mailing.dorken.sk Open in urlscan Pro
194.42.96.31 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mailing.dorken.sk/
Effective URL:
https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php
Submission: On September 26 via api (September 26th 2024, 9:40:28 pm UTC) from US — Scanned from CA

Summary HTTP 63 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 15 domains to perform 63 HTTP transactions. The main IP is 194.42.96.31, located in Germany and belongs to AMAZON-02, US. The main domain is mailing.dorken.sk.
TLS certificate: Issued by Thawte TLS RSA CA G1 on September 26th 2024. Valid for: a year.

This is the only time mailing.dorken.sk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 7	194.42.96.31 194.42.96.31	16509 (AMAZON-02) (AMAZON-02)
3	34.253.139.43 34.253.139.43	16509 (AMAZON-02) (AMAZON-02)
10	35.190.14.188 35.190.14.188	15169 (GOOGLE) (GOOGLE)
1	52.92.3.88 52.92.3.88	16509 (AMAZON-02) (AMAZON-02)
1	108.128.116.133 108.128.116.133	16509 (AMAZON-02) (AMAZON-02)
6	35.241.3.184 35.241.3.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	172.253.63.97 172.253.63.97	15169 (GOOGLE) (GOOGLE)
2	35.201.111.240 35.201.111.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	173.194.66.147 173.194.66.147	15169 (GOOGLE) (GOOGLE)
2	172.217.222.154 172.217.222.154	15169 (GOOGLE) (GOOGLE)
3	150.171.28.10 150.171.28.10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.218.218.173 23.218.218.173	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
2	157.240.229.1 157.240.229.1	32934 (FACEBOOK) (FACEBOOK)
2	209.85.144.155 209.85.144.155	15169 (GOOGLE) (GOOGLE)
1	216.239.34.181 216.239.34.181	15169 (GOOGLE) (GOOGLE)
1	172.217.222.155 172.217.222.155	15169 (GOOGLE) (GOOGLE)
2	173.194.205.94 173.194.205.94	15169 (GOOGLE) (GOOGLE)
3 6	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	157.240.229.35 157.240.229.35	32934 (FACEBOOK) (FACEBOOK)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
4	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
63	24

7 194.42.96.31 (Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ssl.cleverreach.com

mailing.dorken.sk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.253.139.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-139-43.eu-west-1.compute.amazonaws.com

fonts.crsend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.190.14.188 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 188.14.190.35.bc.googleusercontent.com

app.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.3.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.116.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-116-133.eu-west-1.compute.amazonaws.com

login.cleverreach.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.241.3.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.3.241.35.bc.googleusercontent.com

api.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.111.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.111.201.35.bc.googleusercontent.com

consent-api.service.consent.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.66.147 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: qo-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.222.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 150.171.28.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.218.173 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-218-218-173.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
psb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.85.144.155 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f155.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.222.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.205.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qm-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	usercentrics.eu app.usercentrics.eu — Cisco Umbrella Rank: 8845 api.usercentrics.eu — Cisco Umbrella Rank: 6169 consent-api.service.consent.usercentrics.eu — Cisco Umbrella Rank: 15462	147 KB
11	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 902 psb.taboola.com — Cisco Umbrella Rank: 6571 trc.taboola.com — Cisco Umbrella Rank: 745 pips.taboola.com — Cisco Umbrella Rank: 1778 cds.taboola.com — Cisco Umbrella Rank: 1843 trc-events.taboola.com — Cisco Umbrella Rank: 2965	34 KB
7	dorken.sk 2 redirects mailing.dorken.sk	35 KB
6	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 358 Failed www.linkedin.com — Cisco Umbrella Rank: 694	3 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 td.doubleclick.net — Cisco Umbrella Rank: 216 stats.g.doubleclick.net — Cisco Umbrella Rank: 152	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 378	15 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 158	88 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	318 KB
3	crsend.com fonts.crsend.com — Cisco Umbrella Rank: 936073	21 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 112	3 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 10961	127 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 196	71 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 906	14 KB
1	cleverreach.com login.cleverreach.com	1 KB
1	amazonaws.com s3-eu-west-1.amazonaws.com	9 KB
63	15

	Domain	Requested by
10	app.usercentrics.eu	mailing.dorken.sk app.usercentrics.eu
7	mailing.dorken.sk	2 redirects mailing.dorken.sk
6	api.usercentrics.eu	app.usercentrics.eu
5	px.ads.linkedin.com	snap.licdn.com
4	trc-events.taboola.com	cdn.taboola.com
3	cdn.taboola.com	www.googletagmanager.com cdn.taboola.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	www.googletagmanager.com	mailing.dorken.sk www.googletagmanager.com
3	fonts.crsend.com	mailing.dorken.sk fonts.crsend.com
2	www.facebook.com
2	www.google.ca
2	td.doubleclick.net	www.googletagmanager.com
2	connect.facebook.net	mailing.dorken.sk connect.facebook.net
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.google.com	1 redirects
2	consent-api.service.consent.usercentrics.eu	app.usercentrics.eu
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	www.linkedin.com	1 redirects
1	trc.taboola.com	cdn.taboola.com
1	psb.taboola.com	cdn.taboola.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	login.cleverreach.com	mailing.dorken.sk
1	s3-eu-west-1.amazonaws.com	mailing.dorken.sk
63	26

This site contains links to these domains. Also see Links.

Domain
www.cleverreach.com

Subject Issuer	Validity	Valid
mailing.dorken.sk Thawte TLS RSA CA G1	`2024-09-26` - `2025-10-27`	a year	crt.sh
fonts.crsend.com R11	`2024-09-12` - `2024-12-11`	3 months	crt.sh
app.usercentrics.eu WR3	`2024-08-02` - `2024-10-31`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon RSA 2048 M01	`2024-06-22` - `2025-05-28`	a year	crt.sh
login.cleverreach.com R11	`2024-08-02` - `2024-10-31`	3 months	crt.sh
api.usercentrics.eu WR3	`2024-08-01` - `2024-10-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
consent-api.service.consent.usercentrics.eu WR3	`2024-07-31` - `2024-10-29`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google.ca WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-09-11` - `2025-03-11`	6 months	crt.sh

This page contains 4 frames:

Primary Page: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php
Frame ID: 10E8AD97C92422AEB4047BC7F89C4A40
Requests: 54 HTTP requests in this frame

