszkania/apartamenty/mlyny_gdanskie/lokalizacja?utm_source=wprost&utm_medium=artykul&utm_campaign=mg&utm_term=20211029&utm_content=gdzieinwestowacwgdansku
Title: Siedlce

Search URL Search Domain Scan URL

URL: https://www.allcon.pl/mieszkania/apartamenty/mlyny_gdanskie?utm_source=wprost&utm_medium=artykul&utm_campaign=mg&utm_term=20211029&utm_content=gdzieinwestowacwgdansku
Title: Młyny Gdańskie

Search URL Search Domain Scan URL

URL: https://www.facebook.com/share.php?u=https%3A%2F%2Fnieruchomosci.wprost.pl%2Fwiadomosci%2F10532860%2Fgdzie-inwestowac-w-gdansku.html&t=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fnieruchomosci.wprost.pl%2F10532860&text=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.wykop.pl/dodaj?url=https%3A%2F%2Fnieruchomosci.wprost.pl%2Fwiadomosci%2F10532860%2Fgdzie-inwestowac-w-gdansku.html
Title: Wykop

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fnieruchomosci.wprost.pl%2Fwiadomosci%2F10532860%2Fgdzie-inwestowac-w-gdansku.html&title=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F
Title: Linked In

Search URL Search Domain Scan URL

URL: http://wwws.tumblr.com/share/link?url=https%3A%2F%2Fnieruchomosci.wprost.pl%2Fwiadomosci%2F10532860%2Fgdzie-inwestowac-w-gdansku.html&name=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F&description=
Title: Tumblr

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fnieruchomosci.wprost.pl%2Fwiadomosci%2F10532860%2Fgdzie-inwestowac-w-gdansku.html&media=https://img.wprost.pl/img/mlyny-gdanskie-sa-efektem-polaczenia-inspiracji-historyczna-zabudowa-gdanska-ze-wspolczesna-architektura-oraz-nowoczesnymi-rozwiazaniami/f5/b0/2ff8f6c4e2e694b02e1d55ecdbb8.jpeg&description=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tygodnikwprost
Title: Nieruchomości Wprost - Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/TygodnikWPROST
Title: Nieruchomości Wprost - Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/AWRWprost
Title: Nieruchomości Wprost - YouTube

Search URL Search Domain Scan URL

URL: https://www.wprost.pl/o-awr-wprost
Title: AWR Wprost

Search URL Search Domain Scan URL

URL: https://www.wprost.pl/kontakt
Title: Kontakt

Search URL Search Domain Scan URL

URL: https://www.wprost.pl/reklama
Title: Reklama

Search URL Search Domain Scan URL

URL: https://www.wprost.pl/regulamin
Title: Regulamin

Search URL Search Domain Scan URL

URL: https://www.wprost.pl/polityka-prywatnosci
Title: Polityka prywatności

Search URL Search Domain Scan URL

URL: https://www.wprost.pl/
Title: Agencja Wydawniczo-Reklamowa „Wprost” Sp. z o.o.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://in.sv/Wtb5fa-pge HTTP 302
https://tempprenmis.tk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://advice.hit.gemius.pl/_1645726040508/rexdot.js?l=100&id=bPo70ouuVF6BwErIBuw7vsQM7KSWflChLqi.FWhl1jr.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ftempprenmis.tk%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=116&lsdata=OMwX7AoVv_E63gNaUYCzEHxdbfH1DoQFt2FPha99Spv.I76krQP7APoO4faoiPO6yeL7ntCcqP5g3s5KECLPTsE2Am0N/7T16.g0hKFQAH/&fpdata=aA0WqtsXIW3vhRsaT3ulgSeZxa5HABqRRuZSGXBgw3X.x7&vis=1&fpcap= HTTP 301
https://advice.hit.gemius.pl/__/_1645726040508/rexdot.js?l=100&id=bPo70ouuVF6BwErIBuw7vsQM7KSWflChLqi.FWhl1jr.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ftempprenmis.tk%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=116&lsdata=OMwX7AoVv_E63gNaUYCzEHxdbfH1DoQFt2FPha99Spv.I76krQP7APoO4faoiPO6yeL7ntCcqP5g3s5KECLPTsE2Am0N/7T16.g0hKFQAH/&fpdata=aA0WqtsXIW3vhRsaT3ulgSeZxa5HABqRRuZSGXBgw3X.x7&vis=1&fpcap=

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELe5Yau6lOrDPtaTxd819Is&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELe5Yau6lOrDPtaTxd819Is&google_cver=1&C=1

Request Chain 111

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhfJWYiHABj9XQW0NtbKxwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELe5Yau6lOrDPtaTxd819Is&google_cver=1

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE-5Ma_e-khszZ3CjczK-RE&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEE-5Ma_e-khszZ3CjczK-RE%26google_cver%3D1

Request Chain 113

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAwMTY4MTQ1OTgzODU2NDQ4NA%3D%3D

Request Chain 123

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKxyL3N5s2tLJhu6580xDjk&google_cver=1&google_push=AYg5qPLh0p6oDPdUsbOxkuwoIT4_6Smlr_sG3MLVqt3apy-wlA9fCezn9K0rs8nbs4__UiD-qixDW9T1icdvKMS3cWCcnBiSloA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLh0p6oDPdUsbOxkuwoIT4_6Smlr_sG3MLVqt3apy-wlA9fCezn9K0rs8nbs4__UiD-qixDW9T1icdvKMS3cWCcnBiSloA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKxyL3N5s2tLJhu6580xDjk&google_cver=1&google_push=AYg5qPLh0p6oDPdUsbOxkuwoIT4_6Smlr_sG3MLVqt3apy-wlA9fCezn9K0rs8nbs4__UiD-qixDW9T1icdvKMS3cWCcnBiSloA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLh0p6oDPdUsbOxkuwoIT4_6Smlr_sG3MLVqt3apy-wlA9fCezn9K0rs8nbs4__UiD-qixDW9T1icdvKMS3cWCcnBiSloA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 125

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBKejo2D5CI5y-Z0DTgXvYY&google_cver=1&google_push=AYg5qPIuTLwV46Lwz-Dr_t8VyiAMQ9rKtWnJBNCdq_R_mxwIiah4dHT7glTAYJs_otItJQh_a7sTVDidl4neYMgPT3XDc7IubXs HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OpTzP6ofR_ydG1WWjLFu-g2&google_push=AYg5qPIuTLwV46Lwz-Dr_t8VyiAMQ9rKtWnJBNCdq_R_mxwIiah4dHT7glTAYJs_otItJQh_a7sTVDidl4neYMgPT3XDc7IubXs

Request Chain 127

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPs15I0Ico-o6lQDG-rU4u4&google_cver=1&google_push=AYg5qPLuipV3ikrl9gESWg1sse3kWSCpwFVQ-QIMi_0rdze3w-lBfOnDPsDjAb3XU99tqD0IvO8HUZlfPrZYOwY8H_E4_Aq0djU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDAxQVNLUDktMU4tM0MzRg==&google_push=AYg5qPLuipV3ikrl9gESWg1sse3kWSCpwFVQ-QIMi_0rdze3w-lBfOnDPsDjAb3XU99tqD0IvO8HUZlfPrZYOwY8H_E4_Aq0djU

Request Chain 128

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEA0eotx-9hToUvIBSjQZcjY&google_cver=1&google_push=AYg5qPLzpqlzDDgD1tnJH5et8PfEiuYGqRO3aCZfJuvr4q4XXP_6qJrBnkazyTKisEWehug9-MxbfKOMkC7dsPqQzs1HZsvP6js HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLzpqlzDDgD1tnJH5et8PfEiuYGqRO3aCZfJuvr4q4XXP_6qJrBnkazyTKisEWehug9-MxbfKOMkC7dsPqQzs1HZsvP6js&google_gid=CAESEA0eotx-9hToUvIBSjQZcjY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM2ODE4NTYwNDc4NTk1MjA2MzM1Mg%3D%3D&google_push=AYg5qPLzpqlzDDgD1tnJH5et8PfEiuYGqRO3aCZfJuvr4q4XXP_6qJrBnkazyTKisEWehug9-MxbfKOMkC7dsPqQzs1HZsvP6js

151 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
tempprenmis.tk/
Redirect Chain

https://in.sv/Wtb5fa-pge
https://tempprenmis.tk/

59 KB
14 KB

493ms
390ms

Document
text/html

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tempprenmis.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 35afb774f93baadbff26bddc324582f3ddb6709f1ee3ed7dca47392db7fdc981

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 24 Feb 2022 18:07:19 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H40hvECl3UrWbcfxFgN7NaEa%2FPdJpE0JEXKHoVbRwpPC7QC2ustfY2%2BKg%2BQdDzqyez4PrD1%2BOqsEDMS2lohgAkVieBkwj37OyB9eacn7cV%2B5UuVwflU7h22CWtzIPrZk%2F%2FE%2FygPzzBVz6SC3ow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e2aa2031f1a839a-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Thu, 24 Feb 2022 18:07:19 GMT
content-length: 0
location: https://tempprenmis.tk
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRIyHgtCz4mMnSRHHv8hCLDxVPDpnzyb%2FdglbcwhcFfc1jXexYuVDQuUPprXHxvy53GTk4F0Ug9iYYPUmiVjuQGZBPkLvq5fp1xF7CHlntMYHbuYI7gUPwU4KKy%2FeeNYv1eXjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e2aa200fca259b3-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cee17864dc7f5e599a89712f12c8.jpeg
img.wprost.pl/img/mlyny-gdanskie-sa-efektem-polaczenia-inspiracji-historyczna-zabudowa-gdanska-ze-wspolczesna-architektura-oraz-nowoczesnymi-rozwiazaniami/5b/fe/ 116 KB
117 KB 316ms
235ms Image
image/jpeg 2606:4700:20::681a:e1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.wprost.pl/img/mlyny-gdanskie-sa-efektem-polaczenia-inspiracji-historyczna-zabudowa-gdanska-ze-wspolczesna-architektura-oraz-nowoczesnymi-rozwiazaniami/5b/fe/cee17864dc7f5e599a89712f12c8.jpeg

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

662c42d2b9d5c15f548ec750617d497cea2d63158b7aa9953ac97e20dc3bfb99

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-type: image/jpeg
content-length: 118620
last-modified: Fri, 29 Oct 2021 12:21:21 GMT
server: cloudflare
etag: "1e24cd32ab260adee2b23e1a78a16c2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kx%2BFdRAPz%2BBgkjJEZnwZq4sR6CsL5q4gy6qrQFL2FzLGphczWpNTUR6EqMZUJ%2F2ph8nY7o1mPH%2FgpHr%2BBL1rxzAhs7oThMk6OrhV%2BeyaQ8dWTg%2BuWzNDszAGCnYhA75DKggyxSdc1rc%2FINE%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 168790531
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6e2aa2063f146d85-MUC

GET
H2 200 OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
tempprenmis.tk/_static/ 543 KB
74 KB 248ms
248ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8b3082371bd6a0093087b633647e5a3f3ec1ef0e97e982814f86821f8512bfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: W/"62179988-87c93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1NdFINXNMSgEkqMgH6gMltqt68pB9Z744pbn2RcCJ%2BO368DgsT6gd1Y4%2F2v5kACLvdm%2FQKNCQlRcw698qi9JFNTgPEUW6WxaifymnPNzTFMrpbXhhIxc%2Bc7oSijNDzzyJcOS25drFjtEgZWzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e2aa205ae63839a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 414f937b-ee02-4965-9ad2-498152b33573.min.js Show response
tempprenmis.tk/items/ 497 B
825 B 140ms
139ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tempprenmis.tk/items/414f937b-ee02-4965-9ad2-498152b33573.min.js
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: W/"62179988-1f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pq2JnNGsgA1r8GigpbHkO3FA%2FEjIekB38jzI7cHEYCDnrIzKNHen9CFhWDDHpY2Mls1ScbH%2B4xIke3LWih0lWxDehV3aJsTEh8O8j4ftD0imSb6Y%2FQTGRmD5G7VXX14H48K1K7dkS2XkExbC%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e2aa20778f63758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 gpt.js Show response
tempprenmis.tk/tag/js/ 77 KB
26 KB 217ms
215ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tempprenmis.tk/tag/js/gpt.js
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 331e14f7226ecaea46e85f54db23f4e7a434969120e39c1a54a8087807ddf830

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: W/"62179988-135f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkFk4vzJfY3VDGvZh4c09rXVPYWQvpbGm6YmbyBG%2FZ1EZQ%2FW9wBxcZgEYjlU1wk6H%2BHDM52DPkNnfo6w8nOAuN0%2BdP%2B3QP9dXnAs3fDv9imCTR4nUGVz%2BL4eqkVbdLihfqaeyQ%2BAZ9Zj4IAoUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e2aa20778f73758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 323699896.min.js Show response
tempprenmis.tk/tag/ 9 KB
3 KB 157ms
155ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tempprenmis.tk/tag/323699896.min.js
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ea665fc0455d38b414a5a31a72f3a8e3a3054b6d3f224d73d5d9057f6b2d3db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: W/"62179988-2493"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ud3TOUK6HAI%2BArrHgvV7Qgj%2FbOfh1yR2JeG9TMgRtsY8tMOsCG7Y9wMLC3VGSGot%2Bvn4ndObUhIbPI26IIK3EOqmaNUO7Npu0wA6FmFOl3extuEPbcNUbNiAX837h5YwSxzDOdJpAsO%2BtxHyaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e2aa20778f93758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 48ms
25ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-8969414-2

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af7b6cbfca349ad0db59e6d46d50b154b03c8173b7ae9a8e08a44a9aabaf4b59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37570
x-xss-protection: 0
expires: Thu, 24 Feb 2022 18:07:20 GMT

GET
H3 200 pusty.png
tempprenmis.tk/_i/ 95 B
643 B 143ms
141ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_i/pusty.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PhmU9x9LVqpbPcKO16ZGSIYRp6sW7Ul1lZS6FHv17faucO7Cq%2BipIWYLsh7H96D8lADu%2Fau%2B1eGcgY9ApLGWzEMHF2WPwtWZbuLSVMJEcnmDH%2B8gOWnhl3Q6vHpO3LgW5R%2BcTM6XiTLvVP3Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa20778fb3758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95

GET
H2 200 daecc84600673be34d903ed5b55c.jpeg
img.wprost.pl/img/mlyny-gdanskie-sa-efektem-polaczenia-inspiracji-historyczna-zabudowa-gdanska-ze-wspolczesna-architektura-oraz-nowoczesnymi-rozwiazaniami/a0/8d/ 69 KB
70 KB 172ms
171ms Image
image/jpeg 2606:4700:20::681a:e1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3932943c42751eb7007d21192da9999a6ee0bd453157a61b0083c13836875912

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=71328, status=webp_bigger
cf-ray: 6e2aa2077c576d85-MUC
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-length: 71098
last-modified: Fri, 29 Oct 2021 12:21:21 GMT
server: cloudflare
etag: "550bb2dd3f100afd4472844c5f9e8d36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CA%2B4s%2BEiqreWJS4YYvv6YELB8RgVZLLfZd%2B2ct%2BOij%2B4i1v2qBxm%2BjCLUOt1KoAsPWVD0J2kwJTEsuMAwnY6OtPeBu9JvEwdsAfgEkdM6irthj4MkLC2MhUyERg4TUwTdpJMIYyU8pCP1Tc%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 57556087 58526683
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 html5-jquery-3.5.1-lightbox-2.6.min-main-nieruchomosci-ads-deep.bi-98094d358c56483135314a865a0dd1f1-content.js Show response
tempprenmis.tk/_static/ 365 KB
90 KB 317ms
316ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tempprenmis.tk/_static/html5-jquery-3.5.1-lightbox-2.6.min-main-nieruchomosci-ads-deep.bi-98094d358c56483135314a865a0dd1f1-content.js
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4de28a05e0b438d5800c7dd1345e0ec1a63da96a9e2ad0a65d43203cd91d48ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: W/"62179988-5b561"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UqoJuJHwlX5HNRyN%2FNB4tnj4q5p8B8AodReNwMD7qvtgdj6yEFFWytHip404ZfkQxaHgiHqL0lmwoGDefIaryJUz2zk8hhxXB1q73MON3QhleaYU4PxuChnJCikcULqoLlGMx6do39aLD%2BUaQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e2aa20758ad3758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 xgemius.js Show response
advice.hit.gemius.pl/ 40 KB
11 KB 142ms
28ms Script
application/x-javascript 185.11.128.206
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://advice.hit.gemius.pl/xgemius.js
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.206 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-206.dataspace.pl
Software: GHC /
Resource Hash: 919462eb23533d6a32db8faf732b4d7dafa39f69d32bff2a6905748fedf47bcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
content-encoding: gzip
last-modified: Fri, 18 Feb 2022 08:43:58 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 10842
expires: Fri, 25 Feb 2022 06:07:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 141 KB
51 KB 39ms
16ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WC56M55

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e57693d883138bf2ffcfa537b602020fa9511ec5f41fa4370c7f223222199103

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52130
x-xss-protection: 0
expires: Thu, 24 Feb 2022 18:07:20 GMT

GET
H2 200 init.js Show response
api.deep.bi/v3/ 67 KB
20 KB 102ms
48ms Script
application/javascript 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deep.bi/v3/init.js
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3650d40555b65c92b0a701dcb52783d0dc3d6b8bdd2c70dfaf3f8798635be492

Request headers

Referer: https://tempprenmis.tk/
Origin: https://tempprenmis.tk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Feb 2022 17:29:41 GMT
server: cloudflare
age: 2259
x-rgn: tr01-fsn1.prod-deep.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-if-error=3600
x-server: tr01-fsn1.prod-deep.com
access-control-allow-credentials: true
cf-ray: 6e2aa207cb8183a8-MXP

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: NqtRiDWDNpw6/DBuDbKTS05fCtEgaCIb3xKtq1TafqmY2vICvq6rQBczEn9BfAa+0QRKxUBESz2Tj9v9K7bRuQ==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Thu, 24 Feb 2022 18:07:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pl_PL/ 3 KB
2 KB 28ms
14ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pl_PL/sdk.js

