kronus.comehere.cz Open in urlscan Pro
2a01:28:ca:63:120:211:: Public Scan

Go To Rescan
Add Verdict Report

URL:
http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Submission: On February 08 via automatic, source phishtank (February 8th 2017, 10:01:15 pm UTC)

Summary HTTP 53 Redirects Links 49 Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 21 domains to perform 53 HTTP transactions. The main IP is 2a01:28:ca:63:120:211::, located in Czech Republic and belongs to SUPERNETWORK-AS Bilejova 407, CZ. The main domain is kronus.comehere.cz.

This is the only time kronus.comehere.cz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a01:28:ca:63... 2a01:28:ca:63:120:211::	39392 (SUPERNETW...) (SUPERNETWORK-AS Bilejova 407)
1	2a00:1450:400... 2a00:1450:400e:805::2008	15169 (GOOGLE) (GOOGLE - Google Inc.)
16	2a01:28:ca:63... 2a01:28:ca:63:120:104::	39392 (SUPERNETW...) (SUPERNETWORK-AS Bilejova 407)
4	2a00:1450:400... 2a00:1450:400e:801::2002	15169 (GOOGLE) (GOOGLE - Google Inc.)
3	2a00:1450:400... 2a00:1450:400e:805::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:400... 2a00:1450:400e:805::2004	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	2a03:2880:f01... 2a03:2880:f01c:6:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:400e:805::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	77.75.79.33 77.75.79.33	43037 (SEZNAM-CZ ) (SEZNAM-CZ )
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:401... 2a00:1450:401b:801::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2.21.246.16 2.21.246.16	20940 (AKAMAI-ASN1 ) (AKAMAI-ASN1 )
2	95.101.247.95 95.101.247.95	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	62.67.193.85 62.67.193.85	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	2a00:1288:110... 2a00:1288:110:422::3000	34010 (YAHOO-IRD ) (YAHOO-IRD )
2	54.247.69.248 54.247.69.248	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	146.148.9.173 146.148.9.173	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	185.33.220.197 185.33.220.197	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	54.165.129.193 54.165.129.193	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
53	23

1 2a01:28:ca:63:120:211:: (Czech Republic)

ASN39392 (SUPERNETWORK-AS Bilejova 407, CZ)

kronus.comehere.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:805::2008 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a01:28:ca:63:120:104:: (Czech Republic)

ASN39392 (SUPERNETWORK-AS Bilejova 407, CZ)

www.endora.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400e:801::2002 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:805::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:805::2004 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:6:face:b00c:0:1 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:805::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.75.79.33 (Prague, Czech Republic)

ASN43037 (SEZNAM-CZ , CZ)
PTR: c.imedia.cz

c.imedia.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: ams15s22-in-f162.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:401b:801::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.246.16 (Austria)

ASN20940 (AKAMAI-ASN1 , US)

a.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.247.95 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-101-247-95.deploy.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.67.193.85 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:422::3000 (United Kingdom)

ASN34010 (YAHOO-IRD , GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.247.69.248 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-69-248.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.148.9.173 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 173.9.148.146.bc.googleusercontent.com

ads.kiosked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.197 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 186.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.165.129.193 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-165-129-193.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.241.240.143 (Pasadena, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	endora.cz www.endora.cz	367 KB
5	adroll.com a.adroll.com s.adroll.com d.adroll.com	11 KB
4	googlesyndication.com pagead2.googlesyndication.com	111 KB
3	google.com apis.google.com www.google.com	57 KB
2	facebook.com www.facebook.com staticxx.facebook.com Failed	119 B
2	imedia.cz c.imedia.cz	564 B
2	facebook.net connect.facebook.net	63 KB
1	openx.net us-u.openx.net	43 B
1	rlcdn.com idsync.rlcdn.com	43 B
1	adnxs.com ib.adnxs.com
1	twitter.com analytics.twitter.com	74 B
1	kiosked.com ads.kiosked.com	43 B
1	yahoo.com ads.yahoo.com
1	rubiconproject.com pixel.rubiconproject.com	42 B
1	google.de www.google.de	51 B
1	googleadservices.com www.googleadservices.com	5 KB
1	gstatic.com www.gstatic.com	70 KB
1	google-analytics.com www.google-analytics.com	11 KB
1	googletagmanager.com www.googletagmanager.com	17 KB
1	comehere.cz kronus.comehere.cz	6 KB
0	doubleclick.net Failed googleads.g.doubleclick.net Failed
53	21

	Domain	Requested by
16	www.endora.cz	kronus.comehere.cz www.endora.cz
4	pagead2.googlesyndication.com	kronus.comehere.cz pagead2.googlesyndication.com
2	d.adroll.com	kronus.comehere.cz
2	s.adroll.com	s.adroll.com
2	www.facebook.com	kronus.comehere.cz connect.facebook.net
2	c.imedia.cz	www.googletagmanager.com kronus.comehere.cz
2	connect.facebook.net	kronus.comehere.cz s.adroll.com
2	apis.google.com	kronus.comehere.cz apis.google.com
1	us-u.openx.net
1	idsync.rlcdn.com
1	ib.adnxs.com
1	analytics.twitter.com
1	ads.kiosked.com
1	ads.yahoo.com
1	pixel.rubiconproject.com
1	a.adroll.com	kronus.comehere.cz
1	www.google.de	kronus.comehere.cz
1	www.googleadservices.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	www.google-analytics.com	kronus.comehere.cz
1	www.google.com	kronus.comehere.cz
1	www.googletagmanager.com	kronus.comehere.cz
1	kronus.comehere.cz
0	staticxx.facebook.com Failed	connect.facebook.net
0	googleads.g.doubleclick.net Failed	pagead2.googlesyndication.com
53	25

This site contains links to these domains. Also see Links.

Domain
www.endora.cz
podpora.endora.cz
webadmin.endora.cz
twitter.com
plus.google.com
instagram.com
www.youtube.com
www.google.com

Subject Issuer	Validity	Valid
*.apis.google.com Google Internet Authority G2	`2017-01-25` - `2017-04-19`	3 months	crt.sh
www.google.com Google Internet Authority G2	`2017-01-25` - `2017-04-19`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G2	`2017-01-25` - `2017-04-19`	3 months	crt.sh
*.googleusercontent.com Google Internet Authority G2	`2017-01-25` - `2017-04-19`	3 months	crt.sh
*.google.com Google Internet Authority G2	`2017-01-25` - `2017-04-19`	3 months	crt.sh
www.google.de Google Internet Authority G2	`2017-01-25` - `2017-04-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2016-12-09` - `2018-01-25`	a year	crt.sh
*.adroll.com Symantec Class 3 Secure Server CA - G4	`2016-11-07` - `2018-01-06`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2016-01-12` - `2019-03-01`	3 years	crt.sh
ad.yieldmanager.com Symantec Class 3 Secure Server CA - G4	`2015-08-20` - `2017-08-19`	2 years	crt.sh
*.kiosked.com RapidSSL SHA256 CA	`2016-08-19` - `2019-10-05`	3 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2015-07-30` - `2018-08-03`	3 years	crt.sh
*.adnxs.com GeoTrust SSL CA - G3	`2016-02-25` - `2018-05-26`	2 years	crt.sh
*.rlcdn.com Go Daddy Secure Certificate Authority - G2	`2015-06-16` - `2017-06-21`	2 years	crt.sh
*.openx.net GeoTrust SSL CA - G3	`2014-09-29` - `2017-06-07`	3 years	crt.sh

This page contains 8 frames:

Primary Page: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Frame ID: 15055.1
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20170206/r20170110/zrt_lookup.html
Frame ID: 15055.3
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170206/r20170110/show_ads_impl.js
Frame ID: 15055.2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5207119889962754&format=250x250&output=html&h=250&slotname=8624521180&adk=157814446&adf=677210104&w=250&lmt=1481715246&flash=24.0.0&url=http%3A%2F%2Fkronus.comehere.cz%2Fmailme%2Fd%2Fscvr.php%3Fe%3Dabuse%40gmail.com&wgl=1&dt=1486591268181&bpp=9&bdt=204&fdt=13&idt=133&shv=r20170206&cbv=r20170110&saldr=aa&correlator=871087900531&frm=20&ga_vid=1727118530.1486591268&ga_sid=1486591268&ga_hid=1962689193&ga_fc=0&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&dff=arial&dfs=14&adx=1136&ady=263&biw=1598&bih=1083&eid=33509845%2C575144605&oid=3&rx=0&eae=0&fc=16&brdim=1%2C1%2C1%2C1%2C1600%2C0%2C1598%2C1198%2C1598%2C1083&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&xpc=tTzFk5IabY&p=http%3A//kronus.comehere.cz&dtd=151
Frame ID: 15055.4
Requests: 1 HTTP requests in this frame

Frame: http://staticxx.facebook.com/connect/xd_arbiter/r/0eWevUAMuoH.js?version=42
Frame ID: 15055.5
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/0eWevUAMuoH.js?version=42
Frame ID: 15055.6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/connect/ping?client_id=1409391765942444&domain=kronus.comehere.cz&origin=1&redirect_uri=http%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F0eWevUAMuoH.js%3Fversion%3D42%23cb%3Df39bdadb1a6785%26domain%3Dkronus.comehere.cz%26origin%3Dhttp%253A%252F%252Fkronus.comehere.cz%252Ff1ecc7826c582b8%26relation%3Dparent&response_type=token%2Csigned_request%2Ccode&sdk=joey
Frame ID: 15055.7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=1409391765942444&channel=http%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F0eWevUAMuoH.js%3Fversion%3D42%23cb%3Df2245c675d9f5c4%26domain%3Dkronus.comehere.cz%26origin%3Dhttp%253A%252F%252Fkronus.comehere.cz%252Ff1ecc7826c582b8%26relation%3Dparent.parent&container_width=292&header=false&height=239&href=http%3A%2F%2Fwww.facebook.com%2Fendora.cz&locale=cs_CZ&sdk=joey&show_border=false&show_faces=true&stream=false&width=292
Frame ID: 15055.8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

53
Requests

38 %
HTTPS

50 %
IPv6

21
Domains

25
Subdomains

23
IPs

6
Countries

719 kB
Transfer

2153 kB
Size

2
Cookies

49 Outgoing links

These are links going to different origins than the main page.

