hosting2.keep.pl Open in urlscan Pro
176.31.124.7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hosting2.keep.pl/
Effective URL:
https://hosting2.keep.pl/
Submission: On July 19 via manual (July 19th 2021, 1:03:58 pm UTC) from PL

Summary HTTP 260 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 66 IPs in 12 countries across 65 domains to perform 260 HTTP transactions. The main IP is 176.31.124.7, located in France and belongs to OVH, FR. The main domain is hosting2.keep.pl.
TLS certificate: Issued by R3 on July 16th 2021. Valid for: 3 months.

This is the only time hosting2.keep.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	176.31.124.7 176.31.124.7	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
5	188.165.206.157 188.165.206.157	16276 (OVH) (OVH)
1 4	195.177.216.95 195.177.216.95	50599 (Autonomou...) (Autonomous System for Data Space Sp. z o.o.)
14	87.98.238.81 87.98.238.81	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
22	164.132.7.102 164.132.7.102	16276 (OVH) (OVH)
2 5	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	213.19.162.51 213.19.162.51	3356 (LEVEL3) (LEVEL3)
3	35.190.63.210 35.190.63.210	15169 (GOOGLE) (GOOGLE)
3	35.227.247.230 35.227.247.230	15169 (GOOGLE) (GOOGLE)
3	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 17	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
5 16	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
8 20	85.194.243.85 85.194.243.85	57367 (ECO-ATMAN...) (ECO-ATMAN-PL ECO-ATMAN-)
4 4	85.194.243.82 85.194.243.82	57367 (ECO-ATMAN...) (ECO-ATMAN-PL ECO-ATMAN-)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	37.157.2.247 37.157.2.247	198622 (ADFORM) (ADFORM)
1 7	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
3	69.173.144.143 69.173.144.143	26667 (RUBICONPR...) (RUBICONPROJECT)
10	2a02:26f0:6c0... 2a02:26f0:6c00:2b2::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	213.254.244.18 213.254.244.18	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
4	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	213.254.244.20 213.254.244.20	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2606:4700:10:... 2606:4700:10::6816:36ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
6	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
10 10	52.28.120.199 52.28.120.199	16509 (AMAZON-02) (AMAZON-02)
2 2	3.127.51.194 3.127.51.194	16509 (AMAZON-02) (AMAZON-02)
2 2	193.232.148.141 193.232.148.141	48061 (UMA-TECH-AS) (UMA-TECH-AS)
8 8	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
6 6	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	151.236.71.19 151.236.71.19	204720 (CDNETWORKS) (CDNETWORKS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
2 3	52.30.92.119 52.30.92.119	16509 (AMAZON-02) (AMAZON-02)
8 8	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
4 4	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 16	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1	63.251.232.170 63.251.232.170	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 2	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	38.27.122.126 38.27.122.126	174 (COGENT-174) (COGENT-174)
1 1	34.204.19.158 34.204.19.158	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 3	185.29.133.208 185.29.133.208	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	35.171.36.131 35.171.36.131	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.21.104.248 52.21.104.248	14618 (AMAZON-AES) (AMAZON-AES)
1 2	38.67.14.233 38.67.14.233	174 (COGENT-174) (COGENT-174)
1 1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 1	47.252.78.131 47.252.78.131	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
1 1	52.48.175.241 52.48.175.241	16509 (AMAZON-02) (AMAZON-02)
2 2	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
1 1	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 3	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
260	66

14 176.31.124.7 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: prv-hosting2.grupapino.pl

hosting2.keep.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.165.206.157 (France)

ASN16276 (OVH, FR)
PTR: prv.grupapino.pl

stats.grupapino.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.prv.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
komentarze.prv.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.177.216.95 (Poland) 1 redirects

ASN50599 (Autonomous System for Data Space Sp. z o.o., PL)
PTR: host-195-177-216-95.dataspace.pl

goldbach.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 87.98.238.81 (Wroclaw, Poland)

ASN16276 (OVH, FR)

ox2.sterta.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 164.132.7.102 (France)

ASN16276 (OVH, FR)

a.spolecznosci.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
spolecznosci.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.162.51 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.63.210 (Kansas City, United States)

ASN15169 (GOOGLE, US)

i.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.247.230 (Kansas City, United States)

ASN15169 (GOOGLE, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.33.221.53 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 188.42.196.115 (Luxembourg) 5 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 85.194.243.85 (Warsaw, Poland) 8 redirects

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: ip-5.85-194-243-80.net.old.eco.atman.pl

gpl.adocean.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 85.194.243.82 (Warsaw, Poland) 4 redirects

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: ip-2.85-194-243-80.net.old.eco.atman.pl

gpladpl.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

smarttag.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:6c00:2b2::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 213.254.244.18 (United States)

ASN36062 (DOUBLE-VERIFY, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20514.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20520.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20244.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s2.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.254.244.20 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.28.120.199 (Frankfurt am Main, Germany) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-120-199.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.51.194 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-51-194.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.141 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 31.172.81.172 (Germany) 8 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 31.172.81.159 (Germany) 6 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.71.19 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.245 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.30.92.119 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.194 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.131 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.53 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.126 (Chestertown, United States)

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.204.19.158 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-19-158.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.133.208 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.171.36.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-36-131.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.104.248 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-104-248.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.67.14.233 (United States) 1 redirects

ASN174 (COGENT-174, US)

pmp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.252.78.131 (United States) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.175.241 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.43 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.158 (Germany) 1 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	pubmatic.com 1 redirects hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com simage2.pubmatic.com image4.pubmatic.com image2.pubmatic.com	41 KB
22	doubleverify.com cdn.doubleverify.com cdn3.doubleverify.com rtb0.doubleverify.com tps20514.doubleverify.com tps20520.doubleverify.com tps.doubleverify.com tps20244.doubleverify.com	150 KB
22	spolecznosci.net a.spolecznosci.net spolecznosci.net	494 KB
21	rubiconproject.com 1 redirects fastlane.rubiconproject.com ads.rubiconproject.com smarttag.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	67 KB
20	adocean.pl 8 redirects gpl.adocean.pl	5 KB
20	adnxs.com 5 redirects ib.adnxs.com acdn.adnxs.com	64 KB
17	betweendigital.com 5 redirects ads.betweendigital.com cache.betweendigital.com	7 KB
16	adform.net 3 redirects adx.adform.net track.adform.net s1.adform.net c1.adform.net	89 KB
14	doubleclick.net 8 redirects stats.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	21 KB
14	sterta.pl ox2.sterta.pl	18 KB
14	keep.pl 1 redirects hosting2.keep.pl	170 KB
13	criteo.com 2 redirects gum.criteo.com mug.criteo.com bidder.criteo.com dis.criteo.com	4 KB
10	bidswitch.net 10 redirects x.bidswitch.net	4 KB
10	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	69 KB
8	bumlam.com 8 redirects sync.bumlam.com	5 KB
8	gemius.pl 5 redirects goldbach.hit.gemius.pl gpladpl.hit.gemius.pl	14 KB
7	connectad.io i.connectad.io cdn.connectad.io sync-eu.connectad.io	3 KB
6	adsniper.ru 6 redirects sync3.adsniper.ru	3 KB
5	googletagservices.com www.googletagservices.com	75 KB
5	google.com maps.google.com www.google.com	165 KB
4	adsrvr.org 4 redirects match.adsrvr.org	2 KB
4	criteo.net static.criteo.net	107 KB
4	prv.pl ad.prv.pl komentarze.prv.pl	6 KB
4	google-analytics.com www.google-analytics.com	39 KB
3	yandex.ru 1 redirects an.yandex.ru	770 B
3	yahoo.com 2 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	2 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	bidr.io 2 redirects match.prod.bidr.io	2 KB
3	creativecdn.com prebid-eu.creativecdn.com	534 B
3	4dex.io mp.4dex.io	3 KB
2	3lift.com 1 redirects eb2.3lift.com	730 B
2	tns-counter.ru 1 redirects www.tns-counter.ru	707 B
2	aidata.io 2 redirects x01.aidata.io	1 KB
2	mxptint.net 1 redirects pmp.mxptint.net	965 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	745 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	owneriq.net 1 redirects px.owneriq.net	476 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	adhigh.net 2 redirects px.adhigh.net	821 B
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	google.de www.google.de	170 B
1	opera.com t.adx.opera.com	393 B
1	onetag-sys.com onetag-sys.com	823 B
1	sniperlog.ru 1 redirects sync3.sniperlog.ru	297 B
1	gumgum.com 1 redirects rtb.gumgum.com	337 B
1	clientgear.com 1 redirects event.clientgear.com	263 B
1	quantserve.com 1 redirects pixel.quantserve.com	543 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	337 B
1	ipredictive.com 1 redirects sync.ipredictive.com	522 B
1	adentifi.com rtb.adentifi.com	88 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	turn.com 1 redirects ad.turn.com	518 B
1	simpli.fi um.simpli.fi	611 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	645 B
1	bnmla.com match.bnmla.com	114 B
1	adgrx.com cm.adgrx.com	408 B
1	deepintent.com match.deepintent.com	44 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	535 B
1	googleapis.com maps.googleapis.com	446 B
1	2mdn.net s2.2mdn.net	28 KB
1	grupapino.pl stats.grupapino.pl	193 B
0	resetdigital.co Failed sync.resetdigital.co Failed
0	acuityplatform.com Failed ums.acuityplatform.com Failed
260	65

	Domain	Requested by
20	gpl.adocean.pl	8 redirects hosting2.keep.pl spolecznosci.net
17	ib.adnxs.com	5 redirects spolecznosci.net acdn.adnxs.com
16	ads.betweendigital.com	5 redirects spolecznosci.net ads.betweendigital.com
14	spolecznosci.net	a.spolecznosci.net spolecznosci.net
14	ox2.sterta.pl	hosting2.keep.pl srcdoc ox2.sterta.pl
14	hosting2.keep.pl	1 redirects hosting2.keep.pl
11	simage2.pubmatic.com	1 redirects ads.pubmatic.com
10	x.bidswitch.net	10 redirects
8	cm.g.doubleclick.net	8 redirects
8	sync.bumlam.com	8 redirects
8	cdn.doubleverify.com	s1.adform.net cdn.doubleverify.com hosting2.keep.pl ad.doubleclick.net
8	a.spolecznosci.net	hosting2.keep.pl spolecznosci.net
7	pagead2.googlesyndication.com	ad.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
6	sync3.adsniper.ru	6 redirects
6	eus.rubiconproject.com	spolecznosci.net eus.rubiconproject.com cache.betweendigital.com
5	image2.pubmatic.com	ads.pubmatic.com
5	www.googletagservices.com	cdn.doubleverify.com www.googletagservices.com ad.doubleclick.net
5	gum.criteo.com	2 redirects static.criteo.net
4	match.adsrvr.org	4 redirects
4	c1.adform.net	3 redirects ads.pubmatic.com
4	ads.pubmatic.com	spolecznosci.net ads.pubmatic.com
4	tps20520.doubleverify.com	hosting2.keep.pl
4	static.criteo.net	spolecznosci.net static.criteo.net
4	secure-assets.rubiconproject.com	1 redirects srcdoc smarttag.rubiconproject.com
4	s1.adform.net	spolecznosci.net track.adform.net
4	track.adform.net	spolecznosci.net s1.adform.net
4	gpladpl.hit.gemius.pl	4 redirects
4	adx.adform.net	spolecznosci.net s1.adform.net
4	mug.criteo.com	hosting2.keep.pl
4	goldbach.hit.gemius.pl	1 redirects hosting2.keep.pl goldbach.hit.gemius.pl
4	www.google-analytics.com	hosting2.keep.pl www.google-analytics.com
3	an.yandex.ru	1 redirects
3	sync.mathtag.com	3 redirects
3	match.prod.bidr.io	2 redirects ads.pubmatic.com
3	acdn.adnxs.com	spolecznosci.net
3	cdn.connectad.io	spolecznosci.net
3	tps20244.doubleverify.com	cdn.doubleverify.com
3	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
3	smarttag.rubiconproject.com	ads.rubiconproject.com
3	ads.rubiconproject.com	ox2.sterta.pl
3	bidder.criteo.com	spolecznosci.net
3	prebid-eu.creativecdn.com	spolecznosci.net
3	mp.4dex.io	spolecznosci.net
3	i.connectad.io	spolecznosci.net
3	fastlane.rubiconproject.com	spolecznosci.net
3	hbopenbid.pubmatic.com	spolecznosci.net
3	ad.prv.pl	hosting2.keep.pl
3	maps.google.com	hosting2.keep.pl maps.google.com
2	eb2.3lift.com	1 redirects
2	www.tns-counter.ru	1 redirects
2	x01.aidata.io	2 redirects
2	pmp.mxptint.net	1 redirects ads.pubmatic.com
2	ups.analytics.yahoo.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	px.owneriq.net	1 redirects ads.pubmatic.com
2	sync.1rx.io	2 redirects
2	token.rubiconproject.com	eus.rubiconproject.com
2	ap.lijit.com	2 redirects
2	px.adhigh.net	2 redirects
2	ads.creative-serving.com	2 redirects
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	ad.doubleclick.net	www.googletagservices.com
2	tps20514.doubleverify.com	hosting2.keep.pl
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	cdn3.doubleverify.com	cdn.doubleverify.com
2	www.google.de	hosting2.keep.pl
2	www.google.com	hosting2.keep.pl
2	stats.g.doubleclick.net	www.google-analytics.com
1	t.adx.opera.com
1	onetag-sys.com	cache.betweendigital.com
1	sync3.sniperlog.ru	1 redirects
1	rtb.gumgum.com	1 redirects
1	event.clientgear.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	sync.ipredictive.com	1 redirects
1	rtb.adentifi.com	ads.pubmatic.com
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	ad.turn.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	idsync.rlcdn.com	ads.pubmatic.com
1	sync.srv.stackadapt.com	1 redirects
1	match.bnmla.com	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	cm.adgrx.com	ads.pubmatic.com
1	match.deepintent.com	ads.pubmatic.com
1	sync.targeting.unrulymedia.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	sync-eu.connectad.io	cdn.connectad.io
1	image6.pubmatic.com	ads.pubmatic.com
1	cache.betweendigital.com	ads.betweendigital.com
1	maps.googleapis.com	maps.google.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	s2.2mdn.net	ad.doubleclick.net
1	komentarze.prv.pl	hosting2.keep.pl
1	stats.grupapino.pl	hosting2.keep.pl
0	sync.resetdigital.co Failed	ads.pubmatic.com
0	ums.acuityplatform.com Failed	ads.pubmatic.com
260	101

This site contains links to these domains. Also see Links.

Domain
www.prv.pl
a.spolecznosci.net
grupapino.pl

Subject Issuer	Validity	Valid
prv.pl R3	`2021-07-16` - `2021-10-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
stats.grupapino.pl R3	`2021-07-16` - `2021-10-14`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh
ox2.sterta.pl R3	`2021-07-16` - `2021-10-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
spolecznosci.net R3	`2021-05-31` - `2021-08-29`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.connectad.io Go Daddy Secure Certificate Authority - G2	`2021-01-25` - `2022-01-25`	a year	crt.sh
mp.4dex.io GTS CA 1D4	`2021-06-26` - `2021-09-24`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
*.adocean.pl Sectigo ECC Domain Validation Secure Server CA	`2020-01-27` - `2022-02-05`	2 years	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2021-05-16` - `2022-05-15`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-08` - `2022-02-05`	2 years	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-02-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
adentifi.com Amazon	`2020-10-02` - `2021-11-02`	a year	crt.sh
*.mxptint.net DigiCert TLS RSA SHA256 2020 CA1	`2021-06-29` - `2022-07-07`	a year	crt.sh
bs.yandex.ru Yandex CA	`2021-05-31` - `2021-11-29`	6 months	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2020-11-10` - `2021-12-12`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
*.adx.opera.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-14` - `2022-06-10`	a year	crt.sh

This page contains 49 frames:

Primary Page: https://hosting2.keep.pl/
Frame ID: D7724A65BDF2CCE5C34320996E336362
Requests: 76 HTTP requests in this frame

Frame: https://hosting2.keep.pl/prv_billboard_iefix.html?cat=komputery_i_internet&sub=hosting&site=hosting2.keep.pl&adult=0&check=2
Frame ID: A22873E51EBF81AF6CEDAF4076083C48
Requests: 32 HTTP requests in this frame

Frame: https://ad.prv.pl/server.php?type=bill&source=hosting2.keep.pl&medium=hosting-billboard-content
Frame ID: 935E68EAC93EBCAA996208D087AC85C2
Requests: 1 HTTP requests in this frame

Frame: https://spolecznosci.net/files/data.18.htm?Ho_hosting2.keep.pl/Spfp_ada2b987231648484501021c1ee54971
Frame ID: 63E7D6A3486840C99686D0CE29DB7343
Requests: 3 HTTP requests in this frame

Frame: https://spolecznosci.net/files/data.18.htm?Ho_hosting2.keep.pl/Spfp_ada2b987231648484501021c1ee54971
Frame ID: 2F6B1EE17F03820E13E73C0A56CF3ECC
Requests: 2 HTTP requests in this frame

Frame: https://ox2.sterta.pl/www/delivery/ajs.php?zoneid=245&cb=23973566547&charset=UTF-8&loc=about%3Asrcdoc
Frame ID: 71CA398070DAB7DD3D6EF06412761FC8
Requests: 5 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=47028035;rtbwp=8ITHy-Br_6Ty2xzg7PZTJqzboUFQG3yp0;rtbdata=uMgeuhKYr6_TfPtyPpYT6Nv7A7nN2edFTl7efCLLU-0iJkEX7PO-OsHiGFS7_AW8GOHxpbN0aJr1y5DPSLdSRJiLUk3zIemTL-MH5dRKbGO3DbMJ1wsQCp3K1TPVhTUNnwnCre4Zgn_J5RguTiGosC--HoOKuxULzZmO36wC2s_qC-krzLV-0q6cRpRC8MmNcljaup4zI19y_yB3p01zt4Ha7o0Vr2pI4F5sP0__kaYFN08a474yMUWLg8AcERWAtTKONQNxs19_sYUgCVs894G6Nx94QA6xak8ZhsWrBC2BujcfeEAOsXuccmGjqIWK0;csid=5646;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=WeJha-a4P2J42u1ywTJ-2lYO0j72mMZsKANsHQAHAAzPxzHPgW_Kr5G4dWAZeGGw7-ItQUX26WRx7IrzC45WtP34v5DBA7S0qrX8tGUq0L0h2iIxGACwq8Yp6W_zkWNYGOHxpbN0aJr1y5DPSLdSRJiLUk3zIemTR6J3ZKj5wyCiuQ8Zp4vrxwFn_yLVCW9Q0rJ4Y5Vx1QEYNIwylBKhwQ2;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEwiIOymBKnl4Mv-EjX9Nw1ixJ0ecirIf7_n8WW8xE0WUKVAn3KKatfN6vWmW1dlSa0;
Frame ID: 37ED78F3B0A836838F0EC5CDF39FFD7D
Requests: 13 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 99EBF167EB59C043131CFF18BA8ACCD2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 3AAE12A9C59C1D86673509F30EB81075
Requests: 1 HTTP requests in this frame

Frame: https://ox2.sterta.pl/www/delivery/ajs.php?zoneid=223&cb=65688792252&charset=UTF-8&loc=about%3Asrcdoc
Frame ID: 47BAE7711F8EC48F137CBBBE55884E67
Requests: 5 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=76.220;dc_eid=40004000;sz=160x600;u_sd=1;nel=1;dc_adk=2035887594;ord=1hyql3;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fhosting2.keep.pl%2F$0;xdt=0;crlt=5Bn6Z0N96F;sttr=28;prcl=s
Frame ID: B6BC932225CDB861363CC9A8921C094E
Requests: 1 HTTP requests in this frame

Frame: https://ox2.sterta.pl/www/delivery/ajs.php?zoneid=245&cb=22932694531&charset=UTF-8&loc=about%3Asrcdoc
Frame ID: 6743B728ECB0A9A5A7498BE1E7E9A542
Requests: 5 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=47027993;rtbwp=8ITHy-Br_6Ty2xzg7PZTJqzboUFQG3yp0;rtbdata=O1_chq4Kizr7CuMa-e0SOO9OSIJKW6I23iQCLrvmgtyhfk7cx1AdIWiLO7d-M0-Y06lg9dnBxCixPs--lqbRJRG4I7x-gxRt-SBOXGLZFke3DbMJ1wsQCp3K1TPVhTUNnwnCre4Zgn_J5RguTiGosC--HoOKuxULzZmO36wC2s_qC-krzLV-0q6cRpRC8MmNcljaup4zI1_Vjop-A9sorIHa7o0Vr2pI4F5sP0__kaYFN08a474yMUWLg8AcERWAaSevuxUHFLl_sYUgCVs894G6Nx94QA6xak8ZhsWrBC2BujcfeEAOsXuccmGjqIWK0;csid=5646;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=FXqSbS1ZZ7542u1ywTJ-2lYO0j72mMZsKANsHQAHAAzPxzHPgW_Kr5G4dWAZeGGw7-ItQUX26WTvHjNwXZsR73cUrskc5jC0OdA_DSamcl-Cp1j3GEbE-DzvM872Gwhc06lg9dnBxCixPs--lqbRJRG4I7x-gxRtbKHOy_v0tYVo-MqoS7oqwAFn_yLVCW9QDmnyBGEpsfYYNIwylBKhwQ2;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEwiIOymBKnl4Mv-EjX9Nw1ixJ0ecirIf7_n8WW8xE0WUKVAn3KKatfN6vWmW1dlSa0;
Frame ID: B4C79A5C5F0DFF319BB5BE2CCEF7A7F0
Requests: 14 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hosting2.keep.pl
Frame ID: 352D6D06870FC8956CEF99561CAF8E8E
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: E62B1DA417B04418976061674301BB48
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 332DD618D8033F51ABB604EF176CE234
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=76.220;dc_eid=40004000;sz=160x600;u_sd=1;nel=1;dc_adk=2023640339;ord=ypn9ds;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fhosting2.keep.pl%2F$0;xdt=0;crlt=6LyJgtK!dt;sttr=11;prcl=s
Frame ID: 5A6E724C133DB74AE2A69EA3E5455840
Requests: 12 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1534.js
Frame ID: 357ADF1AE598CD5F1969B32846850B2F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C4C0281757C72B0A061701314CB3E920
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js
Frame ID: B32E53AB8507058C6C28CD18C49395F3
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Frame ID: C59B964EE28430E067D23F62ECDDD640
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Frame ID: FABD9FEBEDAACCFE50532A98B400BAB7
Requests: 25 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 14E219297AAA31C79F2538225B82CA41
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Frame ID: FCBAC0AB669626870DBB9D3EBC469E21
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 096A208DD37B22FDF5082B111B123E26
Requests: 3 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 3CE66E5B6EBFA6D5D23FB99609955083
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 50B0F3896428F395C4639EED58E20E6E
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Frame ID: A0B62397984C39AD6D10E8EE4DAF4FF2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 99CE977584403ED4F88AF7B5F7B56564
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CF84ECBEA9C5BC5FED921E4912D5DB68
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2DE1EAB75C23EA5E16C6687550000DBF
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Frame ID: 4F4DD346D0859DF7C622FC69CE0265ED
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 77640D112E773A8D849C1BEB31290CD5
Requests: 5 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 73765D4166A127B4C8B5A4ABC160FCD7
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8b1e6ba2-6973-52c8-8119-0cb7e1ec7498&CACHEBUSTER=347449
Frame ID: B635461B80B3486FDAC7C9D0D02F794A
Requests: 7 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: 57398A8295B692E89E833CF322AA3F5E
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=151B1D0A-12FE-49A9-87CA-3B46A12194EC
Frame ID: 44963B13235B5A5054165AA325C3A373
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 3A472288CC497FC4DCFED7BB1C7D078C
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 8D0FF0AFF0F918866FE2EA43B63A695B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5ccdfb08-3f7b-4e11-82e4-54e0575bbb3f-003
Frame ID: 9DCD992E85BED6F84A3B9C4125F5FEA2
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: DABC100B621FDCB704D2EAFB3C630AD3
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 839BFBA327971597A624834613E5BD11
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/noop?ct=image%2Fgif
Frame ID: 81F778036E98C1EAE0F0D08F53B7D923
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A45ED7D1CF6BB917B922D7D00B1E36D7
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 8B16E931BE9717E64E6AF036F6484CA9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=eq6Vt5NsTDtUVklpNRDxypBMbR4
Frame ID: 34DBC7C7FBB8C2CC700B5176571786AE
Requests: 1 HTTP requests in this frame

Frame: https://ums.acuityplatform.com/tum?umid=6
Frame ID: E7AEFF6472D4B0FAF9F121954D86BB0C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 9BCD2AEDCBC9FDA9FFC0187FCA63CBB0
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: BDDB146D03B67C560BC6B0407F671710
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://hosting2.keep.pl/ HTTP 301
https://hosting2.keep.pl/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

script /\/\/maps\.googleapis\.com\/maps\/api\/js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Gemius () Expand

Overall confidence: %
Detected patterns

script /hit\.gemius\.pl\/xgemius\.js/i
script /hit\.gemius\.pl/i
script /xgemius\.js/i

Page Statistics

260
Requests

98 %
HTTPS

25 %
IPv6

65
Domains

101
Subdomains

66
IPs

12
Countries

1628 kB
Transfer

4566 kB
Size

14
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.prv.pl/
Title: PRV.pl

Search URL Search Domain Scan URL

URL: https://www.prv.pl/info/domena,hosting2.keep.pl

Search URL Search Domain Scan URL

URL: https://a.spolecznosci.net/ac/597070/123/?go=https://tri-table.com/?utm_source=139&utm_medium=421&utm_campaign=tritable_autopromo
Title: Ads bytri-table