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f67be9ffd620bff33267303a2c849ea44631f3f4754e8046a2c649beff90fbc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: cmZ+vnhDt9AHMTV6V6v1Pw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 24 Feb 2022 18:21:20 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: ngjl3oChmuifBGIzF3sKRcjyWL7bTt+JLuOuikO3bQH4zuDc/UsDKCmxq+crTiFCWWqO5sUKaC1AxVUim7WpZQ==
x-fb-trip-id: 2050670934
x-fb-content-md5: f05688f2163e9c82e50b1201a2b0517f
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 24 Feb 2022 18:07:20 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "37146ccb1d6b5782cabd55d750c8e56c"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 logo-wprost-header.png
tempprenmis.tk/wprost/_i/ 3 KB
3 KB 172ms
172ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/wprost/_i/logo-wprost-header.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01351f6b65ecb4efde549618c748755dec43b369bec2897260f7f4ec05aebbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-a48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pFTdv4hVIHePk6WA81MCE9rJBlM%2FKsl7DJXzjHKcjHzQAvGlQ2yKSwyEhllDFNNUJTn1%2FBT%2Fwg%2ByZU6nNUOsiCpEcrgKoPmykh7kvzkIi%2BovAZPjjS86YjiSnIdVNuBniBswnKTlXiyYJWNfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa20779013758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2632

GET
H3 200 icon-20-a-menu.png
tempprenmis.tk/_i/ 1 KB
2 KB 132ms
132ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_i/icon-20-a-menu.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42b21abbca1944f3630cf12ce218a16eed50f9673faf100047ca61341e318b80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-403"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EikcfFbE6OfwuY7e272eaLt115durW0wrW8l4DTsUHTXn%2BoV6UNWyvz4ODM7Dtz%2Bbui3tbnBlAjl%2F4RgsJKwYj%2BXx%2BDZf0dqTTlBryg71CHaq%2BS0R8MXRxxN6PuSJmwRkLYgRsEngLRmduDAyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa20779033758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1027

GET
H3 200 icon-30-share.png
tempprenmis.tk/_i/ 1 KB
2 KB 136ms
135ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_i/icon-30-share.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6c3674785d0db6ea9c952d6389ad37ac07753cd0161fb0b6f7e0081153f316

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-5b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GjxwsXuoHUuN01B0XM8YQO9VX3b%2BSHSYd4ME1gXd1mfb7d2g8idhaIoA3BF%2BIFtsSZEbx69SCtmW5C8bnD1TBOdlM1k3XA8R2lAejAUWhF%2FfZJ1zlycUTHToSBFNc2%2B2NOBs%2F2cF4fKf%2BIuEHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa20779043758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1463

GET
H3 200 icon-30-comment.png
tempprenmis.tk/_i/ 1 KB
2 KB 136ms
136ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_i/icon-30-comment.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd5e88b0f2cc6fb839016d92d209e99cefce24f4ff6bca4c5ab02bc8c2b1ffe0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-4d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y34zQABgT1CkAoKmF2%2B6M0wJQ8kPI%2Bc4JJI7O2ndE7nVhF1%2BIwB58u4HW%2BTyvkTQEdWZ7%2Fzi1oFm3UR8qe0y7xVhMOxvx1JPD6OUwc2KVP72MIx2eJ5pHnYCU%2Fz%2FzJ%2F4O2kbcWONU0VRoEVZLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa20779083758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1232

GET
H3 200 header-nieruchomosci-01.jpg
tempprenmis.tk/wprost-nieruchomosci/_i/ 168 KB
168 KB 331ms
331ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/wprost-nieruchomosci/_i/header-nieruchomosci-01.jpg
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c79b7506033f731f036b8c0da54494d539ddb31a06a0266c6189a4990f1d13cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-29f56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjAVdrmdh%2BP17qEQCqYsGzS2fH1tYJM%2Be2sKcR9GeCNRMBC1bVtQSHonZYeRh7VoPSbE04OZAYzGlHoV9Bt8BmWXzQJQl4wh6PbPtR5roivTr2csOC9layjiQXxcxwvVbwk4Dv6GJ3gpXj1dOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa207790a3758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 171862

GET
H3 200 icon-20-c-check.png
tempprenmis.tk/_i/ 360 B
912 B 134ms
133ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_i/icon-20-c-check.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42029e6774581c9691e7a855bab8e412602160a2592cb13574e6a9b9e0f390a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-168"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zH3NHbwLFMo1c5stH9TtnUlNa4g3QpYEp%2BeSRFDO%2Fn7SNs41iv7epbpx04S5fObNU7k3nIoL8%2BxO5GSk1j%2BHSMHbm5GPvBFtfd0BP0%2F%2FRbEcw6Beet6dfr%2FjCQqdQvEk0oUq7wQRq8K6mXCZ6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa207790d3758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 360

GET
H3 200 icon-20-a-soc-facebook.png
tempprenmis.tk/_i/ 1 KB
2 KB 146ms
145ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_i/icon-20-a-soc-facebook.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc6aa291217a39c090896ceca42dde661767f883062d581a6074b3c27b72d6af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-456"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWK%2F0lBpyyeRbp4deVRvnSyaN5XgrHCUV21TKhLi1wYj7ZfVgFWBgRpiHg6zosjSoRFzSs8WqRAoH2LAwULx4UpiTgg%2FNKYO%2BPyYhjpBndPA0RQ%2Br0HA0obAVrEO3Bz41Tq40bIlOvOLEdKOqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa20779113758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1110

GET
H3 200 icon-20-a-soc-twitter.png
tempprenmis.tk/_i/ 1 KB
2 KB 170ms
169ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_i/icon-20-a-soc-twitter.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f416547d36ab9ef1af8bd30eb509bd63c961ffe240096d7bc6e4a9162eb10df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-501"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9P15T65WbWH4UPdqIW4yf%2BgQToDFMA%2B%2FLAy1Q30B7HgiCGn63kM46bVqwvcLJiWPZWg7S4RrnKA9Z59OWcBl3uooXQjSdaxHPVM2%2F6ZK1mdQHXkhNgQnlmvhY2%2BInKizU6wdSSXKiXmkHbv1JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa20779143758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1281

GET
H3 200 icon-20-a-soc-you-tube.png
tempprenmis.tk/_i/ 1 KB
2 KB 156ms
155ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_i/icon-20-a-soc-you-tube.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4231e6435e26e6cbd926387d7d59bd67745bae47173ffc868631c4138d80f55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-4b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABldVHlsfl7V0wtcimae7SrYuPu8FKcHbFp8sVoqHvNSkvbQ1xuYwaVCBnqzNW34uRm6axyKgwbVWqze7WXL1bCdKMuwqvKeLL%2FZBciJbhExxs5szCmpZ2QpjKZgYocGjavezhiKDlepsFQMng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa20779263758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1201

GET
H3 200 icon-20-a-arrow-left.png
tempprenmis.tk/_i/ 1 KB
2 KB 149ms
148ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_i/icon-20-a-arrow-left.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 779de053872046185bd650f7e2ffb8b4f1e0ee5f9b2bc73711dbf00f2abc6b28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-46e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CwbYRuR6%2BPBz%2FTLWaoD9Tai0jtcxV3pL61owmmruC%2Fn2IcBHXjjFYg2rx%2BYMZQJuVjKz57ZGjU6uEohd1P9lu1Dur0UbLcf70J02TJByq1y2JHUzu9nTmzQuReQhpvsspyR2Wn8fBOuWbPGQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa20779293758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1134

GET
H3 200 icon-20-a-arrow-top.png
tempprenmis.tk/_i/ 1 KB
2 KB 145ms
143ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_i/icon-20-a-arrow-top.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24fa35573d7e0db487ed379dc1ce2d72776d89129804568e1e5d1dccdfd3a27d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-45d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTWEfsD64zK4IIzagmLtDLa8zoJ1OBM6Wz8kPhR%2FNGufeJwKVNsfu29OR3qIs1j13TvB5uCvePDkyawp%2BK4xEUrzcONn8n%2B1gEwLHvUv%2Fx%2FtLLkaDHTZflzvdTcNbIvLH9%2BqsGH7On%2BOKXhbUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa207792b3758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1117

GET
H3 200 icon-30-a-soc-facebook.png
tempprenmis.tk/_i/ 1 KB
2 KB 162ms
160ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_i/icon-30-a-soc-facebook.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d23c6c35e02d267d4ce46c0e9b197720d883ac35a6f608393c9964ff5831d603

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-489"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ck%2FSZFh8t5A%2Bt5bM44LcJgBzlsPgHI4f1ihiTYt69b73FuPcPODN0Mzlpw5OOLqKVOGtdEiYU%2B%2BYiFv3XHl1sFYIQ4sXNQ%2FB3hQ8yudnCBOPOt9IEyLFKMQY4J1idChPWTyY9smFRRIrL3x6xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa207792f3758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1161

GET
H3 200 icon-30-a-soc-twitter.png
tempprenmis.tk/_i/ 1 KB
2 KB 129ms
127ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_i/icon-30-a-soc-twitter.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef6bc03a26bf3dbb80a22a2eaf54523f07a7aebac158bcd69d58bd5a13cc9351

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-5a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5QIwnBJJgrU%2BU4VD9BdTF%2F297tTnE1X0Ti2ZUMYnQI7VmZTvkEJRH3bpAPseu%2FwNadf79assh3CwEC%2Fn0bYnSUR7WYDXmW1zoqEuMwUkv4K7FlMj7kH12czbPfC%2BS3vEQ%2FxZyQwNUbHeG%2BCeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa20779383758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1443

GET
H3 200 icon-30-a-soc-you-tube.png
tempprenmis.tk/_i/ 1 KB
2 KB 150ms
148ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_i/icon-30-a-soc-you-tube.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc450ca6f3818ff2ad8eae3a10277a1018c541e862cb5b9a34466a813e544bd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-530"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXJZGEN1sWx0FSlvHjBJwVKRJoBlRLTrkjlePKOhw%2BhRO%2BVUs%2B8173xlxdE15pjBH4UOHmSC9BVT81T6reMM4w0vWUSMeqA0Qv3ynVxjok6Cl4OaBjDQ8YlyPdAItJNf5q7WeHTttG76xWTDVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa207793b3758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1328

GET
H3 200 icon-30-a-soc-rss.png
tempprenmis.tk/_i/ 1 KB
2 KB 137ms
135ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_i/icon-30-a-soc-rss.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5becbc936c15ff90857967205040c247e0f8a58b4fcbac94763ed3a61e059210

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-5a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SwLNwForIm8Bt%2B3cNPx5NyRBmafhI1Mj27tIkJL3mPi6DnzuzRHo9r5CaeL5S8942%2Fn1SPKbMOBpxvuEVbyBYwal5Uw3%2FbN9Iv0vHHhehRRY0koFw5gDWozz3t6kHbZCMHpoFicOckqol%2FKmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa207793d3758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1440

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
tempprenmis.tk/_fonts/RobotoCondensed/ 15 KB
16 KB 230ms
228ms Font
application/octet-stream 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tempprenmis.tk/_fonts/RobotoCondensed/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Request headers

Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Origin: https://tempprenmis.tk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "3d68-5d8c49a78cc03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYiR6FMHzN1rJ%2BdhRHAxzZg0lzAWc5prrxCafdvumDnye1TNGQ9BvNVXhcU4nNvCmtFuIsQiqXAfNbv5cm6MnAfFCSQr%2FEvjEDeympP7xkVGy0tLml7TtOD84WNt8mNp8t70l8xjyaunK4q0Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa20779433758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15720

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
tempprenmis.tk/_fonts/RobotoCondensed/ 15 KB
16 KB 204ms
202ms Font
application/octet-stream 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tempprenmis.tk/_fonts/RobotoCondensed/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733

Request headers

Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Origin: https://tempprenmis.tk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "3cf4-5d8c49a78cc03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9M%2FGgX2iquyCtq9ypyFUVyPppdG1os02ZODR0vFXBQ7NqDRZJvBLh1aeOtASf8iERfoczQdV3vsWkIVbAgmW9DvVpsyLBv7AabkJn1GRV9rNHLpBhauQBcfwJbHxL7P9%2BDQGY6FwRWjBy5QZ%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa20779473758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15604

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
tempprenmis.tk/_fonts/RobotoCondensed/ 15 KB
16 KB 215ms
213ms Font
application/octet-stream 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tempprenmis.tk/_fonts/RobotoCondensed/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Request headers

Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Origin: https://tempprenmis.tk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "3d18-5d8c49a78cc03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZzxKkMVlGp%2FAIsfj3ZAvItsMjmi%2F1MOFRD80aGQtbkcTojmMP0vofnobUNhk%2BZJsSX52dZxvfmbVw0cPyNI8w%2BiDUNC7bvuuNHrKqy%2BWevywZ7mDl6%2FRVzro2om85PbEvxq3oY72%2FTZURdM7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa207794f3758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15640

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
tempprenmis.tk/_fonts/Roboto/ 15 KB
16 KB 227ms
225ms Font
application/octet-stream 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tempprenmis.tk/_fonts/Roboto/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Request headers

Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Origin: https://tempprenmis.tk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "3d78-5d8c49a78d3d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FqceHji222f2slr3%2BCoaRnKM%2FbcxP0oaUuWp6t5v6TfFkLoldF%2Bq%2BjWGIDtIYsLZE8XJ4MLwPUfCGsNXlYD0SBHBmXmsYYrm%2BUn%2BuBFUWDj7ukw0FzMkt%2F2bG0HuSUzHK7jx6VKFetzrf%2B0k8g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa20779533758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15736

GET
H3 200 ieVg2ZhZI2eCN5jzbjEETS9weq8-19eDpCEobdNZ.woff2
tempprenmis.tk/_fonts/RobotoCondensed/ 17 KB
17 KB 228ms
227ms Font
application/octet-stream 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tempprenmis.tk/_fonts/RobotoCondensed/ieVg2ZhZI2eCN5jzbjEETS9weq8-19eDpCEobdNZ.woff2
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7c4b870733c836a4e6688f1d748901c9b766f678418dd321a4af64de93e20ec

Request headers

Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Origin: https://tempprenmis.tk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "4380-5d8c49a78cc03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVXsNkz30%2FfMYufdhKK%2F3eaLzU2JTIEBx%2B2nzn%2FgXedhxqFJ6JMnXWjdCEBwZRjlXlf78He3U7hYJ3hubehn8xOZSpsKLofokxXOAzJ5Tyfrh8tlY%2BRBR8fXfl7vH9fJLtgrg6O3LZpuuC%2BiqA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa20779553758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17280

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
tempprenmis.tk/_fonts/RobotoCondensed/ 12 KB
12 KB 182ms
181ms Font
application/octet-stream 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tempprenmis.tk/_fonts/RobotoCondensed/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22e730c5e58a487c838bda5b1a08e1b2a0d537371c08d4a01c56593ed8160ee6

Request headers

Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Origin: https://tempprenmis.tk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "2edc-5d8c49a78cc03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfkyb1FpU1cRxmJJTIlpR%2FlWH2CI4V0pOgKmnH%2B%2Ffnn5kM0%2Fd41gskY7lPMlf9Qi4YAvzbN7t%2BzYwn6jLd7XVjpNbBOnG2Iit5mrf3TL45vLzXu7N8mpj%2FdXgu8hH%2Bi6kt6mpOvZv52qC%2F2riQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa207795a3758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11996

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
tempprenmis.tk/_fonts/Roboto/ 12 KB
12 KB 178ms
178ms Font
application/octet-stream 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tempprenmis.tk/_fonts/Roboto/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c84629456a70df1137ab4bdcddba32050a2524568912630c2538746cbbcdc51

Request headers

Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Origin: https://tempprenmis.tk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "2fa8-5d8c49a78d3d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4QKW4WeAprK2Ak7UC9G4ZP1SFJipu%2FNQbyw8Gvc0zMK078Me6%2B0aWPatXSgyjMmB9WLWHdYn87bh05GJtWdLHHf2YKz56zSNFYYuMV0neD%2BIEBfgGxIruVB3bVkhHeYT1tsAYkyUCeNBYNK4w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa207895e3758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12200

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
tempprenmis.tk/_fonts/RobotoCondensed/ 12 KB
12 KB 161ms
160ms Font
application/octet-stream 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tempprenmis.tk/_fonts/RobotoCondensed/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e13e58861d0d8000aa6c0b58204094359a1614ab079848ba8ba3a7f06028066

Request headers

Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Origin: https://tempprenmis.tk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "2f30-5d8c49a78cc03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kI1TjmR35JCH%2FdwonTA2KikDOkJD%2Ba8igcZ58tPovq25MvPSyN995aDv4RnK7%2B%2BI%2BZaM5Lkf%2Fb4LXcGKKrsb9Wi3MkJZi2AfLMEF5mu6FgsWgKAwKs5%2FiNfdBEg%2BaJQxOLFLSJOTcIX8CVlSA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa20789633758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12080

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCoYb8td.woff2
tempprenmis.tk/_fonts/RobotoCondensed/ 12 KB
12 KB 151ms
151ms Font
application/octet-stream 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tempprenmis.tk/_fonts/RobotoCondensed/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCoYb8td.woff2
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b019dba654b6a670ff83612cc866453fac6b389c1da4832159f340ead53081a

Request headers

Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Origin: https://tempprenmis.tk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "2ec0-5d8c49a78cc03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jV0hDIfXuneKdCEVfRTmMySpSq2Z4rzVHTkD4V%2Fcp2fYVmFgQX7kP6XRn0x4%2FiPqj3kSisVvRXHMbKaULvf2D2d38dS5jHCC8j1PIGA1RHLrJQIk2riLx0FPbRYD64teB0IuA0SOXYkh3GJF6A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa207b9d33758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11968

GET
H3 200 sdk.js Show response
connect.facebook.net/pl_PL/ 296 KB
83 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pl_PL/sdk.js?hash=08e70683610283ec96c80a389089f2ed

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50b8422ced583f14efd93be4dc4388de9b30ab404194502a2fb7dba365f7f9dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://tempprenmis.tk/
Origin: https://tempprenmis.tk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: dbs/kVOchcuUUJK/R7usPQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 24 Feb 2023 16:39:20 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 85299
x-fb-rlafr: 0
x-fb-debug: whNHeu3oSMjcFyRaOF1EISPwjjGYR5rRXoKPv8xHmNokom5mDjDMAsrFEO4x2sfBUMEpcxDCHjRUAp24Fnhb0Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: a344556e2c7c02b8f2642057a6353371
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Feb 2022 18:07:20 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "af6d12febec9f40f5157cc24e8c6a0e0"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 534361764150757 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/534361764150757?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66d40d6d50a3a93dffb20255fecae710778d487d96aca96983fe32033309e72d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89131
x-xss-protection: 0
pragma: public
x-fb-debug: 8ss93m/JjM6VJzhkf5RoUgthtE7EXaBT7fk/c1YtpEz1gL0qR3wu/eKU5Q/TWj9UCPxkz+l/4oZ1YsEaT88CLA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 24 Feb 2022 18:07:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 39ms
18ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WC56M55