Frame: https://app.usercentrics.eu/browser-sdk/4.38.4/cross-domain-bridge.html
Frame ID: 4C792981751A4248E52591806A6BA2C2
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/956195738?random=1727386823512&cv=11&fst=1727386823512&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49p0v892401549z8899063862za201zb899063862&gcd=13r3r3r3r5l1&dma=0&tag_exp=101671035~101686684~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&hn=www.googleadservices.com&frm=0&tiba=CleverReach%20GmbH%20%26%20Co.%20KG&userId=391853&did=dOThhZD&gdid=dOThhZD&npa=0&pscdl=noapi&auid=2097427958.1727386823&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Frame ID: 6D0AFE9F240DCF5DDE2C6E6C3D7BD60A
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-Q09SDP4HXY&gacid=753558976.1727386824&gtm=45je49p0v890092590z8899063862za200zb899063862&dma=0&gcs=G111&gcd=13r3r3r3r5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686684~101747727&z=654442644
Frame ID: 782B0D188F2277DDBEF117F745CDAC7E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CleverReach GmbH & Co. KG

Page URL History Show full URLs

https://mailing.dorken.sk/ HTTP 302
https://mailing.dorken.sk/admin/index.php HTTP 302
https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

63
Requests

95 %
HTTPS

0 %
IPv6

15
Domains

26
Subdomains

24
IPs

3
Countries

673 kB
Transfer

2119 kB
Size

21
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cleverreach.com/en-de/legal-information/
Title: Legal notice page

Search URL Search Domain Scan URL

URL: https://www.cleverreach.com/en-de/privacy-policy/
Title: Data privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mailing.dorken.sk/ HTTP 302
https://mailing.dorken.sk/admin/index.php HTTP 302
https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://www.google.com/pagead/landing?gcs=G111&gcd=13r3r3r3r5l1&tag_exp=101671035~101747727&rnd=1526351302.1727386823&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php&dma=0&npa=0&gtm=45He49p0n81523HT3Cv899063862za200&auid=2097427958.1727386823 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5l1&tag_exp=101671035~101747727&rnd=1526351302.1727386823&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php&dma=0&npa=0&gtm=45He49p0n81523HT3Cv899063862za200&auid=2097427958.1727386823

Request Chain 45

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3832250&time=1727386823680&li_adsId=c3511f6e-96f9-4a80-b284-bd948043304d&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3832250&time=1727386823680&li_adsId=c3511f6e-96f9-4a80-b284-bd948043304d&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3832250%26time%3D1727386823680%26li_adsId%3Dc3511f6e-96f9-4a80-b284-bd948043304d%26url%3Dhttps%253A%252F%252Fmailing.dorken.sk%252Fadmin%252Flogin.php%253Fref%253D%25252Fadmin%25252Findex.php%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3832250&time=1727386823680&li_adsId=c3511f6e-96f9-4a80-b284-bd948043304d&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&cookiesTest=true&liSync=true

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login.php Show response
mailing.dorken.sk/admin/
Redirect Chain

https://mailing.dorken.sk/
https://mailing.dorken.sk/admin/index.php
https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php

19 KB
6 KB

316ms
315ms

Document
text/html

194.42.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.42.96.31 , Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ssl.cleverreach.com

Software

openresty /

Resource Hash

dae218d2a75a885eea1e330bd4eced6c487c2054a0d17f9cffe10005c06c4c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5203
Content-Type: text/html; charset=UTF-8
Date: Thu, 26 Sep 2024 21:40:21 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: openresty
Vary: Accept-Encoding
X-CR-I: www-eu2-i-02c39edfc3c9ba741 D=190784 t=1727386821658183
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 26 Sep 2024 21:40:21 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: openresty
X-CR-I: www-eu2-i-076785ae2c3b6fb6a D=48947 t=1727386821480397
location: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php

GET
H2 200 css
fonts.crsend.com/ 4 KB
5 KB 415ms
127ms Stylesheet
text/css 34.253.139.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.crsend.com/css?family=Poppins:300,400,500,600,700,900

Requested by

Host: mailing.dorken.sk
URL: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.253.139.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-139-43.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7ecd9df0b4ee41bcc7a1fd93f1fe280a570c5a5205a5b38c66d35284649f162a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
accept-ranges: none
access-control-allow-origin: *
date: Thu, 26 Sep 2024 21:40:22 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 loader.js Show response
app.usercentrics.eu/browser-ui/latest/ 33 KB
9 KB 91ms
27ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/loader.js

Requested by

Host: mailing.dorken.sk
URL: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

ad29a345ff4e0d3d78a7c95c1e39c24a5e39ce0b1c36ce1f1ad9510382fefd44

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Type, Content-Length, Transfer-Encoding
content-encoding: gzip
x-goog-hash: crc32c=LoTiLg==, md5=2m/YaWSIIpsB7mg8hopp1A==
etag: "da6fd8696488229b01ee683c868a69d4"
age: 3555
x-goog-stored-content-encoding: gzip
expires: Thu, 26 Sep 2024 21:41:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 8553
date: Thu, 26 Sep 2024 20:41:06 GMT
last-modified: Tue, 17 Sep 2024 11:17:07 GMT
content-type: text/javascript
x-guploader-uploadid: AD-8ljtuc-GbjQ9Urg1Jn6SmCgkbWb8R4MFW5cjpB5eoSJTUntimJUEL5t5LVpOlpe_3umJVRgRbonnIhA
strict-transport-security: max-age=7776000
cache-control: public, max-age=3600, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1726571827632279
content-length: 8553
server: UploadServer

GET
H/1.1 200
OK login-d863f21401.min.css
mailing.dorken.sk/assets/compiled/ 24 KB
4 KB 127ms
125ms Stylesheet
text/css 194.42.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mailing.dorken.sk/assets/compiled/login-d863f21401.min.css
Requested by: Host: mailing.dorken.sk
URL: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.42.96.31 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ssl.cleverreach.com
Software: openresty /
Resource Hash: 1461ae6a53a55f2dac7d5a051ec752d992d721a1f3e753661616d4bb2907a8df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php

Response headers

Content-Encoding: gzip
ETag: "e5a-62302723c1a7c"
Connection: keep-alive
X-CR-I: www-eu2-i-0840172a51df3cf98 D=844 t=1727386821982906
Accept-Ranges: bytes
Content-Length: 3674
Date: Thu, 26 Sep 2024 21:40:21 GMT
Content-Type: text/css
Last-Modified: Thu, 26 Sep 2024 09:34:33 GMT
Server: openresty

GET
H/1.1 200
OK tailwind.css
mailing.dorken.sk/assets/compiled/ 49 KB
8 KB 251ms
122ms Stylesheet
text/css 194.42.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mailing.dorken.sk/assets/compiled/tailwind.css
Requested by: Host: mailing.dorken.sk
URL: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.42.96.31 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ssl.cleverreach.com
Software: openresty /
Resource Hash: 8fd8b8dfdb6c3c4f4adfd0b313566cab91b11ae9793245a6498d9561604d4b8c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php

Response headers

Content-Encoding: gzip
ETag: "1e21-62302723c1a7c"
Connection: keep-alive
X-CR-I: www-eu2-i-0840172a51df3cf98 D=803 t=1727386822108636
Accept-Ranges: bytes
Content-Length: 7713
Date: Thu, 26 Sep 2024 21:40:22 GMT
Content-Type: text/css
Last-Modified: Thu, 26 Sep 2024 09:34:33 GMT
Server: openresty