Search URL Search Domain Scan URL

URL: http://grupapino.pl/pages-polityka/
Title: Politykę prywatności

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hosting2.keep.pl/ HTTP 301
https://hosting2.keep.pl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://goldbach.hit.gemius.pl/_1626699817575/rexdot.js?l=100&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fhosting2.keep.pl%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=iPrc8PW7awWhNzLVDh1T3InWOpiYJ1Klk9kKSx6ku8n.O7&vis=1 HTTP 301
https://goldbach.hit.gemius.pl/__/_1626699817575/rexdot.js?l=100&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fhosting2.keep.pl%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=iPrc8PW7awWhNzLVDh1T3InWOpiYJ1Klk9kKSx6ku8n.O7&vis=1

Request Chain 41

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhosting2.keep.pl%2F&domain=hosting2.keep.pl&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=tj29dnx2VEJ0L1hBMjhmQjBYWnFxYjM5ZnQ1aWFJM3cxSUVpWnRVQ2N4bm55M2h1L0xkcXNYQkNybThuWWxRdnR4VlRvY1NZZWdhb3dSeVRhUTJ0RjV5UXVJNklPazRhQjhXUGt3RE1qTGN3amNHWktRYVdFcW4vODJpaUVzSEhSNXdJemtUeXNhOXJxaHpEekZQMFFhdUhMeElpR1E1WVBEbjZxZ3dSaXRoakRJdFdPZlIrRlhwcEZEK0lyajdvU09rMkJERVJLNGcydlFrYkxJcVgzWjRKY2xkbmF2Q0ZTbEpxM2xTQ2o5aGhBdHZBPXw&cppv=2

Request Chain 51

https://gpl.adocean.pl/_7603424362869209/ad.json?id=vXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J..F7&aosspsizes=gplrdgkbirhkn~160x600 HTTP 301
https://gpl.adocean.pl/__/_7603424362869209/ad.json?id=vXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J..F7&aosspsizes=gplrdgkbirhkn~160x600 HTTP 301
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1626699818%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DvXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J..F7%26aosspsizes%3Dgplrdgkbirhkn%7E160x600 HTTP 301
https://gpl.adocean.pl/__/_1626699818/ad.json?hclsdata=Scl6W2C4HyJ4bEJSrv_4IIQ4phdKhJag2VL4LQAYiur.M7&hcudata=Scl6W2C4HyJ4bEJSrv_4IIQ4phdKhJag2VL4LQAYiur.M7&id=vXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J..F7&aosspsizes=gplrdgkbirhkn~160x600

Request Chain 52

https://gpl.adocean.pl/_49590399527993045/ad.json?id=qBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb.L7&aosspsizes=gpllfehiserpd~120x600 HTTP 301
https://gpl.adocean.pl/__/_49590399527993045/ad.json?id=qBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb.L7&aosspsizes=gpllfehiserpd~120x600 HTTP 301
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1626699818%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DqBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb.L7%26aosspsizes%3Dgpllfehiserpd%7E120x600 HTTP 301
https://gpl.adocean.pl/__/_1626699818/ad.json?hclsdata=SSNwuQBYQ16Y5MG6.zOv1mQ75J7UqE5uVJMc4zURfVn.Y7&hcudata=SSNwuQBYQ16Y5MG6.zOv1mQ75J7UqE5uVJMc4zURfVn.Y7&id=qBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb.L7&aosspsizes=gpllfehiserpd~120x600

Request Chain 53

https://gpl.adocean.pl/_38112448052445336/ad.json?id=.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj.A7&aosspsizes=gplnakqdtjfqd~160x600 HTTP 301
https://gpl.adocean.pl/__/_38112448052445336/ad.json?id=.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj.A7&aosspsizes=gplnakqdtjfqd~160x600 HTTP 301
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1626699818%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj.A7%26aosspsizes%3Dgplnakqdtjfqd%7E160x600 HTTP 301
https://gpl.adocean.pl/__/_1626699818/ad.json?hclsdata=6SNwVvXkQxb5mwsRWxzrUzZFpmFNLJXCtCdeyQnz8o7.B7&hcudata=6SNwVvXkQxb5mwsRWxzrUzZFpmFNLJXCtCdeyQnz8o7.B7&id=.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj.A7&aosspsizes=gplnakqdtjfqd~160x600

Request Chain 54

https://gpl.adocean.pl/_022758615525634074/ad.json?id=Og9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf.y7&aosspsizes=gplxbinknnokt~120x600 HTTP 301
https://gpl.adocean.pl/__/_022758615525634074/ad.json?id=Og9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf.y7&aosspsizes=gplxbinknnokt~120x600 HTTP 301
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1626699818%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DOg9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf.y7%26aosspsizes%3Dgplxbinknnokt%7E120x600 HTTP 301
https://gpl.adocean.pl/__/_1626699818/ad.json?hclsdata=SSLQF0YfzSBfK26g04WFf2QNhHZ6Ho4nb91mdHtjlVj.g7&hcudata=SSLQF0YfzSBfK26g04WFf2QNhHZ6Ho4nb91mdHtjlVj.g7&id=Og9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf.y7&aosspsizes=gplxbinknnokt~120x600

Request Chain 74

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhosting2.keep.pl%2F&domain=hosting2.keep.pl&bundle=KSYYy19SWURBUWF1Vm4wQXZIZHJZbEk4STdvVU9mb3JzQmtZb3Y1VnhWdmclMkZENnglMkJkNHpTOXl4TEdIOGdDM2pQRUFVNlBoZWNoZiUyQmk0MERKU2dnb0slMkZGZ2oxRFlrNVBCM0RxVTl5QXNTZzFrSSUyRk0lM0Q&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=LhZ05nxITDhUNkpqMEJ2VXA2amwxMldUdW9aVTRoQ0JoWExMNkpTeHF6OTNZQi84ak9hRGtncnlGNnJTSVpuenlGd1lUOFpyYTlJSTMyOVo3TWZXcW11UG50WFRJUlRVb1lSdWpwdlFxYnNOc2NnYWZSbXcyZng5d1BGaGMrYytkTUJQdkU4MVhwSlc2REhrWXpNNVJaZ2ZENDhUd2ZROXNUUUZiTjhuSXcyMEZQSmtSVENRRXVZNUdTN0lPY0ErMzlhQzkvc3grYmFjK2RzZGZiZkgrUDdzeHc1eU5MRDhMRXpIeUw3d1I0WHZOQTRZaWtNMXVVeUdrSnVYMDh4VTF6Wk5MfA&cppv=2

Request Chain 184

https://ads.betweendigital.com/sspmatch-iframe HTTP 302
https://ads.betweendigital.com/sspmatch-iframe?crf=1

Request Chain 191

https://ads.betweendigital.com/sspmatch-iframe HTTP 302
https://ads.betweendigital.com/sspmatch-iframe?crf=1

Request Chain 198

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 199

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 202

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=90e97739-d064-4d15-828b-ff6544050df8 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=90e97739-d064-4d15-828b-ff6544050df8 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=cb16a02c-20f2-4d8b-8ff0-fdb53d17e3c5&ssp=between&expires=30&user_group=5&bsw_param=90e97739-d064-4d15-828b-ff6544050df8 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=a189049e-1837-42a2-8856-7ba5295211c3

Request Chain 203

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=x8hDAwhEQ5q.AikABlF6vt19xg

Request Chain 204

https://sync.bumlam.com/?src=bw1&uid=8b1e6ba2-6973-52c8-8119-0cb7e1ec7498 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiw8NWHBlIFvp7KygpiJDhiMWU2YmEyLTY5NzMtNTJjOC04MTE5LTBjYjdlMWVjNzQ5OA** HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiw8NWHBlIFvp7KygpiJDhiMWU2YmEyLTY5NzMtNTJjOC04MTE5LTBjYjdlMWVjNzQ5OKIBEL_UxwrokRHroNcAJZDkXDg* HTTP 302
https://ads.betweendigital.com/match?bidder_id=18&external_user_id= HTTP 302
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=&crf=1

Request Chain 205

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=281e38374a05e6d9128ee56a

Request Chain 214

https://c1.adform.net/serving/cookie/match?party=14&cid=151B1D0A-12FE-49A9-87CA-3B46A12194EC HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=151B1D0A-12FE-49A9-87CA-3B46A12194EC

Request Chain 215

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFUjgwN0I2dkFBQUVCUkdVSXY3UQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 217

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5641628695 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5641628695 HTTP 302
https://sync.1rx.io/usersync/tradedesk/1034f27f-1fa4-462b-a2c6-eed5614082cc HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-5ccdfb08-3f7b-4e11-82e4-54e0575bbb3f-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-5ccdfb08-3f7b-4e11-82e4-54e0575bbb3f-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5ccdfb08-3f7b-4e11-82e4-54e0575bbb3f-003

Request Chain 220

https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 221

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 223

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=eq6Vt5NsTDtUVklpNRDxypBMbR4

Request Chain 225

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FRsdChL-SamHyjtGoSGU7A%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FRsdChL-SamHyjtGoSGU7A%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 227

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=272c60f5-7831-4000-94a8-58459af9e2eb

Request Chain 228

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTUxQjFEMEEtMTJGRS00OUE5LTg3Q0EtM0I0NkExMjE5NEVD&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTUxQjFEMEEtMTJGRS00OUE5LTg3Q0EtM0I0NkExMjE5NEVD&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 229

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH6E1ZoTGaUSQrwI7cg8lMU&google_cver=1

Request Chain 231

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7902508618974710440&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 232

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YPV4MQAC4lZnjAAC HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPV4MQAC4lZnjAAC&gdpr=0&gdpr_consent=&_test=YPV4MQAC4lZnjAAC

Request Chain 233

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1034f27f-1fa4-462b-a2c6-eed5614082cc

Request Chain 234

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d96d60f5-7831-4300-b9e6-c97c1e0005e5&gdpr=0&gdpr_consent=

Request Chain 236

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=151B1D0A-12FE-49A9-87CA-3B46A12194EC&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=151B1D0A-12FE-49A9-87CA-3B46A12194EC&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lUl7.XFE2uVytPj7u.PC0FL3D6z8SJo-~A&gdpr=0&gdpr_consent=

Request Chain 237

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2639328139522901578&gdpr=0&gdpr_consent=

Request Chain 240

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c0a3e360-e891-11eb-b39a-e9d8acd58513&gdpr=0&gdpr_consent=

Request Chain 241

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D531_E076F754_492809C4&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
https://pmp.mxptint.net/sn.ashx?ak=1

Request Chain 242

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 243

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VI8CJ1WHVyBPjFMhUNpJKgCKUSJP2lElW4ZhLjzq

Request Chain 244

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a189049e-1837-42a2-8856-7ba5295211c3 HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk7eb17ba4-6e0f-497c-ace5-3d8d6bbfd799&expires=7&user_group=5&ssp=pubmatic&bsw_param=a189049e-1837-42a2-8856-7ba5295211c3 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=257&user_id=mk7eb17ba4-6e0f-497c-ace5-3d8d6bbfd799&expires=7&user_group=5&ssp=pubmatic&bsw_param=a189049e-1837-42a2-8856-7ba5295211c3 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=52f3684c-010f-42b4-9462-5f31e56c6c98&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 245

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_8fe65b48-eb8d-4476-a7ae-2fc45602e183

Request Chain 246

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2476843913475599264

Request Chain 248

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 249

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 250

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3Da189049e-1837-42a2-8856-7ba5295211c3&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=d96d60f5-7831-4300-b9e6-c97c1e0005e5&expires=30&ssp=between&bsw_param=a189049e-1837-42a2-8856-7ba5295211c3&gdpr=&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=a189049e-1837-42a2-8856-7ba5295211c3

Request Chain 251

https://sync.bumlam.com/?src=aid0 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiy8NWHBlIFl4XSlAY* HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiy8NWHBlIFl4XSlAaiARDAid-06JER64pTDMR6bS_v HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQABiy8NWHBqIBEMCJ37TokRHrilMMxHptL-8* HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQARiy8NWHBqIBEMCJ37TokRHrilMMxHptL-8* HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=c089dfb4-e891-11eb-8a53-0cc47a6d2fef HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=c089dfb4-e891-11eb-8a53-0cc47a6d2fef&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=9RJZVEpEzzwFocSHwR0bsg& HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiy8NWHBlIFnLa_vg5iFjlSSlpWRXBFenp3Rm9jU0h3UjBic2c* HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiy8NWHBlIFnLa_vg5iFjlSSlpWRXBFenp3Rm9jU0h3UjBic2eiARDAxkHA6JER66DXACWQ5Fw4 HTTP 302
https://sync.bumlam.com/?src=aid1&s_data=CAIQABiy8NWHBmIWOVJKWlZFcEV6endGb2NTSHdSMGJzZ6IBEMDGQcDokRHroNcAJZDkXDg* HTTP 302
https://sync.bumlam.com/?src=aid1&s_data=CAIQARiy8NWHBmIWOVJKWlZFcEV6endGb2NTSHdSMGJzZ6IBEMDGQcDokRHroNcAJZDkXDg* HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=9RJZVEpEzzwFocSHwR0bsg&extra2=aidata HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=9RJZVEpEzzwFocSHwR0bsg&extra2=aidata&google_gid=CAESEImdvvEI5x7Ejuimz07dikg&google_cver=1 HTTP 301
https://sync.bumlam.com/?src=ggl&extra1=9RJZVEpEzzwFocSHwR0bsg&extra2=aidata&google_gid=CAESEImdvvEI5x7Ejuimz07dikg&google_cver=1 HTTP 302
https://an.yandex.ru/setud/adsniper/DE5A4E5A4C65DDB0?sign=4041399902 HTTP 302
https://an.yandex.ru/setud/adsniper/DE5A4E5A4C65DDB0?redir-setuniq=1&sign=4041399902

Request Chain 252

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 255

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/347449 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/347449

Request Chain 256

https://x.bidswitch.net/sync?dsp_id=429&user_id=8b1e6ba2-6973-52c8-8119-0cb7e1ec7498&expires=60 HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=52f3684c-010f-42b4-9462-5f31e56c6c98&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=52f3684c-010f-42b4-9462-5f31e56c6c98&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=

Request Chain 258

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F8b1e6ba2-6973-52c8-8119-0cb7e1ec7498 HTTP 302
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F8b1e6ba2-6973-52c8-8119-0cb7e1ec7498&crf=1 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/8b1e6ba2-6973-52c8-8119-0cb7e1ec7498

260 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hosting2.keep.pl/
Redirect Chain

http://hosting2.keep.pl/
https://hosting2.keep.pl/

3 KB
1 KB

884ms
852ms

Document
text/html

176.31.124.7
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.31.124.7 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting2.grupapino.pl
Software: nginx /
Resource Hash: af95a640cd702f0ade4ee22711b50a241c343db38516dd9f92f1d3aca99db1da

Request headers

:method: GET
:authority: hosting2.keep.pl
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Mon, 19 Jul 2021 13:03:34 GMT
content-type: text/html
x-cache-status: MISS
content-encoding: gzip

Redirect headers

Server: nginx
Date: Mon, 19 Jul 2021 13:03:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://hosting2.keep.pl/
X-Cache-Status: MISS

GET
H2 200 0.css
hosting2.keep.pl/static/css/creator-templates/ 2 KB
789 B 262ms
260ms Stylesheet
text/css 176.31.124.7
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting2.keep.pl/static/css/creator-templates/0.css
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.31.124.7 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting2.grupapino.pl
Software: nginx /
Resource Hash: cb2ceaa1ced52b61f7c1638d3891457821c8e63a655656607cc182de89a80fd8

Request headers

:path: /static/css/creator-templates/0.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: hosting2.keep.pl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:34 GMT
content-encoding: gzip
last-modified: Tue, 03 Jan 2017 11:01:22 GMT
server: nginx
etag: W/"673-5452e96a8a480"
x-cache-status: MISS
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Wed, 18 Aug 2021 13:03:34 GMT

GET
H2 200 site.css
hosting2.keep.pl/static/css/creator-templates/ 8 KB
2 KB 262ms
259ms Stylesheet
text/css 176.31.124.7
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting2.keep.pl/static/css/creator-templates/site.css?d=5
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.31.124.7 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting2.grupapino.pl
Software: nginx /
Resource Hash: 5034e17ec955e3e950d78be1ace90eb07325d52b2f3c3f551299521f64bdb79a

Request headers

:path: /static/css/creator-templates/site.css?d=5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: hosting2.keep.pl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:34 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2016 12:23:40 GMT
server: nginx
etag: W/"1feb-52e8e2ab08b00"
x-cache-status: MISS
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Wed, 18 Aug 2021 13:03:34 GMT

GET
H2 200 fancybox.css
hosting2.keep.pl/static/css/ 9 KB
2 KB 962ms
960ms Stylesheet
text/css 176.31.124.7
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting2.keep.pl/static/css/fancybox.css
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.31.124.7 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting2.grupapino.pl
Software: nginx /
Resource Hash: 9f5782ffc0daadcd976aaddadf79ed3d2ce371b5e49935e4c3a9832148a53e7c

Request headers

:path: /static/css/fancybox.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: hosting2.keep.pl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:35 GMT
content-encoding: gzip
last-modified: Tue, 03 Jan 2017 11:01:22 GMT
server: nginx
etag: W/"23f9-5452e96a8a480"
x-cache-status: MISS
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Wed, 18 Aug 2021 13:03:34 GMT

GET
H2 200 jquery-1.8.2.min.js Show response
hosting2.keep.pl/static/js/ 91 KB
92 KB 1166ms
1164ms Script
application/javascript 176.31.124.7
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting2.keep.pl/static/js/jquery-1.8.2.min.js
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.31.124.7 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting2.grupapino.pl
Software: nginx /
Resource Hash: f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc

Request headers

:path: /static/js/jquery-1.8.2.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hosting2.keep.pl
referer: https://hosting2.keep.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:35 GMT
last-modified: Tue, 03 Jan 2017 11:01:22 GMT
server: nginx
etag: "16cfc-5452e96a8a480"
x-cache-status: MISS
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 93436
expires: Wed, 18 Aug 2021 13:03:34 GMT

GET
H2 200 jquery.fancybox-1.3.4.pack.js Show response
hosting2.keep.pl/static/js/ 15 KB
16 KB 1150ms
1148ms Script
application/javascript 176.31.124.7
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting2.keep.pl/static/js/jquery.fancybox-1.3.4.pack.js
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.31.124.7 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting2.grupapino.pl
Software: nginx /
Resource Hash: d84bac3710c2842dc8d5d5ae6e324007443cbd8ae26b909dd89bc2bdc31c8561

Request headers

:path: /static/js/jquery.fancybox-1.3.4.pack.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hosting2.keep.pl
referer: https://hosting2.keep.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:35 GMT
last-modified: Tue, 03 Jan 2017 11:01:22 GMT
server: nginx
etag: "3d08-5452e96a8a480"
x-cache-status: MISS
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15624
expires: Wed, 18 Aug 2021 13:03:34 GMT

GET
H2 200 jquery.blueberry.js Show response
hosting2.keep.pl/static/js/ 7 KB
7 KB 978ms
977ms Script
application/javascript 176.31.124.7
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting2.keep.pl/static/js/jquery.blueberry.js
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.31.124.7 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting2.grupapino.pl
Software: nginx /
Resource Hash: dbb9ee5a95dff298790b4063d642dc3a133aad8280803c8a5b840e100c10378a

Request headers

:path: /static/js/jquery.blueberry.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hosting2.keep.pl
referer: https://hosting2.keep.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:35 GMT
last-modified: Tue, 03 Jan 2017 11:01:22 GMT
server: nginx
etag: "1cd2-5452e96a8a480"
x-cache-status: MISS
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7378
expires: Wed, 18 Aug 2021 13:03:34 GMT

GET
H2 200 js Show response
maps.google.com/maps/api/ 132 KB
43 KB 53ms
33ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps/api/js?key=AIzaSyBPa4F4yWVD6-inbPov_4b2Kn1fFgP3ieo&sensor=false

Requested by

Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

cc6162dfff87276a86a1996f5631e21df1ccad56558079d75f3af37af83b2c36

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:35 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=19
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44062
x-xss-protection: 0
expires: Mon, 19 Jul 2021 13:33:35 GMT

GET
H2 200 creator-site-init.js Show response
hosting2.keep.pl/static/js/ 8 KB
9 KB 1126ms
1124ms Script
application/javascript 176.31.124.7
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting2.keep.pl/static/js/creator-site-init.js?d=7
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.31.124.7 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting2.grupapino.pl
Software: nginx /
Resource Hash: 8d10530c0bfbd5da6d28a978732b008798c6b532f5e4aef2acbda1a64211bc66

Request headers

:path: /static/js/creator-site-init.js?d=7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hosting2.keep.pl
referer: https://hosting2.keep.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:35 GMT
last-modified: Wed, 26 Jul 2017 06:52:00 GMT
server: nginx
etag: "21b4-55532e27b2400"
x-cache-status: MISS
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8628
expires: Wed, 18 Aug 2021 13:03:34 GMT

GET
H2 200 prv_site_config_values.js Show response
hosting2.keep.pl/ 402 B
419 B 245ms
244ms Script
application/x-javascript 176.31.124.7
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting2.keep.pl/prv_site_config_values.js
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.31.124.7 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting2.grupapino.pl
Software: nginx /
Resource Hash: b5a734946ec8300148a5794bb2ff4fe858356bbfe167674b3dcc46d35a2a35ee

Request headers

:path: /prv_site_config_values.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hosting2.keep.pl
referer: https://hosting2.keep.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:34 GMT
cache-control: no-cache
content-type: application/x-javascript
last-modified: Tue, 07 Aug 2018 07:35:06 GMT
server: nginx
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 prv_hosting_footer.js Show response
hosting2.keep.pl/ 22 KB
10 KB 259ms
258ms Script
application/x-javascript 176.31.124.7
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting2.keep.pl/prv_hosting_footer.js
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.31.124.7 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting2.grupapino.pl
Software: nginx /
Resource Hash: 585efad8df049217e69499bfef32cb47523a4b6b16febfeeba4020a05b699c7e

Request headers

:path: /prv_hosting_footer.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hosting2.keep.pl
referer: https://hosting2.keep.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:34 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 09:30:49 GMT
server: nginx
etag: W/"602a3f49-597a"
content-type: application/x-javascript

GET
H2 200 banner0.png
hosting2.keep.pl/static/img/creator/banners/ 864 B
1 KB 465ms
464ms Image
image/png 176.31.124.7
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hosting2.keep.pl/static/img/creator/banners/banner0.png
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.31.124.7 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting2.grupapino.pl
Software: nginx /
Resource Hash: 2c1c796400a15af0bcba4c6c1383a81ee66e508d6df14f23e6bc5ee47ecd2400

Request headers

:path: /static/img/creator/banners/banner0.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hosting2.keep.pl
referer: https://hosting2.keep.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:36 GMT
last-modified: Tue, 03 Jan 2017 11:01:22 GMT
server: nginx
etag: "360-5452e96a8a480"
x-cache-status: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 864
expires: Wed, 18 Aug 2021 13:03:35 GMT

GET
H2 200 opensans-semibold-webfont.woff
hosting2.keep.pl/static/fonts/ 27 KB
27 KB 450ms
450ms Font
font/woff 176.31.124.7
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting2.keep.pl/static/fonts/opensans-semibold-webfont.woff
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/static/css/creator-templates/0.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.31.124.7 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting2.grupapino.pl
Software: nginx /
Resource Hash: fbbb64ca86040355029dc9f8baadfa5621e643ddb72b699e47eb62afd8e2acb9

Request headers

:path: /static/fonts/opensans-semibold-webfont.woff
pragma: no-cache
origin: https://hosting2.keep.pl
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: hosting2.keep.pl
referer: https://hosting2.keep.pl/static/css/creator-templates/0.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://hosting2.keep.pl
Referer: https://hosting2.keep.pl/static/css/creator-templates/0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:36 GMT
last-modified: Tue, 03 Jan 2017 11:01:22 GMT
server: nginx
etag: "6ab4-5452e96a8a480"
x-cache-status: MISS
content-type: font/woff
accept-ranges: bytes
content-length: 27316

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 3379
date: Mon, 19 Jul 2021 12:07:18 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Mon, 19 Jul 2021 14:07:18 GMT

GET
H2 200 stats.php Show response
stats.grupapino.pl/ 18 B
193 B 81ms
18ms Script
text/javascript 188.165.206.157
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.grupapino.pl/stats.php?url=hosting2.keep.pl&t=hk&extra=file.js
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.206.157 , France, ASN16276 (OVH, FR),
Reverse DNS: prv.grupapino.pl
Software: nginx /
Resource Hash: 85b188d753e191ad4c8b58c3af7c7a8792991f627efaaf9ed407b0b3adf72e8e

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:36 GMT
server: nginx
content-type: text/javascript;charset=UTF-8

GET
H2 200 xgemius.js Show response
goldbach.hit.gemius.pl/ 39 KB
11 KB 114ms
31ms Script
application/x-javascript 195.177.216.95
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://goldbach.hit.gemius.pl/xgemius.js
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 195.177.216.95 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-195-177-216-95.dataspace.pl
Software: GHC /
Resource Hash: fb6e387a6fee5100a989c0b0363545e47375d87304a2781a16d6fc8a7f7cba85

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:37 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 09:58:52 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 10555
expires: Tue, 20 Jul 2021 01:03:37 GMT

GET
H2 200 ajs.php Show response
ox2.sterta.pl/www/delivery/ 4 KB
4 KB 103ms
20ms Script
text/javascript 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ox2.sterta.pl/www/delivery/ajs.php?zoneid=81&cat=komputery_i_internet&sub=hosting&adult=0&cb=26685300865&charset=UTF-8&loc=https%3A//hosting2.keep.pl/
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 9c4fb66b1c947ecdedca634923b4cf1e04a2debabd66c70319b5265b241fa412