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:07:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 31ms
16ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-76JW1KVZM8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8969414-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a9c150aa6dfc4fedc72167a4736bbcecde58c8f2e47a4cf44801774f85a3fdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64876
x-xss-protection: 0
expires: Thu, 24 Feb 2022 18:07:20 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 24ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=534361764150757&ev=PageView&dl=https%3A%2F%2Ftempprenmis.tk%2F&rl=&if=false&ts=1645726040349&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1645726040349.1367544914&it=1645726040297&coo=false&exp=p0&rqm=GET

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 24 Feb 2022 18:07:20 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/854368221/ 2 KB
2 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854368221/?random=1645726040361&cv=9&fst=1645726040361&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ftempprenmis.tk%2F&tiba=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b9ebb51cc1864891605e235feefb68007622a67e76843a4f0893468ec44ece8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1063
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
161 B 41ms
18ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-76JW1KVZM8&gtm=2oe2g0&_p=449746387&sr=1600x1200&ul=en-us&cid=656294764.1645726040&_s=1&dl=https%3A%2F%2Ftempprenmis.tk%2F&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sid=1645726040&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-76JW1KVZM8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tempprenmis.tk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8969414-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 148
date: Thu, 24 Feb 2022 18:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 24 Feb 2022 20:04:52 GMT

GET
H2 200 fpdata.js Show response
advice.hit.gemius.pl/ 283 B
397 B 33ms
33ms Script
application/x-javascript 185.11.128.206
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://advice.hit.gemius.pl/fpdata.js?href=tempprenmis.tk
Requested by: Host: advice.hit.gemius.pl
URL: https://advice.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.206 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-206.dataspace.pl
Software: GHC /
Resource Hash: added0390197456db6a25dd81fa2e56f7a7e0d547233727da1d8e8bc2579a9e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 283
expires: Sat, 26 Mar 2022 18:07:20 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame EFB4 5 KB
3 KB 92ms
27ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: advice.hit.gemius.pl
URL: https://advice.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: 69fd202eb29a744dc6b5231ac02eaefcd91fe234f44dcc7492cfd22b17218e9c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
expires: Sat, 26 Mar 2022 18:07:20 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2722
content-encoding: gzip

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 38ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/tag/323699896.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4edc2771e39377761ee27274647e8a9aa6caddf1c726b86c4ad468dfe5f45300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27393
x-xss-protection: 0
server: sffe
etag: "1141 / 636 of 1000 / last-modified: 1645704594"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 24 Feb 2022 18:07:20 GMT

GET
H2 200 prebid3.16.2.BC.js Show response
get.optad360.io/sf/ 246 KB
80 KB 62ms
7ms Script
application/javascript 2600:9000:2156:fc00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid3.16.2.BC.js
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/tag/323699896.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:fc00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8067ebedbe560e9197bd73675a916a0c8608c981bce15196838492731565bcbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 06:16:19 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 07:44:16 GMT
server: AmazonS3
age: 906662
etag: W/"4dff781498624c4d6a8a35ebcda07b4c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: U_gZcX4pK5NiLRZ4qlfsulB2fjO90aT6gITc-xheLx4wDqZkLTDqIQ==

GET
H2 200 /
www.google.com/pagead/1p-user-list/854368221/ 42 B
548 B 49ms
21ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854368221/?random=1645726040361&cv=9&fst=1645725600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&frm=0&url=https%3A%2F%2Ftempprenmis.tk%2F&tiba=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&async=1&fmt=3&is_vtc=1&random=1677782128&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/854368221/ 42 B
548 B 47ms
19ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/854368221/?random=1645726040361&cv=9&fst=1645725600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&frm=0&url=https%3A%2F%2Ftempprenmis.tk%2F&tiba=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&async=1&fmt=3&is_vtc=1&random=1677782128&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=449746387&t=pageview&_s=1&dl=https%3A%2F%2Ftempprenmis.tk%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1551345302&gjid=282047347&cid=656294764.1645726040&tid=UA-8969414-2&_gid=1898496545.1645726040&_r=1&gtm=2ou2g0&z=1410486591

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tempprenmis.tk/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tempprenmis.tk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021111701.js Show response
securepubads.g.doubleclick.net/gpt/ 345 KB
116 KB 31ms
9ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 01:10:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118578
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 09:34:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 Feb 2023 01:10:54 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 47 B
695 B 37ms
16ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tempprenmis.tk

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ce0803d94f35163b581e3eafd97673b36f36c4fab157c3fa1ecc81fbfd4354a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 18:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59
x-xss-protection: 0
expires: Thu, 24 Feb 2022 18:07:20 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8969414-2&cid=656294764.1645726040&jid=1551345302&gjid=282047347&_gid=1898496545.1645726040&_u=YADAAUAAAAAAAC~&z=1484525097

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tempprenmis.tk/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 24 Feb 2022 18:07:20 GMT
content-type: text/plain
access-control-allow-origin: https://tempprenmis.tk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
advice.hit.gemius.pl/__/_1645726040508/
Redirect Chain

https://advice.hit.gemius.pl/_1645726040508/rexdot.js?l=100&id=bPo70ouuVF6BwErIBuw7vsQM7KSWflChLqi.FWhl1jr.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ftempprenm...
https://advice.hit.gemius.pl/__/_1645726040508/rexdot.js?l=100&id=bPo70ouuVF6BwErIBuw7vsQM7KSWflChLqi.FWhl1jr.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ftemppr...

169 B
422 B

67ms
67ms

Script
application/x-javascript

185.11.128.206
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://advice.hit.gemius.pl/__/_1645726040508/rexdot.js?l=100&id=bPo70ouuVF6BwErIBuw7vsQM7KSWflChLqi.FWhl1jr.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ftempprenmis.tk%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=116&lsdata=OMwX7AoVv_E63gNaUYCzEHxdbfH1DoQFt2FPha99Spv.I76krQP7APoO4faoiPO6yeL7ntCcqP5g3s5KECLPTsE2Am0N/7T16.g0hKFQAH/&fpdata=aA0WqtsXIW3vhRsaT3ulgSeZxa5HABqRRuZSGXBgw3X.x7&vis=1&fpcap=
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/
Protocol: H2
Server: 185.11.128.206 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-206.dataspace.pl
Software: GHC /
Resource Hash: 99afd68033e9c0548c768c64cd16c6112011cb4f090729c1f5eaf21a3360b98e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:20 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Wed, 23 Feb 2022 18:07:20 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:20 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1645726040508/rexdot.js?l=100&id=bPo70ouuVF6BwErIBuw7vsQM7KSWflChLqi.FWhl1jr.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ftempprenmis.tk%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=116&lsdata=OMwX7AoVv_E63gNaUYCzEHxdbfH1DoQFt2FPha99Spv.I76krQP7APoO4faoiPO6yeL7ntCcqP5g3s5KECLPTsE2Am0N/7T16.g0hKFQAH/&fpdata=aA0WqtsXIW3vhRsaT3ulgSeZxa5HABqRRuZSGXBgw3X.x7&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 23 Feb 2022 18:07:20 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 61ms
40ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8969414-2&cid=656294764.1645726040&jid=1551345302&_u=YADAAUAAAAAAAC~&z=1846752588

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 58ms
36ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8969414-2&cid=656294764.1645726040&jid=1551345302&_u=YADAAUAAAAAAAC~&z=1846752588

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 icon-100-arrow-left.png
tempprenmis.tk/_i/ 1 KB
2 KB 142ms
141ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_i/icon-100-arrow-left.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c7543f17ece99c6b9fc15cd93856cf12e5f8945284a5dbeb926bbb4ac81be73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-57e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9H4vaZVc7judJuV2mXDKWtHP5P1yKi0NY3WqSFOo%2BUcrCgLszZEDGNm3z0KusM6bjMW8Jjsobs2bAbq26Y1bFZ8zrECujrrdsceAS%2B6q%2FSBg9cMaaOsCvJBTS1GQ%2FQDqNXh2jQVtc90013PHMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa209ae8b3758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1406

GET
H3 200 icon-100-arrow-right.png
tempprenmis.tk/_i/ 1 KB
2 KB 215ms
214ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_i/icon-100-arrow-right.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e8da9c93695d9066c06a0ff4ad814559e5c186cb7fc93e31a499183e14cdc92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-573"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxorQtsIVZPcDSY0u2t6e5NBiS%2FR7fLr%2BJLV4HgYV6dxy2bXjflISnYtjTk6R0nvSwONpkhtnx09p%2F%2Fj7KoYUDTe4Y5decW4RFrFTZE3U9drqXzGMGFtU%2Bdq8MVoTdnsYq7etLXjpmm5S8vN3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa209ae903758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1395

GET
H3 200 icon-20-c-arrow-bottom.png
tempprenmis.tk/_i/ 1 KB
2 KB 129ms
129ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_i/icon-20-c-arrow-bottom.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0643484d67311199055be01407f32b3310fec6a59fe9e85107ba5f41f19a2cf2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-499"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1Ov4QQ9yMffnAO1kZPe276aHusEGPUHaidNbQocDrgRvu39oMVnErRgHsrHH2Hdk9KFKjvbIOO2eqf4ODq%2FJy3wzI7PFupARTLDtVKzhXqqCrNWpnVue9VnKNGCN7dI9VVflhKFQ7Vb7bFB2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa209ae9a3758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1177

GET
H3 200 icon-20-c-arrow-right.png
tempprenmis.tk/_i/ 1 KB
2 KB 153ms
152ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_i/icon-20-c-arrow-right.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d16c6bf2e25e475f0971bc6e839faa49e350a764a9e760053b613a0aab1d5f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-493"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxCGn5fFL7We9XPhix%2BmCIP2dQ3D6h4Nu8NisYfQRAsF4GUK5A2bGrcMV92gE2vklCR7x1Rogdckga6KdJSa6zg4YXa6e5vTQULDvcuajVzy7u3y87YvwZ1QvbVtVygiM6ZLuIHVuDl5bBtQ7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa209ae9b3758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1171

POST
H3 404 hits.php Show response
tempprenmis.tk/ 206 B
671 B 199ms
198ms XHR
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tempprenmis.tk/hits.php
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/html5-jquery-3.5.1-lightbox-2.6.min-main-nieruchomosci-ads-deep.bi-98094d358c56483135314a865a0dd1f1-content.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 813d68061248785859a089791ba33f25cf9e90e565fa62e5848d88224fc00e9d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://tempprenmis.tk/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1E%2FnSUugJho%2BxAZW%2B4IYFOqANd2AJiZmB3XVrkjUSHTGgfoJxlM1I2z9t7VmFlHhlKQW10bnybOZGEUGMo0%2Bdf1fdkmmitO1rMroxxX0ifJFOPCX7Q%2FWsO0Fa1viXoTiBlmC8qagLHhg5l9hHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 6e2aa209aea63758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 prev.png
tempprenmis.tk/_js/jquery/lightbox/css/img/ 1 KB
2 KB 146ms
146ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_js/jquery/lightbox/css/img/prev.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-550"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xs82uPjnCkuvw7XAXbJSt6yWQq1MKsQYQ0nNFagrn8fUW73gmhhn9c1r8RXrLsVPmOGgZLwAAhkY%2F3i1jNjZD1E7%2BrzRvDpOZz7Q7oPvVh90jM1npbYIeJWeO4aaR5n6m9mqQ2O4H7Jz2rNIiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa209ceec3758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1360

GET
H3 200 next.png
tempprenmis.tk/_js/jquery/lightbox/css/img/ 1 KB
2 KB 169ms
169ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_js/jquery/lightbox/css/img/next.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-546"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpEFS1ZPsZqxb5QNslWwS%2FDNrI8wHzd%2B26pOuETNZ8cpILOHRviwe%2BOpy3h6Z7ckWcFVIcFVKA2zW%2F4ieZra32BC7kB8tuKzOcbwm7oxKBWZGcmmeNtYtyzQUD1%2FsF7RkwbQQ48sNA%2FBumPqjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa209cef13758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1350

GET
H3 200 loading.gif
tempprenmis.tk/_js/jquery/lightbox/css/img/ 8 KB
9 KB 135ms
134ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_js/jquery/lightbox/css/img/loading.gif
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-211c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCbnkQoghbPaQ2jQWIDifsKxBEA0hhFifXiVy6idInKbTIKC5ySALlX4edTNaJhHw4%2F5xxsHcF0PDeZBNk34XntST0yaX0tx16ylSO8nWQ0mevEMoDYNDIUl%2BBkPespCOICh0EwxQFJaTlRdjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa209cef53758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8476

GET
H3 200 close.png
tempprenmis.tk/_js/jquery/lightbox/css/img/ 280 B
826 B 162ms
162ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tempprenmis.tk/_js/jquery/lightbox/css/img/close.png
Requested by: Host: tempprenmis.tk
URL: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Feb 2022 14:43:20 GMT
server: cloudflare
etag: "62179988-118"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiQkW3HyJVQdlrRevWC12O12Qd0YD02247AaKl9mB4u4edxiqiJONOTm9CJLX5Kt9SVyFqLodhY2vOgowdNYg0NC87Idzm%2BNwgOk8SCHuKF9BqyRZ6aVkZ8mIm%2BrRigKv7SWuUv2%2FrQ%2BXbNsJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e2aa209cef93758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
11ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=449746387&t=event&_s=2&dl=https%3A%2F%2Ftempprenmis.tk%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20optad360%20Slot%20Created&_u=aADAAUABAAAAAC~&jid=&gjid=&cid=656294764.1645726040&tid=UA-8969414-2&_gid=1898496545.1645726040&gtm=2ou2g0&z=1709434512

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 11:32:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23711
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
11ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=449746387&t=event&_s=3&dl=https%3A%2F%2Ftempprenmis.tk%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20IDMnet%20Cascade%20Slot%20Created&_u=aADAAUABAAAAAC~&jid=&gjid=&cid=656294764.1645726040&tid=UA-8969414-2&_gid=1898496545.1645726040&gtm=2ou2g0&z=169985690

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 11:32:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23711
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
10ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=449746387&t=event&_s=4&dl=https%3A%2F%2Ftempprenmis.tk%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20GAM%20Slot%20Created&_u=aADAAUABAAAAAC~&jid=&gjid=&cid=656294764.1645726040&tid=UA-8969414-2&_gid=1898496545.1645726040&gtm=2ou2g0&z=1359314507

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 11:32:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23711
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
11ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=449746387&t=event&_s=5&dl=https%3A%2F%2Ftempprenmis.tk%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20optad360%20Slot%20Created&_u=aADAAUABAAAAAC~&jid=&gjid=&cid=656294764.1645726040&tid=UA-8969414-2&_gid=1898496545.1645726040&gtm=2ou2g0&z=1853492617

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 11:32:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23711
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
12ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=449746387&t=event&_s=6&dl=https%3A%2F%2Ftempprenmis.tk%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20GAM%20Slot%20Created&_u=aADAAUABAAAAAC~&jid=&gjid=&cid=656294764.1645726040&tid=UA-8969414-2&_gid=1898496545.1645726040&gtm=2ou2g0&z=1049942414

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 11:32:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23711
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
13ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=449746387&t=event&_s=7&dl=https%3A%2F%2Ftempprenmis.tk%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20optad360%20Slot%20Created&_u=aADAAUABAAAAAC~&jid=&gjid=&cid=656294764.1645726040&tid=UA-8969414-2&_gid=1898496545.1645726040&gtm=2ou2g0&z=1509953166

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 11:32:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23711
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
13ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=449746387&t=event&_s=8&dl=https%3A%2F%2Ftempprenmis.tk%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20GAM%20Slot%20Created&_u=aADAAUABAAAAAC~&jid=&gjid=&cid=656294764.1645726040&tid=UA-8969414-2&_gid=1898496545.1645726040&gtm=2ou2g0&z=1903332953

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 11:32:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23711
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
14ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=449746387&t=event&_s=9&dl=https%3A%2F%2Ftempprenmis.tk%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20GAM%20Slot%20Created&_u=aADAAUABAAAAAC~&jid=&gjid=&cid=656294764.1645726040&tid=UA-8969414-2&_gid=1898496545.1645726040&gtm=2ou2g0&z=2093605647

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 11:32:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23711
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
14ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=449746387&t=event&_s=10&dl=https%3A%2F%2Ftempprenmis.tk%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20optad360%20Slot%20Created&_u=aADAAUABAAAAAC~&jid=&gjid=&cid=656294764.1645726040&tid=UA-8969414-2&_gid=1898496545.1645726040&gtm=2ou2g0&z=2017661322

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 11:32:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23711
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.ru/adsid/ 107 B
792 B 98ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ru/adsid/integrator.js?domain=tempprenmis.tk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 18:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 48ms
18ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tempprenmis.tk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 18:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 477ms
452ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2024054721705162&correlator=3989649717575356&output=ldjh&impl=fifs&eid=31060838%2C44755510&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20220224&iu_parts=60089353%2CWprost%2Cart_rec_szpalta_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=360x600%7C336x280%7C360x300%7C300x250%7C320x100%7C160x600%7C120x600&eri=1&cust_params=Wprost_sekcja%3Dnieruchomosci%26exp%3DP&cookie_enabled=1&bc=31&abxe=1&lmt=1645726040&dt=1645726040695&dlt=1645726039920&idt=606&frm=20&biw=1600&bih=1200&oid=2&adxs=1027&adys=983&adks=2053822233&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftempprenmis.tk%2F&vis=1&stss=1&dmc=8&scr_x=0&scr_y=0&psz=386x1&msz=360x-1&ga_vid=656294764.1645726040&ga_sid=1645726041&ga_hid=449746387&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

04996bf0a2b5b4fcb2a8968dcb104c8fee108849414c645d4711d307a2685e8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9515
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tempprenmis.tk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F1BC 6 KB
4 KB 93ms
14ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 24 Feb 2022 18:07:20 GMT
expires: Fri, 24 Feb 2023 18:07:20 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cl01ask250n3afew3sy Show response
scoring.deep.bi/score/j7odeRmIZNFp/ 2 B
173 B 77ms
66ms XHR
application/json 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scoring.deep.bi/score/j7odeRmIZNFp/cl01ask250n3afew3sy?id=deepcookie&column=score
Requested by: Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://tempprenmis.tk
access-control-expose-headers: Amp-Access-Control-Allow-Source-Origin, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
access-control-allow-credentials: true
cf-ray: 6e2aa20afd2e83a8-MXP
content-length: 2