GET
H/1.1 200
OK logo_clean.svg
s3-eu-west-1.amazonaws.com/files.crsend.com/0/1/whitelabel/ 8 KB
9 KB 406ms
136ms Image
image/svg+xml 52.92.3.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/files.crsend.com/0/1/whitelabel/logo_clean.svg
Requested by: Host: mailing.dorken.sk
URL: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.92.3.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 297a37de633af8bb9a5cb0a54358370dcb2719612a58bb81c2599aaf1873fb58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

ETag: "ce2618d09eeb2b96721db13c8420797a"
x-amz-request-id: QFDY4ETWJ21V9HSA
Accept-Ranges: bytes
Content-Length: 8588
Date: Thu, 26 Sep 2024 21:40:23 GMT
Last-Modified: Wed, 06 Jul 2022 13:02:59 GMT
Content-Type: image/svg+xml
Server: AmazonS3
x-amz-id-2: 1uEqt5pwTAtDQh1ZGXmvu97jg0YUMmg2eOqkgd/qgt+H9b+0WIt0LdZXhGaeqBaqYAflofLUelY=

GET
H2 200 login.js Show response
login.cleverreach.com/static/js/ 3 KB
1 KB 425ms
123ms Script
text/javascript 108.128.116.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.cleverreach.com/static/js/login.js

Requested by

Host: mailing.dorken.sk
URL: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.128.116.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-116-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5786263782a5628ac8b4a143a20d2e90357dd3ba010110f3d964e49351a2d710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
content-length: 963
date: Thu, 26 Sep 2024 21:40:22 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 26 Sep 2024 16:44:46 GMT
vary: Origin, Accept-Encoding

GET
H3 200 index.module.js Show response
app.usercentrics.eu/browser-ui/3.55.0/ 440 KB
118 KB 55ms
27ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.55.0/index.module.js

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

298a826a0ff3cc92b312e768e4739e9b5fd84e097275de128ee0f3f5df2df59b

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mailing.dorken.sk
Referer: https://mailing.dorken.sk/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=RR3iIw==, md5=K5mk1ipxKJR3cOAyrVbzdw==
etag: "2b99a4d62a7128947770e032ad56f377"
age: 10564
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 18:44:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 120986
date: Thu, 26 Sep 2024 18:44:18 GMT
last-modified: Tue, 17 Sep 2024 11:16:40 GMT
content-type: text/javascript
x-guploader-uploadid: AD-8ljvmL7gGSOUhAHxWsEp9KZ4guymDsuu-rPpCGDi5RD04_ISgy_fycNxdoYRqWx-6wJzNF9XovTfIsQ
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1726571800863192
content-length: 120986
server: UploadServer

OPTIONS
H2 200 languages.json
api.usercentrics.eu/settings/_Wu4KEBpy/latest/ Frame 0
0 275ms
217ms Preflight
text/html 35.241.3.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/_Wu4KEBpy/latest/languages.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://mailing.dorken.sk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 26 Sep 2024 21:40:22 GMT
expires: Thu, 26 Sep 2024 21:40:22 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: CA,CAON
x-guploader-uploadid: AD-8ljt6QXn1ysbFdrUTLW1TOyR4IjKqus5KelBTPE-P8xYtptcbDhdWdSJh0VXgz2EH56duuK0

GET
H2 200 languages.json Show response
api.usercentrics.eu/settings/_Wu4KEBpy/latest/ 206 B
636 B 163ms
162ms Fetch
application/json 35.241.3.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/_Wu4KEBpy/latest/languages.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.55.0/index.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

4576de1dd5b373f578b18da3ab756a23d844e0df3e21e1fc0ac18e9eb9c5691c

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://mailing.dorken.sk/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=5hD7zA==, md5=B8DWrt3oEoxIYTZE9N4Vlw==
etag: "07c0d6aedde8128c48613644f4de1597"
age: 0
x-goog-stored-content-encoding: gzip
expires: Thu, 26 Sep 2024 21:41:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 115
x-client-geo-location: CA,CAON
date: Thu, 26 Sep 2024 21:40:22 GMT
last-modified: Thu, 26 Sep 2024 14:38:34 GMT
content-type: application/json
vary: Accept-Encoding
x-guploader-uploadid: AD-8ljvNhw-piGv3GQRAl2gQrACHZnG6283V7Udd2txRfzrvksN0fs7ONcE0aWogNYWJaa014NY
strict-transport-security: max-age=7776000
cache-control: public, max-age=1800, s-maxage=60
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727361514747365
content-length: 115
server: UploadServer

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.crsend.com/s/poppins/v21/ 8 KB
8 KB 453ms
224ms Font
font/woff2 34.253.139.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.crsend.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.crsend.com
URL: https://fonts.crsend.com/css?family=Poppins:300,400,500,600,700,900

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.253.139.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-139-43.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mailing.dorken.sk
Referer: https://fonts.crsend.com/css?family=Poppins:300,400,500,600,700,900

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
age: 154347
cross-origin-resource-policy: cross-origin
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
date: Thu, 26 Sep 2024 21:40:22 GMT
x-xss-protection: 0
content-type: font/woff2
last-modified: Fri, 22 Mar 2024 00:00:38 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.crsend.com/s/poppins/v21/ 8 KB
8 KB 348ms
120ms Font
font/woff2 34.253.139.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.crsend.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.crsend.com
URL: https://fonts.crsend.com/css?family=Poppins:300,400,500,600,700,900

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.253.139.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-139-43.eu-west-1.compute.amazonaws.com

Software

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mailing.dorken.sk
Referer: https://fonts.crsend.com/css?family=Poppins:300,400,500,600,700,900

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
age: 382232
cross-origin-resource-policy: cross-origin
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7748
date: Thu, 26 Sep 2024 21:40:22 GMT
x-xss-protection: 0
content-type: font/woff2
last-modified: Fri, 22 Mar 2024 00:01:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 364 KB
115 KB 169ms
72ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-523HT3C

Requested by

Host: mailing.dorken.sk
URL: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

f28b5ad2fc996872e55c2942de82618d740d670984454dbce6f134ac44940637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 26 Sep 2024 21:40:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 21:40:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 26 Sep 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 117164
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 de.json Show response
api.usercentrics.eu/settings/_Wu4KEBpy/latest/ 41 KB
11 KB 150ms
150ms Fetch
application/json 35.241.3.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/_Wu4KEBpy/latest/de.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.55.0/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

e407972c0295beeb5198a7b5c9b7e900c126fb0fe615c67f3bc5de13d5efbf66

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://mailing.dorken.sk/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=wMMmeQ==, md5=2H8LF65jPTWfJF5AOnci4w==
etag: "d87f0b17ae633d359f245e403a7722e3"
age: 0
x-goog-stored-content-encoding: gzip
expires: Thu, 26 Sep 2024 21:41:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 11498
x-client-geo-location: CA,CAON
date: Thu, 26 Sep 2024 21:40:22 GMT
last-modified: Thu, 26 Sep 2024 14:38:34 GMT
content-type: application/json
vary: Accept-Encoding
x-guploader-uploadid: AD-8ljuqZOFyhijir6w2ggWQr08AKU6Ye49FaMHajalHA6NnvumsjMI0xA1BeIbyHigWbWh91msrFgk6Zw
strict-transport-security: max-age=7776000
cache-control: public, max-age=1800, s-maxage=60
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727361514747814
content-length: 11498
server: UploadServer