URL: http://www.endora.cz/

Search URL Search Domain Scan URL

URL: http://www.endora.cz/vlastnosti
Title: Vlastnosti

Search URL Search Domain Scan URL

URL: http://www.endora.cz/vlastnosti/emailove-sluzby
Title: Emailové služby

Search URL Search Domain Scan URL

URL: http://www.endora.cz/vlastnosti/registrace-domeny-cz
Title: Registrace domény

Search URL Search Domain Scan URL

URL: http://www.endora.cz/stranky-zdarma/webova-vizitka
Title: Webová vizitka

Search URL Search Domain Scan URL

URL: http://www.endora.cz/vlastnosti/https-zdarma-webhosting-endora
Title: SSL zdarma

Search URL Search Domain Scan URL

URL: http://www.endora.cz/vlastnosti/supercache
Title: Supercache

Search URL Search Domain Scan URL

URL: http://www.endora.cz/vlastnosti/dnssec
Title: DNSSEC

Search URL Search Domain Scan URL

URL: http://www.endora.cz/vlastnosti/virtualni-managed-servery
Title: Virtuální servery

Search URL Search Domain Scan URL

URL: http://www.endora.cz/cenik
Title: Ceník

Search URL Search Domain Scan URL

URL: http://www.endora.cz/podpora/napoveda
Title: Podpora

Search URL Search Domain Scan URL

URL: http://www.endora.cz/podpora/podminky-pouziti
Title: Podmínky použití

Search URL Search Domain Scan URL

URL: http://podpora.endora.cz/
Title: Fórum podpory

Search URL Search Domain Scan URL

URL: http://www.endora.cz/podpora/videonavody
Title: Videonávody

Search URL Search Domain Scan URL

URL: http://www.endora.cz/podpora/kontaktujte-nas
Title: Kontaktujte nás

Search URL Search Domain Scan URL

URL: http://www.endora.cz/o-nas/kdo-jsme
Title: O nás

Search URL Search Domain Scan URL

URL: http://www.endora.cz/o-nas/zazemi
Title: Zázemí

Search URL Search Domain Scan URL

URL: http://www.endora.cz/o-nas/prenos-dat
Title: Přenos dat

Search URL Search Domain Scan URL

URL: http://www.endora.cz/o-nas/endora-pomaha
Title: Pomáháme

Search URL Search Domain Scan URL

URL: http://www.endora.cz/o-nas/podporte-nas
Title: Podpořte nás

Search URL Search Domain Scan URL

URL: http://www.endora.cz/o-nas/napsali-o-nas
Title: Napsali o nás

Search URL Search Domain Scan URL

URL: http://www.endora.cz/o-nas/kariera
Title: Kariéra

Search URL Search Domain Scan URL

URL: http://www.endora.cz/katalog
Title: Katalog

Search URL Search Domain Scan URL

URL: http://www.endora.cz/objednavka
Title: Zaregistrujte se

Search URL Search Domain Scan URL

URL: https://www.endora.cz/podpora/kontaktujte-nas
Title: technickou podporu

Search URL Search Domain Scan URL

URL: https://www.endora.cz/podpora/napoveda/5-domeny/43-jak-si-mohu-na-endora-cz-zaregistrovat-novou-domenu
Title: Jak si na Endora.cz zaregistrovat doménu

Search URL Search Domain Scan URL

URL: https://www.endora.cz/podpora/napoveda/5-domeny/202-alias-k-domene-druheho-nebo-tretiho-radu
Title: Jak si přiřadit alias k doméně druhého nebo třetího řádu

Search URL Search Domain Scan URL

URL: https://www.endora.cz/podpora/napoveda/3-technicke-ftp-mysql/44-jiz-mam-zaregistrovanou-domenu-u-jineho-registratora-jak-ji-mohu-nasmerovat-na-endora-cz
Title: Jak si přesměruji doménu zaregistrovanou u jiného registrátora

Search URL Search Domain Scan URL

URL: https://www.endora.cz/podpora/napoveda/5-domeny/193-prevod-domeny-ii-radu-na-endora-cz
Title: Převod domény druhého řádu na Endora.cz

Search URL Search Domain Scan URL

URL: https://www.endora.cz/podpora/napoveda/5-domeny/189-overeni-e-mailove-adresy-pri-registraci-generickych-domen
Title: Ověření e-mailových adres při registraci generických domén

Search URL Search Domain Scan URL

URL: http://www.endora.cz/stranky-zdarma/wordpress
Title: Wordpress

Search URL Search Domain Scan URL

URL: http://www.endora.cz/stranky-zdarma/presta-shop
Title: PrestaShop

Search URL Search Domain Scan URL

URL: http://www.endora.cz/stranky-zdarma/joomla
Title: Joomla!

Search URL Search Domain Scan URL

URL: http://www.endora.cz/stranky-zdarma/drupal
Title: Drupal

Search URL Search Domain Scan URL

URL: http://www.endora.cz/stranky-zdarma/silver-stripe
Title: SilverStripe

Search URL Search Domain Scan URL

URL: http://www.endora.cz/stranky-zdarma/sun-light
Title: Sunlight

Search URL Search Domain Scan URL

URL: http://www.endora.cz/domeny
Title: Domény

Search URL Search Domain Scan URL

URL: http://www.endora.cz/podpora/forum
Title: Nápověda a fórum

Search URL Search Domain Scan URL

URL: https://webadmin.endora.cz/
Title: Webadmin

Search URL Search Domain Scan URL

URL: http://www.endora.cz/skoly
Title: Pro školy

Search URL Search Domain Scan URL

URL: http://www.endora.cz/novinky
Title: Novinky

Search URL Search Domain Scan URL

URL: https://twitter.com/stablecz
Title: Twitter

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/107148261684485839365?rel=author
Title: Google+

Search URL Search Domain Scan URL

URL: http://instagram.com/stablecz/
Title: Instagram

Search URL Search Domain Scan URL

URL: http://www.youtube.com/playlist?list=PLoruQc6QoN3Trqm6_biEmGEW-ksPhbbp5
Title: YouTube

Search URL Search Domain Scan URL

URL: http://www.endora.cz/rss
Title: RSS

Search URL Search Domain Scan URL

URL: http://www.endora.cz/privacy
Title: Ochrana soukromí

Search URL Search Domain Scan URL

URL: http://www.endora.cz/podpora/napoveda/2-fakturace/149-moznosti-platby-na-endora-cz
Title:

Search URL Search Domain Scan URL

URL: https://www.google.com/policies/technologies/cookies/
Title: Další informace

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 14

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

Request 30

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5967828-26&cid=1727118530.1486591268&jid=207001446&_v=j47&z=1497855095
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5967828-26&cid=1727118530.1486591268&jid=207001446&_v=j47&z=1497855095&ipr=y&ulfeg=n

Request 38

https://d.adroll.com/pixel/LBMQLP6YHJFG7KXWFPVCV3/YD4FELB2FFDBVPM3JHRFB4?pv=80088456536.82549&cookie=&adroll_s_ref=&keyw=
https://s.adroll.com/pixel/LBMQLP6YHJFG7KXWFPVCV3/YD4FELB2FFDBVPM3JHRFB4/NUH4TFHP6VF4FJ2GL6ZKBD.js

Request 41

https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NzA3OWJjMjg0ZGRkOTZmZmFlMThjNDYwMDczMzY5MjM&expires=365
https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=194538&nid=3644&put=NzA3OWJjMjg0ZGRkOTZmZmFlMThjNDYwMDczMzY5MjM&expires=365

Request 42

https://d.adroll.com/cm/r/out
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1

Request 44

https://ads.kiosked.com/match?bidder_id=2&external_user_id=d9d4bf5a-cb5b-4de4-93fc-43b57558239f&publisher_id=&dsp_uuid=&dsp_id=
https://ads.kiosked.com/ul_cb/match?bidder_id=2&external_user_id=d9d4bf5a-cb5b-4de4-93fc-43b57558239f&publisher_id=&dsp_uuid=&dsp_id=

Request 45

https://d.adroll.com/cm/w/out
https://analytics.twitter.com/i/adsct?p_user_id=NzA3OWJjMjg0ZGRkOTZmZmFlMThjNDYwMDczMzY5MjM&p_id=823423

Request 46

https://d.adroll.com/cm/x/out
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27NzA3OWJjMjg0ZGRkOTZmZmFlMThjNDYwMDczMzY5MjM%27)

Request 47

https://idsync.rlcdn.com/377928.gif?partner_uid=7079bc284ddd96ffae18c46007336923
https://idsync.rlcdn.com/377928.gif?partner_uid=7079bc284ddd96ffae18c46007336923&redirect=1

Request 48

https://us-u.openx.net/w/1.0/sd?id=537103138&val=7079bc284ddd96ffae18c46007336923
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=7079bc284ddd96ffae18c46007336923

Request 49

https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=cHm8KE3dlv-uGMRgBzNpIw&google_ula=1535926
https://d.adroll.com/cm/g/in?google_ula=1535926,0

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request scvr.php Show response
kronus.comehere.cz/mailme/d/ 19 KB
6 KB 46ms
18ms Document
text/html 2a01:28:ca:63:120:211::
SUPERNETWORK-AS B...

General

Check archive.org

Show headers Download Go to

Full URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Protocol: HTTP/1.1
Server: 2a01:28:ca:63:120:211:: , Czech Republic, ASN39392 (SUPERNETWORK-AS Bilejova 407, CZ),
Reverse DNS
Software: nginx /
Resource Hash: ed51f9ddf90e980bcc05c3dbad95bf15c04f8278cddb9adbf30e864aee674943

Request headers

Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
Cache-Control: no-cache
Pragma: no-cache
Host: kronus.comehere.cz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Upgrade-Insecure-Requests: 1

Response headers

Date: Wed, 08 Feb 2017 22:01:07 GMT
Last-Modified: Wed, 14 Dec 2016 11:34:06 GMT
Server: nginx
ETag: W/"58512e2e-4b5b"
Transfer-Encoding: chunked
Expires: Wed, 08 Feb 2017 22:01:07 GMT
Content-Encoding: gzip
Content-Type: text/html
Cache-Control: max-age=0 private
Connection: close

GET
H/1.1 200
OK gtm.js Show response
www.googletagmanager.com/ 43 KB
17 KB 33ms
20ms Script
application/javascript 2a00:1450:400e:805::2008
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5

Requested by

Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com

Protocol

HTTP/1.1

Server

2a00:1450:400e:805::2008 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

29f0f4f7da3d15088f88d0e7416d005aa8052446e941392a46b61652dfdab860

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Accept-Encoding: gzip, deflate, sdch
Host: www.googletagmanager.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 08 Feb 2017 22:01:08 GMT
Content-Encoding: gzip
Content-Length: 17252
X-XSS-Protection: 1; mode=block
Expires: Wed, 08 Feb 2017 22:01:08 GMT
Server: Google Tag Manager (scaffolding)
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: private, max-age=900

GET
H/1.1 200
OK cssloader-332af95ee984.css
www.endora.cz/webtemp/ 260 KB
65 KB 92ms
14ms Stylesheet
text/css 2a01:28:ca:63:120:104::
SUPERNETWORK-AS B...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.endora.cz/webtemp/cssloader-332af95ee984.css?1480587648
Requested by: Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Protocol: HTTP/1.1
Server: 2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK-AS Bilejova 407, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 1af3d9b2ad7c54857797c429366b5ec6984e2e94fc8cc84f76ef8844d307204b