GET
H2 200 cl01ask250n3afew3sy Show response
scoring.deep.bi/score/j7odeRmIZNFp/ 2 B
58 B 78ms
68ms XHR
application/json 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scoring.deep.bi/score/j7odeRmIZNFp/cl01ask250n3afew3sy?id=deepcookie&column=level
Requested by: Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://tempprenmis.tk
access-control-expose-headers: Amp-Access-Control-Allow-Source-Origin, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
access-control-allow-credentials: true
cf-ray: 6e2aa20afd2483a8-MXP
content-length: 2

GET
H2 200 cl01ask250n3afew3sy Show response
scoring.deep.bi/score/j7odeRmIZNFp/ 2 B
58 B 77ms
67ms XHR
application/json 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scoring.deep.bi/score/j7odeRmIZNFp/cl01ask250n3afew3sy?id=deepcookie&column=profile
Requested by: Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://tempprenmis.tk
access-control-expose-headers: Amp-Access-Control-Allow-Source-Origin, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
access-control-allow-credentials: true
cf-ray: 6e2aa20afd2083a8-MXP
content-length: 2

GET
H2 200 events Show response
api.deep.bi/v1/streams/j7odeRmIZNFp/ 16 B
608 B 106ms
60ms XHR
text/plain 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deep.bi/v1/streams/j7odeRmIZNFp/events
Requested by: Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6707dc60504ea73154435c10b9771b3e16ed67e1b86a30ffa25cb07965c23ce9

Request headers

Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Referer: https://tempprenmis.tk/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-rgn: tr01-fsn1.prod-deep.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e2aa20b7ba783a9-MXP
p3p: policyref="http://api.deep.bi/w3c/p3p.xml", CP="ADMa DEVa TAIa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin: https://tempprenmis.tk
cache-control: no-cache, no-store, must-revalidate
x-server: tr01-fsn1.prod-deep.com
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
content-length: 16
expires: 0

OPTIONS
H2 204 events
api.deep.bi/v1/streams/j7odeRmIZNFp/ Frame 0
0 49ms
48ms Preflight 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deep.bi/v1/streams/j7odeRmIZNFp/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://tempprenmis.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
access-control-allow-origin: https://tempprenmis.tk
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
x-server: tr01-fsn1.prod-deep.com
x-rgn: tr01-fsn1.prod-deep.com
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e2aa20aecf783a8-MXP

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 64ms
37ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbcbbdcfce6d7267bd200fac1569113b447dc9d9839b96f853ebca9b322a52e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 18:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9851
x-xss-protection: 0

GET
H2 200 cl01ask250n3afew3sy Show response
scoring.deep.bi/score/j7odeRmIZNFp/ 2 B
58 B 58ms
58ms XHR
application/json 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scoring.deep.bi/score/j7odeRmIZNFp/cl01ask250n3afew3sy?id=deepcookie&column=profile
Requested by: Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://tempprenmis.tk
access-control-expose-headers: Amp-Access-Control-Allow-Source-Origin, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
access-control-allow-credentials: true
cf-ray: 6e2aa20b2da783a8-MXP
content-length: 2

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 31D8 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://tempprenmis.tk
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/

Response headers

content-type: text/plain
access-control-allow-origin: https://tempprenmis.tk
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Thu, 24 Feb 2022 18:07:20 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 65ms
44ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 18:07:20 GMT

OPTIONS
H2 204 events
api.deep.bi/v1/streams/j7odeRmIZNFp/ Frame 0
0 47ms
47ms Preflight 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deep.bi/v1/streams/j7odeRmIZNFp/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://tempprenmis.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
access-control-allow-origin: https://tempprenmis.tk
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
x-server: tr01-fsn1.prod-deep.com
x-rgn: tr01-fsn1.prod-deep.com
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e2aa20bdfc083a8-MXP

POST
H2 204 events Show response
api.deep.bi/v1/streams/j7odeRmIZNFp/ 0
36 B 64ms
63ms XHR
text/plain 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deep.bi/v1/streams/j7odeRmIZNFp/events
Requested by: Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://tempprenmis.tk/
Accept-Language: de-DE,de;q=0.9
Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Content-Type: application/json

Response headers

date: Thu, 24 Feb 2022 18:07:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-rgn: tr01-fsn1.prod-deep.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: https://tempprenmis.tk
x-server: tr01-fsn1.prod-deep.com
access-control-allow-credentials: true
cf-ray: 6e2aa20c2e2483a9-MXP

POST
H2 204 events Show response
api.deep.bi/v1/streams/j7odeRmIZNFp/ 0
59 B 58ms
57ms XHR
text/plain 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deep.bi/v1/streams/j7odeRmIZNFp/events
Requested by: Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://tempprenmis.tk/
Accept-Language: de-DE,de;q=0.9
Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Content-Type: application/json

Response headers

date: Thu, 24 Feb 2022 18:07:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-rgn: tr01-fsn1.prod-deep.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: https://tempprenmis.tk
x-server: tr01-fsn1.prod-deep.com
access-control-allow-credentials: true
cf-ray: 6e2aa20c3e3d83a9-MXP

POST
H2 204 events Show response
api.deep.bi/v1/streams/j7odeRmIZNFp/ 0
36 B 163ms
162ms XHR
text/plain 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deep.bi/v1/streams/j7odeRmIZNFp/events
Requested by: Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://tempprenmis.tk/
Accept-Language: de-DE,de;q=0.9
Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Content-Type: application/json

Response headers

date: Thu, 24 Feb 2022 18:07:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-rgn: tr01-fsn1.prod-deep.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: https://tempprenmis.tk
x-server: tr01-fsn1.prod-deep.com
access-control-allow-credentials: true
cf-ray: 6e2aa20c3e5783a9-MXP

OPTIONS
H2 204 events
api.deep.bi/v1/streams/j7odeRmIZNFp/ Frame 0
0 51ms
51ms Preflight 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deep.bi/v1/streams/j7odeRmIZNFp/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://tempprenmis.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
access-control-allow-origin: https://tempprenmis.tk
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
x-server: tr01-fsn1.prod-deep.com
x-rgn: tr01-fsn1.prod-deep.com
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e2aa20befcb83a8-MXP

OPTIONS
H2 204 events
api.deep.bi/v1/streams/j7odeRmIZNFp/ Frame 0
0 55ms
55ms Preflight 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deep.bi/v1/streams/j7odeRmIZNFp/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://tempprenmis.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 24 Feb 2022 18:07:20 GMT
access-control-allow-origin: https://tempprenmis.tk
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
x-server: tr01-fsn1.prod-deep.com
x-rgn: tr01-fsn1.prod-deep.com
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e2aa20befd083a8-MXP

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F3C6 13 KB
5 KB 24ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Feb 2022 18:05:53 GMT
expires: Fri, 24 Feb 2023 18:05:53 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 87
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FD24 783 B
534 B 17ms
16ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b901bb3f99c678eff6b45f58f1ff9bb494e8cc24c214c6ec41d2d45e2ebabd0f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SmPVgVpjT4P0qdEJiTl5Sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 24 Feb 2022 18:07:20 GMT
date: Thu, 24 Feb 2022 18:07:20 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-SmPVgVpjT4P0qdEJiTl5Sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FD24 0
0 61ms
47ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021111701&jk=2024054721705162&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js Show response
pagead2.googlesyndication.com/bg/ Frame F3C6 35 KB
13 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21fbd6b11f1cf10a085cc6550404fa92a55d0b3471b0ca90cb40be00466b8fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 15:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13530
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 15:37:50 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F3C6 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ac-EqQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6AA6 6 KB
3 KB 22ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Feb 2022 18:07:20 GMT
expires: Fri, 24 Feb 2023 18:07:20 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=449746387&t=event&_s=11&dl=https%3A%2F%2Ftempprenmis.tk%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20GAM%20Rectangle%20Displayed&_u=aADAAUABAAAAAC~&jid=&gjid=&cid=656294764.1645726040&tid=UA-8969414-2&_gid=1898496545.1645726040&gtm=2ou2g0&z=1611772755

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 11:32:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23712
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A38A 624 B
297 B 34ms
18ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNub4gIQqqrjAhj9mti_ATAB&v=APEucNVLFDbZMhdQSU40FlSOQcw40b3auG8eJpONFukTvLC9V6pqV-Ylp2CxYuawTRhEVoRaFMm8QUTh7SakTqOSaw_9el2R9SukjYM0PR2kZdBaoPuwEInQAHtzshllqpWbKYT8BAetH9ynLNDhimnq0gZE8fbuBC-Qf9nMDT1Lo7gxtZQc0Ak

Requested by

Host: 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
URL: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 24 Feb 2022 18:07:21 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6AA6 74 KB
32 KB 91ms
76ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COCw1l7VAkhkfRv6MVdpdNTIU4yKyGN1huTTBBmM_E4ivaeQzEdRoHwzf5WIFdCIrx1t4duWS5ByFO-M6cQokh-0DWv4HXEt2rZFil937qazNZMky-eVkgE2YnG7XzUna6SljZdQv0ZfdILtz75A6r-mL0YQ&dbm_d=AKAmf-DLpnVeWSFjTMCq8MljJSv7VNHc3NMtAOVaBLzasJjGu87_lEWT8yqMYCR2J6z1fM3PYe4gSRDZdTnvzYfhgPkQoF-NJ7OJ7hT4Fz2r6m5Io3P8wrfVKdaIDlj4JMLY3HtjbZ28CfXVEdm626mIP8e-y6rI8Zg1Q8Rm5iZdR2Ne-1DkBJgVNrL80KGZDfcJb1-QDEOq4QFRtHRExHPTGf__eeJxU1Pn7YfGCga-UzhWSko3Fh4ILYbIb6zX1drdclDJzlBeENRGYHj-cMD-O5KmLalnClUUU8yyE4WEIidLtKk7WiFL7HvAmVah_eABIJhLcxRBGN-Jv7hSZuM4x0IG-6OZ-IdQDQzpDL7esaRG7wV1CUy2jcL9Z01qb15_lQQ4U17stvOOnqDJB5Wnbig4bJc-3X3oYHi9-hV5JxzVwrDzlytrXjyRLkU5eOfnv-xVyxXWfvhopEme2vz9_G2Gagpq0fJbJdVoH2PR5OvpDmKTmZTzq3ZJAKyvlruvWoRxAL-PxW5dmRe_9jFKecYHITzwImktxp9FeX4wLI8UF6-WUKyU9QMfv1qL4d8GHn3oJO4Pl6om-tMoxhirogJLNiiUmpgoKkRv48uZo3dS4pWw14OKkOFl54QjNurLKFlC3hKhUXDoAmQ4K5vyA4y7KlY39RxCm2mPzwpFjKkE4gV4-zU0qFfz1fKwzZ1N9cz-FqBEpZEGdyABfTMAZVEqEtVGcFeHR7RrkmJJKORBRNC4JvWRvl4jtRdv46fzd8bEZOXDH9KCgXArTt7X2VFDdGvHCGNkSmWMN2ibf52gi0wHlolC-nEKu7DLZ4sDcOOoSGMHf7gUtl3Muakyi6C9opo9Iy_4AmS4DcWxSWXuAakz6KlYxOwtoaMJK_EyaWSuAhNTXwxRrUax8Qb6Yc11s_CmJZl8-QxSSeHC3PE2C11LYf_G_FQtx3JNzKrLMWLqdXC1xaEXg2AH-yqcpvaXmJFJxu4yfPVI5Y5ifpv_B9P4QoxNnPIbGbaRXwcXofnyzjlCgaOso0NpQ0j1972jX3madgnh9kQmC_elKNnzhW9cL0UZjrda-WS06qEHoC3ncsxC0Vawzm0oHzHidCmlsT4uBRmey3wYguYDrFKMFVa09r1ZCOCPReIuF6usF0T7CNrXOf3v5_zcKOv2gp5RL--6JIPm6nH6luUqwCQmNCFz-bF3uoGOZKgAxkSoSjGlQA6RbdcClD9Hhy20f5q0LswGcjN2faTehm1uQoO58Q7wtitCkXsZFl6lW3vSLLJNEw8T-Q0_ukGrltYbGVGwxKtHlm3zlaZKiQaQH5T0hFyNUvx0vhGi-hm5dTkx6qQWv57aA5BGUfRSwibl1v1fUC8cEDmrthOznK9IM-rtOel82VsIZ7MQS0KsaYA8kFOyItbDrIqYeMAzwRok6W3fZ3fpCTE6qKyn-alkx_ORoup6sDt2YAxGPhrgdH3Jf-vv5jQGMMORdQnyaREV9gJZ0pM5clrr-AbcDnK12Ws33wCPsvXDua69nT0TLgyDG3g91QfHUqMjHjotCrPHIVzBiiKXF_iW4ss8ZhvmT8nclNSvVUzSmh5u7VWlmhiisq4fk_RWCh8iA14sLb9DgYnX5tAh7gxxwgem79Y7cFvYT4N83Y1JnnStkFGic6Qmq5PIqjdm5KSZw8kr_EsZ2h4a6DhWke43qUi9PNd-kJW0W0iZ_PZpxEm7YUwR4408bRaHt72I4X4rD_YycUv-eFJLRAlhJ60O01cHNx9uGPsVyeQVItWphoCnliGE-cjdFnOUcll-jOaGzM2jhObZ78Hn78d3ktBv9NLZuphBsVl06gSuBvbklqbhnCkdwFOtynRftEK0EST_3DFMrHS_z-TqeWdD9u7CK2v0B1Rmv10ys2cPsf8ZXVXtfa4ReB2ogN78MK9s1QhlraD_IWq5oJnKoxi_M29Qsma-9vd3CAklmq2E6maHvX4LjoUlExonvxa2_mBAlTw6EwoV0-oTzqjE3z6Ub1KrjEZ1_x5onNanvNgXfMl7OSqMA5LC8eapxR_ljTWnCG5rQTZIVqnONyCI2qDgxaC4Hq9pE10sp6Fa-W4XdU9Bzl6Y4May0Nwxj29GeXsctiW0iT8b_LI7CVXW92lo070ZG27wiKn-SVL_STI0JQSgaEhDtIa_KQ6ve27QEGLSMqySv_svNLKlcYZ0nOFWa4C0cHhb6KhbTUzVIGPFUflYk6l1nf110-6mAqszOIH9kQsj16Dx4bopKe_J1rONYZAXARjcclvlXoDU0oXq6Xwsl9awPYOz6mE-U7AfhS2No9YSb3oDNma8p5qooPLuxLLU1Wneyb3KX17nTN3W0lGScZ0wlvvk9hdJWKobQdqGP7RQ6r92zWTNLf1wlNCiBuDBpmAzeHDjP8_sXHydZQsEzwd02ROoS1Xhb2suZeu2FdJwivN2bKt3OnFU0qq6gl9pWAtXW92tJnL87mBOkx_6StoYjznTAvkfjzI_ccg8rNRz_ry5rOs8BtWgeuNr_yzg0yLZnyUX1m1xfSuXJ26LBj_w9r0gJZTc8GGnxsYsJvsfrMSSESKV_8nB7uXh7A92Si3zaXF_MRGou5LLqUDnp9AA59bbbsXcKvu6wcq2l4uM3ZzqzWpIaB798Yyz04C2XDfGsZAo6t7Xn-baVXv_rgVEuqkZzaLhcaZ0ELx0jHhfpVlquy76JUm88ZkQYPIZinLKbmJe_W3NviBsy71Jpycc9CuVegN2FrOperPszxGGsRxTdc3YxWoqxwucuL7nBndT-33mpL4GwICtTVR8D5Ekq7ZH4X1_xI_Q84TwLyeNmaKhDmgmuOaN3w71gU9fNbTQjPdO73nQXK8wb6fI5_8o1scVeXqZlfwt3MnKMOD03saD-E0RLO3fJ4-m0EHIR3SUTG9KlrIFR06nUxjYFymPrd1DaKcVjqoRITNVkOiHbMbgtCoLU37Fgix2Mz575wxR-nSSTt6tvZFbIlFgJFlnCXdLDtF1tIC4X7zxuM8joaD4fLROl1Pd_gQaIneBj2aGxUMGmizOht8RTDFkO7-boPzhg_VpB5XOiRmrw1Zb2BWGN5PYgzIMngXfUlqpDl6OJUsx2Nnv5lHkf9GMtl26XG34A3Zkla0orZTOdcxH5mbEE7Wc0wzlvOj2JqcUynUbf_shOvyjdV_gt-E&cid=CAASEuRovyCQU7tyI5XHUQoCU75FFA&rfl=1%2Chttps%253A%252F%252Ftempprenmis.tk%252F%240

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3eafd40fa29206c6532c50940907bae198e367ecde2f2de1673136e8fff6c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32339
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6AA6 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aex5w_hCgeA0oGJzZFy1PIUGATKu8bqP0xnk6zsHxzy3FjMcqDfEv0jpGE0_jIevPmAsC1PtjLxmzA_IMVBiRUnkZn3pWni73SiYscn_n4s5WH2b8

Requested by

Host: 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
URL: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/ Frame 6AA6 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/window_focus_fy2019.js

Requested by

Host: 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
URL: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 18:06:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6AA6 124 KB
38 KB 40ms
26ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
URL: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 18:07:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/ Frame 6AA6 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
URL: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6434
x-xss-protection: 0
server: cafe
etag: 16791967082338318403
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 18:06:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6AA6 0
0 16ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaShXMx4ALRa0dKB0t4VpvACCngMMKBTKgOqwhHzEYGzWgQaV4IU2Pobjam8O44GtgHNtVckrMGtBhm_s99no98zaK_xpw
Requested by: Host: 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
URL: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A38A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELe5Yau6lOrDPtaTxd819Is&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELe5Yau6lOrDPtaTxd819Is&google_cver=1&C=1

43 B
1014 B

24ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELe5Yau6lOrDPtaTxd819Is&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNub4gIQqqrjAhj9mti_ATAB&v=APEucNVLFDbZMhdQSU40FlSOQcw40b3auG8eJpONFukTvLC9V6pqV-Ylp2CxYuawTRhEVoRaFMm8QUTh7SakTqOSaw_9el2R9SukjYM0PR2kZdBaoPuwEInQAHtzshllqpWbKYT8BAetH9ynLNDhimnq0gZE8fbuBC-Qf9nMDT1Lo7gxtZQc0Ak
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 18:07:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 24 Feb 2022 18:07:21 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 18:07:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELe5Yau6lOrDPtaTxd819Is&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 24 Feb 2022 18:07:21 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A38A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhfJWYiHABj9XQW0NtbKxwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELe5Yau6lOrDPtaTxd819Is&google_cver=1