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:37 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ajs.php Show response
ox2.sterta.pl/www/delivery/ 4 KB
4 KB 103ms
20ms Script
text/javascript 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ox2.sterta.pl/www/delivery/ajs.php?zoneid=82&cat=komputery_i_internet&sub=hosting&adult=0&cb=49342447335&charset=UTF-8&loc=https%3A//hosting2.keep.pl/
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1806d3831854b6b4784a747228fa917f4a45c877b832dceb706898e41968b64b

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:37 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ajs.php Show response
ox2.sterta.pl/www/delivery/ 416 B
756 B 101ms
19ms Script
text/javascript 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ox2.sterta.pl/www/delivery/ajs.php?zoneid=44&cat=komputery_i_internet&sub=hosting&adult=0&cb=46557918804&charset=UTF-8&loc=https%3A//hosting2.keep.pl/
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 7fa41ea3d04f4eebdbe4af7373eefb6531ce4629f928282d46a3d734f63c3ea8

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:37 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 rodo.js Show response
ad.prv.pl/ 9 KB
3 KB 74ms
13ms Script
application/javascript 188.165.206.157
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.prv.pl/rodo.js
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.206.157 , France, ASN16276 (OVH, FR),
Reverse DNS: prv.grupapino.pl
Software: nginx /
Resource Hash: 16971da05aae9bc069b1731d95206049d75b03e60bce5113fb913b5e1d7d7dad

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 19 Jul 2021 13:03:36 GMT
content-encoding: gzip
last-modified: Tue, 19 Jun 2018 09:59:14 GMT
server: nginx
etag: W/"5b28d3f2-25d4"
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 button_comment.png
komentarze.prv.pl/img/ 1 KB
1 KB 60ms
13ms Image
image/png 188.165.206.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://komentarze.prv.pl/img/button_comment.png
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.206.157 , France, ASN16276 (OVH, FR),
Reverse DNS: prv.grupapino.pl
Software: nginx /
Resource Hash: 0dff70386ce467674d303b4ad7741efbdd4b47adadfd338c129cdccb7a42d7d9

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:36 GMT
last-modified: Tue, 10 Jan 2017 10:40:56 GMT
server: nginx
etag: "5874ba38-4b2"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1202
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=13880712&t=pageview&_s=1&dl=https%3A%2F%2Fhosting2.keep.pl%2F&ul=en-us&de=UTF-8&dt=Twoje%20miejsce&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1382716062&gjid=1876879994&cid=1439218454.1626699817&tid=UA-480911-15&_gid=287011666.1626699817&_r=1&_slc=1&z=1104252022

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-480911-15&cid=1439218454.1626699817&jid=1382716062&gjid=1876879994&_gid=287011666.1626699817&_u=IEBAAEAAAAAAAC~&z=367767633

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 19 Jul 2021 13:03:37 GMT
content-type: text/plain
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-480911-15&cid=1439218454.1626699817&jid=1382716062&_u=IEBAAEAAAAAAAC~&z=2054379008

Requested by

Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-480911-15&cid=1439218454.1626699817&jid=1382716062&_u=IEBAAEAAAAAAAC~&z=2054379008

Requested by

Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.js Show response
a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/ 64 KB
20 KB 67ms
27ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Requested by

Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

22a9e3bd6ab772d8f3f94543159421b6046bcb9a92b03598926d6378284a04ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:37 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300
strict-transport-security: max-age=31536000
expires: Mon, 19 Jul 2021 13:05:56 GMT

GET
H2 200 lg.php
ox2.sterta.pl/www/delivery/ 43 B
358 B 18ms
17ms Image
image/gif 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ox2.sterta.pl/www/delivery/lg.php?bannerid=901&campaignid=194&zoneid=81&loc=https%3A%2F%2Fhosting2.keep.pl%2F&cb=1e02dbf283
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:37 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: max-age=315360000
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 close_x.png
ad.prv.pl/img/ 620 B
795 B 13ms
13ms Image
image/png 188.165.206.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.prv.pl/img/close_x.png
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.206.157 , France, ASN16276 (OVH, FR),
Reverse DNS: prv.grupapino.pl
Software: nginx /
Resource Hash: d44fe33544eb7000a4be897820643c827d44076217f2ca3376bf3134409bb9fb

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:36 GMT
last-modified: Wed, 02 Sep 2015 06:40:12 GMT
server: nginx
etag: "55e699cc-26c"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 620
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lg.php
ox2.sterta.pl/www/delivery/ 43 B
358 B 18ms
17ms Image
image/gif 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ox2.sterta.pl/www/delivery/lg.php?bannerid=707&campaignid=194&zoneid=82&loc=https%3A%2F%2Fhosting2.keep.pl%2F&cb=0b8ac4ba4c
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:37 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: max-age=315360000
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lg.php
ox2.sterta.pl/www/delivery/ 43 B
358 B 19ms
18ms Image
image/gif 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ox2.sterta.pl/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=44&loc=https%3A%2F%2Fhosting2.keep.pl%2F&cb=bc0b1dc27f
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:37 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: max-age=315360000
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 prv_billboard_iefix.html Show response
hosting2.keep.pl/ Frame A228 2 KB
1 KB 283ms
282ms Document
text/html 176.31.124.7
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting2.keep.pl/prv_billboard_iefix.html?cat=komputery_i_internet&sub=hosting&site=hosting2.keep.pl&adult=0&check=2
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.31.124.7 , France, ASN16276 (OVH, FR),
Reverse DNS: prv-hosting2.grupapino.pl
Software: nginx /
Resource Hash: 54773ec8f0523a46104738d5e7f4867bfbd0ed5e14d284c72bede25ea8d49056

Request headers

:method: GET
:authority: hosting2.keep.pl
:scheme: https
:path: /prv_billboard_iefix.html?cat=komputery_i_internet&sub=hosting&site=hosting2.keep.pl&adult=0&check=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hosting2.keep.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

server: nginx
date: Mon, 19 Jul 2021 13:03:36 GMT
content-type: text/html
last-modified: Mon, 23 Oct 2017 10:55:23 GMT
etag: W/"59edca9b-9c3"
content-encoding: gzip

GET
H2 200 server.php Show response
ad.prv.pl/ Frame 935E 3 KB
1 KB 18ms
17ms Document
text/html 188.165.206.157
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.prv.pl/server.php?type=bill&source=hosting2.keep.pl&medium=hosting-billboard-content
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.206.157 , France, ASN16276 (OVH, FR),
Reverse DNS: prv.grupapino.pl
Software: nginx /
Resource Hash: 4a35e8a1fb5e49aa3a09ebac35cb99edfea7a88432997c14ce95892f3cf8d8e2

Request headers

:method: GET
:authority: ad.prv.pl
:scheme: https
:path: /server.php?type=bill&source=hosting2.keep.pl&medium=hosting-billboard-content
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hosting2.keep.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

server: nginx
date: Mon, 19 Jul 2021 13:03:36 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip

GET
H2 200 fpdata.js Show response
goldbach.hit.gemius.pl/ 276 B
390 B 30ms
29ms Script
application/x-javascript 195.177.216.95
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://goldbach.hit.gemius.pl/fpdata.js?href=hosting2.keep.pl
Requested by: Host: goldbach.hit.gemius.pl
URL: https://goldbach.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 195.177.216.95 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-195-177-216-95.dataspace.pl
Software: GHC /
Resource Hash: 4965ad214db1df378f6c63ceef21733ce3504af2546fe18ad898a3e763284299

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:37 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 276
expires: Wed, 18 Aug 2021 13:03:37 GMT

GET
H2 200 rn.js Show response
spolecznosci.net/js/modules/ 202 KB
69 KB 30ms
16ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/rn.js?h=97475151f2cecb63af9c

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

1c3ecaf290fc8a3db43c9329b4679956c209abb27001310ae58c6b83889b07cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:37 GMT
content-encoding: gzip
last-modified: Thu, 15 Jul 2021 12:55:21 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Tue, 19 Jul 2022 13:03:37 GMT

GET
H2 200 a.js Show response
spolecznosci.net/js/modules/ 76 KB
13 KB 16ms
15ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/a.js?h=dca4d51d32c232dfc8e0

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

ec1b0394abb86c62650001073d82c963cb34fe577de39ea9f3dc13eb97d788f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:37 GMT
content-encoding: gzip
last-modified: Thu, 15 Jul 2021 12:55:21 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Tue, 19 Jul 2022 13:03:37 GMT

GET
H2 200 hb.js Show response
spolecznosci.net/js/modules/ 405 KB
121 KB 17ms
17ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

95c0d0919002788db421055375ee8bae11542e0c58be189aee85c2443a415eeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:37 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 08:03:46 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Tue, 19 Jul 2022 13:03:37 GMT

GET
H2 200 au.js Show response
spolecznosci.net/js/modules/ 9 KB
2 KB 14ms
14ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/au.js?h=cb923e9f743bc0bcde3a

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

5ccbdf5d86e1ea9e3ce8f6e5f58a243245ed1c1db5da26be3d57ff37e2296d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:37 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 19:29:36 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Tue, 19 Jul 2022 13:03:37 GMT

GET
H2 200 geo_eu Show response
a.spolecznosci.net/ 34 B
227 B 44ms
14ms XHR
application/json 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/geo_eu

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/rn.js?h=97475151f2cecb63af9c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ff9ddfcaf8eec13c3f972ad356cce19138fffcb9a709f41165639935ee65e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:37 GMT
server: nginx
strict-transport-security: max-age=31536000
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
content-length: 34
expires: Tue, 20 Jul 2021 13:03:37 GMT

GET
H2

200

rexdot.js Show response
goldbach.hit.gemius.pl/__/_1626699817575/
Redirect Chain

https://goldbach.hit.gemius.pl/_1626699817575/rexdot.js?l=100&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fhost...
https://goldbach.hit.gemius.pl/__/_1626699817575/rexdot.js?l=100&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fh...

167 B
426 B

31ms
30ms

Script
application/x-javascript

195.177.216.95
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://goldbach.hit.gemius.pl/__/_1626699817575/rexdot.js?l=100&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fhosting2.keep.pl%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=iPrc8PW7awWhNzLVDh1T3InWOpiYJ1Klk9kKSx6ku8n.O7&vis=1
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 195.177.216.95 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-195-177-216-95.dataspace.pl
Software: GHC /
Resource Hash: 6c17389851ab915403bbf928b2eceb95c75bfe303cfccb5b4c8ee9ea70ed2467

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:37 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 167
expires: Sun, 18 Jul 2021 13:03:37 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:37 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1626699817575/rexdot.js?l=100&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fhosting2.keep.pl%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=iPrc8PW7awWhNzLVDh1T3InWOpiYJ1Klk9kKSx6ku8n.O7&vis=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 18 Jul 2021 13:03:37 GMT

GET
H2 200 pr.js Show response
spolecznosci.net/js/modules/ 1 KB
934 B 14ms
14ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/pr.js?h=df1d6ff74bf8827d2b94

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

989e1f778b2b37ef61248011421bfca5c456464fc4c0db4de5f5b466779ff22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 19:29:36 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Tue, 19 Jul 2022 13:03:38 GMT

GET
H2 200 data.18.htm Show response
spolecznosci.net/files/ Frame 63E7 49 KB
17 KB 15ms
15ms Document
text/html 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/files/data.18.htm?Ho_hosting2.keep.pl/Spfp_ada2b987231648484501021c1ee54971

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/rn.js?h=97475151f2cecb63af9c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

26bdce56978a7342535f74a8603f26ddfd578acb8b2f0192c52c9ca55ee62028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: spolecznosci.net
:scheme: https
:path: /files/data.18.htm?Ho_hosting2.keep.pl/Spfp_ada2b987231648484501021c1ee54971
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hosting2.keep.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

server: nginx
date: Mon, 19 Jul 2021 13:03:38 GMT
content-type: text/html
last-modified: Wed, 14 Jul 2021 10:59:59 GMT
vary: Accept-Encoding
expires: Tue, 19 Jul 2022 13:03:38 GMT
cache-control: max-age=31536000 public
content-encoding: gzip
strict-transport-security: max-age=31536000

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 50ms
15ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhosting2.keep.pl%2F&domain=hosting2.keep.pl&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://hosting2.keep.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://hosting2.keep.pl
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1372
date: Mon, 19 Jul 2021 13:03:37 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhosting2.keep.pl%2F&domain=hosting2.keep.pl&cw=1
https://mug.criteo.com/sid?cpp=tj29dnx2VEJ0L1hBMjhmQjBYWnFxYjM5ZnQ1aWFJM3cxSUVpWnRVQ2N4bm55M2h1L0xkcXNYQkNybThuWWxRdnR4VlRvY1NZZWdhb3dSeVRhUTJ0RjV5UXVJNklPazRhQjhXUGt3RE1qTGN3amNHWktRYVdFcW4vODJpaU...

323 B
587 B

43ms
16ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=tj29dnx2VEJ0L1hBMjhmQjBYWnFxYjM5ZnQ1aWFJM3cxSUVpWnRVQ2N4bm55M2h1L0xkcXNYQkNybThuWWxRdnR4VlRvY1NZZWdhb3dSeVRhUTJ0RjV5UXVJNklPazRhQjhXUGt3RE1qTGN3amNHWktRYVdFcW4vODJpaUVzSEhSNXdJemtUeXNhOXJxaHpEekZQMFFhdUhMeElpR1E1WVBEbjZxZ3dSaXRoakRJdFdPZlIrRlhwcEZEK0lyajdvU09rMkJERVJLNGcydlFrYkxJcVgzWjRKY2xkbmF2Q0ZTbEpxM2xTQ2o5aGhBdHZBPXw&cppv=2

Requested by

Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

08d55cfd6c2835c064d5c2e76af93e917ce31486fab474faca7474e91d8ac37e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 19 Jul 2021 13:03:38 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2978
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 19 Jul 2021 13:03:37 GMT
location: https://mug.criteo.com/sid?cpp=tj29dnx2VEJ0L1hBMjhmQjBYWnFxYjM5ZnQ1aWFJM3cxSUVpWnRVQ2N4bm55M2h1L0xkcXNYQkNybThuWWxRdnR4VlRvY1NZZWdhb3dSeVRhUTJ0RjV5UXVJNklPazRhQjhXUGt3RE1qTGN3amNHWktRYVdFcW4vODJpaUVzSEhSNXdJemtUeXNhOXJxaHpEekZQMFFhdUhMeElpR1E1WVBEbjZxZ3dSaXRoakRJdFdPZlIrRlhwcEZEK0lyajdvU09rMkJERVJLNGcydlFrYkxJcVgzWjRKY2xkbmF2Q0ZTbEpxM2xTQ2o5aGhBdHZBPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1654
content-length: 482
expires: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 2 KB
2 KB 218ms
172ms XHR
application/json 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTUyODU4MSZ0cmFuc2FjdGlvbklkPTYxMTJjZjJiLTc2OTMtNGY0ZC04YjYyLTM1YjI1NmQ2NWViNyZyY3VyPVBMTg%3D%3D&bWlkPTE0NzA3NiZ0cmFuc2FjdGlvbklkPWE3OWM1OTUwLWZiZGMtNGRiYS05MjRkLWQ0YzU3YWU5ZTY0ZCZyY3VyPVBMTg%3D%3D&pt=gross&stid=70b73e59-00f0-42f7-8e8a-97b0a1a87894&fd=1&eids=eyJwdWJjaWQub3JnIjp7IjE0ZmI2YzkyLTM2YTUtNDY5NC1hMDA4LTMzYWFjZGFhZGE5ZCI6WzFdfX0%3D

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6dc8a08fc5e856d7d68da70e25e2718f15ab90e1ed5c4e9f59654ee4c4e6502b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hosting2.keep.pl
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 568ms
97ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hosting2.keep.pl
date: Mon, 19 Jul 2021 13:03:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 301 B
1 KB 64ms
23ms XHR
application/json 213.19.162.51
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17256&site_id=163612&zone_id=784946&size_id=9&alt_size_ids=8&p_pos=btf&rp_schain=1.0,1!spolecznosci.pl,4796,1,,,&eid_pubcid.org=14fb6c92-36a5-4694-a008-33aacdaada9d%5E1&rf=https%3A%2F%2Fhosting2.keep.pl%2F&tk_flint=pbjs_lite_v4.43.2&x_source.tid=e3503132-24c3-412f-81c0-27579b502751&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5176154676632378
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 69c8670afe25ffbb8a824299f75a11252fec567d46212525518427f70fba1ced

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:38 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hosting2.keep.pl
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 301
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
179 B 55ms
14ms XHR
text/plain 35.190.63.210
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.63.210 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
via: 1.1 google
server: nginx
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-cache, private
access-control-allow-credentials: true
alt-svc: clear

POST
H2 200 prebid Show response
mp.4dex.io/ 3 KB
1 KB 29ms
15ms XHR
application/json 35.227.247.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.247.230 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 9f1583b07097eed66da27cf07e7e737d8cb1a7de225527c3cab738159144c2a9

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
x-openrtb-version: 2.5
x-warn: Selecting bids. No selected bids
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hosting2.keep.pl
no-bid: true
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 794
via: 1.1 google
expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 39ms
14ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hosting2.keep.pl
date: Mon, 19 Jul 2021 13:03:38 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
189 B 49ms
15ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.2&cb=88638960508
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hosting2.keep.pl
date: Mon, 19 Jul 2021 13:03:37 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
698 B 74ms
42ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:38 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6f87bd3d-7f02-4a08-91ba-9e14d987de58
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://hosting2.keep.pl
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
917 B 55ms
17ms XHR
application/json 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2

200

ad.json Show response
gpl.adocean.pl/__/_1626699818/
Redirect Chain

https://gpl.adocean.pl/_7603424362869209/ad.json?id=vXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J..F7&aosspsizes=gplrdgkbirhkn~160x600
https://gpl.adocean.pl/__/_7603424362869209/ad.json?id=vXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J..F7&aosspsizes=gplrdgkbirhkn~160x600
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1626699818%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DvXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J.....
https://gpl.adocean.pl/__/_1626699818/ad.json?hclsdata=Scl6W2C4HyJ4bEJSrv_4IIQ4phdKhJag2VL4LQAYiur.M7&hcudata=Scl6W2C4HyJ4bEJSrv_4IIQ4phdKhJag2VL4LQAYiur.M7&id=vXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Nc...

60 B
257 B

338ms
338ms

XHR
text/json

85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/_1626699818/ad.json?hclsdata=Scl6W2C4HyJ4bEJSrv_4IIQ4phdKhJag2VL4LQAYiur.M7&hcudata=Scl6W2C4HyJ4bEJSrv_4IIQ4phdKhJag2VL4LQAYiur.M7&id=vXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J..F7&aosspsizes=gplrdgkbirhkn~160x600
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: ebc4630cd9254c69deb4a342db24b7d118cadce3e3f22e2339dd4270a2a1297b

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: GAD
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: text/json
content-length: 60
expires: Sun, 18 Jul 2021 13:03:38 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: GHC
access-control-allow-origin: null
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://gpl.adocean.pl/__/_1626699818/ad.json?hclsdata=Scl6W2C4HyJ4bEJSrv_4IIQ4phdKhJag2VL4LQAYiur.M7&hcudata=Scl6W2C4HyJ4bEJSrv_4IIQ4phdKhJag2VL4LQAYiur.M7&id=vXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J..F7&aosspsizes=gplrdgkbirhkn~160x600
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 18 Jul 2021 13:03:38 GMT

GET
H2

200

ad.json Show response
gpl.adocean.pl/__/_1626699818/
Redirect Chain

https://gpl.adocean.pl/_49590399527993045/ad.json?id=qBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb.L7&aosspsizes=gpllfehiserpd~120x600
https://gpl.adocean.pl/__/_49590399527993045/ad.json?id=qBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb.L7&aosspsizes=gpllfehiserpd~120x600
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1626699818%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DqBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb....
https://gpl.adocean.pl/__/_1626699818/ad.json?hclsdata=SSNwuQBYQ16Y5MG6.zOv1mQ75J7UqE5uVJMc4zURfVn.Y7&hcudata=SSNwuQBYQ16Y5MG6.zOv1mQ75J7UqE5uVJMc4zURfVn.Y7&id=qBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoa...

60 B
273 B

201ms
201ms

XHR
text/json

85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/_1626699818/ad.json?hclsdata=SSNwuQBYQ16Y5MG6.zOv1mQ75J7UqE5uVJMc4zURfVn.Y7&hcudata=SSNwuQBYQ16Y5MG6.zOv1mQ75J7UqE5uVJMc4zURfVn.Y7&id=qBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb.L7&aosspsizes=gpllfehiserpd~120x600
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: 79026558a34822dc06c3b5c47ea13057fd3f235296610974d6c97e67471665db

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: GAD
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: text/json
content-length: 60
expires: Sun, 18 Jul 2021 13:03:38 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: GHC
access-control-allow-origin: null
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://gpl.adocean.pl/__/_1626699818/ad.json?hclsdata=SSNwuQBYQ16Y5MG6.zOv1mQ75J7UqE5uVJMc4zURfVn.Y7&hcudata=SSNwuQBYQ16Y5MG6.zOv1mQ75J7UqE5uVJMc4zURfVn.Y7&id=qBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb.L7&aosspsizes=gpllfehiserpd~120x600
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 18 Jul 2021 13:03:38 GMT

GET
H2

200

ad.json Show response
gpl.adocean.pl/__/_1626699818/
Redirect Chain

https://gpl.adocean.pl/_38112448052445336/ad.json?id=.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj.A7&aosspsizes=gplnakqdtjfqd~160x600
https://gpl.adocean.pl/__/_38112448052445336/ad.json?id=.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj.A7&aosspsizes=gplnakqdtjfqd~160x600
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1626699818%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj....
https://gpl.adocean.pl/__/_1626699818/ad.json?hclsdata=6SNwVvXkQxb5mwsRWxzrUzZFpmFNLJXCtCdeyQnz8o7.B7&hcudata=6SNwVvXkQxb5mwsRWxzrUzZFpmFNLJXCtCdeyQnz8o7.B7&id=.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4w...

60 B
257 B

225ms
224ms

XHR
text/json

85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/_1626699818/ad.json?hclsdata=6SNwVvXkQxb5mwsRWxzrUzZFpmFNLJXCtCdeyQnz8o7.B7&hcudata=6SNwVvXkQxb5mwsRWxzrUzZFpmFNLJXCtCdeyQnz8o7.B7&id=.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj.A7&aosspsizes=gplnakqdtjfqd~160x600
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: f584b9d8d1efc5b95fabd3eecb68727a44484c2bce6a16924c58bdd8ecdad427

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: GAD
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: text/json
content-length: 60
expires: Sun, 18 Jul 2021 13:03:38 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: GHC
access-control-allow-origin: null
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://gpl.adocean.pl/__/_1626699818/ad.json?hclsdata=6SNwVvXkQxb5mwsRWxzrUzZFpmFNLJXCtCdeyQnz8o7.B7&hcudata=6SNwVvXkQxb5mwsRWxzrUzZFpmFNLJXCtCdeyQnz8o7.B7&id=.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj.A7&aosspsizes=gplnakqdtjfqd~160x600
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 18 Jul 2021 13:03:38 GMT

GET
H2

200

ad.json Show response
gpl.adocean.pl/__/_1626699818/
Redirect Chain

https://gpl.adocean.pl/_022758615525634074/ad.json?id=Og9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf.y7&aosspsizes=gplxbinknnokt~120x600
https://gpl.adocean.pl/__/_022758615525634074/ad.json?id=Og9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf.y7&aosspsizes=gplxbinknnokt~120x600
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1626699818%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DOg9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf....
https://gpl.adocean.pl/__/_1626699818/ad.json?hclsdata=SSLQF0YfzSBfK26g04WFf2QNhHZ6Ho4nb91mdHtjlVj.g7&hcudata=SSLQF0YfzSBfK26g04WFf2QNhHZ6Ho4nb91mdHtjlVj.g7&id=Og9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0...