Request headers

Accept: text/css,*/*;q=0.1
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Host: www.endora.cz
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

ETag: W/"589b3bb2-40fb6"
Cache-Control: max-age=2419200
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Wed, 08 Feb 2017 15:39:30 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Date: Wed, 08 Feb 2017 22:01:08 GMT

GET
H/1.1 200
OK jsloader-af96dcacc4b8.js Show response
www.endora.cz/webtemp/ 10 KB
4 KB 94ms
17ms Script
application/javascript 2a01:28:ca:63:120:104::
SUPERNETWORK-AS B...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.endora.cz/webtemp/jsloader-af96dcacc4b8.js?1464943253
Requested by: Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Protocol: HTTP/1.1
Server: 2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK-AS Bilejova 407, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 8ef7e7c6b7de2b8a4ad4a2552c28abfd60d9d82c0bf116bb124f79aa7212dc7e

Request headers

Accept-Encoding: gzip, deflate, sdch
Host: www.endora.cz
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Accept: */*
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Cache-Control: max-age=29030400
Connection: keep-alive
Date: Wed, 08 Feb 2017 22:01:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Feb 2017 15:39:30 GMT
Content-Type: application/javascript
Server: nginx
ETag: W/"589b3bb2-29a2"
Vary: Accept-Encoding
Transfer-Encoding: chunked

GET
H/1.1 200
OK endoracz-freehosting-webhosting-zdarma.png
www.endora.cz/images/ 9 KB
9 KB 24ms
23ms Image
image/png 2a01:28:ca:63:120:104::
SUPERNETWORK-AS B...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.endora.cz/images/endoracz-freehosting-webhosting-zdarma.png
Requested by: Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Protocol: HTTP/1.1
Server: 2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK-AS Bilejova 407, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 81fd6754b3fc11fa383c5655a45f905a2c010c27676d42c89b32aae1a168a078

Request headers

Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Connection: keep-alive
Host: www.endora.cz
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9629
Date: Wed, 08 Feb 2017 22:01:08 GMT
Last-Modified: Thu, 18 Jun 2015 08:29:07 GMT
ETag: "55828153-259d"
Content-Type: image/png
Cache-Control: max-age=2419200

GET
H/1.1 200
OK ico-hosted.png
www.endora.cz/images/ 2 KB
2 KB 26ms
12ms Image
image/png 2a01:28:ca:63:120:104::
SUPERNETWORK-AS B...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.endora.cz/images/ico-hosted.png
Requested by: Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Protocol: HTTP/1.1
Server: 2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK-AS Bilejova 407, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 305f3d591b84041067571faecc77ae1f74e52fc857f1bc54b7ab9c9033962ccc

Request headers

Accept: image/webp,image/*,*/*;q=0.8
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Cache-Control: no-cache
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Pragma: no-cache
Host: www.endora.cz
Connection: keep-alive
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Type: image/png
Cache-Control: max-age=2419200
Last-Modified: Thu, 18 Jun 2015 08:29:07 GMT
ETag: "55828153-6c2"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1730
Date: Wed, 08 Feb 2017 22:01:08 GMT
Server: nginx

GET
H/1.1 200
OK ico-newfast.png
www.endora.cz/images/ 3 KB
3 KB 27ms
13ms Image
image/png 2a01:28:ca:63:120:104::
SUPERNETWORK-AS B...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.endora.cz/images/ico-newfast.png
Requested by: Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Protocol: HTTP/1.1
Server: 2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK-AS Bilejova 407, CZ),
Reverse DNS
Software: nginx /
Resource Hash: cd8e50622016ad57ca0fbbccee2690d504552b1ce0848142c442c127b8325178

Request headers

Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Host: www.endora.cz
Accept-Language: en-US,en;q=0.8
Accept: image/webp,image/*,*/*;q=0.8
Connection: keep-alive
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Cache-Control: max-age=2419200
Content-Length: 3457
Date: Wed, 08 Feb 2017 22:01:08 GMT
Last-Modified: Thu, 18 Jun 2015 08:29:07 GMT
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Server: nginx
ETag: "55828153-d81"

GET
H/1.1 200
OK ico-registeredcz.png
www.endora.cz/images/ 2 KB
2 KB 26ms
13ms Image
image/png 2a01:28:ca:63:120:104::
SUPERNETWORK-AS B...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.endora.cz/images/ico-registeredcz.png
Requested by: Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Protocol: HTTP/1.1
Server: 2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK-AS Bilejova 407, CZ),
Reverse DNS
Software: nginx /
Resource Hash: ef7a81264afb7408d3d24b684d6ea42daba371c0abfaa142bcf4f66313c5718c

Request headers

Accept-Encoding: gzip, deflate, sdch
Host: www.endora.cz
Accept-Language: en-US,en;q=0.8
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Connection: keep-alive
Pragma: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Cache-Control: no-cache
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Length: 2127
Content-Type: image/png
Cache-Control: max-age=2419200
Accept-Ranges: bytes
ETag: "55828153-84f"
Connection: keep-alive
Date: Wed, 08 Feb 2017 22:01:08 GMT
Last-Modified: Thu, 18 Jun 2015 08:29:07 GMT
Server: nginx

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 51 KB
19 KB 25ms
12ms Script
text/javascript 2a00:1450:400e:801::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com

Protocol

HTTP/1.1

Server

2a00:1450:400e:801::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

98ad1d4cd8d19da3cb76780d562c51f23031ad9214ac886a970f62f911811ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.8
Accept: */*
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Connection: keep-alive
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Encoding: gzip
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Content-Disposition: attachment; filename="f.txt"
Content-Length: 19530
X-XSS-Protection: 1; mode=block
Date: Wed, 08 Feb 2017 21:20:43 GMT
Age: 2425
ETag: 3765925503660729511
Content-Type: text/javascript; charset=UTF-8
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: cafe
Cache-Control: public, max-age=3600
Expires: Wed, 08 Feb 2017 22:20:43 GMT

GET
H/1.1 200
OK platebni-metody-freehostingu.png
www.endora.cz/images/ 6 KB
6 KB 26ms
13ms Image
image/png 2a01:28:ca:63:120:104::
SUPERNETWORK-AS B...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.endora.cz/images/platebni-metody-freehostingu.png
Requested by: Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Protocol: HTTP/1.1
Server: 2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK-AS Bilejova 407, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 8f708832c181e1694851f65a5d041591e94a24aabbc33e404fdac944e91c6eaa

Request headers

Accept-Encoding: gzip, deflate, sdch
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Cache-Control: no-cache
Pragma: no-cache
Host: www.endora.cz
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Connection: keep-alive
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Server: nginx
Content-Type: image/png
Accept-Ranges: bytes
Last-Modified: Thu, 18 Jun 2015 08:29:07 GMT
ETag: "55828153-17d9"
Cache-Control: max-age=2419200
Connection: keep-alive
Content-Length: 6105
Date: Wed, 08 Feb 2017 22:01:08 GMT

GET
H/1.1 200
OK gopay.png
www.endora.cz/images/ 3 KB
3 KB 24ms
12ms Image
image/png 2a01:28:ca:63:120:104::
SUPERNETWORK-AS B...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.endora.cz/images/gopay.png
Requested by: Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Protocol: HTTP/1.1
Server: 2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK-AS Bilejova 407, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 77c33447aa8f6fef0a8068a95394b7c91b0ab176664f90a51a21492d72ab4a3d

Request headers

Pragma: no-cache
Host: www.endora.cz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
Accept: image/webp,image/*,*/*;q=0.8
Connection: keep-alive
Cache-Control: no-cache
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Last-Modified: Thu, 25 Jun 2015 08:20:43 GMT
Server: nginx
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2890
Date: Wed, 08 Feb 2017 22:01:08 GMT
Cache-Control: max-age=2419200
Connection: keep-alive
ETag: "558bb9db-b4a"

GET
H2 200 plusone.js Show response
apis.google.com/js/ 41 KB
16 KB 61ms
35ms Script
application/javascript 2a00:1450:400e:805::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:400e:805::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

464542c10131d0864c5e1305e802e4c362e013f62b2b1444364747476e2e4cc8

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20170206.15_p0
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

pragma: no-cache
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: */*
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
:path: /js/plusone.js
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
cache-control: no-cache
:authority: apis.google.com
referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
:scheme: https
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="35,34"
x-frame-options: SAMEORIGIN
set-cookie: NID=96=y7G5UA1Lefm1G7q6e-88wGOb2dbR4Q7YoJxem4CrEgNsr97ScFmpN2ITerZMySyQC0iJ5oE82W-SiW2wstv1wfo4tdmAedaMIFQWM0wrsbH60wL9m_UL1tBlKBqm7cqh;Domain=.google.com;Path=/;Expires=Thu, 10-Aug-2017 22:01:08 GMT;HttpOnly
expires: Wed, 08 Feb 2017 22:01:08 GMT
status: 200
x-ua-compatible: IE=edge, chrome=1
server: ESF
date: Wed, 08 Feb 2017 22:01:08 GMT
timing-allow-origin: *
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20170206.15_p0
p3p: CP="This is not a P3P policy! See https://support.google.com/accounts/answer/151657?hl=en for more info."
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: private, max-age=1800, stale-while-revalidate=1800
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
etag: "3445560c58855f01fad5a83c918a77f6"

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 680 B
401 B 49ms
19ms Script
text/javascript 2a00:1450:400e:805::2004
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:400e:805::2004 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

GSE /

Resource Hash

903bfb3735c8d2a79270eee0057b85db7e98bc41577d7b319f4b522cf978df35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
cache-control: no-cache
:authority: www.google.com
:scheme: https
:path: /recaptcha/api.js?render=explicit
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept: */*
referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

cache-control: private, max-age=0
alt-svc: quic=":443"; ma=2592000; v="35,34"
x-frame-options: SAMEORIGIN
status: 200
x-content-type-options: nosniff
server: GSE
content-type: text/javascript; charset=UTF-8
content-length: 392
x-xss-protection: 1; mode=block
expires: Wed, 08 Feb 2017 22:01:08 GMT
date: Wed, 08 Feb 2017 22:01:08 GMT
content-encoding: gzip

GET
H/1.1 200
OK jsloader-71e7284de016.js Show response
www.endora.cz/webtemp/ 566 KB
190 KB 16ms
14ms Script
application/javascript 2a01:28:ca:63:120:104::
SUPERNETWORK-AS B...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.endora.cz/webtemp/jsloader-71e7284de016.js?1480587648
Requested by: Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Protocol: HTTP/1.1
Server: 2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK-AS Bilejova 407, CZ),
Reverse DNS
Software: nginx /
Resource Hash: f25131360a9c52d840b9b4245f4f730ba943cad321d9c4dc2223d1227aa69575