43 B
894 B

26ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELe5Yau6lOrDPtaTxd819Is&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNub4gIQqqrjAhj9mti_ATAB&v=APEucNVLFDbZMhdQSU40FlSOQcw40b3auG8eJpONFukTvLC9V6pqV-Ylp2CxYuawTRhEVoRaFMm8QUTh7SakTqOSaw_9el2R9SukjYM0PR2kZdBaoPuwEInQAHtzshllqpWbKYT8BAetH9ynLNDhimnq0gZE8fbuBC-Qf9nMDT1Lo7gxtZQc0Ak
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 18:07:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 24 Feb 2022 18:07:21 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELe5Yau6lOrDPtaTxd819Is&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame A38A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE-5Ma_e-khszZ3CjczK-RE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEE-5Ma_e-khszZ3CjczK-RE%26google_cver%3D1

43 B
1 KB

13ms
13ms

Image
image/gif

185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEE-5Ma_e-khszZ3CjczK-RE%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNub4gIQqqrjAhj9mti_ATAB&v=APEucNVLFDbZMhdQSU40FlSOQcw40b3auG8eJpONFukTvLC9V6pqV-Ylp2CxYuawTRhEVoRaFMm8QUTh7SakTqOSaw_9el2R9SukjYM0PR2kZdBaoPuwEInQAHtzshllqpWbKYT8BAetH9ynLNDhimnq0gZE8fbuBC-Qf9nMDT1Lo7gxtZQc0Ak

Protocol

HTTP/1.1

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 18:07:21 GMT
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9445334b-382e-43ac-9476-5377360aa237
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 18:07:21 GMT
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d82452e6-7a2e-47c2-ab90-e81d0dbc31fd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEE-5Ma_e-khszZ3CjczK-RE%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A38A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAwMTY4MTQ1OTgzODU2NDQ4NA%3D%3D

170 B
188 B

25ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAwMTY4MTQ1OTgzODU2NDQ4NA%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 18:07:21 GMT
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ec2bfcd5-5dcd-43f5-841d-7318f6a0ff9d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAwMTY4MTQ1OTgzODU2NDQ4NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 6AA6 106 KB
38 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/
Origin: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 11:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25407
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Feb 2022 11:03:54 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220221/r20110914/elements/html/ Frame 6AA6 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220221/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COCw1l7VAkhkfRv6MVdpdNTIU4yKyGN1huTTBBmM_E4ivaeQzEdRoHwzf5WIFdCIrx1t4duWS5ByFO-M6cQokh-0DWv4HXEt2rZFil937qazNZMky-eVkgE2YnG7XzUna6SljZdQv0ZfdILtz75A6r-mL0YQ&dbm_d=AKAmf-DLpnVeWSFjTMCq8MljJSv7VNHc3NMtAOVaBLzasJjGu87_lEWT8yqMYCR2J6z1fM3PYe4gSRDZdTnvzYfhgPkQoF-NJ7OJ7hT4Fz2r6m5Io3P8wrfVKdaIDlj4JMLY3HtjbZ28CfXVEdm626mIP8e-y6rI8Zg1Q8Rm5iZdR2Ne-1DkBJgVNrL80KGZDfcJb1-QDEOq4QFRtHRExHPTGf__eeJxU1Pn7YfGCga-UzhWSko3Fh4ILYbIb6zX1drdclDJzlBeENRGYHj-cMD-O5KmLalnClUUU8yyE4WEIidLtKk7WiFL7HvAmVah_eABIJhLcxRBGN-Jv7hSZuM4x0IG-6OZ-IdQDQzpDL7esaRG7wV1CUy2jcL9Z01qb15_lQQ4U17stvOOnqDJB5Wnbig4bJc-3X3oYHi9-hV5JxzVwrDzlytrXjyRLkU5eOfnv-xVyxXWfvhopEme2vz9_G2Gagpq0fJbJdVoH2PR5OvpDmKTmZTzq3ZJAKyvlruvWoRxAL-PxW5dmRe_9jFKecYHITzwImktxp9FeX4wLI8UF6-WUKyU9QMfv1qL4d8GHn3oJO4Pl6om-tMoxhirogJLNiiUmpgoKkRv48uZo3dS4pWw14OKkOFl54QjNurLKFlC3hKhUXDoAmQ4K5vyA4y7KlY39RxCm2mPzwpFjKkE4gV4-zU0qFfz1fKwzZ1N9cz-FqBEpZEGdyABfTMAZVEqEtVGcFeHR7RrkmJJKORBRNC4JvWRvl4jtRdv46fzd8bEZOXDH9KCgXArTt7X2VFDdGvHCGNkSmWMN2ibf52gi0wHlolC-nEKu7DLZ4sDcOOoSGMHf7gUtl3Muakyi6C9opo9Iy_4AmS4DcWxSWXuAakz6KlYxOwtoaMJK_EyaWSuAhNTXwxRrUax8Qb6Yc11s_CmJZl8-QxSSeHC3PE2C11LYf_G_FQtx3JNzKrLMWLqdXC1xaEXg2AH-yqcpvaXmJFJxu4yfPVI5Y5ifpv_B9P4QoxNnPIbGbaRXwcXofnyzjlCgaOso0NpQ0j1972jX3madgnh9kQmC_elKNnzhW9cL0UZjrda-WS06qEHoC3ncsxC0Vawzm0oHzHidCmlsT4uBRmey3wYguYDrFKMFVa09r1ZCOCPReIuF6usF0T7CNrXOf3v5_zcKOv2gp5RL--6JIPm6nH6luUqwCQmNCFz-bF3uoGOZKgAxkSoSjGlQA6RbdcClD9Hhy20f5q0LswGcjN2faTehm1uQoO58Q7wtitCkXsZFl6lW3vSLLJNEw8T-Q0_ukGrltYbGVGwxKtHlm3zlaZKiQaQH5T0hFyNUvx0vhGi-hm5dTkx6qQWv57aA5BGUfRSwibl1v1fUC8cEDmrthOznK9IM-rtOel82VsIZ7MQS0KsaYA8kFOyItbDrIqYeMAzwRok6W3fZ3fpCTE6qKyn-alkx_ORoup6sDt2YAxGPhrgdH3Jf-vv5jQGMMORdQnyaREV9gJZ0pM5clrr-AbcDnK12Ws33wCPsvXDua69nT0TLgyDG3g91QfHUqMjHjotCrPHIVzBiiKXF_iW4ss8ZhvmT8nclNSvVUzSmh5u7VWlmhiisq4fk_RWCh8iA14sLb9DgYnX5tAh7gxxwgem79Y7cFvYT4N83Y1JnnStkFGic6Qmq5PIqjdm5KSZw8kr_EsZ2h4a6DhWke43qUi9PNd-kJW0W0iZ_PZpxEm7YUwR4408bRaHt72I4X4rD_YycUv-eFJLRAlhJ60O01cHNx9uGPsVyeQVItWphoCnliGE-cjdFnOUcll-jOaGzM2jhObZ78Hn78d3ktBv9NLZuphBsVl06gSuBvbklqbhnCkdwFOtynRftEK0EST_3DFMrHS_z-TqeWdD9u7CK2v0B1Rmv10ys2cPsf8ZXVXtfa4ReB2ogN78MK9s1QhlraD_IWq5oJnKoxi_M29Qsma-9vd3CAklmq2E6maHvX4LjoUlExonvxa2_mBAlTw6EwoV0-oTzqjE3z6Ub1KrjEZ1_x5onNanvNgXfMl7OSqMA5LC8eapxR_ljTWnCG5rQTZIVqnONyCI2qDgxaC4Hq9pE10sp6Fa-W4XdU9Bzl6Y4May0Nwxj29GeXsctiW0iT8b_LI7CVXW92lo070ZG27wiKn-SVL_STI0JQSgaEhDtIa_KQ6ve27QEGLSMqySv_svNLKlcYZ0nOFWa4C0cHhb6KhbTUzVIGPFUflYk6l1nf110-6mAqszOIH9kQsj16Dx4bopKe_J1rONYZAXARjcclvlXoDU0oXq6Xwsl9awPYOz6mE-U7AfhS2No9YSb3oDNma8p5qooPLuxLLU1Wneyb3KX17nTN3W0lGScZ0wlvvk9hdJWKobQdqGP7RQ6r92zWTNLf1wlNCiBuDBpmAzeHDjP8_sXHydZQsEzwd02ROoS1Xhb2suZeu2FdJwivN2bKt3OnFU0qq6gl9pWAtXW92tJnL87mBOkx_6StoYjznTAvkfjzI_ccg8rNRz_ry5rOs8BtWgeuNr_yzg0yLZnyUX1m1xfSuXJ26LBj_w9r0gJZTc8GGnxsYsJvsfrMSSESKV_8nB7uXh7A92Si3zaXF_MRGou5LLqUDnp9AA59bbbsXcKvu6wcq2l4uM3ZzqzWpIaB798Yyz04C2XDfGsZAo6t7Xn-baVXv_rgVEuqkZzaLhcaZ0ELx0jHhfpVlquy76JUm88ZkQYPIZinLKbmJe_W3NviBsy71Jpycc9CuVegN2FrOperPszxGGsRxTdc3YxWoqxwucuL7nBndT-33mpL4GwICtTVR8D5Ekq7ZH4X1_xI_Q84TwLyeNmaKhDmgmuOaN3w71gU9fNbTQjPdO73nQXK8wb6fI5_8o1scVeXqZlfwt3MnKMOD03saD-E0RLO3fJ4-m0EHIR3SUTG9KlrIFR06nUxjYFymPrd1DaKcVjqoRITNVkOiHbMbgtCoLU37Fgix2Mz575wxR-nSSTt6tvZFbIlFgJFlnCXdLDtF1tIC4X7zxuM8joaD4fLROl1Pd_gQaIneBj2aGxUMGmizOht8RTDFkO7-boPzhg_VpB5XOiRmrw1Zb2BWGN5PYgzIMngXfUlqpDl6OJUsx2Nnv5lHkf9GMtl26XG34A3Zkla0orZTOdcxH5mbEE7Wc0wzlvOj2JqcUynUbf_shOvyjdV_gt-E&cid=CAASEuRovyCQU7tyI5XHUQoCU75FFA&rfl=1%2Chttps%253A%252F%252Ftempprenmis.tk%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 18:04:16 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220221/r20110914/ Frame 6AA6 25 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220221/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87b3beae1d08bf029d04938bc1d76c7870d450fd75609a85dfafd761cd472047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9647
x-xss-protection: 0
server: cafe
etag: 6462939580093197770
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 18:07:13 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6AA6 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
URL: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6820
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Feb 2023 16:13:41 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D031 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
URL: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Thu, 24 Feb 2022 13:26:12 GMT
expires: Fri, 25 Feb 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 16869
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6AA6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0fb269731eae2082067020bfcc6f6340126e004c30a9a2e96270c7b56cab8eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A278 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Feb 2022 08:13:54 GMT
expires: Wed, 22 Feb 2023 08:13:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 208407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 300x600-Tfib100M10-mochila-tb-637328171216915634-8d1955f5-a51b-4871-a52a-10763db8cd14.html Show response
s0.2mdn.net/sadbundle/5101414628303306752/ Frame F432 4 KB
1 KB 26ms
7ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5101414628303306752/300x600-Tfib100M10-mochila-tb-637328171216915634-8d1955f5-a51b-4871-a52a-10763db8cd14.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ae11df04de2372391443686145c69a3c8c45491e00081a1af751b0fb465399c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1417
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 23 Feb 2022 07:20:29 GMT
expires: Thu, 23 Feb 2023 07:20:29 GMT
cache-control: public, max-age=31536000
age: 125212
last-modified: Sat, 29 Aug 2020 02:16:40 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6AA6 0
107 B 217ms
81ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvZwWusyqotufDQZX9PRj7Qd5pDUmhJPJnjWhIjHeUvoSgwsyVS8CEh_Ky1Hbl4y6qmZUgQCz_SjYLSMX4DpK_FQzwwCIJxvWOZPBuA45zvKNFusBSLB3e9VDX89mQwtcB3VfOVz-_Qw8tq51GhG9ufdQI_JCXa3Ck6nHqYWQi34GwGhfdAN9RVvyox1mwG-Ltm0thfywduQGOekyRM70N4Upn2MKFzN1-AmZJow14qDE19XBUvSVHymccjBAnV4-zUJo-KyL7w-scpP4aZgDu0fx6R7fi0Ajv8XVeHIFIEb4QEVduyB0G2zOFYqH1urC5vtKEEN4O2mO458tuZyt48qiKk_l2sclmGBUTMBEKzIPrITjyY3GUkf2e0021OC1U4vgehRCCOz3izE-xs0W_LldvLlQKWMxaqeZ6eF1LFtl1vBF7_CwSinZaj5HjG-5NpjeR6a6o9EsYeP1SMnytcJg6vhUM7Jw5lw622AEQE0ZmkgBPhphBJHxJz31QWe7BWfjIa_8MCQpDyvWzO7gNRxu36w186utcHHVt6nB8Bpnj7IVkwAqLkxvmcCr5Vd6lYj9Y0VwHIVeiDhYTXtHLcSfNX1HHX3taVFgWshdtedSbwo1g2ZkgODxD2Ocerr2ejFkHLrymdFPi_fZj66vhXmmnLuidKowO7yCRIVaa3DtlX-j1V1zCKjbPgbYV3u6PU5Nt7v7ipubkvcDRAm5MOXjE94c7bF6D7HLpC4MOW2kq5562puozccSggv25TqNrghGnyzf8_pswawhwsbqfJ2PTwc1pSTM_BF43Y0TzhbIma4Nki0iHji8E10-XJI_eefEJCWw_EUB1jqIbQFrfP4nyTHX-GGTd4gAvsyN6WP0bPurocFReQMhKwcuiEpDfb4FBoipFMNyKznREad5G0gNeuoOz0A4XueA-DjKuWSBMKbFnuILMxaP67NNMToT5pXbykH_ODI2fgbNnJSYQFi5Km099Di1vPAPaMfZo9728OEzvEDGveinwvGoSIwf8mpmeoFSPq8MzALJONgToMbIf73vz2_eGVgP4Y1aqScJfOrjkZsa5RX0dVQv34tl2Balu_IGV-94ashO042BA-Lx6CZaHCiRrLdZ6Vl1g_9qkyXXC2i5HyI5p3OG6N39RMb56PH8FHeIcWng&sai=AMfl-YSxRWWRvQSaH5w629T7eDsL1Ak6OYOy2Yvs8dO4Tm_iHy_T3KR3C1ZkM5DvqUPNQm-uYCeA6e3jo_VCfXqEbscolLM9laLh0OOQ44rL8zhJtyxURudKwp5s9jSyV09RwtYVewswd1yw3gkxJaMLuSO7JTpztw&sig=Cg0ArKJSzHb4_YWZt4u6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=76&cbvp=1&cstd=73&cisv=r20220221.52197&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 24 Feb 2022 18:07:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame D031
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKxyL3N5s2tLJhu6580xDjk&google_cver=1&google_push=AYg5qPLh0p6oDPdUsbOxkuwoIT4_6Smlr_sG3MLVqt3apy-wlA9fCezn9K0rs8nbs4__UiD-qixDW9T1icdvKMS3cWCcnBiSloA&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKxyL3N5s2tLJhu6580xDjk&google_cver=1&google_push=AYg5qPLh0p6oDPdUsbOxkuwoIT4_6Smlr_sG3MLVqt3apy-wlA9fCezn9K0rs8nbs4__UiD-qixDW9T1icdvKMS3cWCcnBiSloA...