OPTIONS
H3 200 de.json
api.usercentrics.eu/settings/_Wu4KEBpy/latest/ Frame 0
0 151ms
151ms Preflight
text/html 35.241.3.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/_Wu4KEBpy/latest/de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://mailing.dorken.sk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 26 Sep 2024 21:40:22 GMT
expires: Thu, 26 Sep 2024 21:40:22 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: CA,CAON
x-guploader-uploadid: AD-8ljvBgxHizYibekEOphSTIEYrxBZ3-8pz1zGAdr8EBZTxxgnJcRUgbprNF4Iz5aO1mNn0CzlVNsGUwQ

GET
H/1.1 200
OK icon_generic.svg
mailing.dorken.sk/ 1 KB
2 KB 127ms
126ms Other
image/svg+xml 194.42.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mailing.dorken.sk/icon_generic.svg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.42.96.31 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ssl.cleverreach.com
Software: openresty /
Resource Hash: b87b19292646e22496e031a5a7b55b2b65ea48ef8e9cebf37f322a7195306afb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php

Response headers

ETag: "542-5e2aadd6e42e3"
Connection: keep-alive
X-CR-I: www-eu2-i-0e985aa4fc0461838 D=791 t=1727386822879497
Accept-Ranges: bytes
Content-Length: 1346
Date: Thu, 26 Sep 2024 21:40:22 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 30 Jun 2022 14:12:50 GMT
Server: openresty

GET
H2 200 cross-domain-bridge.html
app.usercentrics.eu/browser-sdk/4.38.4/ Frame 4C79 0
0 75ms
26ms Document
text/html 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-sdk/4.38.4/cross-domain-bridge.html

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.55.0/index.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://mailing.dorken.sk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type Content-Length Transfer-Encoding
age: 169868
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=2592000, no-transform
content-encoding: gzip
content-length: 1142
content-type: text/html
date: Tue, 24 Sep 2024 22:29:15 GMT
etag: "2d333d3b78deeab0a42fc5c2c41494f3"
expires: Thu, 24 Oct 2024 22:29:15 GMT
last-modified: Tue, 17 Sep 2024 11:16:17 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-goog-generation: 1726571777870300
x-goog-hash: crc32c=3Fb7rA== md5=LTM9O3je6rCkL8XCxBSU8w==
x-goog-metageneration: 2
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1142
x-guploader-uploadid: AD-8ljsgDV8DLvqLW6lnFMdCprvw3ZW4DbwK4w3ukFL7LcBDx92dcVzrTZSUG_WV2-sXBsg43uLOzjuqTQ

GET
H/1.1 200
OK favicon_generic.ico
mailing.dorken.sk/ 15 KB
15 KB 124ms
123ms Other
image/vnd.microsoft.icon 194.42.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mailing.dorken.sk/favicon_generic.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.42.96.31 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ssl.cleverreach.com
Software: openresty /
Resource Hash: bcab8e47ce2442c9718317733f34de3ac40b0393ff78325fb38a341f61424947

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php

Response headers

ETag: "3aee-606e0f8d96cff"
Connection: keep-alive
X-CR-I: www-eu2-i-04c69740d65511d77 D=749 t=1727386823020413
Accept-Ranges: bytes
Content-Length: 15086
Date: Thu, 26 Sep 2024 21:40:23 GMT
Content-Type: image/vnd.microsoft.icon
Last-Modified: Wed, 04 Oct 2023 09:52:57 GMT
Server: openresty

GET
H2 200 1px.png
app.usercentrics.eu/session/ 489 B
818 B 28ms
26ms Image
image/png 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.usercentrics.eu/session/1px.png?settingsId=_Wu4KEBpy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
etag: "3702ada73b8951017b8451cbd6a96523"
age: 994
x-goog-stored-content-encoding: gzip
expires: Thu, 26 Sep 2024 21:53:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 522
date: Thu, 26 Sep 2024 21:23:49 GMT
last-modified: Fri, 08 May 2020 09:06:13 GMT
content-type: image/png
x-guploader-uploadid: AD-8ljt7H00KQfKnSvF0JKE749cL0fj6Q-GrlZdrr2Vhuo2SVGzPGuqs6w-ZRwzkSn3rupmrybU
strict-transport-security: max-age=7776000
cache-control: public,max-age=1800,no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1588928773413784
content-length: 522
server: UploadServer

GET
H3 200 DefaultData-fa10cf7f-3d7db9aa.js Show response
app.usercentrics.eu/browser-ui/3.55.0/ 2 KB
1001 B 26ms
26ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.55.0/DefaultData-fa10cf7f-3d7db9aa.js

Requested by

Host: mailing.dorken.sk
URL: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

fcf4ad57046af8b44b9f85d4398ca15757c54cdbdecfdfdf438266ff0bd996f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mailing.dorken.sk
Referer: https://app.usercentrics.eu/browser-ui/3.55.0/index.module.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=j+hIPg==, md5=NDxaIzD766ddVhnL30v1Xg==
etag: "343c5a2330fbeba75d5619cbdf4bf55e"
age: 261403
x-goog-stored-content-encoding: gzip
expires: Tue, 23 Sep 2025 21:03:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 970
date: Mon, 23 Sep 2024 21:03:40 GMT
last-modified: Tue, 17 Sep 2024 11:16:30 GMT
content-type: text/javascript
x-guploader-uploadid: AD-8ljtTvpb4Mb-bGMBO5N6EOXDpMqnc6ASWN9ioN77SQUpUz45_BMc2dQkHnIWFivzb8FUiNvkaIvjuyw
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1726571790674421
content-length: 970
server: UploadServer