Request headers

Accept-Language: en-US,en;q=0.8
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.endora.cz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Wed, 08 Feb 2017 15:39:30 GMT
Server: nginx
ETag: W/"589b3bb2-8d614"
Vary: Accept-Encoding
Cache-Control: max-age=29030400
Date: Wed, 08 Feb 2017 22:01:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked

GET
H/1.1 200
OK cssloader-6d75e0bc422b-print.css
www.endora.cz/webtemp/ 195 B
188 B 13ms
12ms Stylesheet
text/css 2a01:28:ca:63:120:104::
SUPERNETWORK-AS B...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.endora.cz/webtemp/cssloader-6d75e0bc422b-print.css?1464943253
Requested by: Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Protocol: HTTP/1.1
Server: 2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK-AS Bilejova 407, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 0307813a544ed1fa8a8606edbdb10257272ff314a13d5d11d494a91bacd56600

Request headers

Pragma: no-cache
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Connection: keep-alive
Cache-Control: no-cache
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate, sdch
Host: www.endora.cz
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Type: text/css
Connection: keep-alive
Date: Wed, 08 Feb 2017 22:01:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Feb 2017 15:39:30 GMT
ETag: W/"589b3bb2-c3"
Vary: Accept-Encoding
Server: nginx
Cache-Control: max-age=2419200
Transfer-Encoding: chunked

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

27 KB
11 KB

38ms
11ms

Script
text/javascript

2a00:1450:400e:805::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:400e:805::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3ce672632d9ccd249014dc1bb913f7fa26ad5758fe180671e5cfb90b0f8a55d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-encoding: gzip, deflate, sdch, br
accept: */*
:authority: www.google-analytics.com
:scheme: https
:path: /analytics.js
pragma: no-cache
cache-control: no-cache
referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
:method: GET
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

last-modified: Wed, 28 Sep 2016 20:19:01 GMT
status: 200
content-type: text/javascript
content-length: 11590
content-encoding: gzip
vary: Accept-Encoding
date: Wed, 08 Feb 2017 21:18:53 GMT
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="35,34"
x-content-type-options: nosniff
server: Golfe2
timing-allow-origin: *
expires: Wed, 08 Feb 2017 23:18:53 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
age: 2535

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK all.js Show response
connect.facebook.net/cs_CZ/ 192 KB
59 KB 13ms
6ms Script
application/x-javascript 2a03:2880:f01c:6:face:b00c:0:1
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

http://connect.facebook.net/cs_CZ/all.js

Requested by

Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com

Protocol

HTTP/1.1

Server

2a03:2880:f01c:6:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

0934aeea5f7662f91c5c1b9a7922c314698d9a5a1bb146253d099007a4acd6d3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self';style-src data: 'unsafe-inline' ;connect-src .facebook.com .fbcdn.net .facebook.net .spotilocal.com:* .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Pragma: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Cache-Control: no-cache
Connection: keep-alive
Accept-Encoding: gzip, deflate, sdch
Host: connect.facebook.net
Accept-Language: en-US,en;q=0.8
Accept: */*
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Cache-Control: public,max-age=1200,stale-while-revalidate=3600
Strict-Transport-Security: max-age=15552000; preload
Connection: keep-alive
ETag: "ce5e60f1579b199760d80dd7396504ce"
Date: Wed, 08 Feb 2017 22:01:08 GMT
timing-allow-origin: *
Expires: Wed, 08 Feb 2017 22:06:13 GMT
X-XSS-Protection: 0
Content-MD5: 40D5v0rU32NJPUAwO4X5Lw==
x-fb-content-md5: 09c621a1a431c6675c6c268f439adbc0
Content-Type: application/x-javascript; charset=utf-8
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 60863
X-Frame-Options: DENY
Vary: Accept-Encoding
X-FB-Debug: DvzmXZYwU0jebLBJayd4Pb1Zxdx0whaWK/jeC1XstAtv5HYGp8Ni4PCjp5oW4qriXWlg6AAGdCH/iK5l8U7PFg==
Access-Control-Expose-Headers: X-FB-Content-MD5

GET
H/1.1 200
OK header-bg-2.png
www.endora.cz/assets/web/css/ 2 KB
2 KB 24ms
13ms Image
image/png 2a01:28:ca:63:120:104::
SUPERNETWORK-AS B...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.endora.cz/assets/web/css/header-bg-2.png
Requested by: Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Protocol: HTTP/1.1
Server: 2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK-AS Bilejova 407, CZ),
Reverse DNS
Software: nginx /
Resource Hash: a6dc9b82f3a0c52addc43d1deedca36c606befc3a0bad4f29f9365701c32d165

Request headers

Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
Cache-Control: no-cache
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.endora.cz/webtemp/cssloader-332af95ee984.css?1480587648
Connection: keep-alive
Pragma: no-cache
Host: www.endora.cz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://www.endora.cz/webtemp/cssloader-332af95ee984.css?1480587648
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Last-Modified: Fri, 03 Jun 2016 08:40:53 GMT
Server: nginx
ETag: "57514295-7a1"
Cache-Control: max-age=2419200
Connection: keep-alive
Content-Length: 1953
Date: Wed, 08 Feb 2017 22:01:08 GMT
Content-Type: image/png
Accept-Ranges: bytes

GET
H/1.1 200
OK slider-controls.png
www.endora.cz/assets/web/css/ 2 KB
2 KB 24ms
12ms Image
image/png 2a01:28:ca:63:120:104::
SUPERNETWORK-AS B...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.endora.cz/assets/web/css/slider-controls.png
Requested by: Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Protocol: HTTP/1.1
Server: 2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK-AS Bilejova 407, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 0e9da5da7346dd8033a870e67fa01e5e379ad0dc2eb49563ec3e5f0b09c03140

Request headers

Cache-Control: no-cache
Referer: http://www.endora.cz/webtemp/cssloader-332af95ee984.css?1480587648
Accept-Encoding: gzip, deflate, sdch
Host: www.endora.cz
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Connection: keep-alive
Pragma: no-cache
Referer: http://www.endora.cz/webtemp/cssloader-332af95ee984.css?1480587648
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Server: nginx
Content-Type: image/png
Cache-Control: max-age=2419200
Connection: keep-alive
Date: Wed, 08 Feb 2017 22:01:08 GMT
Last-Modified: Fri, 03 Jun 2016 08:40:53 GMT
ETag: "57514295-6d4"
Accept-Ranges: bytes
Content-Length: 1748

GET
H/1.1 200
OK socials.png
www.endora.cz/assets/web/css/ 12 KB
12 KB 24ms
12ms Image
image/png 2a01:28:ca:63:120:104::
SUPERNETWORK-AS B...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.endora.cz/assets/web/css/socials.png
Requested by: Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Protocol: HTTP/1.1
Server: 2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK-AS Bilejova 407, CZ),
Reverse DNS
Software: nginx /
Resource Hash: a3e0cc1523fbef6a99b0c19bfdfdaf832e7c747d0f98183a3ea26343e14fee8b

Request headers

Connection: keep-alive
Host: www.endora.cz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.endora.cz/webtemp/cssloader-332af95ee984.css?1480587648
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
Cache-Control: no-cache
Referer: http://www.endora.cz/webtemp/cssloader-332af95ee984.css?1480587648
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 12447
Last-Modified: Fri, 03 Jun 2016 08:40:53 GMT
ETag: "57514295-309f"
Content-Type: image/png
Cache-Control: max-age=2419200
Accept-Ranges: bytes
Date: Wed, 08 Feb 2017 22:01:08 GMT
Server: nginx

GET
H/1.1 200
OK cssloader-332af95ee984.css Show response
www.endora.cz/webtemp/ 260 KB
65 KB 28ms
15ms XHR
text/css 2a01:28:ca:63:120:104::
SUPERNETWORK-AS B...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.endora.cz/webtemp/cssloader-332af95ee984.css?1480587648
Requested by: Host: www.endora.cz
URL: http://www.endora.cz/webtemp/jsloader-af96dcacc4b8.js?1464943253
Protocol: HTTP/1.1
Server: 2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK-AS Bilejova 407, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 1af3d9b2ad7c54857797c429366b5ec6984e2e94fc8cc84f76ef8844d307204b

Request headers

Host: www.endora.cz
Accept-Language: en-US,en;q=0.8
Accept: */*
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Origin: http://kronus.comehere.cz
Accept-Encoding: gzip, deflate, sdch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Origin: http://kronus.comehere.cz

Response headers

ETag: W/"589b3bb2-40fb6"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Date: Wed, 08 Feb 2017 22:01:08 GMT
Last-Modified: Wed, 08 Feb 2017 15:39:30 GMT
Server: nginx
Cache-Control: max-age=2419200
Transfer-Encoding: chunked
Content-Encoding: gzip

GET
H/1.1 200
OK cssloader-6d75e0bc422b-print.css Show response
www.endora.cz/webtemp/ 195 B
188 B 29ms
16ms XHR
text/css 2a01:28:ca:63:120:104::
SUPERNETWORK-AS B...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.endora.cz/webtemp/cssloader-6d75e0bc422b-print.css?1464943253
Requested by: Host: www.endora.cz
URL: http://www.endora.cz/webtemp/jsloader-af96dcacc4b8.js?1464943253
Protocol: HTTP/1.1
Server: 2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK-AS Bilejova 407, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 0307813a544ed1fa8a8606edbdb10257272ff314a13d5d11d494a91bacd56600

Request headers

Cache-Control: no-cache
Origin: http://kronus.comehere.cz
Accept-Encoding: gzip, deflate, sdch
Host: www.endora.cz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Connection: keep-alive
Pragma: no-cache
Accept-Language: en-US,en;q=0.8
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Origin: http://kronus.comehere.cz

Response headers

Server: nginx
ETag: W/"589b3bb2-c3"
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 08 Feb 2017 22:01:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Feb 2017 15:39:30 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2419200

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.w0QnTRZ24_k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNSatOOm0iHLfXa5tK9PfZiMUETug/ 116 KB
41 KB 13ms
12ms Script
text/javascript 2a00:1450:400e:805::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.w0QnTRZ24_k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNSatOOm0iHLfXa5tK9PfZiMUETug/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:400e:805::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

a600e1d26da287db3e05b0a32b8637ed9be346403abe77fd080d149e15824e7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

cache-control: no-cache
:scheme: https
referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
x-client-data: CIi2yQEIpLbJAQ==
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: */*
:authority: apis.google.com
cookie: NID=96=y7G5UA1Lefm1G7q6e-88wGOb2dbR4Q7YoJxem4CrEgNsr97ScFmpN2ITerZMySyQC0iJ5oE82W-SiW2wstv1wfo4tdmAedaMIFQWM0wrsbH60wL9m_UL1tBlKBqm7cqh
:method: GET
:path: /_/scs/apps-static/_/js/k=oz.gapi.de.w0QnTRZ24_k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNSatOOm0iHLfXa5tK9PfZiMUETug/cb=gapi.loaded_0
accept-language: en-US,en;q=0.8
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
age: 103104
vary: Accept-Encoding
last-modified: Tue, 07 Feb 2017 02:08:16 GMT
x-xss-protection: 1; mode=block
status: 200
expires: Wed, 07 Feb 2018 17:22:44 GMT
x-content-type-options: nosniff
server: sffe
alt-svc: quic=":443"; ma=2592000; v="35,34"
content-length: 41705
date: Tue, 07 Feb 2017 17:22:44 GMT
content-encoding: gzip