60 B
257 B

221ms
221ms

XHR
text/json

85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/_1626699818/ad.json?hclsdata=SSLQF0YfzSBfK26g04WFf2QNhHZ6Ho4nb91mdHtjlVj.g7&hcudata=SSLQF0YfzSBfK26g04WFf2QNhHZ6Ho4nb91mdHtjlVj.g7&id=Og9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf.y7&aosspsizes=gplxbinknnokt~120x600
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: e428854f4607fbc8e99c64f4eac50fad7911242de9842c23d03a2bce44e7d7ec

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: GAD
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: text/json
content-length: 60
expires: Sun, 18 Jul 2021 13:03:38 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: GHC
access-control-allow-origin: null
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://gpl.adocean.pl/__/_1626699818/ad.json?hclsdata=SSLQF0YfzSBfK26g04WFf2QNhHZ6Ho4nb91mdHtjlVj.g7&hcudata=SSLQF0YfzSBfK26g04WFf2QNhHZ6Ho4nb91mdHtjlVj.g7&id=Og9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf.y7&aosspsizes=gplxbinknnokt~120x600
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 18 Jul 2021 13:03:38 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
698 B 38ms
14ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:38 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a7a9d484-c090-4a15-a93f-d21ac6cb7a97
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://hosting2.keep.pl
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame A228 48 KB
19 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 3380
date: Mon, 19 Jul 2021 12:07:18 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Mon, 19 Jul 2021 14:07:18 GMT

GET
H2 200 ajs.php Show response
ox2.sterta.pl/www/delivery/ Frame A228 1 KB
2 KB 20ms
18ms Script
text/javascript 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ox2.sterta.pl/www/delivery/ajs.php?zoneid=43&cat=komputery_i_internet&sub=hosting&adult=0&cb=79672490843&charset=UTF-8&loc=https%3A//hosting2.keep.pl/prv_billboard_iefix.html%3Fcat%3Dkomputery_i_internet%26sub%3Dhosting%26site%3Dhosting2.keep.pl%26adult%3D0%26check%3D2&referer=https%3A//hosting2.keep.pl/
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 0be8ea0dffcaf7898cdf58afaf2d50fca9d02d3baed3bdbb28c8655191f022e0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:37 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 geo_snet Show response
a.spolecznosci.net/ Frame 63E7 175 B
371 B 15ms
14ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/geo_snet?cb=extraDataCached&di={%22width%22:1200,%22height%22:1600,%22ratio%22:1}

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/files/data.18.htm?Ho_hosting2.keep.pl/Spfp_ada2b987231648484501021c1ee54971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

ffbf2e2c8bd9704deb3a8b5490979c1869fc8cc8968ecdbf743b47febe868832

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spolecznosci.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
server: nginx
strict-transport-security: max-age=31536000
x-cache: MISS
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=3600
content-length: 175
expires: Mon, 19 Jul 2021 14:03:38 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame A228 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1242487873&t=pageview&_s=1&dl=https%3A%2F%2Fhosting2.keep.pl%2Fprv_billboard_iefix.html%3Fcat%3Dkomputery_i_internet%26sub%3Dhosting%26site%3Dhosting2.keep.pl%26adult%3D0%26check%3D2&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=750x200&je=0&_u=IEBAAEABAAAAAC~&jid=874734112&gjid=410475981&cid=99071284.1626699818&tid=UA-480911-15&_gid=1861130772.1626699818&_r=1&_slc=1&z=526607051

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.js Show response
a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/ Frame A228 64 KB
20 KB 16ms
15ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Requested by

Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

9bd42043d4782793066768bbf7f7fa849f3d01400adfe0d3ae0ef1b9e5088772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300
strict-transport-security: max-age=31536000
expires: Mon, 19 Jul 2021 13:07:39 GMT

GET
H2 200 lg.php
ox2.sterta.pl/www/delivery/ Frame A228 43 B
359 B 17ms
17ms Image
image/gif 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ox2.sterta.pl/www/delivery/lg.php?bannerid=624&campaignid=194&zoneid=43&loc=https%3A%2F%2Fhosting2.keep.pl%2Fprv_billboard_iefix.html%3Fcat%3Dkomputery_i_internet%26sub%3Dhosting%26site%3Dhosting2.keep.pl%26adult%3D0%26check%3D2&referer=https%3A%2F%2Fhosting2.keep.pl%2F&cb=6556ed421d
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/prv_billboard_iefix.html?cat=komputery_i_internet&sub=hosting&site=hosting2.keep.pl&adult=0&check=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:37 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: max-age=315360000
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 75ms
22ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 938
date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 index.php Show response
spolecznosci.net/save/ Frame 63E7 2 B
235 B 19ms
19ms XHR
text/html 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/save/index.php?spfp=ada2b987231648484501021c1ee54971&x=Wo.55~Kr.DE~Ko.EU~Ad.0~Os.WINDOWS%2010-0~Ua.CHROME-89~Isp.OTHER&attr=%7B%22hosting2.keep.pl%22%3A%7B%22pv%22%3A0%2C%22last%22%3A%222021-07-19T13%3A03%3A38.141Z%22%7D%7D

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/files/data.18.htm?Ho_hosting2.keep.pl/Spfp_ada2b987231648484501021c1ee54971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spolecznosci.net/files/data.18.htm?Ho_hosting2.keep.pl/Spfp_ada2b987231648484501021c1ee54971
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://spolecznosci.net
access-control-allow-credentials: true
strict-transport-security: max-age=31536000

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame A228 4 B
70 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-480911-15&cid=99071284.1626699818&jid=874734112&gjid=410475981&_gid=1861130772.1626699818&_u=IEBAAEAAAAAAAC~&z=1674135198

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 19 Jul 2021 13:03:38 GMT
content-type: text/plain
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rn.js Show response
spolecznosci.net/js/modules/ Frame A228 202 KB
69 KB 17ms
16ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/rn.js?h=97475151f2cecb63af9c

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

1c3ecaf290fc8a3db43c9329b4679956c209abb27001310ae58c6b83889b07cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
last-modified: Thu, 15 Jul 2021 12:55:21 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Tue, 19 Jul 2022 13:03:38 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ Frame A228 42 B
63 B 27ms
24ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-480911-15&cid=99071284.1626699818&jid=874734112&_u=IEBAAEAAAAAAAC~&z=550451383

Requested by

Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/prv_billboard_iefix.html?cat=komputery_i_internet&sub=hosting&site=hosting2.keep.pl&adult=0&check=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ Frame A228 42 B
63 B 27ms
26ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-480911-15&cid=99071284.1626699818&jid=874734112&_u=IEBAAEAAAAAAAC~&z=550451383

Requested by

Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/prv_billboard_iefix.html?cat=komputery_i_internet&sub=hosting&site=hosting2.keep.pl&adult=0&check=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a.js Show response
spolecznosci.net/js/modules/ Frame A228 76 KB
13 KB 17ms
15ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/a.js?h=dca4d51d32c232dfc8e0

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

ec1b0394abb86c62650001073d82c963cb34fe577de39ea9f3dc13eb97d788f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
last-modified: Thu, 15 Jul 2021 12:55:21 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Tue, 19 Jul 2022 13:03:38 GMT

GET
H2 200 hb.js Show response
spolecznosci.net/js/modules/ Frame A228 405 KB
121 KB 19ms
17ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

95c0d0919002788db421055375ee8bae11542e0c58be189aee85c2443a415eeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 08:03:46 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Tue, 19 Jul 2022 13:03:38 GMT

GET
H2 200 au.js Show response
spolecznosci.net/js/modules/ Frame A228 9 KB
2 KB 15ms
14ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/au.js?h=cb923e9f743bc0bcde3a

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

5ccbdf5d86e1ea9e3ce8f6e5f58a243245ed1c1db5da26be3d57ff37e2296d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 19:29:36 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Tue, 19 Jul 2022 13:03:38 GMT

GET
H2 200 pr.js Show response
spolecznosci.net/js/modules/ Frame A228 1 KB
934 B 15ms
14ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/pr.js?h=df1d6ff74bf8827d2b94

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

989e1f778b2b37ef61248011421bfca5c456464fc4c0db4de5f5b466779ff22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 19:29:36 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Tue, 19 Jul 2022 13:03:38 GMT

GET
H2 200 data.18.htm Show response
spolecznosci.net/files/ Frame 2F6B 49 KB
17 KB 20ms
19ms Document
text/html 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/files/data.18.htm?Ho_hosting2.keep.pl/Spfp_ada2b987231648484501021c1ee54971

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/rn.js?h=97475151f2cecb63af9c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

26bdce56978a7342535f74a8603f26ddfd578acb8b2f0192c52c9ca55ee62028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: spolecznosci.net
:scheme: https
:path: /files/data.18.htm?Ho_hosting2.keep.pl/Spfp_ada2b987231648484501021c1ee54971
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hosting2.keep.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: lsccs1_currentVersion=w%2501i%2503%25C3%258F%25C2%25AE*%2504%2560%253A%25C2%2590%25C3%259A%25C2%25A9%2516%25C3%2586W%25C2%25A8%25C3%25865; lsccs1_currentMain=%253C%2502j%251F%25C2%2582%25C3%25B8!%2512v8%25C3%2593%25C2%258B%25C2%259D%2516%25C3%258A%2503%25C2%25A3%25C3%2587'u*%25C2%258D%25C3%25B0%25C3%258E%2510%25C2%25AAgc%2511%25C3%259B%25C2%25A9%25C3%25B4k%251D%25C2%2596%25C3%25B0n%257B%25C2%258Er%2520%25C3%25A1%25C3%25A8O%25C2%25A0M0%2524%25C2%25A2K%25C2%258Av%252FH%25C2%2592%25C3%2582%25C3%25B4Q%25C2%25A4Y%253C!E%251AtJ!%25C3%2593g%25C2%2592N%25C2%25B9%25C2%25B3%252Ffl%250D%250C%25C3%258Ck%25C3%2590%25C2%25BC%25C3%2589%250A%25C3%25814XT%25246%25C2%25B4%2524%2526%2560%25C2%25A6%25C3%2598%25C3%25AC%2501~%25C3%2580%25C2%258A%250B%250A%255D%25C2%25B9%251EY%25C2%2596%25C3%259E%25C2%259E%25C2%25AC%25C2%25B9%2520%25C3%2584%25C2%25A3%25C2%259Ch%2505q%25C3%25BE%25C2%25A6%25C3%25B5ft%25C3%2583%2506~%25C2%2580%25C2%2588by%25C3%259BJ%25C3%2595%2518%25C2%258A%2507'%257B%2525%25C2%2592%25C3%25B9p%25C2%258E%25C3%25AA%25C3%258F%25C3%2589%25C2%25BDI%25C3%25A0%25C2%25B5%2512%25C3%2594O%251D%25C3%2598%25C2%2581r%25C2%25B6~%25C3%25A4%2514T%257D%25C2%25A9%253D%25C3%259C%253F%25C3%25AALAv%25C2%25BBA%25C3%2589KL%253B%2507%25C2%2587%25C2%25AD%25C3%25B8L%25C2%259D%25C3%25BF%25C2%258B%25C3%25B7%25C2%2582%25C3%25A6hXo%25C3%2599O; tgx=v%3A1%7CWo%3A55%7CKr%3ADE%7CKo%3AEU%7CAd%3A0%7CSw%3A1600%7COs%3AWINDOWS%2010-0%7CUa%3ACHROME-89%7CCt%3ARESIDENTIAL%7CIsp%3AOTHER; lsccs1_currentStats=%253C%2502H%2516%25C3%2586%25C2%2586.%2513%257Fv%25C3%2585%25C2%258B%25C3%25B8O%25C3%259A%2508%25C3%25A0%25C2%2582%257C47%25C2%2596%25C3%25B3%25C2%2590%2501%25C2%25AAbe%2507%25C3%258A%25C3%259A%25C2%25A8x%2513%25C2%2585%25C3%25AE%2509u%25C2%2580%253C%250A%25C3%25BD%25C2%25BE!%25C3%25B0i%250Bu%25C3%25A3%2500%25C2%25B2ud%251D%25C2%2592%25C2%2595%25C2%25A2%251F%25C2%25BAK%255CuJ%2510-%2512%257C%25C2%2586%251F%25C2%2581%253C%25C3%25A7%25C2%25A1%2526ls%2517q%25C2%258A%257D%25C3%259A%25C3%2597%25C3%259D%2516%25C3%2593n%2513r9%2560%25C3%25BDhiw%25C3%25A8%25C2%25A0%25C2%25A1*l%25C2%259B%25C2%2592%2513%25266%25C2%259F5e%25C2%25B5%25C3%25A4%25C3%2590%25C3%25BA%25C2%25BB%2523%25C2%259F%25C3%25A4%25C3%2595%253Aol%25C2%25B0%25C2%25BE%25C2%25A1%2522e%25C2%2583%2508%253F%25C2%25A0%25C2%259B2%2526%25C2%2597%257D%25C3%258A%252F%25C2%25A0!%2540lf%25C2%2589%25C2%25B33%25C3%259F%25C3%259D%25C3%2592%25C2%2585%25C3%25A0Y%25C2%259C%25C2%259B%2524%25C3%25B8%257Bv%25C3%25A6%25C2%25B9%2519%25C3%258D%2503%25C2%25BB%2514TW%25C2%25AF%253F%25C2%258C%2560%25C2%25A6wXQ%25C2%2590g%25C2%2583%2514W%2513U%25C2%2580%25C2%25AE%25C3%25AE%255B%25C2%258E%25C3%25BF%25C2%2583%25C2%25B6%25C3%258F%25C3%25A4%2523Sz%25C2%2583A%2501%25C2%2582%25C2%25BC%250D%25C3%2582~%25C2%25B7%2506%25C3%2588%25C2%25BEN%25C2%25A7h%25C2%25BAt%25C2%2593%25C2%25BC1%251F%25C2%25B7%25C3%259F%25C2%25A8%25C2%25BE%25C3%25A2%2509%25C3%25BA%2525%25C3%25A9%25C2%25A7u%25C2%2598%257Fy%252F%25C2%25AA%25C2%2593%25C3%2582%2507%25C2%25938%25C3%25A2'V-%25C3%259E%25C2%259F%25C3%25B3%25C2%25AF%2511%25C2%2591%25C3%258EV%251A%25C3%25B1%25C3%25A5%25C2%25A0%25C3%2593%25C3%25A4%2540%25C3%25B69B%25C3%25A9%2501%25C3%25BA%25C3%2597%25C3%259EKr%2526%25C2%2595%2524%253FQM%25C2%25AD%2517%250D%2502%25C3%258D%25C2%25BDq%251E%25C2%25AE%25C2%25A7%2525%25C3%2588B%25C3%258E7%25C3%2596%25C3%2594%257F%2506%25157%2525%25C3%25B0%25C2%25AA%25C3%25A1%25C2%2587J%25C3%25B9%2505%251E%25C3%2587%25C3%25B1%25C2%258B%25C2%25AC%25C3%2591P%257DZ%25C3%2583l%2522%25C3%2598%25C2%25A3%25C2%25AC%25C2%25A9%25C3%259EH%25C2%25A5%25C3%2593%25C2%259BHu%25C2%25AF%25C2%2599%25C3%259AEN%25C2%25A8%25C2%2581_%25C3%25A5(%2502%253A8%25C2%25B1%25C2%2599-%25C3%258CJ%251B%2518%2512%252BUe%25C3%25AC%25C2%25A61%25C2%2591P6%25C2%258D%2513%25C2%25AE%25C3%2583%25C3%25ABS%255B%2520%251E%2506%25C2%25A9b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

server: nginx
date: Mon, 19 Jul 2021 13:03:38 GMT
content-type: text/html
last-modified: Wed, 14 Jul 2021 10:59:59 GMT
vary: Accept-Encoding
expires: Tue, 19 Jul 2022 13:03:38 GMT
cache-control: max-age=31536000 public
content-encoding: gzip
strict-transport-security: max-age=31536000

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 16ms
16ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhosting2.keep.pl%2F&domain=hosting2.keep.pl&bundle=KSYYy19SWURBUWF1Vm4wQXZIZHJZbEk4STdvVU9mb3JzQmtZb3Y1VnhWdmclMkZENnglMkJkNHpTOXl4TEdIOGdDM2pQRUFVNlBoZWNoZiUyQmk0MERKU2dnb0slMkZGZ2oxRFlrNVBCM0RxVTl5QXNTZzFrSSUyRk0lM0Q&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://hosting2.keep.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://hosting2.keep.pl
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1431
date: Mon, 19 Jul 2021 13:03:37 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame A228
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhosting2.keep.pl%2F&domain=hosting2.keep.pl&bundle=KSYYy19SWURBUWF1Vm4wQXZIZHJZbEk4STdvVU9mb3JzQmtZb3Y1VnhWdmclMkZENnglMkJkNHpTOXl...
https://mug.criteo.com/sid?cpp=LhZ05nxITDhUNkpqMEJ2VXA2amwxMldUdW9aVTRoQ0JoWExMNkpTeHF6OTNZQi84ak9hRGtncnlGNnJTSVpuenlGd1lUOFpyYTlJSTMyOVo3TWZXcW11UG50WFRJUlRVb1lSdWpwdlFxYnNOc2NnYWZSbXcyZng5d1BGaG...

323 B
587 B

13ms
13ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=LhZ05nxITDhUNkpqMEJ2VXA2amwxMldUdW9aVTRoQ0JoWExMNkpTeHF6OTNZQi84ak9hRGtncnlGNnJTSVpuenlGd1lUOFpyYTlJSTMyOVo3TWZXcW11UG50WFRJUlRVb1lSdWpwdlFxYnNOc2NnYWZSbXcyZng5d1BGaGMrYytkTUJQdkU4MVhwSlc2REhrWXpNNVJaZ2ZENDhUd2ZROXNUUUZiTjhuSXcyMEZQSmtSVENRRXVZNUdTN0lPY0ErMzlhQzkvc3grYmFjK2RzZGZiZkgrUDdzeHc1eU5MRDhMRXpIeUw3d1I0WHZOQTRZaWtNMXVVeUdrSnVYMDh4VTF6Wk5MfA&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

31bd10f33371f9fc8042192d9d9c3d61522c9deb722e8786c421fac844e08827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 19 Jul 2021 13:03:38 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2135
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 19 Jul 2021 13:03:37 GMT
location: https://mug.criteo.com/sid?cpp=LhZ05nxITDhUNkpqMEJ2VXA2amwxMldUdW9aVTRoQ0JoWExMNkpTeHF6OTNZQi84ak9hRGtncnlGNnJTSVpuenlGd1lUOFpyYTlJSTMyOVo3TWZXcW11UG50WFRJUlRVb1lSdWpwdlFxYnNOc2NnYWZSbXcyZng5d1BGaGMrYytkTUJQdkU4MVhwSlc2REhrWXpNNVJaZ2ZENDhUd2ZROXNUUUZiTjhuSXcyMEZQSmtSVENRRXVZNUdTN0lPY0ErMzlhQzkvc3grYmFjK2RzZGZiZkgrUDdzeHc1eU5MRDhMRXpIeUw3d1I0WHZOQTRZaWtNMXVVeUdrSnVYMDh4VTF6Wk5MfA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1747
content-length: 509
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A228 19 B
698 B 24ms
23ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:38 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d8ccad74-888b-4e19-a236-71a97252041d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://hosting2.keep.pl
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v2 Show response
i.connectad.io/api/ Frame A228 0
42 B 13ms
13ms XHR
text/plain 35.190.63.210
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.63.210 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
via: 1.1 google
server: nginx
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-cache, private
access-control-allow-credentials: true
alt-svc: clear

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame A228 0
116 B 81ms
54ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hosting2.keep.pl
date: Mon, 19 Jul 2021 13:03:36 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame A228 0
189 B 15ms
14ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.2&cb=62902607396
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hosting2.keep.pl
date: Mon, 19 Jul 2021 13:03:38 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 / Show response
adx.adform.net/adx/ Frame A228 5 B
448 B 96ms
95ms XHR
application/json 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTExNTI3NCZ0cmFuc2FjdGlvbklkPWJmODZmYjkwLTJhMGEtNGI0Zi05NmJkLTYzYWI2NDQ3NTgxZCZyY3VyPVBMTg%3D%3D&pt=gross&stid=0b4fe5cd-0b36-44cd-ac32-2b96de3869a7&fd=1&eids=eyJwdWJjaWQub3JnIjp7IjE0ZmI2YzkyLTM2YTUtNDY5NC1hMDA4LTMzYWFjZGFhZGE5ZCI6WzFdfSwiY3JpdGVvLmNvbSI6eyIwcnN4NjE5RFVFTnpSR2w2SlRKR1NISnRNWE5PYWxweFUwUTBVMlpaU1dNeWNuWk1iamRXYnpWaFlWSlNVMk5tWW5oaWFWZDNOM1p2WVVGdlJIRnRhM00wVGpKV09YRktZWFp4VURKS1duQnJSM1JzWVRKSFZXOWpVMGhuSlRORUpUTkUiOlsxXX19

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A228 19 B
698 B 16ms
16ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:38 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: bc822ca6-4861-437b-a8e5-10326390cb51
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://hosting2.keep.pl
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ Frame A228 3 KB
1 KB 15ms
15ms XHR
application/json 35.227.247.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.247.230 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e1cc278377edc0ce2ddbe0953714aaee85ee5aa23f7c6c7eba3ecb0d7195f904

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
x-err: Validating the prebid AdRequest adunits. Sampled or No valid non-debug AdUnits
content-encoding: gzip
x-openrtb-version: 2.5
date: Mon, 19 Jul 2021 13:03:38 GMT
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hosting2.keep.pl
no-bid: true
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 793
via: 1.1 google
expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame A228 0
178 B 14ms
13ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hosting2.keep.pl
date: Mon, 19 Jul 2021 13:03:38 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame A228 308 B
1 KB 27ms
27ms XHR
application/json 213.19.162.51
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17256&site_id=163612&zone_id=784952&size_id=2&alt_size_ids=39%2C40%2C41&p_pos=btf&rp_schain=1.0,1!spolecznosci.pl,4796,1,,,&eid_pubcid.org=14fb6c92-36a5-4694-a008-33aacdaada9d%5E1&eid_criteo.com=0rsx619DUENzRGl6JTJGSHJtMXNOalpxU0Q0U2ZZSWMycnZMbjdWbzVhYVJSU2NmYnhiaVd3N3ZvYUFvRHFta3M0TjJWOXFKYXZxUDJKWnBrR3RsYTJHVW9jU0hnJTNEJTNE%5E1&rf=https%3A%2F%2Fhosting2.keep.pl%2F&tk_flint=pbjs_lite_v4.43.2&x_source.tid=3a1767d1-a15a-49b5-941e-692ff72718f1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9632472045211553
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: bf9ffc72b735c735b5c5fd92b91624bd056819d9a1b7df4d5d0983d51300d2b2

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:38 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hosting2.keep.pl
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 308
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 ad.json Show response
gpl.adocean.pl/_9719237899935709/ Frame A228 60 B
257 B 203ms
202ms XHR
text/json 85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/_9719237899935709/ad.json?id=J05Fx2sNPblPlVq_ZCJzQUsofvHzdm9kgvFRoKBmb5j.R7&aosspsizes=gplvjrmijlqsf~750x300
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: e1a27302b8e7087e8c1b683e6c6a491918fc558051dabce3efbe213682f9f7db

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: GAD
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: text/json
content-length: 60
expires: Sun, 18 Jul 2021 13:03:38 GMT

GET
H2 200 ad.json Show response
gpl.adocean.pl/_09462023823594756/ Frame A228 60 B
257 B 334ms
333ms XHR
text/json 85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/_09462023823594756/ad.json?id=abwGgnGgkrUyZDTUBiT5V7AazPMf2CeeovDY2LZzrpD._7&aosspsizes=gplplpjptojwz~750x200
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: 1347b68dface5238bcee5bfd41c4f8d04521c1372ef6df6eb858b831e5b2f3b1

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: GAD
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: text/json
content-length: 60
expires: Sun, 18 Jul 2021 13:03:38 GMT

GET
H2 200 ad.json Show response
gpl.adocean.pl/_4333732789510383/ Frame A228 60 B
257 B 142ms
141ms XHR
text/json 85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/_4333732789510383/ad.json?id=YT31Nd8NjdwVUs9KpDx5FzJYsM..eoM4pzoziLzgeCL.77&aosspsizes=gplzmnggossbp~750x100
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: 74920f8369d348220b8df99919a74ec120150c7a2b987f1e77b50d784a7e206d

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: GAD
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: text/json
content-length: 60
expires: Sun, 18 Jul 2021 13:03:38 GMT

GET
H2 200 ad.json Show response
gpl.adocean.pl/_4081988477683356/ Frame A228 60 B
257 B 142ms
142ms XHR
text/json 85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/_4081988477683356/ad.json?id=njpcbuaIna8RH6PNkYWwEMab87Rl57IGp5FJDIaWdTL.X7&aosspsizes=gpltoltmigmqj~728x90
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: e84319f614078aa46cf8d42d08e30fa75b1307cf05394bf98bc3b2038b91045c

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: GAD
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: text/json
content-length: 60
expires: Sun, 18 Jul 2021 13:03:38 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame A228 2 B
306 B 34ms
34ms XHR
application/json 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 24ms
21ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 975
date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 geo_snet Show response
a.spolecznosci.net/ Frame 2F6B 175 B
371 B 15ms
15ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/geo_snet?cb=extraDataCached&di={%22width%22:1200,%22height%22:1600,%22ratio%22:1}

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/files/data.18.htm?Ho_hosting2.keep.pl/Spfp_ada2b987231648484501021c1ee54971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

ffbf2e2c8bd9704deb3a8b5490979c1869fc8cc8968ecdbf743b47febe868832

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spolecznosci.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
server: nginx
strict-transport-security: max-age=31536000
x-cache: MISS
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=3600
content-length: 175
expires: Mon, 19 Jul 2021 14:03:38 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 3 KB
1 KB 15ms
15ms XHR
application/json 35.227.247.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.247.230 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 1a19d5d32a58ed829b395a93ca9ea31e60d533959ca56caed648a336894af785

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
x-err: Validating the prebid AdRequest adunits. Sampled or No valid non-debug AdUnits
content-encoding: gzip
x-openrtb-version: 2.5
date: Mon, 19 Jul 2021 13:03:38 GMT
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hosting2.keep.pl
no-bid: true
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 794
via: 1.1 google
expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 14ms
14ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hosting2.keep.pl
date: Mon, 19 Jul 2021 13:03:38 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
698 B 18ms
17ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:38 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 463bed1b-0251-44d1-b349-9632c4cfa6b1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://hosting2.keep.pl
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
306 B 31ms
31ms XHR
application/json 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
698 B 45ms
45ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:38 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5def612c-3c9d-40e6-b6d2-e70a498aafc3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://hosting2.keep.pl
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
42 B 13ms
13ms XHR
text/plain 35.190.63.210
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.63.210 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
via: 1.1 google
server: nginx
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-cache, private
access-control-allow-credentials: true
alt-svc: clear

GET
H2 200 / Show response
adx.adform.net/adx/ 2 KB
2 KB 151ms
151ms XHR
application/json 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTUyODU4MSZ0cmFuc2FjdGlvbklkPTIyNmUzZDAyLTZhZjQtNDdkMS05ZGViLTc3NzQxYWQ5MWYyYiZyY3VyPVBMTg%3D%3D&bWlkPTE0NzA3NiZ0cmFuc2FjdGlvbklkPTczMmQzMGY3LTQ4OWMtNDQ1Mi05OTA0LTY3NGIzMzI0ZWE2YiZyY3VyPVBMTg%3D%3D&pt=gross&stid=05c5fadb-c749-4770-8134-d150cb6f9e4e&fd=1&eids=eyJwdWJjaWQub3JnIjp7IjE0ZmI2YzkyLTM2YTUtNDY5NC1hMDA4LTMzYWFjZGFhZGE5ZCI6WzFdfX0%3D