43 B
415 B

198ms
187ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKxyL3N5s2tLJhu6580xDjk&google_cver=1&google_push=AYg5qPLh0p6oDPdUsbOxkuwoIT4_6Smlr_sG3MLVqt3apy-wlA9fCezn9K0rs8nbs4__UiD-qixDW9T1icdvKMS3cWCcnBiSloA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLh0p6oDPdUsbOxkuwoIT4_6Smlr_sG3MLVqt3apy-wlA9fCezn9K0rs8nbs4__UiD-qixDW9T1icdvKMS3cWCcnBiSloA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:21 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e2aa2112f245a19-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:21 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e2aa20fcb185a19-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKxyL3N5s2tLJhu6580xDjk&google_cver=1&google_push=AYg5qPLh0p6oDPdUsbOxkuwoIT4_6Smlr_sG3MLVqt3apy-wlA9fCezn9K0rs8nbs4__UiD-qixDW9T1icdvKMS3cWCcnBiSloA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLh0p6oDPdUsbOxkuwoIT4_6Smlr_sG3MLVqt3apy-wlA9fCezn9K0rs8nbs4__UiD-qixDW9T1icdvKMS3cWCcnBiSloA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame D031 70 B
265 B 155ms
30ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGAK3w1Q7Vmt70xW8fmofyg&google_cver=1&google_push=AYg5qPLQ9kIheSd5zKFVqu5YdRPy4H5zPfFm0rzTHNvZ5gHeGS8MnUusic7KJgHihZ174Z1dmlDAjmHW3KWDTwiHo_dFYB-wjCg
Requested by: Host: 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
URL: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D031
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBKejo2D5CI5y-Z0DTgXvYY&google_cver=1&google_push=AYg5qPIuTLwV46Lwz-Dr_t8VyiAMQ9rKtWnJBNCdq_R_mxwIiah4dHT7glTAYJs_otItJQh_a7sTVDidl4neYMgP...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OpTzP6ofR_ydG1WWjLFu-g2&google_push=AYg5qPIuTLwV46Lwz-Dr_t8VyiAMQ9rKtWnJBNCdq_R_mxwIiah4dHT7glTAYJs_otItJQh_a7sTVDidl4neYMgPT3XDc7IubXs

170 B
188 B

28ms
27ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OpTzP6ofR_ydG1WWjLFu-g2&google_push=AYg5qPIuTLwV46Lwz-Dr_t8VyiAMQ9rKtWnJBNCdq_R_mxwIiah4dHT7glTAYJs_otItJQh_a7sTVDidl4neYMgPT3XDc7IubXs

Requested by

Host: 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
URL: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 24 Feb 2022 18:07:21 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OpTzP6ofR_ydG1WWjLFu-g2&google_push=AYg5qPIuTLwV46Lwz-Dr_t8VyiAMQ9rKtWnJBNCdq_R_mxwIiah4dHT7glTAYJs_otItJQh_a7sTVDidl4neYMgPT3XDc7IubXs
x-host: tde-deliveryengine-production-6db64947db-x22cs
alt-svc: clear
content-length: 0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame D031 43 B
65 B 21ms
15ms Image
image/gif 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEK5s7dFxtNNWsCyPgRk5L28&google_cver=1&google_push=AYg5qPIzNQmkR_NZtDQ_57tfAxQxz0OPAKqSvzySr7GfQgCQUPiq_tfxhKFl7kK_rcwJR7V9PhQVvppVIbzyMzxDMSyv2R5ekOQ

Requested by

Host: 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
URL: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Feb 2022 18:07:21 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D031
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPs15I0Ico-o6lQDG-rU4u4&google_cver=1&google_push=AYg5qPLuipV3ikrl9gESWg1sse3kWSCpwFVQ-QIMi_0rdze3w-lBfOnDPsDjAb3XU99tqD0IvO8...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDAxQVNLUDktMU4tM0MzRg==&google_push=AYg5qPLuipV3ikrl9gESWg1sse3kWSCpwFVQ-QIMi_0rdze3w-lBfOnDPsDjAb3XU99tqD0IvO8HUZlfPrZYOwY8H_E4_Aq0djU

170 B
188 B

25ms
25ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDAxQVNLUDktMU4tM0MzRg==&google_push=AYg5qPLuipV3ikrl9gESWg1sse3kWSCpwFVQ-QIMi_0rdze3w-lBfOnDPsDjAb3XU99tqD0IvO8HUZlfPrZYOwY8H_E4_Aq0djU

Requested by

Host: 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
URL: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDAxQVNLUDktMU4tM0MzRg==&google_push=AYg5qPLuipV3ikrl9gESWg1sse3kWSCpwFVQ-QIMi_0rdze3w-lBfOnDPsDjAb3XU99tqD0IvO8HUZlfPrZYOwY8H_E4_Aq0djU
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D031
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEA0eotx-9hToUvIBSjQZcjY&google_cver=1&google_push=AYg5qPLzpqlzDDgD1tnJH5et8PfEiuYGqRO3aCZfJuvr4q4XXP_6qJrBnkazyTKisEWehug9-MxbfKOMkC7dsPqQzs1HZsvP6js
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLzpqlzDDgD1tnJH5et8PfEiuYGqRO3aCZfJuvr4q4XXP_6qJrBnkazyTKisEWehug9-MxbfKOMkC7dsPqQzs1HZsvP6js&googl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM2ODE4NTYwNDc4NTk1MjA2MzM1Mg%3D%3D&google_push=AYg5qPLzpqlzDDgD1tnJH5et8PfEiuYGqRO3aCZfJuvr4q4XXP_6qJrB...

170 B
188 B

22ms
22ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM2ODE4NTYwNDc4NTk1MjA2MzM1Mg%3D%3D&google_push=AYg5qPLzpqlzDDgD1tnJH5et8PfEiuYGqRO3aCZfJuvr4q4XXP_6qJrBnkazyTKisEWehug9-MxbfKOMkC7dsPqQzs1HZsvP6js

Requested by

Host: 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
URL: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM2ODE4NTYwNDc4NTk1MjA2MzM1Mg%3D%3D&google_push=AYg5qPLzpqlzDDgD1tnJH5et8PfEiuYGqRO3aCZfJuvr4q4XXP_6qJrBnkazyTKisEWehug9-MxbfKOMkC7dsPqQzs1HZsvP6js
date: Thu, 24 Feb 2022 18:07:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame D031 0
75 B 224ms
16ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEA1EaV2gCP4ZURDoTsgFWdY&google_cver=1&google_push=AYg5qPLr_4Hpk6BXuJCYqy5W9rQCgj8OB4M7-MN7_KkiwvQLXSzgL2gSsfYi2VWO1Zuas7tb0a3oKSpsMlVs6yyHTmVMvfJUA4M
Requested by: Host: 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
URL: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:21 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D031 0
12 B 19ms
18ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JrAPkHuQQ52-P6V83AxPKE0hl6AZVwToxSgdCtZMhkwkEKlgupZ24mt7FHc8BF_Mdr_z61

Requested by

Host: 268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
URL: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js Show response
pagead2.googlesyndication.com/bg/ Frame A278 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21fbd6b11f1cf10a085cc6550404fa92a55d0b3471b0ca90cb40be00466b8fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 15:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13530
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 15:37:50 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6AA6 0
524 B 43ms
43ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvZwWusyqotufDQZX9PRj7Qd5pDUmhJPJnjWhIjHeUvoSgwsyVS8CEh_Ky1Hbl4y6qmZUgQCz_SjYLSMX4DpK_FQzwwCIJxvWOZPBuA45zvKNFusBSLB3e9VDX89mQwtcB3VfOVz-_Qw8tq51GhG9ufdQI_JCXa3Ck6nHqYWQi34GwGhfdAN9RVvyox1mwG-Ltm0thfywduQGOekyRM70N4Upn2MKFzN1-AmZJow14qDE19XBUvSVHymccjBAnV4-zUJo-KyL7w-scpP4aZgDu0fx6R7fi0Ajv8XVeHIFIEb4QEVduyB0G2zOFYqH1urC5vtKEEN4O2mO458tuZyt48qiKk_l2sclmGBUTMBEKzIPrITjyY3GUkf2e0021OC1U4vgehRCCOz3izE-xs0W_LldvLlQKWMxaqeZ6eF1LFtl1vBF7_CwSinZaj5HjG-5NpjeR6a6o9EsYeP1SMnytcJg6vhUM7Jw5lw622AEQE0ZmkgBPhphBJHxJz31QWe7BWfjIa_8MCQpDyvWzO7gNRxu36w186utcHHVt6nB8Bpnj7IVkwAqLkxvmcCr5Vd6lYj9Y0VwHIVeiDhYTXtHLcSfNX1HHX3taVFgWshdtedSbwo1g2ZkgODxD2Ocerr2ejFkHLrymdFPi_fZj66vhXmmnLuidKowO7yCRIVaa3DtlX-j1V1zCKjbPgbYV3u6PU5Nt7v7ipubkvcDRAm5MOXjE94c7bF6D7HLpC4MOW2kq5562puozccSggv25TqNrghGnyzf8_pswawhwsbqfJ2PTwc1pSTM_BF43Y0TzhbIma4Nki0iHji8E10-XJI_eefEJCWw_EUB1jqIbQFrfP4nyTHX-GGTd4gAvsyN6WP0bPurocFReQMhKwcuiEpDfb4FBoipFMNyKznREad5G0gNeuoOz0A4XueA-DjKuWSBMKbFnuILMxaP67NNMToT5pXbykH_ODI2fgbNnJSYQFi5Km099Di1vPAPaMfZo9728OEzvEDGveinwvGoSIwf8mpmeoFSPq8MzALJONgToMbIf73vz2_eGVgP4Y1aqScJfOrjkZsa5RX0dVQv34tl2Balu_IGV-94ashO042BA-Lx6CZaHCiRrLdZ6Vl1g_9qkyXXC2i5HyI5p3OG6N39RMb56PH8FHeIcWng&sai=AMfl-YSxRWWRvQSaH5w629T7eDsL1Ak6OYOy2Yvs8dO4Tm_iHy_T3KR3C1ZkM5DvqUPNQm-uYCeA6e3jo_VCfXqEbscolLM9laLh0OOQ44rL8zhJtyxURudKwp5s9jSyV09RwtYVewswd1yw3gkxJaMLuSO7JTpztw&sig=Cg0ArKJSzHb4_YWZt4u6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=223&vt=11&dtpt=147&dett=3&cstd=73&cisv=r20220221.52197&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: tempprenmis.tk
URL: https://tempprenmis.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 18:07:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 5f33a59b7203860001cff706 Show response
c.bannerflow.net/a/ Frame F432 90 KB
32 KB 127ms
55ms Script
application/javascript 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/5f33a59b7203860001cff706?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst-oWBlJ8b67DbZharibvnnAF7vicNioR22eG8h0uX77ELf6_a14nOhzfYjHsiZA_pRLvr6KqBuLHJZGL7zCkrrX7VAAj5N8C1cvo_advq-mqqY3Nx1gsDIqrScOgeapTnGLSGUea6bAEvYd-9HaO_YCBsGviXPi6hRivh_YzxDDQuLia9LoUV5plJzOucWVNeUiLknopA-5N-AQLUAevlWdoLDcHDDoo1NITKGldvYlseZALmv77loNqRBp8byJPAIoqRjaDaXDJ_EnR15cbKHyTXwZ-KLr33cBVXIltNNXR1_twI7xX0Ho3hRJXz6s3W8nyJr-L0-O_F3clW3JP5P-xjH-p1n68G4ku10mS-zB51_Dh4TBvhAOv3Eaujib6cxFkJ6P3qS1ACLKgnwntB2f2LCZ2bKLlyIK0nLrj4_usQI_GlTql7KHes3ibcu6apm3DNdvHGiQg5RTbaJSd7AFsevhshD9gI4oL3NmZZRBYriZFBJ8zB41SiQsZqlWSMGw8PC8o_DsZ1uhOIiWxGxsdu_58hy2TtV2T1zwVbLmJBZ4bfYTkx3f7HtVDMnuj3RyJQiaWlzQq093ZDRmEbpUMZDMynMjc2l7KWf9GDDmgqtExBsIiSOV4ubAKdWF0ck7IYhQIIJ-qgrlgkHocDSSk9LfJtLxPMFbbRuWajhpCoJHKOuIPxamswdD4_fZyifl1zyh52zFXFZBW7oCgVfaHMzRgdK1KrGv6bMvJ7fXJ4PxhGpk6SPUJAa5r9lzLPOicp6eqV3IeIbAEJf71pnQRZQ6JEVGgrq6axqUafmKXeGNwrDq8vxmAlD3HLyK5l0bewwZMoIIcmek3MVOOQLtzvpWDZlZ0vifNwLuj3gdwZxR_tmbzJTDFJecOUJ4WGm_rRqPrBpin33qQH8g5sE7kVp1eXCDQclFLO5hr8-Z4s2DxzTx3d4vWqnFnj-klSv90BkzPqUwwP6Xte2v534t838MU8fZgPLX0u7N1elbZB9kA0KXP7Zenmqcg5sFo6UogeSUmxSq6Go2hc-XdSMPp6cGrpmEloSMwvX1nv1hHjKgV4Ra8RqBou3f1zSuK7l__9anMbBTdHaE8GwUieY1NXZTYv1Ut4gjaxUDrfExVYJmMxbPFJ1e2GSg9LhD-tOy1HrhzGUWzY%26sai%3DAMfl-YR3DuxIS5byiLg9gW-78AvyFlMx61edDt_UMN9VP6RyHEAV-MK7Xur9StL5BqDmywL1D9_Z40I2IZKrTahEgCSWl9Hzgd6dX9cPXBR8X-_-aa1s0u11OD4LPJpSj8jZb7DSAeXAZG3yMth5OGYBjXydJxsYPbD3c-ySSBv2%26sig%3DCg0ArKJSzKVGhsGQvF2REAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7045692%26adurl%3Dhttps%253A%252F%252Ftarifas.masmovil.es%252Ffibra-300mb-movil-25gb%252F%253Futm_id%253DuIqoOr1398MM%2526utm_content%253Dtconvergentes_adelante%2526dclid%253D%2525edclid!
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5101414628303306752/300x600-Tfib100M10-mochila-tb-637328171216915634-8d1955f5-a51b-4871-a52a-10763db8cd14.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 201caeb1949a50aee80c1d9547fa2ef09ef170b5694df93bd6227cf884adffbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cf-ray: 6e2aa2109a9a59d1-MXP
link: <https://c.bannerflow.net/accounts/masmovil/5dc2d86a1cad1216d8498436/published/1791070/2043560/preload.jpg>; rel=preload; as=image
request-context: appId=cid-v1:8ccc0d93-c9cf-4965-a9de-1823f9df557e

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021111701&jk=2024054721705162&bg=!jY6ljsrNAAbf-5Dq3_s7ACkAdvg8Wp8iIr07eqHkdDJHEJhB3HJ9i-vQ9s2HZ2CBMfgQ1bFI-09YowIAAABYUgAAAANoAQeZAtCggUehf3J90WsihjjpNB2iMPDVNxcBlclKg_s5MnEPv3hUU40lnEwcGBuby2wJr04TonBNZLN50-8Z6bEVg7vtXVJCxcGSG4qHPsvpaocUlOVuo_K6gGZYeYkfOuPG6HYLXyGEs3nqwhsbof-qLAEMBjGy70kYDEOVi69xrbk2KsoN7n4YK8dJ26w4ROhHGlPu2CW79JzzgIRHYjflO7w5mhz4OrO9hRhhp91U-P5HwGHzHbaXncvPvhmaMbWHHoVYnpBNHgQh4qCFhT4Nc24Bbi4BqGBzCXsZkEyhkfJGaMDH1BRbuCS6btzLNkzso2Kb-lla393fN2n7ltUQpDclS8SIxsEucmS27lrHnydJxb5PJzGIJPlqc5G5vLbPSucLifYRDIdCA7MwFFoXQHijo_rbiX9ADdNp5JcxXz-mhoW5HIgCCIUSF4Qfg-zomihfm8uwyR3jooMBtZ2dw2P7DaK7cLePSldKxzYB4tYRBfeLui9b0nDAHRfU2auZAzmmxovDMnfaCsLCi7c9YGweRkj_80naLCRaGI1EaOr3Pr-3vvolDTpy1ZrLXHX0zGPa2guGieHszsd_V1PelkTx6Pjm8bKKEfmtktwSTHBjHQYEe4O5SgKUUmJB5MpUoSugD0sYUpXFedK3FUh-kGtISTpKXqUeoWZltlElKt-KldSEjUWIP4sQJPU32h-n3_cqjA5fDwnRrnCB11DBZsvqkxtW3qth4ZBOuHqA0jaWr9ctlXIij5-3GIWdOKa10IDx7Qo325qnX3_VGs_k4NhDLRgDgH_c1uAGz8K5xuIXrr9SHzTgQa4wEAxKAqCt1BhTfFX1Q1Ydh41zuY_m9eKKBgjLK3uM82W_kezbFneX-kXp7Q6xR4O-Pjg12eQjIf06LANWx_UArMJwJ4T-FHn3MhHc2DrtXzYslIHMQU2haN__5XVglNW-ilkeRJu3Ts4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A278 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZemeWckXYvCTELiKjuwPyuGnyAkAAAAAOAHgBAI&bg=!j4yljMjNAAbf-5Dq3_s7ACkAdvg8Wj1LCawt-DBnLKD24dzKCwTt9fCzzOvklc81-4KxKPRsM6scXQIAAABcUgAAAAJoAQcKADH9D_mngzYah_G_LyUdjVLUibqXdsV0XdP8zLo34wkwelyd0NUx9o_aPn-loW_IzxjCmQMmu04X3JQzaDVzWuHqV4NlpUroLRgJNgrGtTd-LhueiYsdl3F7FZWBx8bSywUlizEAqUUxxbiEpzHYl3h3tgpMJSxx16Jn9NHKg8Vq6BZIVB8l3Sv6zclJ--Ns37J4RIWZU2px4lx2aMLKr5X-ISz0EAS8KHZXB9yxFXvAWmBUGb1Gimv7E4YUe7f7Q6ppPoLQDLItJQk-pXK4K0nH0prl1Ov5E2rRKihOUt9fTB6c2kTauWkAyqhvxwaBUtSbLvlHkdkk9eUzJhTPafAMo2snU17ore4v2ZxXL5pPsmgRus03bPu2Plbayk18NUxABYaKY5vqXWd-jhfPh7if0zxL5uNh7JkIcofPHRwYi714BfR7-dSM9uC_aWEg7R2iaTZdBe8LxilLDiGJy05ln-phJ6aU9gz2zaCibf7K6WhKCbrfOAcJOnfBN0l09SRLQaQJUIk0eygDceNUYvAp8bhbmvClFp0MdOUzn443EQmFv-I4NOoQLE81jCLVAEYxksZ7yWrquNIAEMHhinD9CNJ6QglY08wkCrOR--q7XdwLisu_ay-Ivyk7HNoCX4jphlci_mghr95nFsloGOuzjev5Bmgr8XHGTB5-T81Kf5gGHBOCGTGSKt1q2wNP-m6sa-hPt0cIbggV-_B7XmdEmPai0KB6NBfQHsLgQbVv_BueLQ0b_2QXx2kRGdq34GncBtnWgNpbbNcR_7YlyTsenfa6dK6MgYz_Rk04D8xTd02dJUpS2E717mhWiTEUtGVfdt4rmRGp3AaR_9Djp6xAALtWRPcoK_Dm1r_L77-zu50hjjyY1-q6q6ofJxg3A0e0mpZa_7EskL5a-5pbf9RWNubaRyJrePZfc7F1F3h3yPCtwRgFUsEtJyX4wc6HClBVU-1Fl_gJPTE2eHLUGO4o036IMLiiNp20uB9BMAG5MF_DmJD5vOqFkeR3fQBBltoCqBqQwmhE99XlVS8zpSBW-TFa2TBimdnvwWsyWCN0vnAEh-PpzfLWbB7URIDwmtfP0p_A0KOisIYs34PL5NYvu6egUoDCnEXvl6ZzB0IHO8muZWr7iBwKc2k

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 preload.jpg
c.bannerflow.net/accounts/masmovil/5dc2d86a1cad1216d8498436/published/1791070/2043560/ Frame F432 28 KB
29 KB 39ms
38ms Image
image/jpeg 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/masmovil/5dc2d86a1cad1216d8498436/published/1791070/2043560/preload.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8572dc1bd022a548e4662d7b12a8ceb5e8bf1722699fc53e78db84cb8c782ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 24 Feb 2022 18:07:21 GMT
cf-cache-status: HIT
age: 121804
content-length: 29167
x-ms-lease-status: unlocked
last-modified: Wed, 23 Feb 2022 08:03:32 GMT
server: cloudflare
etag: 0x8D9F6A2FBD86272
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 2325817e-901e-0060-488d-2891b9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6e2aa210fb9859d1-MXP
cf-bgj: h2pri