GET
H2 200 ca-pub-5207119889962754.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
134 B 46ms
21ms Script
text/javascript 2a00:1450:400e:801::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-5207119889962754.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400e:801::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

450203e3892e041e3e1e122c89393ccc27ddfa51655bc34dc722ef568c9f23f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

cache-control: no-cache
:authority: pagead2.googlesyndication.com
referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
:method: GET
:path: /pub-config/r20160913/ca-pub-5207119889962754.js
pragma: no-cache
accept-language: en-US,en;q=0.8
accept: */*
accept-encoding: gzip, deflate, sdch, br
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

x-content-type-options: nosniff
server: sffe
content-type: text/javascript
alt-svc: quic=":443"; ma=2592000; v="35,34"
expires: Thu, 09 Feb 2017 10:01:08 GMT
date: Wed, 08 Feb 2017 22:01:08 GMT
content-encoding: gzip
status: 200
cache-control: public, max-age=43200
content-length: 125
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Feb 2017 19:20:33 GMT
vary: Accept-Encoding

GET zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20170206/r20170110/ Frame 1505 0
0

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20170206/r20170110/ Frame 1505 170 KB
63 KB 55ms
54ms Script
text/javascript 2a00:1450:400e:801::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20170206/r20170110/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:400e:801::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

280b33ec2ed1313928d210637f6725a8902777085d0c8f5ed6c7a716092f4590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Connection: keep-alive
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Cache-Control: no-cache
Pragma: no-cache
Host: pagead2.googlesyndication.com
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Server: cafe
ETag: 16773303731051367533
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 64732
Expires: Wed, 08 Feb 2017 22:01:08 GMT
Timing-Allow-Origin: *
Date: Wed, 08 Feb 2017 22:01:08 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/r20170206171236/ 216 KB
70 KB 37ms
12ms Script
text/javascript 2a00:1450:400e:805::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/r20170206171236/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400e:805::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

39f72888ff42c81fa66f749671e641976822a8f437016ae92eb96712c98eefb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
cache-control: no-cache
referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
:method: GET
:path: /recaptcha/api2/r20170206171236/recaptcha__en.js
pragma: no-cache
accept: */*
:authority: www.gstatic.com
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Feb 2017 01:45:00 GMT
server: sffe
age: 81828
status: 200
content-length: 71463
date: Tue, 07 Feb 2017 23:17:20 GMT
expires: Wed, 07 Feb 2018 23:17:20 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: quic=":443"; ma=2592000; v="35,34"
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000

GET ads
googleads.g.doubleclick.net/pagead/ Frame 1505 0
0

GET
H2 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame 1505 77 KB
28 KB 12ms
11ms Script
text/javascript 2a00:1450:400e:801::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20170206/r20170110/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400e:801::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

d2855a3b55aedbd3597491d9baf840b2dcd84c8afab9312d0f75dc42e139ee03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:path: /pagead/osd.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
:authority: pagead2.googlesyndication.com
x-client-data: CIi2yQEIpLbJAQ==
accept-language: en-US,en;q=0.8
accept: */*
cache-control: no-cache
referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
:scheme: https
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

alt-svc: quic=":443"; ma=2592000; v="35,34"
cache-control: public, max-age=3600
date: Wed, 08 Feb 2017 21:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
status: 200
content-length: 28984
etag: 18186426669720995005
content-type: text/javascript; charset=UTF-8
timing-allow-origin: *
content-disposition: attachment; filename="f.txt"
x-xss-protection: 1; mode=block
expires: Wed, 08 Feb 2017 22:19:05 GMT

GET
H/1.1 200
OK Cookie set retargeting.js Show response
c.imedia.cz/js/ 521 B
521 B 22ms
11ms Script
application/javascript 77.75.79.33
SEZNAM-CZ

General

Check archive.org

Show headers Download Go to

Full URL: http://c.imedia.cz/js/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5
Protocol: HTTP/1.1
Server: 77.75.79.33 Prague, Czech Republic, ASN43037 (SEZNAM-CZ , CZ),
Reverse DNS: c.imedia.cz
Software: nginx /
Resource Hash: 6d360f03f96a53b134b46bbea0239a48472755716ffedfc884c67375ec2c9829

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: c.imedia.cz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Connection: keep-alive
Accept-Language: en-US,en;q=0.8
Accept: */*
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Cache-Control: no-cache
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Expires: Wed, 08 Feb 2017 22:01:07 GMT
Server: nginx
ETag: "833D729E1C005FC73D9214C4646220FD786B22289CA7E95C8A6D8597DFF1FEBD54F1ADA9863E11BE73B1D46944827E644785E10B849DF231157AA54B053B5E54D8BC139AB791FDC1AE709FCD47890591+58778524-209"
access-control-allow-origin: *
Set-Cookie: sid=id=12512589461088026403|t=1486591268.356|te=1486591268.356|c=79E4AEEA5990B7A4C38DF11905A8E31A; Domain=.imedia.cz; Path=/; Expires=Fri, 10-Mar-2017 22:01:08 GMT
Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 521
Date: Wed, 08 Feb 2017 22:01:08 GMT
Last-Modified: Thu, 12 Jan 2017 13:31:16 GMT
P3P: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
Content-Type: application/javascript
Cache-Control: no-cache

GET
H/1.1 200
OK conversion.js Show response
www.googleadservices.com/pagead/ 14 KB
5 KB 58ms
46ms Script
text/javascript 216.58.212.162
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5

Protocol

HTTP/1.1

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

a644288cd6d8e3c162423a95d73b824ac01f7a2b245d7a7e05a71faea8ab7202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com

Response headers

ETag: 1260147617075718455
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=86400
Content-Type: text/javascript; charset=UTF-8
Expires: Wed, 08 Feb 2017 22:01:08 GMT
Date: Wed, 08 Feb 2017 22:01:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Content-Disposition: attachment; filename="f.txt"
Content-Length: 5421
X-XSS-Protection: 1; mode=block
Timing-Allow-Origin: *

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5967828-26&cid=1727118530.1486591268&jid=207001446&_v=j47&z=1497855095
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5967828-26&cid=1727118530.1486591268&jid=207001446&_v=j47&z=1497855095&ipr=y&ulfeg=n

42 B
51 B

95ms
44ms

Image
image/gif

2a00:1450:401b:801::2003
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5967828-26&cid=1727118530.1486591268&jid=207001446&_v=j47&z=1497855095&ipr=y&ulfeg=n

Requested by

Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:401b:801::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
:authority: www.google.de
:path: /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5967828-26&cid=1727118530.1486591268&jid=207001446&_v=j47&z=1497855095&ipr=y&ulfeg=n
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
cache-control: no-cache
referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
:scheme: https
:method: GET
pragma: no-cache
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
x-content-type-options: nosniff
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="35,34"
date: Wed, 08 Feb 2017 22:01:08 GMT
server: adclick_server
content-type: image/gif

Redirect headers

status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5967828-26&cid=1727118530.1486591268&jid=207001446&_v=j47&z=1497855095&ipr=y&ulfeg=n
cache-control: private, max-age=43200
alt-svc: quic=":443"; ma=2592000; v="35,34"
content-length: 387
date: Wed, 08 Feb 2017 22:01:08 GMT
x-content-type-options: nosniff
server: adclick_server
x-xss-protection: 1; mode=block
expires: Wed, 08 Feb 2017 22:01:08 GMT

GET
H2 200 /
www.facebook.com/impression.php/f2133564b632b38/ 43 B
66 B 61ms
48ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/impression.php/f2133564b632b38/?api_key=1409391765942444&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D

Requested by

Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self';style-src data: 'unsafe-inline' ;connect-src .facebook.com .fbcdn.net .facebook.net .spotilocal.com:* .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /impression.php/f2133564b632b38/?api_key=1409391765942444&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:method: GET
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
:authority: www.facebook.com
referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
:scheme: https
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

date: Wed, 08 Feb 2017 22:01:08 GMT
access-control-allow-credentials: true
status: 200
x-fb-debug: 34jUnSqRDGRb4eLS8jzSYdrCLMSCqomQFeTvV5cyQX/+koz3zBSYWfjx0aXJC/gPYWo8fkawftjN1J/APgDIeQ==
content-type: image/gif
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: br
pragma: no-cache
strict-transport-security: max-age=15552000; preload
public-key-pins-report-only: max-age=500; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="q4PO2G2cbkZhZ82+JgmRUyGMoAeozA+BSXVXQWB8XWQ="; report-uri="http://reports.fb.com/hpkp/"
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
x-content-type-options: nosniff
vary: Origin Accept-Encoding
x-xss-protection: 0
access-control-allow-method: OPTIONS
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK Cookie set retargeting
c.imedia.cz/ 43 B
43 B 13ms
13ms Image
image/gif 77.75.79.33
SEZNAM-CZ

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://c.imedia.cz/retargeting?id=15330&category=&itemId=&url=http%3A%2F%2Fkronus.comehere.cz%2Fmailme%2Fd%2Fscvr.php%3Fe%3Dabuse%40gmail.com
Requested by: Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Protocol: HTTP/1.1
Server: 77.75.79.33 Prague, Czech Republic, ASN43037 (SEZNAM-CZ , CZ),
Reverse DNS: c.imedia.cz
Software: nginx /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Host: c.imedia.cz
Accept: image/webp,image/*,*/*;q=0.8
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Cookie: sid=id=12512589461088026403|t=1486591268.356|te=1486591268.356|c=79E4AEEA5990B7A4C38DF11905A8E31A
Connection: keep-alive
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 08 Feb 2017 22:01:08 GMT
Connection: keep-alive
Server: nginx
Set-Cookie: sid=id=12512589461088026403|t=1486591268.356|te=1486591268.440|c=A5FC92CD90E910295A1EF82E86995E82; Domain=.imedia.cz; Path=/; Expires=Fri, 10-Mar-2017 22:01:08 GMT
Content-Type: image/gif
Content-Length: 43
P3P: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"

GET 0eWevUAMuoH.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 1505 0
0

GET
H/1.1 200
OK roundtrip.js Show response
a.adroll.com/j/ 25 KB
8 KB 17ms
7ms Script
text/javascript 2.21.246.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://a.adroll.com/j/roundtrip.js
Requested by: Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Protocol: HTTP/1.1
Server: 2.21.246.16 , Austria, ASN20940 (AKAMAI-ASN1 , US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7dc63f72b8af33bc3b88d39eb704d2bc3449dbfa55178fdcf31fcf62a01585b4