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ed2f8df7164fb37786923a3ad5e6a0d7fb258f037e6080a787e65bab60c9789d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hosting2.keep.pl
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 301 B
1 KB 22ms
21ms XHR
application/json 213.19.162.51
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17256&site_id=163612&zone_id=784946&size_id=9&alt_size_ids=8&p_pos=btf&rp_schain=1.0,1!spolecznosci.pl,4796,1,,,&eid_pubcid.org=14fb6c92-36a5-4694-a008-33aacdaada9d%5E1&rf=https%3A%2F%2Fhosting2.keep.pl%2F&tk_flint=pbjs_lite_v4.43.2&x_source.tid=84905ef6-9b86-4b9c-81ce-cb133ea10a8e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.02196460267975242
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: fd971715ea0a3a0385e92c78bc3bcadd5f3dd32a61b9aa754b9e2119373466b0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:38 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hosting2.keep.pl
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 301
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
189 B 15ms
15ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.2&cb=10151733642
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hosting2.keep.pl
date: Mon, 19 Jul 2021 13:03:37 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 68ms
68ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hosting2.keep.pl
date: Mon, 19 Jul 2021 13:03:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 ad.json Show response
gpl.adocean.pl/_35051194105717864/ 60 B
257 B 96ms
96ms XHR
text/json 85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/_35051194105717864/ad.json?id=vXX8U.Owja6r3mPmPCQGp.hp4WdYgsc1lQ1Ncjmo6J..F7&aosspsizes=gplrdgkbirhkn~160x600
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: ebc4630cd9254c69deb4a342db24b7d118cadce3e3f22e2339dd4270a2a1297b

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: GAD
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: text/json
content-length: 60
expires: Sun, 18 Jul 2021 13:03:38 GMT

GET
H2 200 ad.json Show response
gpl.adocean.pl/_0470617172726433/ 60 B
257 B 116ms
116ms XHR
text/json 85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/_0470617172726433/ad.json?id=qBIGwW6GkmDFjDUqdulZaTVR7rH9npusYfqoafx22gb.L7&aosspsizes=gpllfehiserpd~120x600
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: 79026558a34822dc06c3b5c47ea13057fd3f235296610974d6c97e67471665db

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: GAD
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: text/json
content-length: 60
expires: Sun, 18 Jul 2021 13:03:38 GMT

GET
H2 200 ad.json Show response
gpl.adocean.pl/_6957921868458854/ 60 B
257 B 321ms
320ms XHR
text/json 85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/_6957921868458854/ad.json?id=.8A7kUlFOCSjUNkHfL4aWRna7fabVptxnWR4wnoM2kj.A7&aosspsizes=gplnakqdtjfqd~160x600
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: f584b9d8d1efc5b95fabd3eecb68727a44484c2bce6a16924c58bdd8ecdad427

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: GAD
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: text/json
content-length: 60
expires: Sun, 18 Jul 2021 13:03:38 GMT

GET
H2 200 ad.json Show response
gpl.adocean.pl/_5684215052008181/ 60 B
257 B 181ms
180ms XHR
text/json 85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/_5684215052008181/ad.json?id=Og9LtnSPmLFIui57BB_ayhJ34Wbvecc1jmmK0WAv7Hf.y7&aosspsizes=gplxbinknnokt~120x600
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: e428854f4607fbc8e99c64f4eac50fad7911242de9842c23d03a2bce44e7d7ec

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: GAD
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: text/json
content-length: 60
expires: Sun, 18 Jul 2021 13:03:38 GMT

POST
H2 200 pet Show response
a.spolecznosci.net/ 5 KB
2 KB 17ms
17ms XHR
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/pet?x=1888%2C421&uu=null&cpmc=true&safe=1&ut=&cb=6056090261&uq=173831817584.485554&ref=https%253A%252F%252Fhosting2.keep.pl%252F&n=0.38861184285126593&bw=1600&bh=1200&spfp=ada2b987231648484501021c1ee54971

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/a.js?h=dca4d51d32c232dfc8e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

b525ae8e082d74a8710e6db1d534751649f1b6228d0be73f43b7317ee746ea0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 l.js Show response
spolecznosci.net/js/modules/ 2 KB
2 KB 14ms
14ms Script
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/l.js?h=95634d441ebf1065ce7c

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/897d0d3d52b55536eaecbc80b4be4119/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

cb28fc8822220023495cab439d75ed1a50be08683c9cea5be6323c3b641394b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 19:29:36 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Tue, 19 Jul 2022 13:03:38 GMT

GET
H2 200 ajs.php Show response
ox2.sterta.pl/www/delivery/ Frame 71CA 1 KB
1 KB 18ms
18ms Script
text/javascript 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ox2.sterta.pl/www/delivery/ajs.php?zoneid=245&cb=23973566547&charset=UTF-8&loc=about%3Asrcdoc
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 11880cb819db0f19ff2c46315348f9c7ebba20e20a14311eec2aa13235fb58ba

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 37ED 1 KB
2 KB 20ms
18ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=47028035;rtbwp=8ITHy-Br_6Ty2xzg7PZTJqzboUFQG3yp0;rtbdata=uMgeuhKYr6_TfPtyPpYT6Nv7A7nN2edFTl7efCLLU-0iJkEX7PO-OsHiGFS7_AW8GOHxpbN0aJr1y5DPSLdSRJiLUk3zIemTL-MH5dRKbGO3DbMJ1wsQCp3K1TPVhTUNnwnCre4Zgn_J5RguTiGosC--HoOKuxULzZmO36wC2s_qC-krzLV-0q6cRpRC8MmNcljaup4zI19y_yB3p01zt4Ha7o0Vr2pI4F5sP0__kaYFN08a474yMUWLg8AcERWAtTKONQNxs19_sYUgCVs894G6Nx94QA6xak8ZhsWrBC2BujcfeEAOsXuccmGjqIWK0;csid=5646;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=WeJha-a4P2J42u1ywTJ-2lYO0j72mMZsKANsHQAHAAzPxzHPgW_Kr5G4dWAZeGGw7-ItQUX26WRx7IrzC45WtP34v5DBA7S0qrX8tGUq0L0h2iIxGACwq8Yp6W_zkWNYGOHxpbN0aJr1y5DPSLdSRJiLUk3zIemTR6J3ZKj5wyCiuQ8Zp4vrxwFn_yLVCW9Q0rJ4Y5Vx1QEYNIwylBKhwQ2;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEwiIOymBKnl4Mv-EjX9Nw1ixJ0ecirIf7_n8WW8xE0WUKVAn3KKatfN6vWmW1dlSa0;

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c3fdd67c4244d8329ea58921d5676a87d8c73e8c7ef3bd3f0ebb84e49abf7599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1382
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 37ED 58 KB
24 KB 61ms
19ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6330d93c38185b92516fd8bdb7220ff136b6817c2ef101ed7d822e122066240b

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 15:01:20 GMT
server: nginx
etag: W/"609d3f40-e80f"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
DATA 200
OK truncated
/ 462 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f316fbd86438f25c90ca4a161b69ebddadbdbccc57713bee4d5a4f43a0d70e97

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 10163.js Show response
ads.rubiconproject.com/ad/ Frame 71CA 30 KB
9 KB 21ms
6ms Script
text/javascript 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/10163.js
Requested by: Host: ox2.sterta.pl
URL: https://ox2.sterta.pl/www/delivery/ajs.php?zoneid=245&cb=23973566547&charset=UTF-8&loc=about%3Asrcdoc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: a969a9b32705092663a8c9019ac9835cf93fff0d525457961e309bf04dba1424

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:03:38 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1536
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 8969
Expires: Mon, 19 Jul 2021 13:29:14 GMT

GET
H2 200 lg.php
ox2.sterta.pl/www/delivery/ Frame 71CA 43 B
359 B 17ms
17ms Image
image/gif 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ox2.sterta.pl/www/delivery/lg.php?bannerid=810&campaignid=222&zoneid=245&loc=about%3Asrcdoc&cb=18434073c8
Requested by: Host: ox2.sterta.pl
URL: https://ox2.sterta.pl/www/delivery/ajs.php?zoneid=245&cb=23973566547&charset=UTF-8&loc=about%3Asrcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: max-age=315360000
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 37ED 33 KB
16 KB 64ms
44ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=47028035;rtbwp=8ITHy-Br_6Ty2xzg7PZTJqzboUFQG3yp0;rtbdata=uMgeuhKYr6_TfPtyPpYT6Nv7A7nN2edFTl7efCLLU-0iJkEX7PO-OsHiGFS7_AW8GOHxpbN0aJr1y5DPSLdSRJiLUk3zIemTL-MH5dRKbGO3DbMJ1wsQCp3K1TPVhTUNnwnCre4Zgn_J5RguTiGosC--HoOKuxULzZmO36wC2s_qC-krzLV-0q6cRpRC8MmNcljaup4zI19y_yB3p01zt4Ha7o0Vr2pI4F5sP0__kaYFN08a474yMUWLg8AcERWAtTKONQNxs19_sYUgCVs894G6Nx94QA6xak8ZhsWrBC2BujcfeEAOsXuccmGjqIWK0;csid=5646;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=WeJha-a4P2J42u1ywTJ-2lYO0j72mMZsKANsHQAHAAzPxzHPgW_Kr5G4dWAZeGGw7-ItQUX26WRx7IrzC45WtP34v5DBA7S0qrX8tGUq0L0h2iIxGACwq8Yp6W_zkWNYGOHxpbN0aJr1y5DPSLdSRJiLUk3zIemTR6J3ZKj5wyCiuQ8Zp4vrxwFn_yLVCW9Q0rJ4Y5Vx1QEYNIwylBKhwQ2;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEwiIOymBKnl4Mv-EjX9Nw1ixJ0ecirIf7_n8WW8xE0WUKVAn3KKatfN6vWmW1dlSa0;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
last-modified: Thu, 10 Jun 2021 12:36:46 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 20 Jul 2021 16:09:58 GMT

GET
H/1.1 200
OK 624724-9.js Show response
smarttag.rubiconproject.com/a/10163/132208/ Frame 71CA 147 B
917 B 35ms
15ms Script
text/javascript 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/10163/132208/624724-9.js?&cb=0.514768897995592&tk_st=1&rf=https%3A//hosting2.keep.pl/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=132208_9&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/10163.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 5fdd119b91e8af0ff7d5efa81e2bac7ac1608e3c8d3c6c84d4d4756da611bb91

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:38 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Keep-Alive: timeout=5
Content-Length: 147
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK 1x1.png
secure-assets.rubiconproject.com/static/psa/blank/ Frame 71CA 156 B
484 B 24ms
6ms Image
image/png 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-assets.rubiconproject.com/static/psa/blank/1x1.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:03:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Oct 2019 16:53:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 37ED 2 KB
2 KB 20ms
6ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2324739&plc=47028035&sid=1358733&dvregion=0&unit=160x600
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5f304cc9d41b83589d171f12c353079537b1436cc5f4834479b249a401e81224

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:03:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 09:29:38 GMT
Server: Microsoft-IIS/10.0
ETag: "49b02714972d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H/1.1 200
OK dvbs_src_internal94.js Show response
cdn.doubleverify.com/ Frame 37ED 60 KB
19 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal94.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2324739&plc=47028035&sid=1358733&dvregion=0&unit=160x600
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7dfc3d6a5e24461837466e62fb69223bcc7f5b043a277eed900aa0ad544b85d6

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:03:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 09:29:53 GMT
Server: Microsoft-IIS/10.0
ETag: "80bea8794972d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19085

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame 99EB 1 KB
1 KB 23ms
6ms Document
text/html 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal94.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://hosting2.keep.pl/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=79346
Date: Mon, 19 Jul 2021 13:03:38 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 37ED 2 KB
1 KB 30ms
12ms Script
text/javascript 213.254.244.18
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_264987961459&jsTagObjCallback=__tagObject_callback_264987961459&num=6&ctx=11655933&cmp=2324739&plc=47028035&sid=1358733&advid=&adsrv=&unit=160x600&isdvvid=&uid=264987961459&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=0&brver=&bridua=3&dup=null&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=16&fcifrms=6&brh=2&fwc=0&flt=0&fec=160&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=142&eparams=DC4FC%3Dl9EEADTbpTauTau9%40DE%3A%3F8a%5D%3C66A%5DA%3DTauU2%3F4r92%3A%3Fl9EEADTbpTauTau9%40DE%3A%3F8a%5D%3C66A%5DA%3DTar9EEADTbpTauTau9%40DE%3A%3F8a%5D%3C66A%5DA%3D&dvp_exetime=12.00
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal94.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 321fa28153738be15b16cd405a5479b03bade101f143ea61ca419f4e828a48b5

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Date: Mon, 19 Jul 2021 13:03:38 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 7/18/2021 1:03:38 PM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame 3AAE 4 KB
2 KB 9ms
8ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:03:38 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=15987
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

POST
H2 200 pet Show response
a.spolecznosci.net/ Frame A228 2 KB
1 KB 16ms
16ms XHR
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/pet?x=337&uu=null&cpmc=true&safe=1&ut=&cb=3869154516&uq=173831818274.80948&ref=https%253A%252F%252Fhosting2.keep.pl%252F&n=0.5767577843005356&bw=750&bh=200&spfp=ada2b987231648484501021c1ee54971

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/a.js?h=dca4d51d32c232dfc8e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

a395023cbb0d63abb3921dafba3a49dfd477fe701c7ceec2b97b24b2ef68ffff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 37ED 8 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal94.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e94a4ffe8f92e41c3d79836d2aef56457ab8fb74eb258462987af0215a512e6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 12:28:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3828
x-xss-protection: 0
last-modified: Thu, 17 Jun 2021 19:49:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 19 Jul 2021 13:28:00 GMT

GET
H/1.1 200
OK bsevent.gif
tps20514.doubleverify.com/ Frame 37ED 807 B
1 KB 24ms
8ms Image
image/gif 213.254.244.18
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20514.doubleverify.com/bsevent.gif?impid=ff207f9913a647c29f7671c7127472ea&dvp_or2=1&cbust=1626699818890613
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:38 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 7/18/2021 1:03:38 PM

GET
H/1.1 200
OK bsevent.gif
tps20514.doubleverify.com/ Frame 37ED 807 B
1 KB 23ms
7ms Image
image/gif 213.254.244.18
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20514.doubleverify.com/bsevent.gif?impid=ff207f9913a647c29f7671c7127472ea&vfdur=31&cbust=1626699818891748
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:38 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 7/18/2021 1:03:38 PM

GET
H2 200 ajs.php Show response
ox2.sterta.pl/www/delivery/ Frame 47BA 1 KB
1 KB 18ms
18ms Script
text/javascript 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ox2.sterta.pl/www/delivery/ajs.php?zoneid=223&cb=65688792252&charset=UTF-8&loc=about%3Asrcdoc
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 46b0e7000e01d64166090b60e67a885be0c399cf6b90891b698d331697744ea9

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 impl_v76.js Show response
www.googletagservices.com/dcm/ Frame 37ED 37 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v76.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

887f063df27ef4a696d31ce39ffaded7dc0b18b2a7c82045e54bfa240c375fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 09:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 444937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15557
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 20:05:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 09:28:01 GMT

GET
H/1.1 200
OK 10163.js Show response
ads.rubiconproject.com/ad/ Frame 47BA 30 KB
9 KB 6ms
6ms Script
text/javascript 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/10163.js
Requested by: Host: ox2.sterta.pl
URL: https://ox2.sterta.pl/www/delivery/ajs.php?zoneid=223&cb=65688792252&charset=UTF-8&loc=about%3Asrcdoc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: a969a9b32705092663a8c9019ac9835cf93fff0d525457961e309bf04dba1424

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:03:38 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1536
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 8969
Expires: Mon, 19 Jul 2021 13:29:14 GMT

GET
H2 200 lg.php
ox2.sterta.pl/www/delivery/ Frame 47BA 43 B
359 B 17ms
17ms Image
image/gif 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ox2.sterta.pl/www/delivery/lg.php?bannerid=809&campaignid=222&zoneid=223&loc=about%3Asrcdoc&cb=c34cf2681d
Requested by: Host: ox2.sterta.pl
URL: https://ox2.sterta.pl/www/delivery/ajs.php?zoneid=223&cb=65688792252&charset=UTF-8&loc=about%3Asrcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: max-age=315360000
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 B9689862.280626343;dc_ver=76.220;dc_eid=40004000;sz=160x600;u_sd=1;nel=1;dc_adk=2035887594;ord=1hyql3;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,ht...
ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/ Frame B6BC 35 KB
0 63ms
43ms Document
text/html 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=76.220;dc_eid=40004000;sz=160x600;u_sd=1;nel=1;dc_adk=2035887594;ord=1hyql3;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fhosting2.keep.pl%2F$0;xdt=0;crlt=5Bn6Z0N96F;sttr=28;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v76.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ad.doubleclick.net
:scheme: https
:path: /ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=76.220;dc_eid=40004000;sz=160x600;u_sd=1;nel=1;dc_adk=2035887594;ord=1hyql3;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fhosting2.keep.pl%2F$0;xdt=0;crlt=5Bn6Z0N96F;sttr=28;prcl=s
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hosting2.keep.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Jul 2021 13:03:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 18200
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 19-Jul-2021 13:18:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 / Show response
track.adform.net/adfserve/ Frame 37ED 0
241 B 20ms
19ms Script
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=47028035;rtbwp=8ITHy-Br_6Ty2xzg7PZTJqzboUFQG3yp0;rtbdata=uMgeuhKYr6_TfPtyPpYT6Nv7A7nN2edFTl7efCLLU-0iJkEX7PO-OsHiGFS7_AW8GOHxpbN0aJr1y5DPSLdSRJiLUk3zIemTL-MH5dRKbGO3DbMJ1wsQCp3K1TPVhTUNnwnCre4Zgn_J5RguTiGosC--HoOKuxULzZmO36wC2s_qC-krzLV-0q6cRpRC8MmNcljaup4zI19y_yB3p01zt4Ha7o0Vr2pI4F5sP0__kaYFN08a474yMUWLg8AcERWAtTKONQNxs19_sYUgCVs894G6Nx94QA6xak8ZhsWrBC2BujcfeEAOsXuccmGjqIWK0;csid=5646;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=WeJha-a4P2J42u1ywTJ-2lYO0j72mMZsKANsHQAHAAzPxzHPgW_Kr5G4dWAZeGGw7-ItQUX26WRx7IrzC45WtP34v5DBA7S0qrX8tGUq0L0h2iIxGACwq8Yp6W_zkWNYGOHxpbN0aJr1y5DPSLdSRJiLUk3zIemTR6J3ZKj5wyCiuQ8Zp4vrxwFn_yLVCW9Q0rJ4Y5Vx1QEYNIwylBKhwQ2;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEwiIOymBKnl4Mv-EjX9Nw1ixJ0ecirIf7_n8WW8xE0WUKVAn3KKatfN6vWmW1dlSa0;;js=1;adfxid=1x;5567;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|0|0;fd=0|2;bsdata=1&CREFURL=https%3A%2F%2Fhosting2.keep.pl%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H/1.1 200
OK 624722-40.js Show response
smarttag.rubiconproject.com/a/10163/132208/ Frame 47BA 147 B
1 KB 11ms
11ms Script
text/javascript 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/10163/132208/624722-40.js?&cb=0.2939005375135928&tk_st=1&rf=https%3A//hosting2.keep.pl/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=132208_40&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/10163.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ddbab410075e9514c8cd5cbedb2cbbd93fdd5b38b952cdab4d774dcdd716d567

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:38 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Keep-Alive: timeout=5
Content-Length: 147
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK 1x1.png
secure-assets.rubiconproject.com/static/psa/blank/ Frame 47BA 156 B
484 B 6ms
6ms Image
image/png 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-assets.rubiconproject.com/static/psa/blank/1x1.png
Requested by: Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/10163/132208/624722-40.js?&cb=0.2939005375135928&tk_st=1&rf=https%3A//hosting2.keep.pl/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=132208_40&rp_secure=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:03:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Oct 2019 16:53:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 55ms
24ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:39 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 20 Jul 2021 13:03:39 GMT

POST /
adx.adform.net/adx/unload/ Frame 37ED 0
0

POST
H2 200 pet Show response
a.spolecznosci.net/ 5 KB
2 KB 17ms
17ms XHR
application/javascript 164.132.7.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/pet?x=1888%2C421&uu=null&safe=1&ut=&cb=6056090261&uq=173831817584.485554&ref=https%253A%252F%252Fhosting2.keep.pl%252F&n=0.5594685101784036&bw=1600&bh=1200&spfp=ada2b987231648484501021c1ee54971

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/a.js?h=dca4d51d32c232dfc8e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.7.102 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

5f3255ffc51886387542eeb131a80b901be46d7552b95274a548124b984e0830

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 19 Jul 2021 13:03:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ajs.php Show response
ox2.sterta.pl/www/delivery/ Frame 6743 1 KB
1 KB 18ms
18ms Script
text/javascript 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ox2.sterta.pl/www/delivery/ajs.php?zoneid=245&cb=22932694531&charset=UTF-8&loc=about%3Asrcdoc
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 79519300e4a03c7f2a69beb72c46fb6e8bdb85af68e0660631aebbc8a19c1737

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame B4C7 1 KB
2 KB 26ms
26ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=47027993;rtbwp=8ITHy-Br_6Ty2xzg7PZTJqzboUFQG3yp0;rtbdata=O1_chq4Kizr7CuMa-e0SOO9OSIJKW6I23iQCLrvmgtyhfk7cx1AdIWiLO7d-M0-Y06lg9dnBxCixPs--lqbRJRG4I7x-gxRt-SBOXGLZFke3DbMJ1wsQCp3K1TPVhTUNnwnCre4Zgn_J5RguTiGosC--HoOKuxULzZmO36wC2s_qC-krzLV-0q6cRpRC8MmNcljaup4zI1_Vjop-A9sorIHa7o0Vr2pI4F5sP0__kaYFN08a474yMUWLg8AcERWAaSevuxUHFLl_sYUgCVs894G6Nx94QA6xak8ZhsWrBC2BujcfeEAOsXuccmGjqIWK0;csid=5646;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=FXqSbS1ZZ7542u1ywTJ-2lYO0j72mMZsKANsHQAHAAzPxzHPgW_Kr5G4dWAZeGGw7-ItQUX26WTvHjNwXZsR73cUrskc5jC0OdA_DSamcl-Cp1j3GEbE-DzvM872Gwhc06lg9dnBxCixPs--lqbRJRG4I7x-gxRtbKHOy_v0tYVo-MqoS7oqwAFn_yLVCW9QDmnyBGEpsfYYNIwylBKhwQ2;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEwiIOymBKnl4Mv-EjX9Nw1ixJ0ecirIf7_n8WW8xE0WUKVAn3KKatfN6vWmW1dlSa0;

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

aeaa81a77bbda726d09dc2793e199b6578f2886ad12345329249cf577bf5d137

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1376
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame B4C7 58 KB
24 KB 25ms
25ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6330d93c38185b92516fd8bdb7220ff136b6817c2ef101ed7d822e122066240b

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 15:01:20 GMT
server: nginx
etag: W/"609d3f40-e80f"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 352D 291 B
724 B 17ms
16ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hosting2.keep.pl

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=hosting2.keep.pl
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hosting2.keep.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1929
set-cookie: uid=cafdcb58-7f65-4045-9b23-f28b86214730; expires=Tue, 19 Jul 2022 13:03:38 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Mon, 19 Jul 2021 13:03:38 GMT
content-length: 321

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 40ms
14ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:39 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 20 Jul 2021 13:03:39 GMT

GET
H/1.1 200
OK 10163.js Show response
ads.rubiconproject.com/ad/ Frame 6743 30 KB
9 KB 9ms
6ms Script
text/javascript 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/10163.js
Requested by: Host: ox2.sterta.pl
URL: https://ox2.sterta.pl/www/delivery/ajs.php?zoneid=245&cb=22932694531&charset=UTF-8&loc=about%3Asrcdoc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: a969a9b32705092663a8c9019ac9835cf93fff0d525457961e309bf04dba1424

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:03:39 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1535
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 8969
Expires: Mon, 19 Jul 2021 13:29:14 GMT

GET
H2 200 lg.php
ox2.sterta.pl/www/delivery/ Frame 6743 43 B
358 B 18ms
17ms Image
image/gif 87.98.238.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ox2.sterta.pl/www/delivery/lg.php?bannerid=810&campaignid=222&zoneid=245&loc=about%3Asrcdoc&cb=397d10d312
Requested by: Host: ox2.sterta.pl
URL: https://ox2.sterta.pl/www/delivery/ajs.php?zoneid=245&cb=22932694531&charset=UTF-8&loc=about%3Asrcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.98.238.81 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:38 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: max-age=315360000
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame B4C7 33 KB
16 KB 22ms
21ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=47027993;rtbwp=8ITHy-Br_6Ty2xzg7PZTJqzboUFQG3yp0;rtbdata=O1_chq4Kizr7CuMa-e0SOO9OSIJKW6I23iQCLrvmgtyhfk7cx1AdIWiLO7d-M0-Y06lg9dnBxCixPs--lqbRJRG4I7x-gxRt-SBOXGLZFke3DbMJ1wsQCp3K1TPVhTUNnwnCre4Zgn_J5RguTiGosC--HoOKuxULzZmO36wC2s_qC-krzLV-0q6cRpRC8MmNcljaup4zI1_Vjop-A9sorIHa7o0Vr2pI4F5sP0__kaYFN08a474yMUWLg8AcERWAaSevuxUHFLl_sYUgCVs894G6Nx94QA6xak8ZhsWrBC2BujcfeEAOsXuccmGjqIWK0;csid=5646;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=FXqSbS1ZZ7542u1ywTJ-2lYO0j72mMZsKANsHQAHAAzPxzHPgW_Kr5G4dWAZeGGw7-ItQUX26WTvHjNwXZsR73cUrskc5jC0OdA_DSamcl-Cp1j3GEbE-DzvM872Gwhc06lg9dnBxCixPs--lqbRJRG4I7x-gxRtbKHOy_v0tYVo-MqoS7oqwAFn_yLVCW9QDmnyBGEpsfYYNIwylBKhwQ2;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEwiIOymBKnl4Mv-EjX9Nw1ixJ0ecirIf7_n8WW8xE0WUKVAn3KKatfN6vWmW1dlSa0;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:38 GMT
content-encoding: gzip
last-modified: Thu, 10 Jun 2021 12:36:46 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 20 Jul 2021 16:09:58 GMT