GET
H3 200 translations-de.json Show response
api.usercentrics.eu/translations/ 8 KB
3 KB 29ms
29ms Fetch
application/json 35.241.3.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-de.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.55.0/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

d798ef91a6ad855999b0bb052edf6a6eef008b01443a33614ad8e8c4713fa32e

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://mailing.dorken.sk/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=sySepg==, md5=2b6clmfgqSWBtw7+M4UPnA==
etag: "d9be9c9667e0a92581b70efe33850f9c"
age: 53097
x-goog-stored-content-encoding: gzip
expires: Fri, 27 Sep 2024 06:55:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2994
x-client-geo-location: CA,CAON
date: Thu, 26 Sep 2024 06:55:26 GMT
last-modified: Tue, 03 Sep 2024 11:32:31 GMT
content-type: application/json
vary: Accept-Encoding
x-guploader-uploadid: AD-8ljuldDhAlokehdVCFv8MYJSSE43EAaQ8WqQg8JVhbi3TvrC1HhfzUo8jXDs1UW4SeH9FPVgfC5pLyg
strict-transport-security: max-age=7776000
cache-control: public, max-age=86400, s-maxage=86400
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1725363151063377
content-length: 2994
server: UploadServer

OPTIONS
H3 200 translations-de.json
api.usercentrics.eu/translations/ Frame 0
0 141ms
140ms Preflight
text/html 35.241.3.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://mailing.dorken.sk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 26 Sep 2024 21:40:23 GMT
expires: Thu, 26 Sep 2024 21:40:23 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: CA,CAON
x-guploader-uploadid: AD-8ljsQzEIaPRERd_Asto_vLlwdCiJLs_hNB4PR9l7NiekEkOLMeF__xF05DREfHktA7H8pKhPhwZ7hTA

GET
H3 200 DefaultUI-efcc91c9-fa5e06dd.js Show response
app.usercentrics.eu/browser-ui/3.55.0/ 2 KB
786 B 28ms
27ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.55.0/DefaultUI-efcc91c9-fa5e06dd.js

Requested by

Host: mailing.dorken.sk
URL: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

951c5b7cb6a0af9d32789f92b5eb25132c18386fe8a5d09a727b337b4e01b204

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mailing.dorken.sk
Referer: https://app.usercentrics.eu/browser-ui/3.55.0/index.module.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=WngRyw==, md5=sLfPEjPIk0acr3y/MUVWDg==
etag: "b0b7cf1233c893469caf7cbf3145560e"
age: 114120
x-goog-stored-content-encoding: gzip
expires: Thu, 25 Sep 2025 13:58:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 755
date: Wed, 25 Sep 2024 13:58:23 GMT
last-modified: Tue, 17 Sep 2024 11:16:31 GMT
content-type: text/javascript
x-guploader-uploadid: AD-8ljser1V9LLitwoX_sZCEELVrx0wLYgm__wuMrcpoceavvG1WgBNwU25PbHC5BFYLLC-0Qdxuj0sUAA
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1726571791147992
content-length: 755
server: UploadServer

GET
H3 200 FirstLayerCustomization-de8ec6f3-0ed66d66.js Show response
app.usercentrics.eu/browser-ui/3.55.0/ 3 KB
1 KB 30ms
30ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.55.0/FirstLayerCustomization-de8ec6f3-0ed66d66.js

Requested by

Host: mailing.dorken.sk
URL: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

5fe64b723a7e2217982ad21b77d62cf63af26f869ff996b0b4cd4d56fd0bd9c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mailing.dorken.sk
Referer: https://app.usercentrics.eu/browser-ui/3.55.0/DefaultUI-efcc91c9-fa5e06dd.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=mhk/4w==, md5=wuky1NGwJAFGMPIr2BeqOw==
etag: "c2e932d4d1b024014630f22bd817aa3b"
age: 515763
x-goog-stored-content-encoding: gzip
expires: Sat, 20 Sep 2025 22:24:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1077
date: Fri, 20 Sep 2024 22:24:20 GMT
last-modified: Tue, 17 Sep 2024 11:16:31 GMT
content-type: text/javascript
x-guploader-uploadid: AD-8ljv7EO3ZMTHlTp6KUf8Vax_faRlmLTyY1Ysl61UHzWckSPtD8Cc55OsOv3ox7pV-yu-UgHoxduDGQA
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1726571791639026
content-length: 1077
server: UploadServer

GET
H3 200 ButtonsCustomization-5698ac85-5d43b15f.js Show response
app.usercentrics.eu/browser-ui/3.55.0/ 473 B
267 B 28ms
27ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.55.0/ButtonsCustomization-5698ac85-5d43b15f.js

Requested by

Host: mailing.dorken.sk
URL: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

ebbf51132ac80c2070995d82e1b1237526521386eaced499d94c36a05804141f

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mailing.dorken.sk
Referer: https://app.usercentrics.eu/browser-ui/3.55.0/DefaultUI-efcc91c9-fa5e06dd.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=j4Bobw==, md5=gQ7iplowK1+IDjoA6EDWzg==
etag: "810ee2a65a302b5f880e3a00e840d6ce"
age: 629242
x-goog-stored-content-encoding: gzip
expires: Fri, 19 Sep 2025 14:53:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 236
date: Thu, 19 Sep 2024 14:53:01 GMT
last-modified: Tue, 17 Sep 2024 11:16:29 GMT
content-type: text/javascript
x-guploader-uploadid: AD-8ljvOPIVFW0nU5TjN-jdPpcTNq9XIHzVUR1P007xlsV0t7_DNdycECQyE8h_c-qKLEVEmbWvN2fUgiA
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1726571789485759
content-length: 236
server: UploadServer

GET
H3 200 SecondLayerUI-2d936468-4fd84b50.js Show response
app.usercentrics.eu/browser-ui/3.55.0/ 567 B
354 B 30ms
29ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.55.0/SecondLayerUI-2d936468-4fd84b50.js

Requested by

Host: mailing.dorken.sk
URL: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

8395d72ab340a6fb7923d93b019bffa5570553f6762dc56eeb4e5ee603ae3dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mailing.dorken.sk
Referer: https://app.usercentrics.eu/browser-ui/3.55.0/DefaultUI-efcc91c9-fa5e06dd.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=hi33HQ==, md5=5G75GCCB1bWp29wfCyADbQ==
etag: "e46ef9182081d5b5a9dbdc1f0b20036d"
age: 57189
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 05:47:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 318
date: Thu, 26 Sep 2024 05:47:14 GMT
last-modified: Tue, 17 Sep 2024 11:16:33 GMT
content-type: text/javascript
x-guploader-uploadid: AD-8ljt9x65n1cmisfUfK-XHpngqq_AjWdLJ1SfQr2I4e9VHIIkLVPtCO0vLz05z_ahVLD6KVlEFVxdGrw
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1726571793026898
content-length: 318
server: UploadServer

GET
H3 200 Taglogger-ece90602-40fbde48.js Show response
app.usercentrics.eu/browser-ui/3.55.0/ 1 KB
727 B 25ms
25ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.55.0/Taglogger-ece90602-40fbde48.js