Request headers

Connection: keep-alive
Cache-Control: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: a.adroll.com
Accept-Language: en-US,en;q=0.8
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Pragma: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

x-amz-request-id: F601911D89FC4147
x-amz-id-2: z0sdfnEdgZfzHvgENWXSOO0haHx9d8nsrouKgPzTsYVEHarcGuciljtEsBrahiwTCYWBCiJ3u6Y=
x-amz-version-id: ERFkdR3aDLc5S8WXOMjFr6mG04kuUixi
Server: AmazonS3
Content-Type: text/javascript
Date: Wed, 08 Feb 2017 22:01:08 GMT
Accept-Ranges: bytes
Content-Length: 8281
ETag: "27d1d50349c5e810b02516f08215696b"
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Tue, 13 Dec 2016 23:39:30 GMT
Vary: Accept-Encoding
Cache-Control: max-age=300, must-revalidate

GET ping
www.facebook.com/connect/ Frame 1505 0
0

GET like_box.php
www.facebook.com/plugins/ Frame 1505 0
0

GET
H/1.1

200
OK

NUH4TFHP6VF4FJ2GL6ZKBD.js Show response
s.adroll.com/pixel/LBMQLP6YHJFG7KXWFPVCV3/YD4FELB2FFDBVPM3JHRFB4/
Redirect Chain

https://d.adroll.com/pixel/LBMQLP6YHJFG7KXWFPVCV3/YD4FELB2FFDBVPM3JHRFB4?pv=80088456536.82549&cookie=&adroll_s_ref=&keyw=
https://s.adroll.com/pixel/LBMQLP6YHJFG7KXWFPVCV3/YD4FELB2FFDBVPM3JHRFB4/NUH4TFHP6VF4FJ2GL6ZKBD.js

4 KB
1 KB

242ms
225ms

Script
text/javascript

95.101.247.95
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/LBMQLP6YHJFG7KXWFPVCV3/YD4FELB2FFDBVPM3JHRFB4/NUH4TFHP6VF4FJ2GL6ZKBD.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.247.95 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-101-247-95.deploy.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 61fa9ea75d6612be874cb2810874a4ad705813c875173065834a4ec3933851a3

Request headers

Host: s.adroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Connection: keep-alive
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Accept-Language: en-US,en;q=0.8
Cache-Control: no-cache
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

ETag: "155c47fe9a6de0a277ac5c89d171eb74"
access-control-max-age: 600
Content-Type: text/javascript; charset=utf-8
access-control-allow-headers: *
Last-Modified: Fri, 04 Nov 2016 07:18:28 GMT
Server: AmazonS3
access-control-allow-credentials: false
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
x-amz-request-id: 319F1CC5BD0B6DFB
Date: Wed, 08 Feb 2017 22:01:08 GMT
Connection: keep-alive
access-control-allow-methods: GET
Cache-Control: max-age=300, must-revalidate
x-amz-version-id: mWyceG9HUT5803vpsBRbJOh40wKb1_6j
x-amz-id-2: Kj5rCuO7lZBRvmYZI89WaESgJnzcJrK7QuzArjApWQWtAv4j9zvV2coeMxqkrwWPUrrE9/kdEVU=
access-control-allow-origin: *
Content-Length: 1212

Redirect headers

Pragma: no-cache
X-Conversion-Currency
Location: https://s.adroll.com/pixel/LBMQLP6YHJFG7KXWFPVCV3/YD4FELB2FFDBVPM3JHRFB4/NUH4TFHP6VF4FJ2GL6ZKBD.js
Set-Cookie: __adroll=7079bc284ddd96ffae18c46007336923; Version=1; Expires=Sat, 10-Mar-2018 22:01:08 GMT; Max-Age=34128000; Path=/
X-Advertisable-Eid: LBMQLP6YHJFG7KXWFPVCV3
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection: keep-alive
Content-Length: 0
X-Conversion-Value: 0.0
Server: nginx/1.8.0
X-Segment-Eid: NUH4TFHP6VF4FJ2GL6ZKBD
Date: Wed, 08 Feb 2017 22:01:08 GMT
Cache-Control: no-store, no-cache, must-revalidate
X-Pixel-Eid: YD4FELB2FFDBVPM3JHRFB4

GET
H/1.1 200
OK fbevents.js Show response
connect.facebook.net/en_US/ 9 KB
4 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:6:face:b00c:0:1
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

http://connect.facebook.net/en_US/fbevents.js

Requested by

Host: s.adroll.com
URL: https://s.adroll.com/pixel/LBMQLP6YHJFG7KXWFPVCV3/YD4FELB2FFDBVPM3JHRFB4/NUH4TFHP6VF4FJ2GL6ZKBD.js

Protocol

HTTP/1.1

Server

2a03:2880:f01c:6:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

2d7c1114ec941906d6d9fabef1e5c2982c23e761616309bc3bdeec5313ec2f81

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self';style-src data: 'unsafe-inline' ;connect-src .facebook.com .fbcdn.net .facebook.net .spotilocal.com:* .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept: */*
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: connect.facebook.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com

Response headers

X-XSS-Protection: 0
X-FB-Debug: nveIb3SuQ/H0jJAvfU0PD7ddDqH02ChwlxdIoOYe64hNfyxIEwHfk9t5PMydeffBHIsknJundiyB087bl3E3vQ==
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
X-Content-Type-Options: nosniff
Content-MD5: vphfvz24MQidSNeF4Aj58g==
Vary: Accept-Encoding
x-fb-content-md5: 675d2a0c77c679a13413376968d03651
X-Frame-Options: DENY
Strict-Transport-Security: max-age=15552000; preload
Content-Length: 4078
ETag: "e67813f7aafa9d349d4d9aa656957e40"
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
Expires: Wed, 08 Feb 2017 22:13:05 GMT
Content-Encoding: gzip
Connection: keep-alive
Date: Wed, 08 Feb 2017 22:01:08 GMT
Access-Control-Expose-Headers: X-FB-Content-MD5
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 9 KB
2 KB 219ms
213ms Script
text/javascript 95.101.247.95
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://s.adroll.com/j/sendrolling.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/pixel/LBMQLP6YHJFG7KXWFPVCV3/YD4FELB2FFDBVPM3JHRFB4/NUH4TFHP6VF4FJ2GL6ZKBD.js
Protocol: HTTP/1.1
Server: 95.101.247.95 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-101-247-95.deploy.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4125a8a182a4ab66fa42f836528265b9251a6674fe723e4e08c3c4f050167beb

Request headers

Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Cache-Control: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: s.adroll.com
Accept: */*
Connection: keep-alive
Pragma: no-cache
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Server: AmazonS3
Content-Type: text/javascript
access-control-allow-origin: *
x-amz-version-id: oENHkFLvqTevVrzyjA6C_82Xn2h2pbYA
Date: Wed, 08 Feb 2017 22:01:09 GMT
ETag: "dc33501e63068fdcec9da49b539debbe"
access-control-allow-methods: GET
Cache-Control: no-cache, no-store, must-revalidate
Vary: Accept-Encoding
x-amz-request-id: 997607A744F2AE0F
access-control-max-age: 600
access-control-allow-headers: *
access-control-allow-credentials: false
Accept-Ranges: bytes
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 2012
x-amz-id-2: 30SeopWDiy+ccovAqF2Edj4uPTTqnCoRWjkZRzVEaXhQ3vBBJO2x2n0vQgBRHWdEVP8sRa2fVd0=
Last-Modified: Wed, 08 Feb 2017 19:06:32 GMT

GET
H/1.1

200
OK

Cookie set tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NzA3OWJjMjg0ZGRkOTZmZmFlMThjNDYwMDczMzY5MjM&expires=365
https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=194538&nid=3644&put=NzA3OWJjMjg0ZGRkOTZmZmFlMThjNDYwMDczMzY5MjM&expires=365

42 B
42 B

15ms
15ms

Image
image/gif

62.67.193.85
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=194538&nid=3644&put=NzA3OWJjMjg0ZGRkOTZmZmFlMThjNDYwMDczMzY5MjM&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 62.67.193.85 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Cookie: c=1
Cache-Control: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pixel.rubiconproject.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Connection: keep-alive
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Type: image/gif
Set-Cookie: rpb=194538%3D1; Domain=.rubiconproject.com; Expires=Fri, 10-Mar-2017 22:01:09 GMT; Path=/ put_3644=NzA3OWJjMjg0ZGRkOTZmZmFlMThjNDYwMDczMzY5MjM; Domain=.rubiconproject.com; Expires=Thu, 08-Feb-2018 21:59:59 GMT; Path=/ rpx=194538%3D62294%2C0%2C1%2C%2C; Domain=.pixel.rubiconproject.com; Expires=Fri, 10-Mar-2017 22:01:09 GMT; Path=/ khaos=IYXI24ED-20-A90X; Domain=.rubiconproject.com; Expires=Thu, 10-Aug-2017 10:01:09 GMT; Path=/
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
X-RPHost: Xih701U9lBqRgQE278rMFw
Pragma: no-cache
Date: Wed, 08 Feb 2017 22:01:08 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 42

Redirect headers

Content-Length: 0
Expires: 0
Date: Wed, 08 Feb 2017 22:01:08 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: c=1; Path=/
Pragma: no-cache
Location: /tap.php?cookie_redirect=1&v=194538&nid=3644&put=NzA3OWJjMjg0ZGRkOTZmZmFlMThjNDYwMDczMzY5MjM&expires=365

GET
H/1.1

200
OK

pixel
ads.yahoo.com/
Redirect Chain

https://d.adroll.com/cm/r/out
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1

0
0

166ms
70ms

Image
text/plain

2a00:1288:110:422::3000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:422::3000 , United Kingdom, ASN34010 (YAHOO-IRD , GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept: image/webp,image/*,*/*;q=0.8
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Connection: keep-alive
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: ads.yahoo.com
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 08 Feb 2017 22:01:09 GMT
Server: ATS
Connection: keep-alive
Age: 0
Content-Length: 0
Strict-Transport-Security: max-age=0

Redirect headers

Connection: keep-alive
Content-Length: 181
Date: Wed, 08 Feb 2017 22:01:09 GMT
Location: https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
Set-Cookie: __adroll=7079bc284ddd96ffae18c46007336923; Version=1; Expires=Sat, 10-Mar-2018 22:01:08 GMT; Max-Age=34128000; Path=/
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Server: nginx/1.8.0
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1 200
OK Cookie set out
d.adroll.com/cm/f/ 35 B
35 B 86ms
28ms Image
image/gif 54.247.69.248
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/f/out
Requested by: Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.69.248 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-69-248.eu-west-1.compute.amazonaws.com
Software: nginx/1.8.0 /
Resource Hash: ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Cookie: __adroll=7079bc284ddd96ffae18c46007336923
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: d.adroll.com
Accept-Language: en-US,en;q=0.8
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 08 Feb 2017 22:01:09 GMT
Server: nginx/1.8.0
Connection: keep-alive
Set-Cookie: __adroll=7079bc284ddd96ffae18c46007336923; Version=1; Expires=Sat, 10-Mar-2018 22:01:08 GMT; Max-Age=34128000; Path=/
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 35
Pragma: no-cache
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Content-Type: image/gif