GET
H/1.1 200
OK 624724-9.js Show response
smarttag.rubiconproject.com/a/10163/132208/ Frame 6743 147 B
916 B 12ms
9ms Script
text/javascript 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/10163/132208/624724-9.js?&cb=0.755869558995782&tk_st=1&rf=https%3A//hosting2.keep.pl/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=132208_9&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/10163.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 5fdd119b91e8af0ff7d5efa81e2bac7ac1608e3c8d3c6c84d4d4756da611bb91

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:39 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Keep-Alive: timeout=5
Content-Length: 147
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK 1x1.png
secure-assets.rubiconproject.com/static/psa/blank/ Frame 6743 156 B
484 B 6ms
6ms Image
image/png 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-assets.rubiconproject.com/static/psa/blank/1x1.png
Requested by: Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/10163/132208/624724-9.js?&cb=0.755869558995782&tk_st=1&rf=https%3A//hosting2.keep.pl/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=132208_9&rp_secure=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:03:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Oct 2019 16:53:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame B4C7 2 KB
2 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2324739&plc=47027993&sid=1358733&dvregion=0&unit=160x600
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5f304cc9d41b83589d171f12c353079537b1436cc5f4834479b249a401e81224

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:03:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 09:29:38 GMT
Server: Microsoft-IIS/10.0
ETag: "49b02714972d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H/1.1 200
OK dvbs_src_internal94.js Show response
cdn.doubleverify.com/ Frame B4C7 60 KB
19 KB 10ms
10ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal94.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2324739&plc=47027993&sid=1358733&dvregion=0&unit=160x600
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7dfc3d6a5e24461837466e62fb69223bcc7f5b043a277eed900aa0ad544b85d6

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:03:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 09:29:53 GMT
Server: Microsoft-IIS/10.0
ETag: "80bea8794972d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19085

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame E62B 1 KB
1 KB 8ms
8ms Document
text/html 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal94.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://hosting2.keep.pl/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=79345
Date: Mon, 19 Jul 2021 13:03:39 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame B4C7 2 KB
1 KB 12ms
12ms Script
text/javascript 213.254.244.18
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_642870711042&jsTagObjCallback=__tagObject_callback_642870711042&num=6&ctx=11655933&cmp=2324739&plc=47027993&sid=1358733&advid=&adsrv=&unit=160x600&isdvvid=&uid=642870711042&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=0&brver=&bridua=3&dup=null&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=16&fcifrms=7&brh=2&fwc=0&flt=0&fec=163&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=142&eparams=DC4FC%3Dl9EEADTbpTauTau9%40DE%3A%3F8a%5D%3C66A%5DA%3DTauU2%3F4r92%3A%3Fl9EEADTbpTauTau9%40DE%3A%3F8a%5D%3C66A%5DA%3DTar9EEADTbpTauTau9%40DE%3A%3F8a%5D%3C66A%5DA%3D&dvp_exetime=8.20
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal94.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c6a997061019c09986d8d2845ececfe4d2af4edcd04012b16f40be4255b09c3e

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Date: Mon, 19 Jul 2021 13:03:38 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 7/18/2021 1:03:39 PM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame 332D 4 KB
2 KB 11ms
11ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:03:39 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=15986
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame B4C7 8 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal94.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e94a4ffe8f92e41c3d79836d2aef56457ab8fb74eb258462987af0215a512e6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 12:28:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3828
x-xss-protection: 0
last-modified: Thu, 17 Jun 2021 19:49:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 19 Jul 2021 13:28:00 GMT

GET
H/1.1 200
OK bsevent.gif
tps20520.doubleverify.com/ Frame B4C7 807 B
1 KB 24ms
7ms Image
image/gif 213.254.244.18
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20520.doubleverify.com/bsevent.gif?impid=1874ca00e39b425c8ce908a9bae42789&vfdur=13&cbust=1626699819163382
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:38 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 7/18/2021 1:03:39 PM

GET
H/1.1 200
OK bsevent.gif
tps20520.doubleverify.com/ Frame B4C7 807 B
1 KB 21ms
8ms Image
image/gif 213.254.244.18
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20520.doubleverify.com/bsevent.gif?impid=1874ca00e39b425c8ce908a9bae42789&pltfrm=Linux%20x86_64&dvp_or1=1&cbust=1626699819166639
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:38 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 7/18/2021 1:03:39 PM

GET
H/1.1 200
OK bsevent.gif
tps20520.doubleverify.com/ Frame B4C7 807 B
1 KB 22ms
9ms Image
image/gif 213.254.244.18
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20520.doubleverify.com/bsevent.gif?impid=1874ca00e39b425c8ce908a9bae42789&dvp_or2=1&cbust=1626699819167626
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:38 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 7/18/2021 1:03:39 PM

GET
H3-29 200 impl_v76.js Show response
www.googletagservices.com/dcm/ Frame B4C7 37 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v76.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

887f063df27ef4a696d31ce39ffaded7dc0b18b2a7c82045e54bfa240c375fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 09:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 444938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15557
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 20:05:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 09:28:01 GMT

GET
H3-29 200 B9689862.280626343;dc_ver=76.220;dc_eid=40004000;sz=160x600;u_sd=1;nel=1;dc_adk=2023640339;ord=ypn9ds;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,ht... Show response
ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/ Frame 5A6E 35 KB
18 KB 45ms
44ms Document
text/html 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=76.220;dc_eid=40004000;sz=160x600;u_sd=1;nel=1;dc_adk=2023640339;ord=ypn9ds;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fhosting2.keep.pl%2F$0;xdt=0;crlt=6LyJgtK!dt;sttr=11;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v76.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

d0acefae030500955a584f4207ad2edfbdbf63b82c1fc5002ddf13cba6f1c219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ad.doubleclick.net
:scheme: https
:path: /ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=76.220;dc_eid=40004000;sz=160x600;u_sd=1;nel=1;dc_adk=2023640339;ord=ypn9ds;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fhosting2.keep.pl%2F$0;xdt=0;crlt=6LyJgtK!dt;sttr=11;prcl=s
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hosting2.keep.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Jul 2021 13:03:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 18266
x-xss-protection: 0
set-cookie: IDE=AHWqTUk34-EXA5aSxNx5Bk0ksaXfjLoHIBa-2_ZXFURp4zRD0gVQ5Q30MaRQaXRNkN8; expires=Sat, 13-Aug-2022 13:03:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 / Show response
track.adform.net/adfserve/ Frame B4C7 0
334 B 22ms
21ms Script
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=47027993;rtbwp=8ITHy-Br_6Ty2xzg7PZTJqzboUFQG3yp0;rtbdata=O1_chq4Kizr7CuMa-e0SOO9OSIJKW6I23iQCLrvmgtyhfk7cx1AdIWiLO7d-M0-Y06lg9dnBxCixPs--lqbRJRG4I7x-gxRt-SBOXGLZFke3DbMJ1wsQCp3K1TPVhTUNnwnCre4Zgn_J5RguTiGosC--HoOKuxULzZmO36wC2s_qC-krzLV-0q6cRpRC8MmNcljaup4zI1_Vjop-A9sorIHa7o0Vr2pI4F5sP0__kaYFN08a474yMUWLg8AcERWAaSevuxUHFLl_sYUgCVs894G6Nx94QA6xak8ZhsWrBC2BujcfeEAOsXuccmGjqIWK0;csid=5646;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=FXqSbS1ZZ7542u1ywTJ-2lYO0j72mMZsKANsHQAHAAzPxzHPgW_Kr5G4dWAZeGGw7-ItQUX26WTvHjNwXZsR73cUrskc5jC0OdA_DSamcl-Cp1j3GEbE-DzvM872Gwhc06lg9dnBxCixPs--lqbRJRG4I7x-gxRtbKHOy_v0tYVo-MqoS7oqwAFn_yLVCW9QDmnyBGEpsfYYNIwylBKhwQ2;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEwiIOymBKnl4Mv-EjX9Nw1ixJ0ecirIf7_n8WW8xE0WUKVAn3KKatfN6vWmW1dlSa0;;js=1;adfxid=1x;661;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|0|0;fd=0|2;bsdata=1&CREFURL=https%3A%2F%2Fhosting2.keep.pl%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:39 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 8DEwNdrbVHRPP4LID4_LPMHmjspKTjSOQuymdInQkJZS18QJLkrM_tYin0r77ZMq5bPZrFQwXGh_ssobvKoeVCGeZ7fggSBJ5H63erAA4IZ36eM2h1IQUWwb9n6MYg=w160-h600-n
s2.2mdn.net/proxy/ Frame 5A6E 27 KB
28 KB 37ms
6ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2.2mdn.net/proxy/8DEwNdrbVHRPP4LID4_LPMHmjspKTjSOQuymdInQkJZS18QJLkrM_tYin0r77ZMq5bPZrFQwXGh_ssobvKoeVCGeZ7fggSBJ5H63erAA4IZ36eM2h1IQUWwb9n6MYg=w160-h600-n

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=76.220;dc_eid=40004000;sz=160x600;u_sd=1;nel=1;dc_adk=2023640339;ord=ypn9ds;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fhosting2.keep.pl%2F$0;xdt=0;crlt=6LyJgtK!dt;sttr=11;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8e8755c8cf7706af9d7584bb92fe0a4bb0a35d0c27db63c24d6259426e3589a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 09:40:43 GMT
x-content-type-options: nosniff
server: fife
age: 12176
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28034
x-xss-protection: 0
expires: Tue, 20 Jul 2021 09:40:43 GMT

GET
H2 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20210712/r20110914/xfa/ Frame 5A6E 10 KB
4 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210712/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5317781d9e780e3f322cba012aca14f5b55b533c0a125f06271d09b33a9974d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4286
x-xss-protection: 0
server: cafe
etag: 12837953992469573683
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Aug 2021 16:40:54 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210712/r20110914/elements/html/ Frame 5A6E 8 KB
4 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210712/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Aug 2021 13:03:20 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A6E 124 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Mon, 19 Jul 2021 13:03:39 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5A6E 0
545 B 65ms
40ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstuFCiORHyKX_i4FGzu6zhsX9ikejJxP0vQk-xKigIrWdQUHWt6k7A3lT_SWZB7E2jju1dCn6yoyMhSIBZNRr53QdJ-1OtreozzR-uxPHIwAIvCnyLakkFLMEy2msfBPehWWL6SCklTXxQuc4x2eIoDs_kLM94&sig=Cg0ArKJSzC2sux95a7c1EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210712.44168&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 13:03:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 5A6E 7 KB
3 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280626343&num=&adid=&advid=2276943&adsrv=1&btreg=487515764&btadsrv=doubleclick&crt=138583839&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=76.220;dc_eid=40004000;sz=160x600;u_sd=1;nel=1;dc_adk=2023640339;ord=ypn9ds;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fhosting2.keep.pl%2F$0;xdt=0;crlt=6LyJgtK!dt;sttr=11;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ea0da3782f31c1909f5d4b3796e74892bd0c623685cf73e271dffe6c84e1ec64

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:03:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 12:55:06 GMT
Server: Microsoft-IIS/10.0
ETag: "031264c9d7cd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3172

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5A6E 41 KB
15 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 11:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 11:35:08 GMT

GET
H/1.1 200
OK dv-measurements1534.js Show response
cdn.doubleverify.com/ Frame 357A 483 KB
87 KB 10ms
7ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1534.js
Requested by: Host: hosting2.keep.pl
URL: https://hosting2.keep.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 51c6eec806ace698b1db3e554442d5b45e772e61265b45d9a2f6c3ff2911bbc2

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:03:39 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Jul 2021 12:57:02 GMT
Server: Microsoft-IIS/10.0
ETag: "0a3e066d47bd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89033

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5A6E 6 KB
4 KB 24ms
23ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20110914/xfa/sodar_loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b144a77af687b5792857a8c232e26f405d8d0f974c7cb93a3e76a90fb54da929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 13:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4378
x-xss-protection: 0

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5A6E 0
23 B 54ms
41ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 13:03:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C4C0 22 KB
8 KB 16ms
14ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 19 Jul 2021 11:35:08 GMT
expires: Tue, 19 Jul 2022 11:35:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5311
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 357A 1 KB
1 KB 27ms
12ms Script
text/javascript 213.254.244.20
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=92&ttfrms=34&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau9%40DE%3A%3F8a%5D%3C66A%5DA%3DTauU2%3F4r92%3A%3Fl9EEADTbpTauTau9%40DE%3A%3F8a%5D%3C66A%5DA%3DTar9EEADTbpTauTau9%40DE%3A%3F8a%5D%3C66A%5DA%3DTar9EEADTbpTauTau25%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=1&aUrlD=0&ssl=https:&dfs=59&ddur=8&uid=1626699819380626&jsCallback=dvCallback_1626699819380850&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=600&winw=160&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1534&tgjsver=1534&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fadi%2FN1395.150740DOUBLEVERIFY%2FB9689862.280626343%3Bdc_ver%3D76.220%3Bdc_eid%3D40004000%3Bsz%3D160x600%3Bu_sd%3D1%3Bnel%3D1%3Bdc_adk%3D2023640339%3Bord%3Dypn9ds%3Buach%3D%255B%2522%2522%252C%2522%2522%252C%2522%2522%252C%2522%2522%252C%2522%2522%252C%255B%255D%252Cnull%252Cnull%252Cnull%255D%3Bdc_rfl%3D1%2Chttps%253A%252F%252Fhosting2.keep.pl%252F%240%3Bxdt%3D0%3Bcrlt%3D6LyJgtK!dt%3Bsttr%3D11%3Bprcl%3Ds&fcifrms=7&brh=2&dvp_epl=214&noc=16&ctx=13311291&cmp=9689862&sid=2641434&plc=280626343&crt=138583839&btreg=487515764&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=157392902.99822488&dvp_tukv=229744689228.33713&dvp_uuid=12659365.651425194&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=1337258151997
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1534.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: bd17adaf782ebcfc53211db467b3f5da5f91c519c17e75eeed351b3fd08fed46

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:38 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 7/18/2021 1:03:39 PM

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame C4C0 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 12:44:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 12:44:03 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5A6E 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20110914/xfa/sodar_loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 19 Jul 2021 13:03:39 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame A228 83 KB
27 KB 15ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:39 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 20 Jul 2021 13:03:39 GMT

GET
H3-29 200 5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js Show response
pagead2.googlesyndication.com/bg/ Frame B32E 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 08:39:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13391
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 08:39:06 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame A228 83 KB
27 KB 15ms
14ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:39 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 20 Jul 2021 13:03:39 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C4C0 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZjA-K3j1YMzCDLPF7_UPw_WbmAEAAAAAOAHgBAI&bg=!1Nel15PNAAZjFomlYxY7ACkAdvg8WszqhYql9mjMvg-yCzngIPLret4N6OFOWFmcpZ4PnNDb-0VIhwIAAACxUgAAABBoAQcKAMKX948UJH0XjPzEFdGegBI47FCx4LSF07hBYeKggL8j6ro9dwXGnF1tRWmpDhp3l1yBiAh32_zNNL2lKC7NgWY2TSGlnGoG81VRSSVGx7yTgCFTIWRALCw_hv1lk7bYXcCVpzWFgHl_YOz8DQf-kfyKblioR2pwSIZep5xdhgi8W7j7ozElqimiCWADSBRky_Y4m-Tmryi-TKDoNAHREdbigiGQWX-fC_gmOx9GB01gf2jtB3F6ZaH1Tg_j9KJkVCf28ZkCsHmjvzKX9cU90mfwRlLmX6nol8alRy8kDtVY17KndjvY6OQnpiQJ-gTN1OIdiQANXZPlvFxhkIC7NBjYAFaI4cwQnloSGKG3O0_-AY9iwMFoINdPzadsv0_EaXjoIsc6vsYef_CoMY-WXUpVVjh5UaFFIgEnseeiAaXkmo1qshpSoluLrMkpNrj-h6NWo84ih7J68qqBMUt02TJIUbqHbxil0scuTwFXFPMGuVatX-IVGVv7n-zwhzYAS-Nfvw0zC2mCN_dWroeVFjOU-bBFTRLMhQ_r7tcyZcqaojQS2MQBJHFl5-33Nb4mdBSXRrcvatwn8S-Iq7rIAyLhnDvqWXMPkZxafdyR6EVrIHu0n4x-MGINoH3y_ObXya6n5qQSijXNDja3OyWFkaroleO9XOrmviIwsl0ZyQgp1HBUgat6UPnMslzftDXnYms5el3xCx9fjqbjda2YRaSNinMrQ_KEH-Ii3_IKhHZ7pFXW7xUFulSaK37devi55CkGxrzoKvY4Uvz2vACTKWuN1TuljgDDH88n4FX5EOHKIXo1zrVhpQM9gk8PbCdj1z0iiE_9khlHEvZzLi7RqkxzahBhUEZcT73pzpbwwGzJbJTK1vH6Ge0sZnaG_nBWvV5giKuz_d4-aHGTDzIJk5LvOuxx_aF3rTuye56MmDUDUbi-QWyVaOG2r-mmzkG-6tj9srhueBHrj-IHt_N-GEliT4ubSMrN3SXDSOyvb-wfeMAhLD4JPRrdpm-pSIfGyfsT9MOBv-zFVHAZgRcyvsl9_NhGRnwCgH3j6fa7mamaZpQjNaUYlnPdoc3RJ4gWaMViNP91_wqpczYmMHhUDKZhl7KZ7U2bolsEJPZLxZlp3JU42Jnm471_6_s8ydw0XSTAJF3AMfWDXmJZEy-KZWNojBVgUpU

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5A6E 42 B
518 B 31ms
13ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunUs0dlAjgKXwBawofIwiulPmNODIvAARt_mkIEx1UOoGkrPQubCIRp8u_pzAWHHXc6_BklellfU4CowpFOaTw6lyPT3sK&sig=Cg0ArKJSzBX3SZIMdZxUEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210716&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=33&adk=2023640339&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
adx.adform.net/adx/unload/ Frame B4C7 35 B
397 B 18ms
18ms Ping
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1626699820514

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:40 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://hosting2.keep.pl
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK event.png
tps20244.doubleverify.com/ Frame 357A 67 B
446 B 121ms
7ms Ping
image/png 213.254.244.18
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20244.doubleverify.com/event.png?impid=4b08dd5a39094a8ab40db8304780dd75&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=55&vdur=28&eoid=5&msrjs=1534&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&ttfurm=2071&cbust=1626699821421635
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1534.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:41 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://ad.doubleclick.net
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 7/18/2021 1:03:41 PM

GET
H2 200 common.js Show response
maps.google.com/maps-api-v3/api/js/45/6a/ 90 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/45/6a/common.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyBPa4F4yWVD6-inbPov_4b2Kn1fFgP3ieo&sensor=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52457f43fac8bd97be53969d99098b81c82c17fd1d8290def76de807ae816f87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 17:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33333
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 22:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 17:42:02 GMT

GET
H2 200 util.js Show response
maps.google.com/maps-api-v3/api/js/45/6a/ 288 KB
88 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/45/6a/util.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyBPa4F4yWVD6-inbPov_4b2Kn1fFgP3ieo&sensor=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c970fd9b6d58f1e3b320434716966f63995bc6d2fbbf42a6e835eb7f41c147c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 17:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90282
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 22:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 17:42:02 GMT

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
446 B 93ms
72ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fhosting2.keep.pl%2F&4sAIzaSyBPa4F4yWVD6-inbPov_4b2Kn1fFgP3ieo&callback=_xdc_._p1tgx2&key=AIzaSyBPa4F4yWVD6-inbPov_4b2Kn1fFgP3ieo&token=86315

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps-api-v3/api/js/45/6a/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

fd3788fcfbc4c3f775cc67c0bf76182bd6f15a8caa6a888b3a44ad697b51fb54

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:42 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=58
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK event.png
tps20244.doubleverify.com/ Frame 357A 67 B
446 B 9ms
8ms Ping
image/png 213.254.244.18
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20244.doubleverify.com/event.png?impid=4b08dd5a39094a8ab40db8304780dd75&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=7&ismms=45&isumms=44&isvelg=1&nvr=6&elmtp=3&isbxdms=2145&b0=100&b11=2114&adhgt=600&adwdth=160&norwdth=160&norhgt=600&engisel=1&vsos=5&dvp_vsosnmr=16&lftb=2214&sftb=2214&msrdp=1&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=160&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1045&isuiabvms=1045&ispmxpms=1045&engalms=44&dvp_dpr=1&cbust=1626699822421263
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1534.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:42 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://ad.doubleclick.net
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 7/18/2021 1:03:42 PM

GET
H2

200

sspmatch-iframe Show response
ads.betweendigital.com/ Frame C59B
Redirect Chain

https://ads.betweendigital.com/sspmatch-iframe
https://ads.betweendigital.com/sspmatch-iframe?crf=1

0
72 B

48ms
9ms

Document
text/html

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: ads.betweendigital.com
:scheme: https
:path: /sspmatch-iframe?crf=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hosting2.keep.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: dc=lux1; ss=1; tuuid=8b1e6ba2-6973-52c8-8119-0cb7e1ec7498; ut=YPV4LwAOlmAw41-lfon0brhuUQgamUBAY5g-gw==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

Redirect headers

location: /sspmatch-iframe?crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=315360000; Expires=Thu, 17 Jul 2031 13:03:43 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure tuuid=72acf4ad-fe81-52c8-9ae3-8464fa16fc4b; Max-Age=315360000; Expires=Thu, 17 Jul 2031 13:03:43 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ut=YPV4LwAOY5hvLPYk3F-8mxWbwCibq-EN7tYQjg==; Max-Age=315360000; Expires=Thu, 17 Jul 2031 13:03:43 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ss=1; Max-Age=315360000; Expires=Thu, 17 Jul 2031 13:03:43 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure
content-length: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame FABD 14 KB
5 KB 101ms
17ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?kdntuid=1&p=156036
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hosting2.keep.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=28116
expires: Mon, 19 Jul 2021 20:52:20 GMT
date: Mon, 19 Jul 2021 13:03:44 GMT
vary: Accept-Encoding

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 14E2 1 KB
703 B 123ms
39ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

:method: GET
:authority: cdn.connectad.io
:scheme: https
:path: /connectmyusers.php?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hosting2.keep.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

date: Mon, 19 Jul 2021 13:03:44 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 671426cc3e8d4df4-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame FCBA 14 KB
5 KB 105ms
22ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?kdntuid=1&p=156036
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hosting2.keep.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=28116
expires: Mon, 19 Jul 2021 20:52:20 GMT
date: Mon, 19 Jul 2021 13:03:44 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 096A 52 KB
17 KB 51ms
11ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://hosting2.keep.pl/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sat, 17 Jul 2021 04:42:48 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 19 Jul 2021 13:03:43 GMT
Age: 30051
X-Served-By: cache-lga21920-LGA, cache-fra19123-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 234127
X-Timer: S1626699824.989909,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 3CE6 1 KB
703 B 124ms
42ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

:method: GET
:authority: cdn.connectad.io
:scheme: https
:path: /connectmyusers.php?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hosting2.keep.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

date: Mon, 19 Jul 2021 13:03:44 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 671426cc3e924df4-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 50B0 52 KB
17 KB 48ms
11ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://hosting2.keep.pl/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sat, 17 Jul 2021 04:42:48 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 19 Jul 2021 13:03:43 GMT
Age: 30051
X-Served-By: cache-lga21920-LGA, cache-fra19146-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 233737
X-Timer: S1626699824.989569,VS0,VE0
Vary: Accept-Encoding

GET
H2

200

sspmatch-iframe Show response
ads.betweendigital.com/ Frame A0B6
Redirect Chain

https://ads.betweendigital.com/sspmatch-iframe
https://ads.betweendigital.com/sspmatch-iframe?crf=1

0
72 B

38ms
18ms

Document
text/html

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: ads.betweendigital.com
:scheme: https
:path: /sspmatch-iframe?crf=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hosting2.keep.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: dc=lux1; ss=1; tuuid=8b1e6ba2-6973-52c8-8119-0cb7e1ec7498; ut=YPV4LwAOlmAw41-lfon0brhuUQgamUBAY5g-gw==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

Redirect headers

location: /sspmatch-iframe?crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=315360000; Expires=Thu, 17 Jul 2031 13:03:43 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure tuuid=8b1e6ba2-6973-52c8-8119-0cb7e1ec7498; Max-Age=315360000; Expires=Thu, 17 Jul 2031 13:03:43 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ut=YPV4LwAOlmAw41-lfon0brhuUQgamUBAY5g-gw==; Max-Age=315360000; Expires=Thu, 17 Jul 2031 13:03:43 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ss=1; Max-Age=315360000; Expires=Thu, 17 Jul 2031 13:03:43 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 99CE 281 B
554 B 79ms
8ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://hosting2.keep.pl/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 19 Jul 2021 13:03:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CF84 52 KB
17 KB 32ms
11ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://hosting2.keep.pl/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sat, 17 Jul 2021 04:42:48 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 19 Jul 2021 13:03:43 GMT
Age: 30051
X-Served-By: cache-lga21920-LGA, cache-fra19158-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 237080
X-Timer: S1626699824.990684,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2DE1 281 B
554 B 60ms
8ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://hosting2.keep.pl/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 19 Jul 2021 13:03:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4F4D 14 KB
5 KB 74ms
23ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?kdntuid=1&p=156036
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hosting2.keep.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=28116
expires: Mon, 19 Jul 2021 20:52:20 GMT
date: Mon, 19 Jul 2021 13:03:44 GMT
vary: Accept-Encoding