Requested by

Host: mailing.dorken.sk
URL: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

fab5cda5682da8425e7110db62aa4c2163e2bbd8e2eec76139e3b1451520fa92

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mailing.dorken.sk
Referer: https://app.usercentrics.eu/browser-ui/3.55.0/index.module.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=M0IwDQ==, md5=5MIOZoADhQMeyj528R2aMw==
etag: "e4c20e66800385031eca3e76f11d9a33"
age: 629723
x-goog-stored-content-encoding: gzip
expires: Fri, 19 Sep 2025 14:45:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 687
date: Thu, 19 Sep 2024 14:45:00 GMT
last-modified: Tue, 17 Sep 2024 11:16:33 GMT
content-type: text/javascript
x-guploader-uploadid: AD-8ljuft8qXx9_JU0ek6QwfVGcl-cUZnD3Bj9ZvSl9A5Z7ky91fsr-xRFQT0rU59PyqMc5YuHu8-0682w
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1726571793504496
content-length: 687
server: UploadServer

POST
H2 201 3 Show response
consent-api.service.consent.usercentrics.eu/consent/uw/ 0
87 B 127ms
125ms Fetch
text/html 35.201.111.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-api.service.consent.usercentrics.eu/consent/uw/3

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.55.0/index.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.111.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

240.111.201.35.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

X-Request-ID: 193d1e45-b8d4-4140-a201-f10c14288b85
Access-Control-Allow-Origin: *
Referer: https://mailing.dorken.sk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
content-type: application/json

Response headers

strict-transport-security: max-age=7776000
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 26 Sep 2024 21:40:23 GMT
x-cloud-trace-context: f1f9f8c2236c920b8f212a4f63d0f99d
vary: Origin
server: Google Frontend
content-type: text/html

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13r3r3r3r5l1&tag_exp=101671035~101747727&rnd=1526351302.1727386823&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php&dma=0&npa=0&gtm=45He49p...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5l1&tag_exp=101671035~101747727&rnd=1526351302.1727386823&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php&dma=0&npa=...

42 B
65 B

352ms
59ms

Ping
image/gif

172.217.222.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5l1&tag_exp=101671035~101747727&rnd=1526351302.1727386823&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php&dma=0&npa=0&gtm=45He49p0n81523HT3Cv899063862za200&auid=2097427958.1727386823

Protocol

Server

172.217.222.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Thu, 26 Sep 2024 21:40:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5l1&tag_exp=101671035~101747727&rnd=1526351302.1727386823&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php&dma=0&npa=0&gtm=45He49p0n81523HT3Cv899063862za200&auid=2097427958.1727386823
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 26 Sep 2024 21:40:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 336 KB
110 KB 78ms
77ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q09SDP4HXY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-523HT3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

ec50653c69d9552193d14086210f2facf1bdc97786e38da1c476a8dfa9d52689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 26 Sep 2024 21:40:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 21:40:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 112013
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
15 KB 510ms
60ms Script
application/javascript 150.171.28.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-523HT3C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "803483b3aaadb1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 198F25FA831647CFB175126D24D82C2A Ref B: YTO01EDGE0820 Ref C: 2024-09-26T21:40:23Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14402
date: Thu, 26 Sep 2024 21:40:23 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 15:43:41 GMT
vary: Accept-Encoding

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 175ms
82ms Script
application/javascript 23.218.218.173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-523HT3C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.218.173 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-218-173.deploy.static.akamaitechnologies.com

Software

Resource Hash

4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

cache-control: max-age=35464
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Thu, 26 Sep 2024 21:40:23 GMT
last-modified: Thu, 22 Aug 2024 11:06:54 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 269 KB
93 KB 63ms
62ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-956195738&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-523HT3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

d2f6d3baf18f11be268dfd37b575bb408f64c3b5fae2ced96e1e0547f12d16d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 26 Sep 2024 21:40:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 21:40:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94887
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1455965/ 71 KB
22 KB 162ms
81ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1455965/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-523HT3C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4f172dc999bb1c038ac931090738e4978ff8d1975c3f8b4ee44c6714cc33008

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

content-encoding: gzip
etag: "af8d0131be56e24396b0a91198bf1080"
x-amz-version-id: glLkVp3SjBQUamzQsfKbnOMRSm5LBwtV
age: 0
x-cache: HIT
date: Thu, 26 Sep 2024 21:40:23 GMT
last-modified: Sun, 22 Sep 2024 11:08:45 GMT
x-served-by: cache-yyz4528-YYZ
x-cache-hits: 0
content-type: application/javascript; charset=utf-8
x-amz-id-2: RYxlZq+6vOK//u3wI5Sifny2a5LEEtyvHYCluTAE4aMeR7kjmSr5zWFN6pXuM0MUSyivpHc8CxY=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private,max-age=14401
x-timer: S1727386823.475851,VS0,VE32
via: 1.1 varnish
x-amz-request-id: 4N4MR0D6S0ZYTXRB
accept-ranges: bytes
access-control-allow-origin: *
abp: 60
content-length: 21878
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
58 KB 97ms
43ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mailing.dorken.sk
URL: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

979d977217c7032b1cd864c0b65ce5d4ff834aa9ca116198873299b5a60cfc9a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Thu, 26 Sep 2024 21:40:23 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=23, mss=1232, tbw=4408, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: TvoWHPBbaQOJDXIz/ojjetf3lka4KI42hJKwBp6pYH7vc0Ir08mAvkEvce+/bKR3Z4iS6x1EGakrosmWvbCHkg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59070
x-xss-protection: 0

OPTIONS
H2 204 3
consent-api.service.consent.usercentrics.eu/consent/uw/ Frame 0
0 199ms
128ms Preflight
text/html 35.201.111.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-api.service.consent.usercentrics.eu/consent/uw/3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.111.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

240.111.201.35.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method: POST
Origin: https://mailing.dorken.sk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 26 Sep 2024 21:40:23 GMT
server: Google Frontend
strict-transport-security: max-age=7776000
vary: Origin, Access-Control-Request-Headers
via: 1.1 google
x-cloud-trace-context: edf519cc975fd20cead7e15efebed0ab

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/956195738/ 6 KB
2 KB 400ms
75ms Script
text/javascript 172.217.222.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956195738/?random=1727386823512&cv=11&fst=1727386823512&bg=ffffff&guid=ON&async=1&gtm=45be49p0v892401549z8899063862za201zb899063862&gcd=13r3r3r3r5l1&dma=0&tag_exp=101671035~101686684~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&hn=www.googleadservices.com&frm=0&tiba=CleverReach%20GmbH%20%26%20Co.%20KG&userId=391853&did=dOThhZD&gdid=dOThhZD&npa=0&pscdl=noapi&auid=2097427958.1727386823&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-956195738&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f154.1e100.net