GET
H/1.1

200
OK

Cookie set match
ads.kiosked.com/ul_cb/
Redirect Chain

https://ads.kiosked.com/match?bidder_id=2&external_user_id=d9d4bf5a-cb5b-4de4-93fc-43b57558239f&publisher_id=&dsp_uuid=&dsp_id=
https://ads.kiosked.com/ul_cb/match?bidder_id=2&external_user_id=d9d4bf5a-cb5b-4de4-93fc-43b57558239f&publisher_id=&dsp_uuid=&dsp_id=

43 B
43 B

15ms
15ms

Image
image/gif

146.148.9.173
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.kiosked.com/ul_cb/match?bidder_id=2&external_user_id=d9d4bf5a-cb5b-4de4-93fc-43b57558239f&publisher_id=&dsp_uuid=&dsp_id=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.148.9.173 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS: 173.9.148.146.bc.googleusercontent.com
Software: nginx/1.7.10 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Cookie: tuuid=f9402077-8b7f-42d2-9e81-5fe322276f4a; tuuid_last_update=1486591269
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Accept: image/webp,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate, sdch, br
Host: ads.kiosked.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com

Response headers

Server: nginx/1.7.10
Connection: keep-alive
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Date: Wed, 08 Feb 2017 22:01:09 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Type: image/gif
Set-Cookie: tuuid=f9402077-8b7f-42d2-9e81-5fe322276f4a; path=/; expires=Fri, 08-Feb-2019 22:01:09 GMT; domain=ads.kiosked.com tuuid_last_update=1486591269; path=/; expires=Fri, 08-Feb-2019 22:01:09 GMT; domain=ads.kiosked.com tuuid=; path=/; expires=Mon, 01-Mar-2004 00:00:00 GMT umdd=!2,,d9d4bf5a-cb5b-4de4-93fc-43b57558239f,255834069; path=/; expires=Fri, 08-Feb-2019 22:01:09 GMT; domain=ads.kiosked.com

Redirect headers

Server: nginx/1.7.10
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=f9402077-8b7f-42d2-9e81-5fe322276f4a; path=/; expires=Fri, 08-Feb-2019 22:01:09 GMT; domain=ads.kiosked.com tuuid_last_update=1486591269; path=/; expires=Fri, 08-Feb-2019 22:01:09 GMT; domain=ads.kiosked.com
Connection: keep-alive
Content-Length: 0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Date: Wed, 08 Feb 2017 22:01:09 GMT
Location: https://ads.kiosked.com/ul_cb/match?bidder_id=2&external_user_id=d9d4bf5a-cb5b-4de4-93fc-43b57558239f&publisher_id=&dsp_uuid=&dsp_id=

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://d.adroll.com/cm/w/out
https://analytics.twitter.com/i/adsct?p_user_id=NzA3OWJjMjg0ZGRkOTZmZmFlMThjNDYwMDczMzY5MjM&p_id=823423

43 B
74 B

128ms
108ms

Image
image/gif

104.244.42.131
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=NzA3OWJjMjg0ZGRkOTZmZmFlMThjNDYwMDczMzY5MjM&p_id=823423

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
:method: GET
:path: /i/adsct?p_user_id=NzA3OWJjMjg0ZGRkOTZmZmFlMThjNDYwMDczMzY5MjM&p_id=823423
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: analytics.twitter.com
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
:scheme: https
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

x-response-time: 103
last-modified: Wed, 08 Feb 2017 22:01:09 GMT
x-transaction: 0033defe004f3c5c
content-encoding: gzip
status: 200 200 OK
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
set-cookie: guest_id=v1%3A148659126917962847; Domain=.twitter.com; Path=/; Expires=Fri, 08-Feb-2019 22:01:09 UTC
x-content-type-options: nosniff
x-connection-hash: 537469eef09f1d9ec9c06a237151ece7
content-length: 65
x-xss-protection: 1; mode=block
server: tsa_o
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
expires: Tue, 31 Mar 1981 05:00:00 GMT
date: Wed, 08 Feb 2017 22:01:09 GMT
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
pragma: no-cache

Redirect headers

Pragma: no-cache
Server: nginx/1.8.0
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 109
Date: Wed, 08 Feb 2017 22:01:09 GMT
Location: https://analytics.twitter.com/i/adsct?p_user_id=NzA3OWJjMjg0ZGRkOTZmZmFlMThjNDYwMDczMzY5MjM&p_id=823423
Set-Cookie: __adroll=7079bc284ddd96ffae18c46007336923; Version=1; Expires=Sat, 10-Mar-2018 22:01:08 GMT; Max-Age=34128000; Path=/

GET
H/1.1

200
OK

pxj
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27NzA3OWJjMjg0ZGRkOTZmZmFlMThjNDYwMDczMzY5MjM%27)

0
0

53ms
12ms

Image
text/html

185.33.220.197
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27NzA3OWJjMjg0ZGRkOTZmZmFlMThjNDYwMDczMzY5MjM%27)

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.33.220.197 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

186.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.11.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Connection: keep-alive
Accept-Encoding: gzip, deflate, sdch, br
Host: ib.adnxs.com
Cache-Control: no-cache
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 08 Feb 2017 22:01:11 GMT
Server: nginx/1.11.5
Content-Type: text/html; charset=utf-8
Connection: keep-alive
X-Proxy-Origin: 148.251.45.170; 148.251.45.170; 186.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.74:80
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Pragma: no-cache
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Wed, 08 Feb 2017 22:01:09 GMT
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection: keep-alive
Content-Length: 113
Server: nginx/1.8.0
Location: https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid('NzA3OWJjMjg0ZGRkOTZmZmFlMThjNDYwMDczMzY5MjM')
Set-Cookie: __adroll=7079bc284ddd96ffae18c46007336923; Version=1; Expires=Sat, 10-Mar-2018 22:01:08 GMT; Max-Age=34128000; Path=/
Cache-Control: no-store, no-cache, must-revalidate

GET
H/1.1

200
OK

Cookie set 377928.gif
idsync.rlcdn.com/
Redirect Chain

https://idsync.rlcdn.com/377928.gif?partner_uid=7079bc284ddd96ffae18c46007336923
https://idsync.rlcdn.com/377928.gif?partner_uid=7079bc284ddd96ffae18c46007336923&redirect=1

43 B
43 B

99ms
99ms

Image
image/gif

54.165.129.193
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=7079bc284ddd96ffae18c46007336923&redirect=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.129.193 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-165-129-193.compute-1.amazonaws.com
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Cookie: ck1=ck1
Cache-Control: no-cache
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Connection: keep-alive
Host: idsync.rlcdn.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com

Response headers

Content-Type: image/gif; charset=ISO-8859-1
Content-Length: 43
Connection: keep-alive
P3P: CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store
Set-Cookie: rlas3=cvIZmzbaete3+GmakSh11Ol/je4r175Tr4XXBn2Bhp+MyA9jEACu5w==;Domain=.rlcdn.com;Expires=Mon, 07-Aug-2017 22:01:08 GMT rtn1=jDCoCrfxh9j4axKTL5fOGA==;Domain=.rlcdn.com;Expires=Mon, 07-Aug-2017 22:01:07 GMT

Redirect headers

Content-Type: image/gif; charset=ISO-8859-1
Location: https://idsync.rlcdn.com/377928.gif?partner_uid=7079bc284ddd96ffae18c46007336923&redirect=1
Cache-Control: no-cache, no-store
Set-Cookie: ck1=ck1;Domain=.rlcdn.com;Expires=Mon, 07-Aug-2017 22:01:08 GMT
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Connection: keep-alive

GET
H/1.1

200
OK

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537103138&val=7079bc284ddd96ffae18c46007336923
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=7079bc284ddd96ffae18c46007336923

43 B
43 B

13ms
13ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=7079bc284ddd96ffae18c46007336923
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.241.240.143 Pasadena, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/11.44.6 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Pragma: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Connection: keep-alive
Cache-Control: no-cache
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Cookie: i=15cd1bca-3230-4338-e208-1cce102f19c7|1486591269
Accept-Encoding: gzip, deflate, sdch, br
Host: us-u.openx.net
Accept-Language: en-US,en;q=0.8
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Server: OXGW/11.44.6
P3P: CP="CUR ADM OUR NOR STA NID"
Vary: Accept
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Date: Wed, 08 Feb 2017 22:01:09 GMT
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache

Redirect headers

P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=7079bc284ddd96ffae18c46007336923
Date: Wed, 08 Feb 2017 22:01:09 GMT
Server: OXGW/11.44.6
Set-Cookie: i=15cd1bca-3230-4338-e208-1cce102f19c7|1486591269; Version=1; Expires=Thu, 08-Feb-2018 22:01:09 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Content-Length: 0

GET
H/1.1

200
OK

Cookie set in
d.adroll.com/cm/g/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=cHm8KE3dlv-uGMRgBzNpIw&google_ula=1535926
https://d.adroll.com/cm/g/in?google_ula=1535926,0

35 B
35 B

27ms
27ms

Image
image/gif

54.247.69.248
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in?google_ula=1535926,0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.69.248 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-69-248.eu-west-1.compute.amazonaws.com
Software: nginx/1.8.0 /
Resource Hash: ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Cookie: __adroll=7079bc284ddd96ffae18c46007336923
Connection: keep-alive
Accept-Encoding: gzip, deflate, sdch, br
Host: d.adroll.com
Accept-Language: en-US,en;q=0.8
Pragma: no-cache
Accept: image/webp,image/*,*/*;q=0.8
Cache-Control: no-cache
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 08 Feb 2017 22:01:09 GMT
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Set-Cookie: __adroll=7079bc284ddd96ffae18c46007336923-g_1486591269; Version=1; Expires=Sat, 10-Mar-2018 22:01:08 GMT; Max-Age=34128000; Path=/
Content-Length: 35
X-Result: g.-1.-1.1535926.0.-1
Pragma: no-cache
Server: nginx/1.8.0
Content-Type: image/gif