GET
H2 200 widget.22493eadba403337dcac.js Show response
c.bannerflow.net/scripts/ Frame F432 18 KB
7 KB 34ms
33ms Script
application/javascript 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/widget.22493eadba403337dcac.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/5f33a59b7203860001cff706?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst-oWBlJ8b67DbZharibvnnAF7vicNioR22eG8h0uX77ELf6_a14nOhzfYjHsiZA_pRLvr6KqBuLHJZGL7zCkrrX7VAAj5N8C1cvo_advq-mqqY3Nx1gsDIqrScOgeapTnGLSGUea6bAEvYd-9HaO_YCBsGviXPi6hRivh_YzxDDQuLia9LoUV5plJzOucWVNeUiLknopA-5N-AQLUAevlWdoLDcHDDoo1NITKGldvYlseZALmv77loNqRBp8byJPAIoqRjaDaXDJ_EnR15cbKHyTXwZ-KLr33cBVXIltNNXR1_twI7xX0Ho3hRJXz6s3W8nyJr-L0-O_F3clW3JP5P-xjH-p1n68G4ku10mS-zB51_Dh4TBvhAOv3Eaujib6cxFkJ6P3qS1ACLKgnwntB2f2LCZ2bKLlyIK0nLrj4_usQI_GlTql7KHes3ibcu6apm3DNdvHGiQg5RTbaJSd7AFsevhshD9gI4oL3NmZZRBYriZFBJ8zB41SiQsZqlWSMGw8PC8o_DsZ1uhOIiWxGxsdu_58hy2TtV2T1zwVbLmJBZ4bfYTkx3f7HtVDMnuj3RyJQiaWlzQq093ZDRmEbpUMZDMynMjc2l7KWf9GDDmgqtExBsIiSOV4ubAKdWF0ck7IYhQIIJ-qgrlgkHocDSSk9LfJtLxPMFbbRuWajhpCoJHKOuIPxamswdD4_fZyifl1zyh52zFXFZBW7oCgVfaHMzRgdK1KrGv6bMvJ7fXJ4PxhGpk6SPUJAa5r9lzLPOicp6eqV3IeIbAEJf71pnQRZQ6JEVGgrq6axqUafmKXeGNwrDq8vxmAlD3HLyK5l0bewwZMoIIcmek3MVOOQLtzvpWDZlZ0vifNwLuj3gdwZxR_tmbzJTDFJecOUJ4WGm_rRqPrBpin33qQH8g5sE7kVp1eXCDQclFLO5hr8-Z4s2DxzTx3d4vWqnFnj-klSv90BkzPqUwwP6Xte2v534t838MU8fZgPLX0u7N1elbZB9kA0KXP7Zenmqcg5sFo6UogeSUmxSq6Go2hc-XdSMPp6cGrpmEloSMwvX1nv1hHjKgV4Ra8RqBou3f1zSuK7l__9anMbBTdHaE8GwUieY1NXZTYv1Ut4gjaxUDrfExVYJmMxbPFJ1e2GSg9LhD-tOy1HrhzGUWzY%26sai%3DAMfl-YR3DuxIS5byiLg9gW-78AvyFlMx61edDt_UMN9VP6RyHEAV-MK7Xur9StL5BqDmywL1D9_Z40I2IZKrTahEgCSWl9Hzgd6dX9cPXBR8X-_-aa1s0u11OD4LPJpSj8jZb7DSAeXAZG3yMth5OGYBjXydJxsYPbD3c-ySSBv2%26sig%3DCg0ArKJSzKVGhsGQvF2REAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7045692%26adurl%3Dhttps%253A%252F%252Ftarifas.masmovil.es%252Ffibra-300mb-movil-25gb%252F%253Futm_id%253DuIqoOr1398MM%2526utm_content%253Dtconvergentes_adelante%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b28175efeef3e5c96fdaad6da694d2db8f61df4f2f7da7c3b1c129bbd430a04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 24 Feb 2022 18:07:21 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: U+qLiAy2pVEmJWp8LdUWKg==
age: 1122768
cf-polished: origSize=18607
x-ms-lease-status: unlocked
last-modified: Fri, 11 Feb 2022 16:05:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 50fac300-301e-008d-3373-1fdaf4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
cf-ray: 6e2aa2111bf459d1-MXP
cf-bgj: minify

GET
H2 200 document.caacfc94fd.js Show response
c.bannerflow.net/accounts/masmovil/5dc2d86a1cad1216d8498436/published/1791070/2043560/ Frame F432 55 KB
11 KB 37ms
36ms Script
application/javascript 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/masmovil/5dc2d86a1cad1216d8498436/published/1791070/2043560/document.caacfc94fd.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/5f33a59b7203860001cff706?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst-oWBlJ8b67DbZharibvnnAF7vicNioR22eG8h0uX77ELf6_a14nOhzfYjHsiZA_pRLvr6KqBuLHJZGL7zCkrrX7VAAj5N8C1cvo_advq-mqqY3Nx1gsDIqrScOgeapTnGLSGUea6bAEvYd-9HaO_YCBsGviXPi6hRivh_YzxDDQuLia9LoUV5plJzOucWVNeUiLknopA-5N-AQLUAevlWdoLDcHDDoo1NITKGldvYlseZALmv77loNqRBp8byJPAIoqRjaDaXDJ_EnR15cbKHyTXwZ-KLr33cBVXIltNNXR1_twI7xX0Ho3hRJXz6s3W8nyJr-L0-O_F3clW3JP5P-xjH-p1n68G4ku10mS-zB51_Dh4TBvhAOv3Eaujib6cxFkJ6P3qS1ACLKgnwntB2f2LCZ2bKLlyIK0nLrj4_usQI_GlTql7KHes3ibcu6apm3DNdvHGiQg5RTbaJSd7AFsevhshD9gI4oL3NmZZRBYriZFBJ8zB41SiQsZqlWSMGw8PC8o_DsZ1uhOIiWxGxsdu_58hy2TtV2T1zwVbLmJBZ4bfYTkx3f7HtVDMnuj3RyJQiaWlzQq093ZDRmEbpUMZDMynMjc2l7KWf9GDDmgqtExBsIiSOV4ubAKdWF0ck7IYhQIIJ-qgrlgkHocDSSk9LfJtLxPMFbbRuWajhpCoJHKOuIPxamswdD4_fZyifl1zyh52zFXFZBW7oCgVfaHMzRgdK1KrGv6bMvJ7fXJ4PxhGpk6SPUJAa5r9lzLPOicp6eqV3IeIbAEJf71pnQRZQ6JEVGgrq6axqUafmKXeGNwrDq8vxmAlD3HLyK5l0bewwZMoIIcmek3MVOOQLtzvpWDZlZ0vifNwLuj3gdwZxR_tmbzJTDFJecOUJ4WGm_rRqPrBpin33qQH8g5sE7kVp1eXCDQclFLO5hr8-Z4s2DxzTx3d4vWqnFnj-klSv90BkzPqUwwP6Xte2v534t838MU8fZgPLX0u7N1elbZB9kA0KXP7Zenmqcg5sFo6UogeSUmxSq6Go2hc-XdSMPp6cGrpmEloSMwvX1nv1hHjKgV4Ra8RqBou3f1zSuK7l__9anMbBTdHaE8GwUieY1NXZTYv1Ut4gjaxUDrfExVYJmMxbPFJ1e2GSg9LhD-tOy1HrhzGUWzY%26sai%3DAMfl-YR3DuxIS5byiLg9gW-78AvyFlMx61edDt_UMN9VP6RyHEAV-MK7Xur9StL5BqDmywL1D9_Z40I2IZKrTahEgCSWl9Hzgd6dX9cPXBR8X-_-aa1s0u11OD4LPJpSj8jZb7DSAeXAZG3yMth5OGYBjXydJxsYPbD3c-ySSBv2%26sig%3DCg0ArKJSzKVGhsGQvF2REAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7045692%26adurl%3Dhttps%253A%252F%252Ftarifas.masmovil.es%252Ffibra-300mb-movil-25gb%252F%253Futm_id%253DuIqoOr1398MM%2526utm_content%253Dtconvergentes_adelante%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4af6b5bfde98b8da4e6ad4e9facc834721e645b6b7e04bf93af53af5a55a20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 24 Feb 2022 18:07:21 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: yqz8lP3ojhtEbE0mw7IeBQ==
age: 121804
cf-polished: origSize=61358
x-ms-lease-status: unlocked
last-modified: Wed, 23 Feb 2022 08:03:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 03d21d6f-001e-004d-2b8d-2822ca000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
cf-ray: 6e2aa2111bff59d1-MXP
cf-bgj: minify

GET
H2 200 animated-creative.97eeeb2d79844fbaaab3.js Show response
c.bannerflow.net/scripts/ Frame F432 141 KB
48 KB 46ms
46ms Script
application/javascript 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.97eeeb2d79844fbaaab3.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/5f33a59b7203860001cff706?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst-oWBlJ8b67DbZharibvnnAF7vicNioR22eG8h0uX77ELf6_a14nOhzfYjHsiZA_pRLvr6KqBuLHJZGL7zCkrrX7VAAj5N8C1cvo_advq-mqqY3Nx1gsDIqrScOgeapTnGLSGUea6bAEvYd-9HaO_YCBsGviXPi6hRivh_YzxDDQuLia9LoUV5plJzOucWVNeUiLknopA-5N-AQLUAevlWdoLDcHDDoo1NITKGldvYlseZALmv77loNqRBp8byJPAIoqRjaDaXDJ_EnR15cbKHyTXwZ-KLr33cBVXIltNNXR1_twI7xX0Ho3hRJXz6s3W8nyJr-L0-O_F3clW3JP5P-xjH-p1n68G4ku10mS-zB51_Dh4TBvhAOv3Eaujib6cxFkJ6P3qS1ACLKgnwntB2f2LCZ2bKLlyIK0nLrj4_usQI_GlTql7KHes3ibcu6apm3DNdvHGiQg5RTbaJSd7AFsevhshD9gI4oL3NmZZRBYriZFBJ8zB41SiQsZqlWSMGw8PC8o_DsZ1uhOIiWxGxsdu_58hy2TtV2T1zwVbLmJBZ4bfYTkx3f7HtVDMnuj3RyJQiaWlzQq093ZDRmEbpUMZDMynMjc2l7KWf9GDDmgqtExBsIiSOV4ubAKdWF0ck7IYhQIIJ-qgrlgkHocDSSk9LfJtLxPMFbbRuWajhpCoJHKOuIPxamswdD4_fZyifl1zyh52zFXFZBW7oCgVfaHMzRgdK1KrGv6bMvJ7fXJ4PxhGpk6SPUJAa5r9lzLPOicp6eqV3IeIbAEJf71pnQRZQ6JEVGgrq6axqUafmKXeGNwrDq8vxmAlD3HLyK5l0bewwZMoIIcmek3MVOOQLtzvpWDZlZ0vifNwLuj3gdwZxR_tmbzJTDFJecOUJ4WGm_rRqPrBpin33qQH8g5sE7kVp1eXCDQclFLO5hr8-Z4s2DxzTx3d4vWqnFnj-klSv90BkzPqUwwP6Xte2v534t838MU8fZgPLX0u7N1elbZB9kA0KXP7Zenmqcg5sFo6UogeSUmxSq6Go2hc-XdSMPp6cGrpmEloSMwvX1nv1hHjKgV4Ra8RqBou3f1zSuK7l__9anMbBTdHaE8GwUieY1NXZTYv1Ut4gjaxUDrfExVYJmMxbPFJ1e2GSg9LhD-tOy1HrhzGUWzY%26sai%3DAMfl-YR3DuxIS5byiLg9gW-78AvyFlMx61edDt_UMN9VP6RyHEAV-MK7Xur9StL5BqDmywL1D9_Z40I2IZKrTahEgCSWl9Hzgd6dX9cPXBR8X-_-aa1s0u11OD4LPJpSj8jZb7DSAeXAZG3yMth5OGYBjXydJxsYPbD3c-ySSBv2%26sig%3DCg0ArKJSzKVGhsGQvF2REAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7045692%26adurl%3Dhttps%253A%252F%252Ftarifas.masmovil.es%252Ffibra-300mb-movil-25gb%252F%253Futm_id%253DuIqoOr1398MM%2526utm_content%253Dtconvergentes_adelante%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65765064b3d107a88b2ff4b0562d03f0eab36d96ca4b90aaf9904587312bace0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 24 Feb 2022 18:07:21 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: BtdWhfsQMeD1qOOmLOImkg==
age: 1127469
cf-polished: origSize=144480
x-ms-lease-status: unlocked
last-modified: Fri, 11 Feb 2022 16:05:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: de75db4b-d01e-005e-3d68-1f06c6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
cf-ray: 6e2aa2111c0759d1-MXP
cf-bgj: minify

GET
DATA 200
OK truncated
/ Frame F432 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK 85e4d0ce-d229-4bd4-8d27-9456c25a87d7 Show response
https://s0.2mdn.net/ Frame 5525 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s0.2mdn.net/85e4d0ce-d229-4bd4-8d27-9456c25a87d7
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.97eeeb2d79844fbaaab3.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 668

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame F432 3 KB
3 KB 84ms
46ms Font
font/woff 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5dc2d86ade150b10604b565a%2Fc9d1bc95-c57e-428c-9cd0-b7f80b3cce39.woff&t=%20.0235ABDEFGHILMORTVciln%C3%93
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5101414628303306752/300x600-Tfib100M10-mochila-tb-637328171216915634-8d1955f5-a51b-4871-a52a-10763db8cd14.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ab5d64e5872e1370aa254d807fc33b657f925ab9f041330a049839b78e0e80

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:22 GMT
cf-cache-status: HIT
last-modified: Wed, 23 Feb 2022 08:17:19 GMT
server: cloudflare
age: 121803
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=c9d1bc95-c57e-428c-9cd0-b7f80b3cce39-subset.woff
cf-ray: 6e2aa2128f0d83b2-MXP
expires: Thu, 23 Feb 2023 08:17:19 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame F432 3 KB
3 KB 27ms
27ms Font
font/woff 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5dc2d86ade150b10604b565a%2F2e04fc4f-e665-4a65-8ef9-016fdd62c4b4.woff&t=%20%2C%2F0123569ABDEGILMNPRSTU%C2%AA%C3%8D%E2%82%AC
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5101414628303306752/300x600-Tfib100M10-mochila-tb-637328171216915634-8d1955f5-a51b-4871-a52a-10763db8cd14.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edb43b4b3459f6f2e25d0cb954d2af5591eeb64109f3b0417617f244ef5fd395

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:22 GMT
cf-cache-status: HIT
last-modified: Wed, 23 Feb 2022 08:06:05 GMT
server: cloudflare
age: 122477
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=2e04fc4f-e665-4a65-8ef9-016fdd62c4b4-subset.woff
cf-ray: 6e2aa213596083b2-MXP
expires: Thu, 23 Feb 2023 08:06:05 GMT

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 1F29 18 KB
18 KB 35ms
34ms Image
image/webp 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fmasmovil%2F5dc2d86a1cad1216d8498436%2Fimages%2Fe49e712e-3393-4ba4-bb68-bebccbdb6c28.png&w=504&h=480&q=85&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4abd3e7ba0ee96a52303d0f6d6b08ea5a8677ad7df619872919db20c6d514924

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:22 GMT
cf-cache-status: HIT
last-modified: Thu, 24 Feb 2022 08:13:49 GMT
api-supported-versions: 2.0
age: 35613
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 6e2aa213ecbc59d1-MXP
content-length: 18010
server: cloudflare
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 baf24d0e-bbf1-41c5-8966-302f5f029a9f.svg
c.bannerflow.net/accounts/masmovil/5dc2d86a1cad1216d8498436/images/ Frame 1F29 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/masmovil/5dc2d86a1cad1216d8498436/images/baf24d0e-bbf1-41c5-8966-302f5f029a9f.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2bbc93f0850a67adf8846efe6b381d064ad8b36806f777bb9dca90b569f501b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 24 Feb 2022 18:07:22 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: K/K2uYxgL6FE/D5uWc/l0g==
age: 843
x-ms-lease-status: unlocked
last-modified: Thu, 06 Feb 2020 08:42:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 9008dcf0-a01e-0019-285f-946d9d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 6e2aa213ecc259d1-MXP

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame F432 5 KB
5 KB 42ms
42ms Font
font/woff 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F550abe329445702310657a53%2F5dc2d86a1cad1216d8498436%2F35c8db3a-6ef6-45fd-9905-431c7357e17c.woff&t=%20%3EAEILOQRU
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5101414628303306752/300x600-Tfib100M10-mochila-tb-637328171216915634-8d1955f5-a51b-4871-a52a-10763db8cd14.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae47b864a4eabfc7c6b1101f184f01fe8dce6c561c1f6a7bca059cc2cab7bcf3

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:22 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Feb 2022 01:08:46 GMT
server: cloudflare
age: 493116
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=35c8db3a-6ef6-45fd-9905-431c7357e17c-subset.woff
cf-ray: 6e2aa213fb3883b2-MXP
expires: Sun, 19 Feb 2023 01:08:46 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame F432 2 KB
2 KB 52ms
51ms Font
font/woff 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5dc2d86ade150b10604b565a%2F2e04fc4f-e665-4a65-8ef9-016fdd62c4b4.woff&t=ADELNT
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5101414628303306752/300x600-Tfib100M10-mochila-tb-637328171216915634-8d1955f5-a51b-4871-a52a-10763db8cd14.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b70f7e9757572624f0f5bb0bbaf4b1de2509abeafe781b415662f53fbda9f786

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:07:22 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Feb 2022 16:30:58 GMT
server: cloudflare
age: 1992984
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=2e04fc4f-e665-4a65-8ef9-016fdd62c4b4-subset.woff
cf-ray: 6e2aa213fb5083b2-MXP
expires: Wed, 01 Feb 2023 16:30:58 GMT