Software

cafe /

Resource Hash

45ea5d2059f2946319670dbcdf9810b53dfba5ce9b6673bc48b2e0bdc07f2cff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2408
date: Thu, 26 Sep 2024 21:40:23 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 956195738
td.doubleclick.net/td/rul/ Frame 6D0A 0
0 214ms
109ms Document
text/html 209.85.144.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/956195738?random=1727386823512&cv=11&fst=1727386823512&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49p0v892401549z8899063862za201zb899063862&gcd=13r3r3r3r5l1&dma=0&tag_exp=101671035~101686684~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&hn=www.googleadservices.com&frm=0&tiba=CleverReach%20GmbH%20%26%20Co.%20KG&userId=391853&did=dOThhZD&gdid=dOThhZD&npa=0&pscdl=noapi&auid=2097427958.1727386823&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-956195738&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.155 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mailing.dorken.sk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 1134
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 26 Sep 2024 21:40:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
0 329ms
75ms Fetch
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Q09SDP4HXY&gtm=45je49p0v890092590z8899063862za200zb899063862&_p=1727386822348&_gaz=1&gcs=G111&gcd=13r3r3r3r5l1&npa=0&dma=0&tag_exp=101671035~101686684~101747727&gdid=dOThhZD&cid=753558976.1727386824&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAACA&_s=1&uid=391853&sid=1727386823&sct=1&seg=0&dl=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&dt=CleverReach%20GmbH%20%26%20Co.%20KG&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3160
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q09SDP4HXY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://mailing.dorken.sk
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 21:40:23 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
546 B 307ms
53ms Ping
text/plain 172.217.222.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q09SDP4HXY&cid=753558976.1727386824&gtm=45je49p0v890092590z8899063862za200zb899063862&aip=1&uid=391853&dma=0&gcs=G111&gcd=13r3r3r3r5l1&npa=0&frm=0&tag_exp=101671035~101686684~101747727
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q09SDP4HXY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.222.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qi-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://mailing.dorken.sk
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 21:40:23 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 782B 0
0 209ms
108ms Document
text/html 209.85.144.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-Q09SDP4HXY&gacid=753558976.1727386824&gtm=45je49p0v890092590z8899063862za200zb899063862&dma=0&gcs=G111&gcd=13r3r3r3r5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686684~101747727&z=654442644

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q09SDP4HXY&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.155 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mailing.dorken.sk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 26 Sep 2024 21:40:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 710ms
488ms Image
image/gif 173.194.205.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q09SDP4HXY&cid=753558976.1727386824&gtm=45je49p0v890092590z8899063862za200zb899063862&aip=1&uid=391853&dma=0&gcs=G111&gcd=13r3r3r3r5l1&npa=0&frm=0&tag_exp=101671035~101686684~101747727&tag_exp=101671035~101686684~101747727&z=1101661255

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 26 Sep 2024 21:40:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 topics_api Show response
psb.taboola.com/ 65 B
279 B 91ms
27ms Fetch
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://psb.taboola.com/topics_api
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1455965/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

cache-control: private, max-age=2592000
retry-after: 0
x-timer: S1727386824.881810,VS0,VE0
observe-browsing-topics: ?1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 65
date: Thu, 26 Sep 2024 21:40:23 GMT
content-type: text/html; charset=utf-8
x-served-by: cache-yyz4527-YYZ
server: Varnish
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/1455965/trc/3/ 3 KB
2 KB 90ms
65ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1455965/trc/3/json?tim=1727386823656&data=%7B%22id%22%3A68%2C%22ii%22%3A%22%2Fadmin%2Flogin.php%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1727386823636%2C%22cv%22%3A%2220240917-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fref%3D%252Fadmin%252Findex.php%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-feicrashgroup%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22cbp%22%3A%22Usercentrics%22%2C%22cbpv%22%3A%221%22%2C%22cbcd%22%3A%22true%22%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1727386823655%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php%22%2C%22tos%22%3A16%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1455965/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1f5097adfb3c2e229960fa024109b3548c3d108e2bdf7169a44e3d0067799760

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding: gzip
date: Thu, 26 Sep 2024 21:40:23 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-yyz4528-YYZ
x-cache-hits: 0
vary: Accept-Encoding
x-fastly-to-nlb-rtt: 18510
x-timer: S1727386824.697760,VS0,VE38
x-vcl-time-ms: 38
access-control-allow-credentials: true
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-service-version: v1
server: nginx

GET
H3 200 193318555884686 Show response
connect.facebook.net/signals/config/ 65 KB
13 KB 139ms
139ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/193318555884686?v=2.9.168&r=stable&domain=mailing.dorken.sk&hme=3ba426d944c98eb3ce406a0f93fc097d0320a486b65b445a33b2eda3a5aa3429&ex_m=70%2C119%2C105%2C109%2C61%2C4%2C98%2C69%2C16%2C95%2C87%2C51%2C54%2C170%2C173%2C185%2C181%2C182%2C184%2C29%2C99%2C53%2C76%2C183%2C165%2C168%2C178%2C179%2C186%2C129%2C41%2C34%2C141%2C15%2C50%2C192%2C191%2C131%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C91%2C17%2C14%2C94%2C90%2C89%2C106%2C52%2C108%2C39%2C107%2C30%2C92%2C26%2C166%2C169%2C138%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C74%2C100%2C27%2C75%2C9%2C8%2C79%2C48%2C21%2C102%2C101%2C103%2C96%2C10%2C20%2C3%2C38%2C19%2C84%2C56%2C82%2C33%2C73%2C0%2C93%2C32%2C81%2C86%2C47%2C46%2C85%2C37%2C5%2C88%2C80%2C44%2C35%2C83%2C2%2C36%2C63%2C42%2C104%2C45%2C78%2C68%2C110%2C60%2C59%2C31%2C97%2C58%2C55%2C49%2C77%2C72%2C24%2C111

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

d69ae55e54344e32d32eaeebe9ba01f1bdb575223f4ae380313b00fd19e45261

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Thu, 26 Sep 2024 21:40:23 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=3, c=74, mss=1232, tbw=70888, tp=66, tpl=3, uplat=97, ullat=0
pragma: public
x-fb-debug: oQoekTr7OqIqmu01Nt/mO6e0z7vXUfZOyshgT96YhxUacoMByW9dn5d7Ll4sKC27UCCPDoW+JXMS2+yeTbNEjg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET attribution_trigger
px.ads.linkedin.com/ 0
0

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3832250&time=1727386823680&li_adsId=c3511f6e-96f9-4a80-b284-bd948043304d&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmi...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3832250&time=1727386823680&li_adsId=c3511f6e-96f9-4a80-b284-bd948043304d&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmi...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3832250%26time%3D1727386823680%26li_adsId%3Dc3511f6e-96f9-4a80-b284-bd948043304d%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3832250&time=1727386823680&li_adsId=c3511f6e-96f9-4a80-b284-bd948043304d&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmi...