Redirect headers

location: https://d.adroll.com/cm/g/in?google_ula=1535926,0
cache-control: no-cache, must-revalidate
date: Wed, 08 Feb 2017 22:01:09 GMT
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
set-cookie: id=22f6582e242f0033||t=1486591269|et=730|cs=002213fd4806264b4760fcfc40; expires=Fri, 08-Feb-2019 22:01:09 GMT; path=/; domain=.doubleclick.net test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUnXL406EFNYaStUDqKAJMcdUWxkzmpotQ5VLOwV0lUEiS93bEV54w; expires=Fri, 08-Feb-2019 22:01:09 GMT; path=/; domain=.doubleclick.net; HttpOnly
alt-svc: quic=":443"; ma=2592000; v="35,34"
content-length: 246
x-xss-protection: 1; mode=block
pragma: no-cache
server: HTTP server (unknown)
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
53 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=485104531632594&ev=PageView&dl=http%3A%2F%2Fkronus.comehere.cz%2Fmailme%2Fd%2Fscvr.php%3Fe%3Dabuse%40gmail.com&rl=&if=false&ts=1486591268995&cd[segment_eid]=%5B%22NUH4TFHP6VF4FJ2GL6ZKBD%22%5D&v=2.5.1
Requested by: Host: kronus.comehere.cz
URL: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
cache-control: no-cache
:authority: www.facebook.com
pragma: no-cache
accept: image/webp,image/*,*/*;q=0.8
referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
:scheme: https
:method: GET
:path: /tr/?id=485104531632594&ev=PageView&dl=http%3A%2F%2Fkronus.comehere.cz%2Fmailme%2Fd%2Fscvr.php%3Fe%3Dabuse%40gmail.com&rl=&if=false&ts=1486591268995&cd[segment_eid]=%5B%22NUH4TFHP6VF4FJ2GL6ZKBD%22%5D&v=2.5.1
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

content-length: 44
expires: Wed, 08 Feb 2017 22:01:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
date: Wed, 08 Feb 2017 22:01:09 GMT
server: proxygen
set-cookie: fr=0HwUy5RncuWsypSxi..BYm5Uk...1.0.BYm5Uk.; expires=Tuesday, 09-May-2017 22:01:08 GMT; path=/; domain=.facebook.com

GET
H/1.1 200
OK favicon.ico
www.endora.cz/ 1 KB
1 KB 13ms
12ms Other
image/x-icon 2a01:28:ca:63:120:104::
SUPERNETWORK-AS B...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.endora.cz/favicon.ico?version=20150702

Protocol

HTTP/1.1

Server

2a01:28:ca:63:120:104:: , Czech Republic, ASN39392 (SUPERNETWORK-AS Bilejova 407, CZ),

Reverse DNS

Software

nginx /

Resource Hash

5ee5bcd07a9c1415f72e5c57bfb46dc83c10230f981d8b6c9055698862f93f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
Cache-Control: no-cache
Pragma: no-cache
Accept: image/webp,image/*,*/*;q=0.8
Connection: keep-alive
Host: www.endora.cz
Referer: http://kronus.comehere.cz/mailme/d/scvr.php?e=abuse@gmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

ETag: "55952226-57e"
Strict-Transport-Security: max-age=31536000;
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1406
Date: Wed, 08 Feb 2017 22:01:09 GMT
Last-Modified: Thu, 02 Jul 2015 11:36:06 GMT
Server: nginx
Content-Type: image/x-icon

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20170206/r20170110/zrt_lookup.html

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5207119889962754&format=250x250&output=html&h=250&slotname=8624521180&adk=157814446&adf=677210104&w=250&lmt=1481715246&flash=24.0.0&url=http%3A%2F%2Fkronus.comehere.cz%2Fmailme%2Fd%2Fscvr.php%3Fe%3Dabuse%40gmail.com&wgl=1&dt=1486591268181&bpp=9&bdt=204&fdt=13&idt=133&shv=r20170206&cbv=r20170110&saldr=aa&correlator=871087900531&frm=20&ga_vid=1727118530.1486591268&ga_sid=1486591268&ga_hid=1962689193&ga_fc=0&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&dff=arial&dfs=14&adx=1136&ady=263&biw=1598&bih=1083&eid=33509845%2C575144605&oid=3&rx=0&eae=0&fc=16&brdim=1%2C1%2C1%2C1%2C1600%2C0%2C1598%2C1198%2C1598%2C1083&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&xpc=tTzFk5IabY&p=http%3A//kronus.comehere.cz&dtd=151

Domain: staticxx.facebook.com
URL: http://staticxx.facebook.com/connect/xd_arbiter/r/0eWevUAMuoH.js?version=42

Domain: staticxx.facebook.com
URL: https://staticxx.facebook.com/connect/xd_arbiter/r/0eWevUAMuoH.js?version=42

Domain: www.facebook.com
URL: https://www.facebook.com/connect/ping?client_id=1409391765942444&domain=kronus.comehere.cz&origin=1&redirect_uri=http%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F0eWevUAMuoH.js%3Fversion%3D42%23cb%3Df39bdadb1a6785%26domain%3Dkronus.comehere.cz%26origin%3Dhttp%253A%252F%252Fkronus.comehere.cz%252Ff1ecc7826c582b8%26relation%3Dparent&response_type=token%2Csigned_request%2Ccode&sdk=joey

Domain: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=1409391765942444&channel=http%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F0eWevUAMuoH.js%3Fversion%3D42%23cb%3Df2245c675d9f5c4%26domain%3Dkronus.comehere.cz%26origin%3Dhttp%253A%252F%252Fkronus.comehere.cz%252Ff1ecc7826c582b8%26relation%3Dparent.parent&container_width=292&header=false&height=239&href=http%3A%2F%2Fwww.facebook.com%2Fendora.cz&locale=cs_CZ&sdk=joey&show_border=false&show_faces=true&stream=false&width=292

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.kronus.comehere.cz/	2017-02-08 22:11:08	Name: _gat_UA-5967828-26 Value: 1
			.kronus.comehere.cz/	2019-02-08 22:01:08	Name: _ga Value: GA1.3.1727118530.1486591268

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.adroll.com
ads.kiosked.com
ads.yahoo.com
analytics.twitter.com
apis.google.com
c.imedia.cz
connect.facebook.net
d.adroll.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
kronus.comehere.cz
pagead2.googlesyndication.com
pixel.rubiconproject.com
s.adroll.com
staticxx.facebook.com
us-u.openx.net
www.endora.cz
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
googleads.g.doubleclick.net
staticxx.facebook.com
www.facebook.com
104.244.42.131
146.148.9.173
173.241.240.143
185.33.220.197
2.21.246.16
216.58.212.162
2a00:1288:110:422::3000
2a00:1450:400e:801::2002
2a00:1450:400e:805::2003
2a00:1450:400e:805::2004
2a00:1450:400e:805::2008
2a00:1450:400e:805::200e
2a00:1450:401b:801::2003
2a01:28:ca:63:120:104::
2a01:28:ca:63:120:211::
2a03:2880:f01c:6:face:b00c:0:1
2a03:2880:f11c:8083:face:b00c:0:25de
54.165.129.193
54.247.69.248
62.67.193.85
77.75.79.33
95.101.247.95
0307813a544ed1fa8a8606edbdb10257272ff314a13d5d11d494a91bacd56600
0934aeea5f7662f91c5c1b9a7922c314698d9a5a1bb146253d099007a4acd6d3
0e9da5da7346dd8033a870e67fa01e5e379ad0dc2eb49563ec3e5f0b09c03140
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1af3d9b2ad7c54857797c429366b5ec6984e2e94fc8cc84f76ef8844d307204b
280b33ec2ed1313928d210637f6725a8902777085d0c8f5ed6c7a716092f4590
29f0f4f7da3d15088f88d0e7416d005aa8052446e941392a46b61652dfdab860
2d7c1114ec941906d6d9fabef1e5c2982c23e761616309bc3bdeec5313ec2f81
305f3d591b84041067571faecc77ae1f74e52fc857f1bc54b7ab9c9033962ccc
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
39f72888ff42c81fa66f749671e641976822a8f437016ae92eb96712c98eefb2
3ce672632d9ccd249014dc1bb913f7fa26ad5758fe180671e5cfb90b0f8a55d3
4125a8a182a4ab66fa42f836528265b9251a6674fe723e4e08c3c4f050167beb
450203e3892e041e3e1e122c89393ccc27ddfa51655bc34dc722ef568c9f23f3
464542c10131d0864c5e1305e802e4c362e013f62b2b1444364747476e2e4cc8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ee5bcd07a9c1415f72e5c57bfb46dc83c10230f981d8b6c9055698862f93f75
61fa9ea75d6612be874cb2810874a4ad705813c875173065834a4ec3933851a3
6d360f03f96a53b134b46bbea0239a48472755716ffedfc884c67375ec2c9829
77c33447aa8f6fef0a8068a95394b7c91b0ab176664f90a51a21492d72ab4a3d
7dc63f72b8af33bc3b88d39eb704d2bc3449dbfa55178fdcf31fcf62a01585b4
81fd6754b3fc11fa383c5655a45f905a2c010c27676d42c89b32aae1a168a078
8ef7e7c6b7de2b8a4ad4a2552c28abfd60d9d82c0bf116bb124f79aa7212dc7e
8f708832c181e1694851f65a5d041591e94a24aabbc33e404fdac944e91c6eaa
903bfb3735c8d2a79270eee0057b85db7e98bc41577d7b319f4b522cf978df35
98ad1d4cd8d19da3cb76780d562c51f23031ad9214ac886a970f62f911811ae4
a3e0cc1523fbef6a99b0c19bfdfdaf832e7c747d0f98183a3ea26343e14fee8b
a600e1d26da287db3e05b0a32b8637ed9be346403abe77fd080d149e15824e7d
a644288cd6d8e3c162423a95d73b824ac01f7a2b245d7a7e05a71faea8ab7202
a6dc9b82f3a0c52addc43d1deedca36c606befc3a0bad4f29f9365701c32d165
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
cd8e50622016ad57ca0fbbccee2690d504552b1ce0848142c442c127b8325178
ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617
d2855a3b55aedbd3597491d9baf840b2dcd84c8afab9312d0f75dc42e139ee03
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed51f9ddf90e980bcc05c3dbad95bf15c04f8278cddb9adbf30e864aee674943
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7a81264afb7408d3d24b684d6ea42daba371c0abfaa142bcf4f66313c5718c
f25131360a9c52d840b9b4245f4f730ba943cad321d9c4dc2223d1227aa69575

kronus.comehere.cz Open in urlscan Pro 2a01:28:ca:63:120:211:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

53 Requests

38 %HTTPS

50 %IPv6

21 Domains

25 Subdomains

23 IPs

6 Countries

719 kBTransfer

2153 kBSize

2 Cookies

49 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kronus.comehere.cz Open in urlscan Pro
2a01:28:ca:63:120:211:: Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

38 %
HTTPS

50 %
IPv6

21
Domains

25
Subdomains

23
IPs

6
Countries

719 kB
Transfer

2153 kB
Size

2
Cookies

53 HTTP transactions
0 data transactions