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 7764 658 B
750 B 42ms
12ms Document
text/html 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: d79cea52ea505fa9c58abbbfe4a2cdcb36b77928d5c4a7b23944b2598e7c82ef

Request headers

:method: GET
:authority: ads.betweendigital.com
:scheme: https
:path: /sspmatch-iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hosting2.keep.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: dc=lux1; ss=1; tuuid=8b1e6ba2-6973-52c8-8119-0cb7e1ec7498; ut=YPV4LwAOlmAw41-lfon0brhuUQgamUBAY5g-gw==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 658

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 7376 1 KB
935 B 80ms
30ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=8bd32ab6c8a5c2305e11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

:method: GET
:authority: cdn.connectad.io
:scheme: https
:path: /connectmyusers.php?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hosting2.keep.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hosting2.keep.pl/

Response headers

date: Mon, 19 Jul 2021 13:03:44 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 671426cc3e944df4-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 50B0
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
803 B

33ms
29ms

Script
text/html

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:44 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0597ade8-ad40-4fb3-b6ce-560762d8fd82
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:44 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: dca9ab0f-6e88-4fa3-88c3-3ad5351d8403
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 096A
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
803 B

76ms
12ms

Script
text/html

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:44 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4f0509ea-7fcc-437d-ac03-e53ad259a320
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:44 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ce9485eb-2358-4ba7-8c40-54f626a70083
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CF84 0
731 B 52ms
50ms Script
text/html 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:44 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e3ae8145-4bc3-4ab9-8edb-82ae1cde4872
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bsevent.gif
tps20520.doubleverify.com/ Frame B4C7 807 B
1 KB 58ms
7ms Image
image/gif 213.254.244.18
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20520.doubleverify.com/bsevent.gif?impid=1874ca00e39b425c8ce908a9bae42789&mascid=kran2ljzjcd34biv4rpivis4mpmval8a&dvp_masver=6&dvp_t1stMsgB=235&cbust=1626699824200751
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://hosting2.keep.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:43 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 7/18/2021 1:03:44 PM

GET
H2

200

match
ads.betweendigital.com/ Frame 7764
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=90e97739-d064-4d15-828b-ff6544050df8
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=90e97739-d064-4d15-828b-ff6544050df8
https://x.bidswitch.net/sync?dsp_id=4&user_id=cb16a02c-20f2-4d8b-8ff0-fdb53d17e3c5&ssp=between&expires=30&user_group=5&bsw_param=90e97739-d064-4d15-828b-ff6544050df8
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=a189049e-1837-42a2-8856-7ba5295211c3

68 B
159 B

96ms
41ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=a189049e-1837-42a2-8856-7ba5295211c3
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=a189049e-1837-42a2-8856-7ba5295211c3
date: Mon, 19 Jul 2021 13:03:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 7764
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=x8hDAwhEQ5q.AikABlF6vt19xg

68 B
159 B

28ms
18ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=x8hDAwhEQ5q.AikABlF6vt19xg
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:45 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f2-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=x8hDAwhEQ5q.AikABlF6vt19xg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 7764
Redirect Chain

https://sync.bumlam.com/?src=bw1&uid=8b1e6ba2-6973-52c8-8119-0cb7e1ec7498
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiw8NWHBlIFvp7KygpiJDhiMWU2YmEyLTY5NzMtNTJjOC04MTE5LTBjYjdlMWVjNzQ5OA**
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiw8NWHBlIFvp7KygpiJDhiMWU2YmEyLTY5NzMtNTJjOC04MTE5LTBjYjdlMWVjNzQ5OKIBEL_UxwrokRHroNcAJZDkXDg*
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=&crf=1

68 B
159 B

86ms
2ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=&crf=1
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=18&external_user_id=&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 7764
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=281e38374a05e6d9128ee56a

68 B
159 B

27ms
17ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=281e38374a05e6d9128ee56a
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Mon, 19 Jul 2021 13:03:45 GMT
Server: nginx
Location: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=281e38374a05e6d9128ee56a
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame B635 4 KB
1 KB 88ms
5ms Document
text/html 151.236.71.19
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8b1e6ba2-6973-52c8-8119-0cb7e1ec7498&CACHEBUSTER=347449
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.19 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

:method: GET
:authority: cache.betweendigital.com
:scheme: https
:path: /code/bidder_18.html?USER_ID=8b1e6ba2-6973-52c8-8119-0cb7e1ec7498&CACHEBUSTER=347449
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.betweendigital.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: dc=lux1; ss=1; tuuid=8b1e6ba2-6973-52c8-8119-0cb7e1ec7498; ut=YPV4LwAOlmAw41-lfon0brhuUQgamUBAY5g-gw==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.betweendigital.com/

Response headers

server: nginx
date: Mon, 19 Jul 2021 13:03:44 GMT
content-type: text/html
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
etag: W/"60bf907f-ee9"
content-encoding: gzip

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 99CE 31 KB
10 KB 64ms
31ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f1e6cd314f7edb3b841803f719b61b002fe565a65964efd702b420c67bc5fee0

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:03:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=61045
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9358
Expires: Tue, 20 Jul 2021 06:01:09 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2DE1 31 KB
10 KB 42ms
9ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f1e6cd314f7edb3b841803f719b61b002fe565a65964efd702b420c67bc5fee0

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:03:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=61045
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9358
Expires: Tue, 20 Jul 2021 06:01:09 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame FABD 5 KB
6 KB 316ms
0ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70519129&p=156036&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 3c2ee8a7b3f8636d1fa9c47b7d9db67bb9513e6abb3eaad145520c0a3c2987e1

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:43 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H/1.1 200
OK event.png
tps20244.doubleverify.com/ Frame 357A 67 B
446 B 43ms
7ms Ping
image/png 213.254.244.18
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20244.doubleverify.com/event.png?impid=4b08dd5a39094a8ab40db8304780dd75&gdpr=&gdpr_consent=&mascid=kran2ljzjcd34biv4rpivis4mpmval8a&dvp_masver=1534&eoid=8&cbust=1626699824773231
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1534.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:44 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://ad.doubleclick.net
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 7/18/2021 1:03:44 PM

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 2DE1 284 B
536 B 125ms
7ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/jpg

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame 5739 0
0 45ms
23ms Document
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: sync-eu.connectad.io
:scheme: https
:path: /syncer/1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cadsync
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.connectad.io/

Response headers

date: Mon, 19 Jul 2021 13:03:45 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 671426d369394df4-FRA

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 50B0 0
731 B 46ms
41ms Script
text/html 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:45 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0f533330-9734-426d-b630-4fc412561811
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 4496
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=151B1D0A-12FE-49A9-87CA-3B46A12194EC
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=151B1D0A-12FE-49A9-87CA-3B46A12194EC

35 B
468 B

160ms
6ms

Document
image/gif

37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=151B1D0A-12FE-49A9-87CA-3B46A12194EC

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=151B1D0A-12FE-49A9-87CA-3B46A12194EC
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 19 Jul 2021 13:03:45 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=8644240953286899891; expires=Fri, 17 Sep 2021 13:03:45 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Mon, 19 Jul 2021 13:03:45 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=151B1D0A-12FE-49A9-87CA-3B46A12194EC
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Thu, 19 Aug 2021 13:03:45 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame 3A47
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFUjgwN0I2dkFBQUVCUkdVSXY3UQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

77ms
43ms

Document
image/gif

52.30.92.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.92.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bito=AAER807B6vAAAEBRGUIv7Q; bitoIsSecure=ok
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Mon, 19 Jul 2021 13:03:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Mon, 19 Jul 2021 13:03:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
set-cookie: IDE=AHWqTUnI_7wDr-Ri0grMvn3AlPvXgYt19gHxHer_5A1USimK0DE9t__PxKq6wekkg_k; expires=Sat, 13-Aug-2022 13:03:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 8D0F 43 B
360 B 105ms
1ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Mon, 19 Jul 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1171
x-powered-by: ASP.NET
date: Mon, 19 Jul 2021 13:03:45 GMT
content-length: 43

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9DCD
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5641628695
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5641628695
https://sync.1rx.io/usersync/tradedesk/1034f27f-1fa4-462b-a2c6-eed5614082cc
https://sync.targeting.unrulymedia.com/csync/RX-5ccdfb08-3f7b-4e11-82e4-54e0575bbb3f-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5ccdfb08-3f7b-4e11-82e4-54e0575bbb3f-003

42 B
270 B

29ms
27ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5ccdfb08-3f7b-4e11-82e4-54e0575bbb3f-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5ccdfb08-3f7b-4e11-82e4-54e0575bbb3f-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=F01F8C52-4B59-424E-A0EE-0A6BA43715BA; SPugT=1626699825; KRTBCOOKIE_27=16735-uid:d96d60f5-7831-4300-b9e6-c97c1e0005e5&KRTB&16736-uid:d96d60f5-7831-4300-b9e6-c97c1e0005e5&KRTB&23019-uid:d96d60f5-7831-4300-b9e6-c97c1e0005e5&KRTB&23114-uid:d96d60f5-7831-4300-b9e6-c97c1e0005e5; PUBMDCID=3; KRTBCOOKIE_22=14911-7902508618974710440; KRTBCOOKIE_391=22924-2476843913475599264&KRTB&23263-2476843913475599264; KRTBCOOKIE_80=22987-CAESEH6E1ZoTGaUSQrwI7cg8lMU&KRTB&16514-CAESEH6E1ZoTGaUSQrwI7cg8lMU&KRTB&23025-CAESEH6E1ZoTGaUSQrwI7cg8lMU; PugT=1626699826; KRTBCOOKIE_218=22978-YPV4MQAC4lZnjAAC&KRTB&23194-YPV4MQAC4lZnjAAC&KRTB&23209-YPV4MQAC4lZnjAAC&KRTB&23244-YPV4MQAC4lZnjAAC; KRTBCOOKIE_860=16335-eq6Vt5NsTDtUVklpNRDxypBMbR4; KRTBCOOKIE_377=6810-1034f27f-1fa4-462b-a2c6-eed5614082cc&KRTB&22918-1034f27f-1fa4-462b-a2c6-eed5614082cc&KRTB&23031-1034f27f-1fa4-462b-a2c6-eed5614082cc; KRTBCOOKIE_57=22776-2639328139522901578
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 19 Jul 2021 13:03:46 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_594=17105-RX-5ccdfb08-3f7b-4e11-82e4-54e0575bbb3f-003&KRTB&17107-RX-5ccdfb08-3f7b-4e11-82e4-54e0575bbb3f-003; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 17-Oct-2021 13:03:46 GMT; path=/ PugT=1626699826; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 18-Aug-2021 13:03:46 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 17-Oct-2021 13:03:46 GMT; path=/
x-lat: lhrpug015:0:416
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Mon, 19 Jul 2021 13:03:46 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-5ccdfb08-3f7b-4e11-82e4-54e0575bbb3f-003%22%7D; path=/; expires=Tue, 19 Jul 2022 13:03:46 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5ccdfb08-3f7b-4e11-82e4-54e0575bbb3f-003
etag: RX5ccdfb083f7b4e1182e454e0575bbb3f003

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame DABC 0
44 B 551ms
114ms Document
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.deepintent.com
:scheme: https
:path: /usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Mon, 19 Jul 2021 13:03:45 GMT
server: a

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 839B 43 B
408 B 229ms
29ms Document
image/gif 63.251.232.170
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Mon, 19 Jul 2021 13:03:45 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-2
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

noop Show response
px.owneriq.net/ Frame 81F7
Redirect Chain

https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

74ms
6ms

Document
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: px.owneriq.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 0
Content-Type: image/gif
Date: Mon, 19 Jul 2021 13:03:45 GMT
Connection: keep-alive

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Mon, 19 Jul 2021 13:03:45 GMT
Connection: keep-alive

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame A45E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
450 B

229ms
128ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aonoeUq0I1u9yNycPfexg4PD7H2S62JTYBplAgsp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Mon, 19 Jul 2021 13:03:46 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aJnsIHp26Ub8e4OCbBoZdtCLrJ8sgQZaHQutBSUmPShAITDHVsS5NsJIN0syKsbGOXBxdZacMZcDYJZaZbBkxG7hdRvae2; path=/; domain=.tribalfusion.com; expires=Sun, 17-Oct-2021 13:03:46 GMT; SameSite=None; Secure; ANON_ID_old=aJnsIHp26Ub8e4OCbBoZdtCLrJ8sgQZaHQutBSUmPShAITDHVsS5NsJIN0syKsbGOXBxdZacMZcDYJZaZbBkxG7hdRvae2; path=/; domain=.tribalfusion.com; expires=Sun, 17-Oct-2021 13:03:46 GMT;
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 671426d87a704e5c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Mon, 19 Jul 2021 13:03:45 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 347
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aonoeUq0I1u9yNycPfexg4PD7H2S62JTYBplAgsp; path=/; domain=.tribalfusion.com; expires=Sun, 17-Oct-2021 13:03:45 GMT; SameSite=None; Secure; ANON_ID_old=aonoeUq0I1u9yNycPfexg4PD7H2S62JTYBplAgsp; path=/; domain=.tribalfusion.com; expires=Sun, 17-Oct-2021 13:03:45 GMT;
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 671426d65dd34e5c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK usersync Show response
match.bnmla.com/ Frame 8B16 0
114 B 951ms
373ms Document
text/plain 38.27.122.126
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.126 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: match.bnmla.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Mon, 19 Jul 2021 13:03:46 GMT
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 34DB
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=eq6Vt5NsTDtUVklpNRDxypBMbR4

42 B
220 B

55ms
32ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=eq6Vt5NsTDtUVklpNRDxypBMbR4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=eq6Vt5NsTDtUVklpNRDxypBMbR4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=F01F8C52-4B59-424E-A0EE-0A6BA43715BA; SPugT=1626699825; KRTBCOOKIE_27=16735-uid:d96d60f5-7831-4300-b9e6-c97c1e0005e5&KRTB&16736-uid:d96d60f5-7831-4300-b9e6-c97c1e0005e5&KRTB&23019-uid:d96d60f5-7831-4300-b9e6-c97c1e0005e5&KRTB&23114-uid:d96d60f5-7831-4300-b9e6-c97c1e0005e5; PugT=1626699825; PUBMDCID=3; KRTBCOOKIE_22=14911-7902508618974710440; KRTBCOOKIE_391=22924-2476843913475599264&KRTB&23263-2476843913475599264
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 19 Jul 2021 13:03:46 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_860=16335-eq6Vt5NsTDtUVklpNRDxypBMbR4; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 17-Oct-2021 13:03:46 GMT; path=/ PugT=1626699826; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 18-Aug-2021 13:03:46 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 17-Oct-2021 13:03:46 GMT; path=/
x-lat: lhrpug004:0:556
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Mon, 19 Jul 2021 13:03:45 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=eq6Vt5NsTDtUVklpNRDxypBMbR4
Set-Cookie: sa-user-id=s%3A0-7aae95b7-936c-4c3b-5456-49693510f1ca.2Y9xJ%2BOE1iaTGklv4akmSPcZM02qujN5uDMuOKtOwCo; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-7aae95b7-936c-4c3b-5456-49693510f1ca%24ip%24144.76.109.30.BDBhcWv6Z5fMYdLaf2RPzscBzFNhed4ddDUiX8FRkuA; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 159
Connection: keep-alive

GET tum
ums.acuityplatform.com/ Frame E7AE 0
0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FABD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FRsdChL-SamHyjtGoSGU7A%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FRsdChL-SamHyjtGoSGU7A%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

147ms
21ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:46 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=28114
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Mon, 19 Jul 2021 20:52:20 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 420486.gif
idsync.rlcdn.com/ Frame FABD 0
66 B 346ms
0ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420486.gif?partner_uid=151B1D0A-12FE-49A9-87CA-3B46A12194EC
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:45 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame FABD
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=272c60f5-7831-4000-94a8-58459af9e2eb

0
368 B

238ms
15ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=272c60f5-7831-4000-94a8-58459af9e2eb
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:45 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 19 Jul 2021 13:03:36 GMT
Server: MT3 3810 5cb7d7e master zrh-pixel-x1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=272c60f5-7831-4000-94a8-58459af9e2eb
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 19 Jul 2021 13:03:35 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame FABD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTUxQjFEMEEtMTJGRS00OUE5LTg3Q0EtM0I0NkExMjE5NEVD&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTUxQjFEMEEtMTJGRS00OUE5LTg3Q0EtM0I0NkExMjE5NEVD&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

159ms
35ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:46 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:557
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame FABD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH6E1ZoTGaUSQrwI7cg8lMU&google_cver=1

42 B
438 B

165ms
26ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH6E1ZoTGaUSQrwI7cg8lMU&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:46 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:374
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH6E1ZoTGaUSQrwI7cg8lMU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame FABD 43 B
611 B 363ms
18ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 18 Jul 2021 13:03:45 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FABD
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7902508618974710440&gdpr=0&gdpr_consent=&us_privacy=

1 B
186 B

244ms
29ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7902508618974710440&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:45 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:627
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7902508618974710440&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Mon, 19 Jul 2021 13:03:45 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FABD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPV4MQAC4lZnjAAC&gdpr=0&gdpr_consent=&_test=YPV4MQAC4lZnjAAC

1 B
238 B

75ms
31ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPV4MQAC4lZnjAAC&gdpr=0&gdpr_consent=&_test=YPV4MQAC4lZnjAAC
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:46 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:405
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:45 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626699826.995568,VS0,VE0
x-served-by: cache-fra19138-FRA
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPV4MQAC4lZnjAAC&gdpr=0&gdpr_consent=&_test=YPV4MQAC4lZnjAAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FABD
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1034f27f-1fa4-462b-a2c6-eed5614082cc

42 B
292 B

76ms
32ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1034f27f-1fa4-462b-a2c6-eed5614082cc
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:46 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:489
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:45 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1034f27f-1fa4-462b-a2c6-eed5614082cc
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FABD
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d96d60f5-7831-4300-b9e6-c97c1e0005e5&gdpr=0&gdpr_consent=

42 B
650 B

253ms
14ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d96d60f5-7831-4300-b9e6-c97c1e0005e5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:45 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:416
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 19 Jul 2021 13:03:36 GMT
Server: MT3 3810 5cb7d7e master zrh-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d96d60f5-7831-4300-b9e6-c97c1e0005e5&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 19 Jul 2021 13:03:35 GMT

GET
H2 200 151B1D0A-12FE-49A9-87CA-3B46A12194EC
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame FABD 43 B
840 B 277ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/151B1D0A-12FE-49A9-87CA-3B46A12194EC?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame FABD
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=151B1D0A-12FE-49A9-87CA-3B46A12194EC&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=151B1D0A-12FE-49A9-87CA-3B46A12194EC&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lUl7.XFE2uVytPj7u.PC0FL3D6z8SJo-~A&gdpr=0&gdpr_consent=

0
48 B

44ms
15ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lUl7.XFE2uVytPj7u.PC0FL3D6z8SJo-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:45 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 19 Jul 2021 13:03:46 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lUl7.XFE2uVytPj7u.PC0FL3D6z8SJo-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame FABD
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2639328139522901578&gdpr=0&gdpr_consent=

42 B
210 B

37ms
33ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2639328139522901578&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:46 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:626
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:46 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 221e2099-f4e9-4333-ade1-4dae8476b026
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2639328139522901578&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame FABD 0
104 B 286ms
59ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=151B1D0A-12FE-49A9-87CA-3B46A12194EC&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:46 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1 200
OK CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame FABD 0
88 B 553ms
117ms Image
text/plain 35.171.36.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.36.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-36-131.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FABD
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c0a3e360-e891-11eb-b39a-e9d8acd58513&gdpr=0&gdpr_consent=

1 B
215 B

27ms
26ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c0a3e360-e891-11eb-b39a-e9d8acd58513&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:46 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:842
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c0a3e360-e891-11eb-b39a-e9d8acd58513&gdpr=0&gdpr_consent=
Date: Mon, 19 Jul 2021 13:03:46 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: c0a3e361-e891-11eb-b39a-e9d8acd58513

GET
H/1.1

200
OK

sn.ashx
pmp.mxptint.net/ Frame FABD
Redirect Chain

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D531_E076F754_492809C4&r=https://pmp.mxptint.net/sn.ashx?ak=1
https://pmp.mxptint.net/sn.ashx?ak=1

43 B
266 B

138ms
137ms

Image
image/gif

38.67.14.233
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pmp.mxptint.net/sn.ashx?ak=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

38.67.14.233 , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=-309686626; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:45 GMT
Cache-Control: no-cache
Expires: -1
Content-Length: 43
Strict-Transport-Security: max-age=-309686626; includeSubDomains
Content-Type: image/gif

Redirect headers

location: https://pmp.mxptint.net/sn.ashx?ak=1
date: Mon, 19 Jul 2021 13:03:46 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:432
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame FABD
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
204 B

27ms
27ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:46 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:499
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:45 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame FABD
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VI8CJ1WHVyBPjFMhUNpJKgCKUSJP2lElW4ZhLjzq

42 B
276 B

31ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VI8CJ1WHVyBPjFMhUNpJKgCKUSJP2lElW4ZhLjzq
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:46 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:458
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VI8CJ1WHVyBPjFMhUNpJKgCKUSJP2lElW4ZhLjzq
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FABD
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a189049e-1837-42a2-8856-7ba5295211c3
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk7eb17ba4-6e0f-497c-ace5-3d8d6bbfd799&expires=7&user_group=5&ssp=pubmatic&bsw_param=a189049e-1837-42a2-8856-7ba5295211c3
https://x.bidswitch.net/ul_cb/sync?dsp_id=257&user_id=mk7eb17ba4-6e0f-497c-ace5-3d8d6bbfd799&expires=7&user_group=5&ssp=pubmatic&bsw_param=a189049e-1837-42a2-8856-7ba5295211c3
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=52f3684c-010f-42b4-9462-5f31e56c6c98&gdpr=&gdpr_consent=&gdpr_pd=

1 B
218 B

44ms
43ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=52f3684c-010f-42b4-9462-5f31e56c6c98&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:46 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:1074
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=52f3684c-010f-42b4-9462-5f31e56c6c98&gdpr=&gdpr_consent=&gdpr_pd=
date: Mon, 19 Jul 2021 13:03:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FABD
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_8fe65b48-eb8d-4476-a7ae-2fc45602e183

42 B
224 B

27ms
26ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_8fe65b48-eb8d-4476-a7ae-2fc45602e183
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:46 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug001:0:455
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_8fe65b48-eb8d-4476-a7ae-2fc45602e183
date: Mon, 19 Jul 2021 13:03:46 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FABD
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2476843913475599264

42 B
234 B

107ms
42ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2476843913475599264
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:45 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:635
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:45 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2476843913475599264
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET pubmatic
sync.resetdigital.co/csync/ Frame FABD 0
0

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 096A
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
803 B

94ms
56ms

Script
text/html

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:45 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f2a562e1-a84f-4c1a-8642-c84fa340f705
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:45 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c3c57fba-93ce-4d30-9925-323214560209
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame CF84
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
803 B

70ms
32ms

Script
text/html

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:45 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1bee7a4b-6ec8-4b78-9dbb-57b84b291240
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:03:45 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 71d2f674-130d-4198-bb69-137f1e387ad4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame B635
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3Da189049e-1837-42a2-8856-7ba5295211c...
https://x.bidswitch.net/sync?dsp_id=80&user_id=d96d60f5-7831-4300-b9e6-c97c1e0005e5&expires=30&ssp=between&bsw_param=a189049e-1837-42a2-8856-7ba5295211c3&gdpr=&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=a189049e-1837-42a2-8856-7ba5295211c3

68 B
159 B

46ms
18ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=a189049e-1837-42a2-8856-7ba5295211c3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=a189049e-1837-42a2-8856-7ba5295211c3
date: Mon, 19 Jul 2021 13:03:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

404

DE5A4E5A4C65DDB0
an.yandex.ru/setud/adsniper/ Frame B635
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiy8NWHBlIFl4XSlAY*
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiy8NWHBlIFl4XSlAaiARDAid-06JER64pTDMR6bS_v
https://sync.bumlam.com/?src=aid0&s_data=CAIQABiy8NWHBqIBEMCJ37TokRHrilMMxHptL-8*
https://sync.bumlam.com/?src=aid0&s_data=CAIQARiy8NWHBqIBEMCJ37TokRHrilMMxHptL-8*
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=c089dfb4-e891-11eb-8a53-0cc47a6d2fef
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=c089dfb4-e891-11eb-8a53-0cc47a6d2fef&bounce=1
https://sync.bumlam.com/?src=aid1&uid=9RJZVEpEzzwFocSHwR0bsg&
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiy8NWHBlIFnLa_vg5iFjlSSlpWRXBFenp3Rm9jU0h3UjBic2c*
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiy8NWHBlIFnLa_vg5iFjlSSlpWRXBFenp3Rm9jU0h3UjBic2eiARDAxkHA6JER66DXACWQ5Fw4
https://sync.bumlam.com/?src=aid1&s_data=CAIQABiy8NWHBmIWOVJKWlZFcEV6endGb2NTSHdSMGJzZ6IBEMDGQcDokRHroNcAJZDkXDg*
https://sync.bumlam.com/?src=aid1&s_data=CAIQARiy8NWHBmIWOVJKWlZFcEV6endGb2NTSHdSMGJzZ6IBEMDGQcDokRHroNcAJZDkXDg*
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=9RJZVEpEzzwFocSHwR0bsg&extra2=aidata
https://sync3.sniperlog.ru/?src=ggl&extra1=9RJZVEpEzzwFocSHwR0bsg&extra2=aidata&google_gid=CAESEImdvvEI5x7Ejuimz07dikg&google_cver=1
https://sync.bumlam.com/?src=ggl&extra1=9RJZVEpEzzwFocSHwR0bsg&extra2=aidata&google_gid=CAESEImdvvEI5x7Ejuimz07dikg&google_cver=1
https://an.yandex.ru/setud/adsniper/DE5A4E5A4C65DDB0?sign=4041399902
https://an.yandex.ru/setud/adsniper/DE5A4E5A4C65DDB0?redir-setuniq=1&sign=4041399902