POST
H2 200 5dc2d86a1cad1216d8498436
c.bannerflow.net/tr/v2/pixel/ Frame F432 0
162 B 64ms
64ms Ping
text/plain 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/5dc2d86a1cad1216d8498436
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/5f33a59b7203860001cff706?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst-oWBlJ8b67DbZharibvnnAF7vicNioR22eG8h0uX77ELf6_a14nOhzfYjHsiZA_pRLvr6KqBuLHJZGL7zCkrrX7VAAj5N8C1cvo_advq-mqqY3Nx1gsDIqrScOgeapTnGLSGUea6bAEvYd-9HaO_YCBsGviXPi6hRivh_YzxDDQuLia9LoUV5plJzOucWVNeUiLknopA-5N-AQLUAevlWdoLDcHDDoo1NITKGldvYlseZALmv77loNqRBp8byJPAIoqRjaDaXDJ_EnR15cbKHyTXwZ-KLr33cBVXIltNNXR1_twI7xX0Ho3hRJXz6s3W8nyJr-L0-O_F3clW3JP5P-xjH-p1n68G4ku10mS-zB51_Dh4TBvhAOv3Eaujib6cxFkJ6P3qS1ACLKgnwntB2f2LCZ2bKLlyIK0nLrj4_usQI_GlTql7KHes3ibcu6apm3DNdvHGiQg5RTbaJSd7AFsevhshD9gI4oL3NmZZRBYriZFBJ8zB41SiQsZqlWSMGw8PC8o_DsZ1uhOIiWxGxsdu_58hy2TtV2T1zwVbLmJBZ4bfYTkx3f7HtVDMnuj3RyJQiaWlzQq093ZDRmEbpUMZDMynMjc2l7KWf9GDDmgqtExBsIiSOV4ubAKdWF0ck7IYhQIIJ-qgrlgkHocDSSk9LfJtLxPMFbbRuWajhpCoJHKOuIPxamswdD4_fZyifl1zyh52zFXFZBW7oCgVfaHMzRgdK1KrGv6bMvJ7fXJ4PxhGpk6SPUJAa5r9lzLPOicp6eqV3IeIbAEJf71pnQRZQ6JEVGgrq6axqUafmKXeGNwrDq8vxmAlD3HLyK5l0bewwZMoIIcmek3MVOOQLtzvpWDZlZ0vifNwLuj3gdwZxR_tmbzJTDFJecOUJ4WGm_rRqPrBpin33qQH8g5sE7kVp1eXCDQclFLO5hr8-Z4s2DxzTx3d4vWqnFnj-klSv90BkzPqUwwP6Xte2v534t838MU8fZgPLX0u7N1elbZB9kA0KXP7Zenmqcg5sFo6UogeSUmxSq6Go2hc-XdSMPp6cGrpmEloSMwvX1nv1hHjKgV4Ra8RqBou3f1zSuK7l__9anMbBTdHaE8GwUieY1NXZTYv1Ut4gjaxUDrfExVYJmMxbPFJ1e2GSg9LhD-tOy1HrhzGUWzY%26sai%3DAMfl-YR3DuxIS5byiLg9gW-78AvyFlMx61edDt_UMN9VP6RyHEAV-MK7Xur9StL5BqDmywL1D9_Z40I2IZKrTahEgCSWl9Hzgd6dX9cPXBR8X-_-aa1s0u11OD4LPJpSj8jZb7DSAeXAZG3yMth5OGYBjXydJxsYPbD3c-ySSBv2%26sig%3DCg0ArKJSzKVGhsGQvF2REAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7045692%26adurl%3Dhttps%253A%252F%252Ftarifas.masmovil.es%252Ffibra-300mb-movil-25gb%252F%253Futm_id%253DuIqoOr1398MM%2526utm_content%253Dtconvergentes_adelante%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s0.2mdn.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 24 Feb 2022 18:07:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e2aa2145e6059d1-MXP
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6AA6 42 B
64 B 92ms
78ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUDORzX4C_U0MbN6e1-b9pMgP_C9bhHs7-uxNYAFV9cvRV-XdxjTADZseiCAq28m-4dTA8x5quN2rGrqWocBP4vndaG2AK23HmWMvBHXJooDkxpB6Hlg&sai=AMfl-YRt8kyfp19xhMsxhzjsV7W1TebGcu_YkMDMcE0pTwJ4hebhMlrtelmGdYIsttJG1RgzexryeIOXrqnrNA-aojTWefuo5GYbAKIXp9WtodqqUKAIfFdvr2LBgzg&sig=Cg0ArKJSzNO279BhLwR9EAE&cid=CAASEuRovyCQU7tyI5XHUQoCU75FFA&id=lidar2&mcvt=1000&p=983,1316,1023,1357&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2053822233&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645726041191&rpt=179&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
11ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=449746387&t=event&ni=1&_s=12&dl=https%3A%2F%2Ftempprenmis.tk%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VisitTime&ea=Timer&el=%3E%205%20sec&_u=aADAAUABAAAAAC~&jid=&gjid=&cid=656294764.1645726040&tid=UA-8969414-2&_gid=1898496545.1645726040&gtm=2ou2g0&z=870781086

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tempprenmis.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 11:32:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23716
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
13ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-76JW1KVZM8&gtm=2oe2g0&_p=449746387&sr=1600x1200&ul=en-us&cid=656294764.1645726040&dl=https%3A%2F%2Ftempprenmis.tk%2F&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sid=1645726040&sct=1&seg=0&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-76JW1KVZM8&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tempprenmis.tk/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:07:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tempprenmis.tk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

346 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tempprenmis.tk/	1970-01-20 03:18:22	Name: _gcl_au Value: 1.1.755588124.1645726040
.tempprenmis.tk/	1970-01-20 03:18:22	Name: _fbp Value: fb.1.1645726040349.1367544914
.facebook.com/	1970-01-20 03:18:22	Name: fr Value: 0jOsR0RQrFRxYHpAT..BiF8lY...1.0.BiF8lY.
tempprenmis.tk/	1970-01-20 01:18:50	Name: __oagr Value: true
.tempprenmis.tk/	1970-01-20 18:39:58	Name: _ga Value: GA1.2.656294764.1645726040
.tempprenmis.tk/	1970-01-20 01:10:12	Name: _gid Value: GA1.2.1898496545.1645726040
.tempprenmis.tk/	1970-01-20 01:08:46	Name: _gat_gtag_UA_8969414_2 Value: 1
.tempprenmis.tk/	1970-01-20 10:37:34	Name: __gfp_64b Value: aA0WqtsXIW3vhRsaT3ulgSeZxa5HABqRRuZSGXBgw3X.x7\|1645726040
.hit.gemius.pl/	1970-01-20 01:18:50	Name: Gtest Value: KlxbIRaGQMQGHIEECE1BNaaissGMXP8c25nSGhZRLiD5XBG.
.hit.gemius.pl/	1970-01-20 10:37:34	Name: Gdyn Value: KlGxFRaGQMQGHIEECE1BNaaissGMXP8c25nSGhZRLiD5FRxSG7RrGS6GNolBFlM1YH8PlexaG0F6Sssa
.tempprenmis.tk/	1970-01-20 09:54:22	Name: deepbi_firstparty_cookie Value: cl01ask250n3afew3sy
.tempprenmis.tk/	1970-01-20 01:08:47	Name: deepbi_user_session Value: b86c9da4-bed6-42b3-b92a-1e2d4c1a5439\|2
.tempprenmis.tk/	1969-12-31 23:59:59	Name: deepbi_user_deepcookie Value: l01ask7c-2vomo0q
.doubleclick.net/	1970-01-20 10:30:22	Name: IDE Value: AHWqTUn9bru-093J7er_6NuNhQKUTjgCyNk64nrRgjjqTjZayDVZpQ4PVbsXURS_hxE
.tempprenmis.tk/	1970-01-20 10:30:22	Name: __gads Value: ID=477a7fd753059f07:T=1645726040:S=ALNI_MathJC3eul2j-zBz5ZmR343IgP-CA
.tempprenmis.tk/	1970-01-20 18:39:58	Name: _ga_76JW1KVZM8 Value: GS1.1.1645726040.1.0.1645726041.0
.casalemedia.com/	1970-01-20 03:18:22	Name: CMPS Value: 5204
.casalemedia.com/	1970-01-20 09:54:22	Name: CMID Value: YhfJWYiHABj9XQW0NtbKxwAA
.adnxs.com/	1970-01-20 03:18:22	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU!q.Zo9!]tbPl1M>e)ZlrFUfJ+tGXxpC^/UBOM(d0:[HJr_$ewiU.]r]5+ySuJ!4>3If)y3KL9D3I?*s(k%O1
.casalemedia.com/	1970-01-20 03:18:22	Name: CMPRO Value: 1194
.casalemedia.com/	1970-01-20 01:10:12	Name: CMST Value: YhfJWWIXyVkA
.casalemedia.com/	1970-01-20 09:54:22	Name: CMRUM3 Value: 2d6217c9592760CAESELe5Yau6lOrDPtaTxd819Is
.adnxs.com/	1970-01-20 03:18:22	Name: uuid2 Value: 2001681459838564484
.3lift.com/	1970-01-20 03:18:22	Name: tluid Value: 3368185604785952063352
.travelaudience.com/	1970-01-20 10:34:41	Name: _tracker Value: %7B%22UUID%22%3A%223A94F33F-AA1F-47FC-9D1B-55968CB16EFA%22%7D
.tribalfusion.com/	1970-01-20 03:18:22	Name: ANON_ID Value: aPnseFwZcF1eoXarpfrg5H5GAPLwcZaCmfwXMsiTcWxCnfr5262q4EDNJbxWGUUYg3x6CZb7nRYyrNJbpXq1dRP

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tempprenmis.tk/hits.php Message: Failed to load resource: the server responded with a status of 404 ()
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
javascript	warning	URL: https://tempprenmis.tk/ Message: The resource https://img.wprost.pl/img/mlyny-gdanskie-sa-efektem-polaczenia-inspiracji-historyczna-zabudowa-gdanska-ze-wspolczesna-architektura-oraz-nowoczesnymi-rozwiazaniami/5b/fe/cee17864dc7f5e599a89712f12c8.jpeg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

268d718b4594459bc1c6b1db8e9a7b90.safeframe.googlesyndication.com
a.tribalfusion.com
ads.travelaudience.com
adservice.google.com
adservice.google.ru
advice.hit.gemius.pl
api.deep.bi
c.bannerflow.net
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
eb2.3lift.com
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
img.wprost.pl
in.sv
ls.hit.gemius.pl
match.adsrvr.org
pagead2.googlesyndication.com
pixel.rubiconproject.com
s.tribalfusion.com
s0.2mdn.net
scoring.deep.bi
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
stats.g.doubleclick.net
tempprenmis.tk
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
142.250.181.226
142.250.186.162
146.59.30.108
185.11.128.206
185.33.221.52
185.86.139.103
2.18.234.21
2600:9000:2156:fc00:11:a4de:2580:93a1
2606:4700:10::6816:28b9
2606:4700:20::681a:e1b
2606:4700::6810:c40
2606:4700::6812:c05
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:800::2006
2a00:1450:4001:802::2002
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2001
2a00:1450:4001:830::200e
2a00:1450:400c:c04::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3120::7
35.190.0.66
52.223.40.198
69.173.144.138
76.223.111.18
02ab5d64e5872e1370aa254d807fc33b657f925ab9f041330a049839b78e0e80
04996bf0a2b5b4fcb2a8968dcb104c8fee108849414c645d4711d307a2685e8a
0643484d67311199055be01407f32b3310fec6a59fe9e85107ba5f41f19a2cf2
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0a9c150aa6dfc4fedc72167a4736bbcecde58c8f2e47a4cf44801774f85a3fdf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
1b019dba654b6a670ff83612cc866453fac6b389c1da4832159f340ead53081a
201caeb1949a50aee80c1d9547fa2ef09ef170b5694df93bd6227cf884adffbc
21fbd6b11f1cf10a085cc6550404fa92a55d0b3471b0ca90cb40be00466b8fa4
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
22e730c5e58a487c838bda5b1a08e1b2a0d537371c08d4a01c56593ed8160ee6
24fa35573d7e0db487ed379dc1ce2d72776d89129804568e1e5d1dccdfd3a27d
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2ae11df04de2372391443686145c69a3c8c45491e00081a1af751b0fb465399c
2b28175efeef3e5c96fdaad6da694d2db8f61df4f2f7da7c3b1c129bbd430a04
2d16c6bf2e25e475f0971bc6e839faa49e350a764a9e760053b613a0aab1d5f6
2ea665fc0455d38b414a5a31a72f3a8e3a3054b6d3f224d73d5d9057f6b2d3db
331e14f7226ecaea46e85f54db23f4e7a434969120e39c1a54a8087807ddf830
35afb774f93baadbff26bddc324582f3ddb6709f1ee3ed7dca47392db7fdc981
3650d40555b65c92b0a701dcb52783d0dc3d6b8bdd2c70dfaf3f8798635be492
3932943c42751eb7007d21192da9999a6ee0bd453157a61b0083c13836875912
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
3e4af6b5bfde98b8da4e6ad4e9facc834721e645b6b7e04bf93af53af5a55a20
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42029e6774581c9691e7a855bab8e412602160a2592cb13574e6a9b9e0f390a8
42b21abbca1944f3630cf12ce218a16eed50f9673faf100047ca61341e318b80
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4abd3e7ba0ee96a52303d0f6d6b08ea5a8677ad7df619872919db20c6d514924
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c84629456a70df1137ab4bdcddba32050a2524568912630c2538746cbbcdc51
4de28a05e0b438d5800c7dd1345e0ec1a63da96a9e2ad0a65d43203cd91d48ed
4edc2771e39377761ee27274647e8a9aa6caddf1c726b86c4ad468dfe5f45300
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b8422ced583f14efd93be4dc4388de9b30ab404194502a2fb7dba365f7f9dc
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
5b9ebb51cc1864891605e235feefb68007622a67e76843a4f0893468ec44ece8
5becbc936c15ff90857967205040c247e0f8a58b4fcbac94763ed3a61e059210
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
5f416547d36ab9ef1af8bd30eb509bd63c961ffe240096d7bc6e4a9162eb10df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65765064b3d107a88b2ff4b0562d03f0eab36d96ca4b90aaf9904587312bace0
662c42d2b9d5c15f548ec750617d497cea2d63158b7aa9953ac97e20dc3bfb99
66d40d6d50a3a93dffb20255fecae710778d487d96aca96983fe32033309e72d
6707dc60504ea73154435c10b9771b3e16ed67e1b86a30ffa25cb07965c23ce9
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
69fd202eb29a744dc6b5231ac02eaefcd91fe234f44dcc7492cfd22b17218e9c
6e13e58861d0d8000aa6c0b58204094359a1614ab079848ba8ba3a7f06028066
6e8da9c93695d9066c06a0ff4ad814559e5c186cb7fc93e31a499183e14cdc92
779de053872046185bd650f7e2ffb8b4f1e0ee5f9b2bc73711dbf00f2abc6b28
7d6c3674785d0db6ea9c952d6389ad37ac07753cd0161fb0b6f7e0081153f316
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
8067ebedbe560e9197bd73675a916a0c8608c981bce15196838492731565bcbb
813d68061248785859a089791ba33f25cf9e90e565fa62e5848d88224fc00e9d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87b3beae1d08bf029d04938bc1d76c7870d450fd75609a85dfafd761cd472047
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911
919462eb23533d6a32db8faf732b4d7dafa39f69d32bff2a6905748fedf47bcb
99afd68033e9c0548c768c64cd16c6112011cb4f090729c1f5eaf21a3360b98e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c7543f17ece99c6b9fc15cd93856cf12e5f8945284a5dbeb926bbb4ac81be73
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2bbc93f0850a67adf8846efe6b381d064ad8b36806f777bb9dca90b569f501b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733
added0390197456db6a25dd81fa2e56f7a7e0d547233727da1d8e8bc2579a9e3
ae47b864a4eabfc7c6b1101f184f01fe8dce6c561c1f6a7bca059cc2cab7bcf3
af7b6cbfca349ad0db59e6d46d50b154b03c8173b7ae9a8e08a44a9aabaf4b59
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b70f7e9757572624f0f5bb0bbaf4b1de2509abeafe781b415662f53fbda9f786
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b8572dc1bd022a548e4662d7b12a8ceb5e8bf1722699fc53e78db84cb8c782ab
b901bb3f99c678eff6b45f58f1ff9bb494e8cc24c214c6ec41d2d45e2ebabd0f
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
c01351f6b65ecb4efde549618c748755dec43b369bec2897260f7f4ec05aebbe
c79b7506033f731f036b8c0da54494d539ddb31a06a0266c6189a4990f1d13cc
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
cbcbbdcfce6d7267bd200fac1569113b447dc9d9839b96f853ebca9b322a52e4
cc450ca6f3818ff2ad8eae3a10277a1018c541e862cb5b9a34466a813e544bd0
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
ce0803d94f35163b581e3eafd97673b36f36c4fab157c3fa1ecc81fbfd4354a6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0fb269731eae2082067020bfcc6f6340126e004c30a9a2e96270c7b56cab8eb
d23c6c35e02d267d4ce46c0e9b197720d883ac35a6f608393c9964ff5831d603
d3eafd40fa29206c6532c50940907bae198e367ecde2f2de1673136e8fff6c11
d7c4b870733c836a4e6688f1d748901c9b766f678418dd321a4af64de93e20ec
dc6aa291217a39c090896ceca42dde661767f883062d581a6074b3c27b72d6af
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57693d883138bf2ffcfa537b602020fa9511ec5f41fa4370c7f223222199103
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
edb43b4b3459f6f2e25d0cb954d2af5591eeb64109f3b0417617f244ef5fd395
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6bc03a26bf3dbb80a22a2eaf54523f07a7aebac158bcd69d58bd5a13cc9351
f4231e6435e26e6cbd926387d7d59bd67745bae47173ffc868631c4138d80f55
f67be9ffd620bff33267303a2c849ea44631f3f4754e8046a2c649beff90fbc2
f8b3082371bd6a0093087b633647e5a3f3ec1ef0e97e982814f86821f8512bfc
fd5e88b0f2cc6fb839016d92d209e99cefce24f4ff6bca4c5ab02bc8c2b1ffe0

tempprenmis.tk Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

151 Requests

93 %HTTPS

66 %IPv6

27 Domains

37 Subdomains

30 IPs

6 Countries

1772 kBTransfer

4485 kBSize

26 Cookies

21 Outgoing links

Page URL History

Redirected requests

151 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tempprenmis.tk Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

151
Requests

93 %
HTTPS

66 %
IPv6

27
Domains

37
Subdomains

30
IPs

6
Countries

1772 kB
Transfer

4485 kB
Size

26
Cookies

151 HTTP transactions
2 data transactions