43 B
113 B

96ms
95ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/adsniper/DE5A4E5A4C65DDB0?redir-setuniq=1&sign=4041399902

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:47 GMT
content-encoding: gzip
last-modified: Mon, 19 Jul 2021 13:03:47 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 19 Jul 2021 13:03:47 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:47 GMT
content-encoding: gzip
last-modified: Mon, 19 Jul 2021 13:03:47 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/setud/adsniper/DE5A4E5A4C65DDB0?redir-setuniq=1&sign=4041399902
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 19 Jul 2021 13:03:47 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 9BCD
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

11ms
10ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8b1e6ba2-6973-52c8-8119-0cb7e1ec7498&CACHEBUSTER=347449
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cache.betweendigital.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 19 Jul 2021 13:03:47 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date: Mon, 19 Jul 2021 13:03:47 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9BCD 31 KB
10 KB 17ms
16ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f1e6cd314f7edb3b841803f719b61b002fe565a65964efd702b420c67bc5fee0

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:03:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=61042
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9358
Expires: Tue, 20 Jul 2021 06:01:09 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 9BCD 284 B
536 B 9ms
8ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/jpg

GET
H2

200

347449
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame B635
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/347449
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/347449

43 B
297 B

45ms
42ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/347449
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: tns-counter-3.1.0/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:47 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/347449
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame B635
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=8b1e6ba2-6973-52c8-8119-0cb7e1ec7498&expires=60
https://eb2.3lift.com/xuid?mid=2409&xuid=52f3684c-010f-42b4-9462-5f31e56c6c98&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=52f3684c-010f-42b4-9462-5f31e56c6c98&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=

37 B
353 B

19ms
14ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=52f3684c-010f-42b4-9462-5f31e56c6c98&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:03:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2409&xuid=52f3684c-010f-42b4-9462-5f31e56c6c98&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
date: Mon, 19 Jul 2021 13:03:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame BDDB 2 KB
823 B 45ms
10ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8b1e6ba2-6973-52c8-8119-0cb7e1ec7498&CACHEBUSTER=347449

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=5d1628750185ace
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cache.betweendigital.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cache.betweendigital.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

200

8b1e6ba2-6973-52c8-8119-0cb7e1ec7498
an.yandex.ru/mapuid/betweendigitalis/ Frame B635
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F8b1e6ba2-6973-52c8-8119-0cb7e1ec7498
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F8b1e6ba2-6973-52c8-8119-0cb7e1ec7498&crf=1
https://an.yandex.ru/mapuid/betweendigitalis/8b1e6ba2-6973-52c8-8119-0cb7e1ec7498

43 B
98 B

70ms
70ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/8b1e6ba2-6973-52c8-8119-0cb7e1ec7498

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:47 GMT
content-encoding: gzip
last-modified: Mon, 19 Jul 2021 13:03:47 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 19 Jul 2021 13:03:47 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/8b1e6ba2-6973-52c8-8119-0cb7e1ec7498
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 sync
t.adx.opera.com/ Frame B635 0
393 B 68ms
14ms Image
text/plain 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60079&uid=8b1e6ba2-6973-52c8-8119-0cb7e1ec7498
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:03:47 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adx.adform.net
URL: https://adx.adform.net/adx/unload/?1626699819013

Domain: adx.adform.net
URL: https://adx.adform.net/adx/unload/?1626699819014

Domain: ums.acuityplatform.com
URL: https://ums.acuityplatform.com/tum?umid=6

Domain: sync.resetdigital.co
URL: https://sync.resetdigital.co:10001/csync/pubmatic

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.spolecznosci.net/	1970-01-20 04:38:42	Name: lsccs1_currentStats Value: %253C%2502H%2516%25C3%2586%25C2%2586.%2513%257Fv%25C3%2585%25C2%258B%25C3%25B8O%25C3%259A%2508%25C3%25A0%25C2%2582%257C47%25C2%2596%25C3%25B3%25C2%2590%2501%25C2%25AAbe%2507%25C3%258A%25C3%259A%25C2%25A8x%2513%25C2%2585%25C3%25AE%2509u%25C2%2580%253C%250A%25C3%25BD%25C2%25BE!%25C3%25B0i%250Bu%25C3%25A3%2500%25C2%25B2ud%251D%25C2%2592%25C2%2595%25C2%25A2%251F%25C2%25BAK%255CuJ%2510-%2512%257C%25C2%2586%251F%25C2%2581%253C%25C3%25A7%25C2%25A1%2526ls%2517q%25C2%258A%257D%25C3%259A%25C3%2597%25C3%259D%2516%25C3%2593n%2513r9%2560%25C3%25BDhiw%25C3%25A8%25C2%25A0%25C2%25A1*l%25C2%259B%25C2%2592%2513%25266%25C2%259F5e%25C2%25B5%25C3%25A4%25C3%2590%25C3%25BA%25C2%25BB%2523%25C2%259F%25C3%25A4%25C3%2595%253Aol%25C2%25B0%25C2%25BE%25C2%25A1%2522e%25C2%2583%2508%253F%25C2%25A0%25C2%259B2%2526%25C2%2597%257D%25C3%258A%252F%25C2%25A0!%2540lf%25C2%2589%25C2%25B33%25C3%259F%25C3%259D%25C3%2592%25C2%2585%25C3%25A0Y%25C2%259C%25C2%259B%2524%25C3%25B8%257Bv%25C3%25A6%25C2%25B9%2519%25C3%258D%2503%25C2%25BB%2514TW%25C2%25AF%253F%25C2%258C%2560%25C2%25A6wXQ%25C2%2590g%25C2%2583%2514W%2513U%25C2%2580%25C2%25AE%25C3%25AE%255B%25C2%258E%25C3%25BF%25C2%2583%25C2%25B6%25C3%258F%25C3%25A4%2523Sz%25C2%2583A%2501%25C2%2582%25C2%25BC%250D%25C3%2582~%25C2%25B7%2506%25C3%2588%25C2%25BEN%25C2%25A7h%25C2%25BAt%25C2%2593%25C2%25BC1%251F%25C2%25B7%25C3%259F%25C2%25A8%25C2%25BE%25C3%25A2%2509%25C3%25BA%2525%25C3%25A9%25C2%25A7u%25C2%2598%257Fy%252F%25C2%25AA%25C2%2593%25C3%2582%2507%25C2%25938%25C3%25A2'V-%25C3%259E%25C2%259F%25C3%25B3%25C2%25AF%2511%25C2%2591%25C3%258EV%251A%25C3%25B1%25C3%25A5%25C2%25A0%25C3%2593%25C3%25A4%2540%25C3%25B69B%25C3%25A9%2501%25C3%25BA%25C3%2597%25C3%259EKr%2526%25C2%2595%2524%253FQM%25C2%25AD%2517%250D%2502%25C3%258D%25C2%25BDq%251E%25C2%25AE%25C2%25A7%2525%25C3%2588B%25C3%258E7%25C3%2596%25C3%2594%257F%2506%25157%2525%25C3%25B0%25C2%25AA%25C3%25A1%25C2%2587J%25C3%25B9%2505%251E%25C3%2587%25C3%25B1%25C2%258B%25C2%25AC%25C3%2591P%257DZ%25C3%2583l%2522%25C3%2598%25C2%25A3%25C2%25AC%25C2%25A9%25C3%259EH%25C2%25A5%25C3%2593%25C2%259BHu%25C2%25AF%25C2%2599%25C3%259AEN%25C2%25A8%25C2%2581_%25C3%25A5(%2502%253A8%25C2%25B1%25C2%2599-%25C3%258CJ%251B%2518%2512%252BUe%25C3%25AC%25C2%25A61%25C2%2591P6%25C2%258D%2513%25C2%25AE%25C3%2583%25C3%25ABS%255B%2520%251E%2506%25C2%25A9b
.spolecznosci.net/	1970-01-20 04:38:42	Name: tgx Value: v%3A1%7CWo%3A55%7CKr%3ADE%7CKo%3AEU%7CAd%3A0%7CSw%3A1600%7COs%3AWINDOWS%2010-0%7CUa%3ACHROME-89%7CCt%3ARESIDENTIAL%7CIsp%3AOTHER
.spolecznosci.net/	1970-01-20 04:38:42	Name: lsccs1_currentMain Value: %253C%2502j%251F%25C2%2582%25C3%25B8!%2512v8%25C3%2593%25C2%258B%25C2%259D%2516%25C3%258A%2503%25C2%25A3%25C3%2587'u*%25C2%258D%25C3%25B0%25C3%258E%2510%25C2%25AAgc%2511%25C3%259B%25C2%25A9%25C3%25B4k%251D%25C2%2596%25C3%25B0n%257B%25C2%258Er%2520%25C3%25A1%25C3%25A8O%25C2%25A0M0%2524%25C2%25A2K%25C2%258Av%252FH%25C2%2592%25C3%2582%25C3%25B4Q%25C2%25A4Y%253C!E%251AtJ!%25C3%2593g%25C2%2592N%25C2%25B9%25C2%25B3%252Ffl%250D%250C%25C3%258Ck%25C3%2590%25C2%25BC%25C3%2589%250A%25C3%25814XT%25246%25C2%25B4%2524%2526%2560%25C2%25A6%25C3%2598%25C3%25AC%2501~%25C3%2580%25C2%258A%250B%250A%255D%25C2%25B9%251EY%25C2%2596%25C3%259E%25C2%259E%25C2%25AC%25C2%25B9%2520%25C3%2584%25C2%25A3%25C2%259Ch%2505q%25C3%25BE%25C2%25A6%25C3%25B5ft%25C3%2583%2506~%25C2%2580%25C2%2588by%25C3%259BJ%25C3%2595%2518%25C2%258A%2507'%257B%2525%25C2%2592%25C3%25B9p%25C2%258E%25C3%25AA%25C3%258F%25C3%2589%25C2%25BDI%25C3%25A0%25C2%25B5%2512%25C3%2594O%251D%25C3%2598%25C2%2581r%25C2%25B6~%25C3%25A4%2514T%257D%25C2%25A9%253D%25C3%259C%253F%25C3%25AALAv%25C2%25BBA%25C3%2589KL%253B%2507%25C2%2587%25C2%25AD%25C3%25B8L%25C2%259D%25C3%25BF%25C2%258B%25C3%25B7%25C2%2582%25C3%25A6hXo%25C3%2599O
.keep.pl/	1970-01-20 13:22:51	Name: _ga Value: GA1.2.99071284.1626699818
.spolecznosci.net/	1970-01-20 04:38:42	Name: lsccs1_currentVersion Value: w%2501i%2503%25C3%258F%25C2%25AE*%2504%2560%253A%25C2%2590%25C3%259A%25C2%25A9%2516%25C3%2586W%25C2%25A8%25C3%25865
hosting2.keep.pl/	1970-01-20 05:13:23	Name: cto_bundle Value: KSYYy19SWURBUWF1Vm4wQXZIZHJZbEk4STdvVU9mb3JzQmtZb3Y1VnhWdmclMkZENnglMkJkNHpTOXl4TEdIOGdDM2pQRUFVNlBoZWNoZiUyQmk0MERKU2dnb0slMkZGZ2oxRFlrNVBCM0RxVTl5QXNTZzFrSSUyRk0lM0Q
.keep.pl/	1970-01-19 19:51:39	Name: _gat Value: 1
hosting2.keep.pl/	1970-01-20 05:13:23	Name: cto_bidid Value: 0rsx619DUENzRGl6JTJGSHJtMXNOalpxU0Q0U2ZZSWMycnZMbjdWbzVhYVJSU2NmYnhiaVd3N3ZvYUFvRHFta3M0TjJWOXFKYXZxUDJKWnBrR3RsYTJHVW9jU0hnJTNEJTNE
.keep.pl/	1970-01-20 00:10:51	Name: _pubcid Value: 14fb6c92-36a5-4694-a008-33aacdaada9d
.keep.pl/	1970-01-19 19:53:06	Name: _gid Value: GA1.2.1861130772.1626699818
hosting2.keep.pl/	1970-01-19 20:34:51	Name: _pbjs_userid_consent_data Value: 3524755945110770
.keep.pl/	1970-01-19 20:34:51	Name: spfp Value: ada2b987231648484501021c1ee54971
.keep.pl/	1970-01-19 19:53:06	Name: spol_tg Value: eu%3Atrue%7Cip%3A144.76.109.30%7Cn%3Atrue
.keep.pl/	1970-01-20 05:20:27	Name: __gfp_64b Value: iPrc8PW7awWhNzLVDh1T3InWOpiYJ1Klk9kKSx6ku8n.O7\|1626699817

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://maps.google.com/maps-api-v3/api/js/45/6a/util.js(Line 239) Message: Google Maps JavaScript API warning: SensorNotRequired https://developers.google.com/maps/documentation/javascript/error-messages#sensor-not-required

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.spolecznosci.net
a.tribalfusion.com
acdn.adnxs.com
ad.doubleclick.net
ad.prv.pl
ad.turn.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
ads.rubiconproject.com
adx.adform.net
an.yandex.ru
ap.lijit.com
bidder.criteo.com
c1.adform.net
cache.betweendigital.com
cdn.connectad.io
cdn.doubleverify.com
cdn3.doubleverify.com
cm.adgrx.com
cm.g.doubleclick.net
dis.criteo.com
eb2.3lift.com
eus.rubiconproject.com
event.clientgear.com
fastlane.rubiconproject.com
goldbach.hit.gemius.pl
googleads4.g.doubleclick.net
gpl.adocean.pl
gpladpl.hit.gemius.pl
gum.criteo.com
hbopenbid.pubmatic.com
hosting2.keep.pl
i.connectad.io
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
komentarze.prv.pl
maps.google.com
maps.googleapis.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
mp.4dex.io
mug.criteo.com
onetag-sys.com
ox2.sterta.pl
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.quantserve.com
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
pubmatic-match.dotomi.com
px.adhigh.net
px.owneriq.net
rtb.adentifi.com
rtb.gumgum.com
rtb0.doubleverify.com
s.tribalfusion.com
s1.adform.net
s2.2mdn.net
secure-assets.rubiconproject.com
simage2.pubmatic.com
smarttag.rubiconproject.com
spolecznosci.net
static.criteo.net
stats.g.doubleclick.net
stats.grupapino.pl
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.bumlam.com
sync.ipredictive.com
sync.mathtag.com
sync.resetdigital.co
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync3.adsniper.ru
sync3.sniperlog.ru
t.adx.opera.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20244.doubleverify.com
tps20514.doubleverify.com
tps20520.doubleverify.com
track.adform.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
adx.adform.net
sync.resetdigital.co
ums.acuityplatform.com
104.111.242.53
13.248.245.213
142.250.185.194
142.250.186.70
151.101.13.108
151.101.14.49
151.236.71.19
159.253.128.188
164.132.7.102
169.197.150.7
176.31.124.7
178.250.0.165
178.250.2.146
178.250.2.151
185.184.8.65
185.29.133.208
185.33.221.53
185.64.189.112
185.64.189.114
185.64.190.78
185.64.190.80
188.165.206.157
188.42.196.115
193.232.148.141
195.177.216.95
2.18.233.180
2.19.35.65
2001:678:cb4:bbbb::11
2001:6d0:4001::226
213.19.147.44
213.19.162.51
213.254.244.18
213.254.244.20
216.52.2.19
216.58.212.130
23.37.42.132
2606:4700:10::6816:36ce
2606:4700::6812:c05
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1450:4001:801::2001
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::200e
2a00:1450:4001:827::2006
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:400c:c04::9b
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:6c00:2b2::4469
2a02:6b8::90
2a02:fa8:8806:20::2040
3.126.56.137
3.127.51.194
31.172.81.158
31.172.81.159
31.172.81.172
34.204.19.158
35.171.36.131
35.190.63.210
35.227.247.230
35.244.174.68
37.157.2.247
37.157.4.23
37.157.6.245
38.27.122.126
38.67.14.233
47.252.78.131
51.89.9.254
52.21.104.248
52.28.120.199
52.30.92.119
52.48.175.241
63.251.232.170
66.155.71.150
69.173.144.143
69.173.144.165
76.223.111.131
82.145.213.8
85.194.243.82
85.194.243.85
87.98.238.81
89.108.119.43
08d55cfd6c2835c064d5c2e76af93e917ce31486fab474faca7474e91d8ac37e
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0be8ea0dffcaf7898cdf58afaf2d50fca9d02d3baed3bdbb28c8655191f022e0
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0dff70386ce467674d303b4ad7741efbdd4b47adadfd338c129cdccb7a42d7d9
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
11880cb819db0f19ff2c46315348f9c7ebba20e20a14311eec2aa13235fb58ba
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1347b68dface5238bcee5bfd41c4f8d04521c1372ef6df6eb858b831e5b2f3b1
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1
16971da05aae9bc069b1731d95206049d75b03e60bce5113fb913b5e1d7d7dad
1806d3831854b6b4784a747228fa917f4a45c877b832dceb706898e41968b64b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a19d5d32a58ed829b395a93ca9ea31e60d533959ca56caed648a336894af785
1c3ecaf290fc8a3db43c9329b4679956c209abb27001310ae58c6b83889b07cd
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22a9e3bd6ab772d8f3f94543159421b6046bcb9a92b03598926d6378284a04ee
26bdce56978a7342535f74a8603f26ddfd578acb8b2f0192c52c9ca55ee62028
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c1c796400a15af0bcba4c6c1383a81ee66e508d6df14f23e6bc5ee47ecd2400
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31bd10f33371f9fc8042192d9d9c3d61522c9deb722e8786c421fac844e08827
321fa28153738be15b16cd405a5479b03bade101f143ea61ca419f4e828a48b5
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3c2ee8a7b3f8636d1fa9c47b7d9db67bb9513e6abb3eaad145520c0a3c2987e1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
46b0e7000e01d64166090b60e67a885be0c399cf6b90891b698d331697744ea9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4965ad214db1df378f6c63ceef21733ce3504af2546fe18ad898a3e763284299
4a35e8a1fb5e49aa3a09ebac35cb99edfea7a88432997c14ce95892f3cf8d8e2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5034e17ec955e3e950d78be1ace90eb07325d52b2f3c3f551299521f64bdb79a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51c6eec806ace698b1db3e554442d5b45e772e61265b45d9a2f6c3ff2911bbc2
52457f43fac8bd97be53969d99098b81c82c17fd1d8290def76de807ae816f87
5317781d9e780e3f322cba012aca14f5b55b533c0a125f06271d09b33a9974d3
54773ec8f0523a46104738d5e7f4867bfbd0ed5e14d284c72bede25ea8d49056
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
585efad8df049217e69499bfef32cb47523a4b6b16febfeeba4020a05b699c7e
58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e
5ccbdf5d86e1ea9e3ce8f6e5f58a243245ed1c1db5da26be3d57ff37e2296d93
5f304cc9d41b83589d171f12c353079537b1436cc5f4834479b249a401e81224
5f3255ffc51886387542eeb131a80b901be46d7552b95274a548124b984e0830
5fdd119b91e8af0ff7d5efa81e2bac7ac1608e3c8d3c6c84d4d4756da611bb91
6330d93c38185b92516fd8bdb7220ff136b6817c2ef101ed7d822e122066240b
69c8670afe25ffbb8a824299f75a11252fec567d46212525518427f70fba1ced
6c17389851ab915403bbf928b2eceb95c75bfe303cfccb5b4c8ee9ea70ed2467
6dc8a08fc5e856d7d68da70e25e2718f15ab90e1ed5c4e9f59654ee4c4e6502b
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181
74920f8369d348220b8df99919a74ec120150c7a2b987f1e77b50d784a7e206d
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
79026558a34822dc06c3b5c47ea13057fd3f235296610974d6c97e67471665db
79519300e4a03c7f2a69beb72c46fb6e8bdb85af68e0660631aebbc8a19c1737
7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79
7dfc3d6a5e24461837466e62fb69223bcc7f5b043a277eed900aa0ad544b85d6
7fa41ea3d04f4eebdbe4af7373eefb6531ce4629f928282d46a3d734f63c3ea8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85b188d753e191ad4c8b58c3af7c7a8792991f627efaaf9ed407b0b3adf72e8e
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
887f063df27ef4a696d31ce39ffaded7dc0b18b2a7c82045e54bfa240c375fd1
8d10530c0bfbd5da6d28a978732b008798c6b532f5e4aef2acbda1a64211bc66
8e8755c8cf7706af9d7584bb92fe0a4bb0a35d0c27db63c24d6259426e3589a7
8ff9ddfcaf8eec13c3f972ad356cce19138fffcb9a709f41165639935ee65e95
95c0d0919002788db421055375ee8bae11542e0c58be189aee85c2443a415eeb
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
989e1f778b2b37ef61248011421bfca5c456464fc4c0db4de5f5b466779ff22d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9bd42043d4782793066768bbf7f7fa849f3d01400adfe0d3ae0ef1b9e5088772
9c4fb66b1c947ecdedca634923b4cf1e04a2debabd66c70319b5265b241fa412
9f1583b07097eed66da27cf07e7e737d8cb1a7de225527c3cab738159144c2a9
9f5782ffc0daadcd976aaddadf79ed3d2ce371b5e49935e4c3a9832148a53e7c
a395023cbb0d63abb3921dafba3a49dfd477fe701c7ceec2b97b24b2ef68ffff
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a969a9b32705092663a8c9019ac9835cf93fff0d525457961e309bf04dba1424
aeaa81a77bbda726d09dc2793e199b6578f2886ad12345329249cf577bf5d137
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af95a640cd702f0ade4ee22711b50a241c343db38516dd9f92f1d3aca99db1da
b144a77af687b5792857a8c232e26f405d8d0f974c7cb93a3e76a90fb54da929
b525ae8e082d74a8710e6db1d534751649f1b6228d0be73f43b7317ee746ea0b
b5a734946ec8300148a5794bb2ff4fe858356bbfe167674b3dcc46d35a2a35ee
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd17adaf782ebcfc53211db467b3f5da5f91c519c17e75eeed351b3fd08fed46
bf9ffc72b735c735b5c5fd92b91624bd056819d9a1b7df4d5d0983d51300d2b2
c3fdd67c4244d8329ea58921d5676a87d8c73e8c7ef3bd3f0ebb84e49abf7599
c6a997061019c09986d8d2845ececfe4d2af4edcd04012b16f40be4255b09c3e
c970fd9b6d58f1e3b320434716966f63995bc6d2fbbf42a6e835eb7f41c147c1
cb28fc8822220023495cab439d75ed1a50be08683c9cea5be6323c3b641394b4
cb2ceaa1ced52b61f7c1638d3891457821c8e63a655656607cc182de89a80fd8
cc6162dfff87276a86a1996f5631e21df1ccad56558079d75f3af37af83b2c36
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d0acefae030500955a584f4207ad2edfbdbf63b82c1fc5002ddf13cba6f1c219
d44fe33544eb7000a4be897820643c827d44076217f2ca3376bf3134409bb9fb
d79cea52ea505fa9c58abbbfe4a2cdcb36b77928d5c4a7b23944b2598e7c82ef
d84bac3710c2842dc8d5d5ae6e324007443cbd8ae26b909dd89bc2bdc31c8561
dbb9ee5a95dff298790b4063d642dc3a133aad8280803c8a5b840e100c10378a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddbab410075e9514c8cd5cbedb2cbbd93fdd5b38b952cdab4d774dcdd716d567
e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130
e1a27302b8e7087e8c1b683e6c6a491918fc558051dabce3efbe213682f9f7db
e1cc278377edc0ce2ddbe0953714aaee85ee5aa23f7c6c7eba3ecb0d7195f904
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e428854f4607fbc8e99c64f4eac50fad7911242de9842c23d03a2bce44e7d7ec
e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf
e84319f614078aa46cf8d42d08e30fa75b1307cf05394bf98bc3b2038b91045c
e94a4ffe8f92e41c3d79836d2aef56457ab8fb74eb258462987af0215a512e6d
ea0da3782f31c1909f5d4b3796e74892bd0c623685cf73e271dffe6c84e1ec64
ebc4630cd9254c69deb4a342db24b7d118cadce3e3f22e2339dd4270a2a1297b
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec1b0394abb86c62650001073d82c963cb34fe577de39ea9f3dc13eb97d788f9
ed2f8df7164fb37786923a3ad5e6a0d7fb258f037e6080a787e65bab60c9789d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e6cd314f7edb3b841803f719b61b002fe565a65964efd702b420c67bc5fee0
f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc
f316fbd86438f25c90ca4a161b69ebddadbdbccc57713bee4d5a4f43a0d70e97
f584b9d8d1efc5b95fabd3eecb68727a44484c2bce6a16924c58bdd8ecdad427
fb6e387a6fee5100a989c0b0363545e47375d87304a2781a16d6fc8a7f7cba85
fbbb64ca86040355029dc9f8baadfa5621e643ddb72b699e47eb62afd8e2acb9
fd3788fcfbc4c3f775cc67c0bf76182bd6f15a8caa6a888b3a44ad697b51fb54
fd971715ea0a3a0385e92c78bc3bcadd5f3dd32a61b9aa754b9e2119373466b0
ffbf2e2c8bd9704deb3a8b5490979c1869fc8cc8968ecdbf743b47febe868832

hosting2.keep.pl Open in urlscan Pro 176.31.124.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

260 Requests

98 %HTTPS

25 %IPv6

65 Domains

101 Subdomains

66 IPs

12 Countries

1628 kBTransfer

4566 kBSize

14 Cookies

4 Outgoing links

Page URL History

Redirected requests

260 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hosting2.keep.pl Open in urlscan Pro
176.31.124.7 Public Scan

Screenshot
Live screenshot

Full Image

260
Requests

98 %
HTTPS

25 %
IPv6

65
Domains

101
Subdomains

66
IPs

12
Countries

1628 kB
Transfer

4566 kB
Size

14
Cookies

260 HTTP transactions
1 data transactions