0
199 B

115ms
114ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3832250&time=1727386823680&li_adsId=c3511f6e-96f9-4a80-b284-bd948043304d&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&cookiesTest=true&liSync=true
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 455C64C69FD74263B1FD54CF302CBE81 Ref B: YTO01EDGE0521 Ref C: 2024-09-26T21:40:24Z
x-li-fabric: prod-lor1
x-li-uuid: AAYjDJYNgv5l8hOS89+pXw==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Thu, 26 Sep 2024 21:40:23 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-fabric: prod-lor1
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
date: Thu, 26 Sep 2024 21:40:23 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=31536000
x-li-pop: afd-prod-lor1-x
content-security-policy: frame-ancestors 'self'
cache-control: no-cache, no-store
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3832250&time=1727386823680&li_adsId=c3511f6e-96f9-4a80-b284-bd948043304d&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&cookiesTest=true&liSync=true
pragma: no-cache
x-msedge-ref: Ref A: E7F5C8CD3A744C3D8137D5A89CF76413 Ref B: YTO01EDGE0521 Ref C: 2024-09-26T21:40:24Z
x-li-uuid: AAYjDJYLoPoEXvBq7gBfWg==
content-length: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 26ms
26ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1455965/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

content-encoding: gzip
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
age: 2024
x-cache: HIT
date: Thu, 26 Sep 2024 21:40:23 GMT
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
x-served-by: cache-yyz4528-YYZ
x-cache-hits: 3289
content-type: application/javascript
x-amz-id-2: grFCl2GVz+r/XfTqyKU324vjZUwlRqVibROLCguoc47ScrGgONV0Mp8NP8uOABtnU913mWxvNeY=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private, max-age=3600
x-timer: S1727386824.818974,VS0,VE0
via: 1.1 varnish
x-amz-request-id: MXP6QMP51GDT7XTP
accept-ranges: bytes
access-control-allow-origin: *
abp: 66
content-length: 1347
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 26ms
25ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1455965/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

content-encoding: gzip
etag: "2fdf3e79d5e851201a0d52a886453d8b"
x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
age: 12841
x-cache: HIT
date: Thu, 26 Sep 2024 21:40:23 GMT
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
x-served-by: cache-yyz4528-YYZ
x-cache-hits: 16045
content-type: application/javascript
x-amz-id-2: e54xLW1dLPjYFyX6HS5p9JzWrGenO8OBHGJ0IusiUJZWOBBjUgJ4uursLGwK+rRH7KHjX0P9vcI=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private,max-age=14400
x-timer: S1727386824.819269,VS0,VE0
via: 1.1 varnish
x-amz-request-id: 6AZ3A30168GA3YM0
accept-ranges: bytes
access-control-allow-origin: *
abp: 14
content-length: 6467
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 134ms
43ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=193318555884686&ev=PageView&dl=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&rl=&if=false&ts=1727386823837&sw=1600&sh=1200&v=2.9.168&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1727386823834.902264119528294633&ler=empty&cdl=API_unavailable&it=1727386823674&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1316, tbw=2794, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 26 Sep 2024 21:40:23 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 191ms
101ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=193318555884686&ev=PageView&dl=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&rl=&if=false&ts=1727386823837&sw=1600&sh=1200&v=2.9.168&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1727386823834.902264119528294633&ler=empty&cdl=API_unavailable&it=1727386823674&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7419069913638852008"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Sep 2024 21:40:24 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: ed7Ne6SJISassZ2WtJ7QgMa2jpPKFObngDvcx6P1net89VN3iU9u1z7LatD7fe8uIvLR2VXBuU5WOMqdzUGVqA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7419069913638852008", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=12, mss=1316, tbw=3112, tp=-1, tpl=-1, uplat=57, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 / Show response
pips.taboola.com/ 4 B
181 B 79ms
25ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

cache-control: no-store
retry-after: 0
access-control-allow-methods: GET
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://mailing.dorken.sk
x-cache: HIT
content-length: 4
date: Thu, 26 Sep 2024 21:40:23 GMT
x-served-by: cache-yyz4583-YYZ
server: Varnish
x-cache-hits: 0

GET
H2 200 attribution_trigger
px.ads.linkedin.com/ 2 B
764 B 95ms
95ms Image
application/json 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=3832250&time=1727386823680&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

x-li-pop: afd-prod-lva1-x
content-encoding: gzip
x-fs-uuid: 0006230c9607504e1619f561256f9b11
x-msedge-ref: Ref A: 0F5F8C5810394160945D8C7D23B2B2D4 Ref B: YTO01EDGE0521 Ref C: 2024-09-26T21:40:23Z
x-li-fabric: prod-lva1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYjDJYHUE4WGfVhJW+bEQ==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 26 Sep 2024 21:40:22 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2 200 26005642.js Show response
bat.bing.com/p/action/ 370 B
425 B 57ms
56ms Script
application/javascript 150.171.28.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26005642.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fce461e0fefe1d6d687b3eab8304d3affaf23fb674b18bfb5242ccfc544e1bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6F4A84A45E774A8D8BCAAA3C5E19B10C Ref B: YTO01EDGE0820 Ref C: 2024-09-26T21:40:23Z
x-cache: CONFIG_NOCACHE
date: Thu, 26 Sep 2024 21:40:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H3 200 /
www.google.com/pagead/1p-user-list/956195738/ 42 B
64 B 120ms
119ms Image
image/gif 173.194.66.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/956195738/?random=1727386823512&cv=11&fst=1727384400000&bg=ffffff&guid=ON&async=1&gtm=45be49p0v892401549z8899063862za201zb899063862&gcd=13r3r3r3r5l1&dma=0&tag_exp=101671035~101686684~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&hn=www.googleadservices.com&frm=0&tiba=CleverReach%20GmbH%20%26%20Co.%20KG&userId=391853&did=dOThhZD&gdid=dOThhZD&npa=0&pscdl=noapi&auid=2097427958.1727386823&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnflV0fNWWt1NLHRv47Z1kqy3RHk6VU2g&random=646773931&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.66.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 26 Sep 2024 21:40:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/956195738/ 42 B
64 B 55ms
54ms Image
image/gif 173.194.205.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/956195738/?random=1727386823512&cv=11&fst=1727384400000&bg=ffffff&guid=ON&async=1&gtm=45be49p0v892401549z8899063862za201zb899063862&gcd=13r3r3r3r5l1&dma=0&tag_exp=101671035~101686684~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&hn=www.googleadservices.com&frm=0&tiba=CleverReach%20GmbH%20%26%20Co.%20KG&userId=391853&did=dOThhZD&gdid=dOThhZD&npa=0&pscdl=noapi&auid=2097427958.1727386823&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnflV0fNWWt1NLHRv47Z1kqy3RHk6VU2g&random=646773931&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 26 Sep 2024 21:40:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 159ms
42ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=28eed608-18f4-499e-bd05-feb4d595fd82-tuctdef5a47&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

access-control-allow-origin: *
cache-control: no-store
date: Thu, 26 Sep 2024 21:40:24 GMT
server: nginx

GET
H2 204 0
bat.bing.com/action/ 0
360 B 56ms
56ms Image
text/plain 150.171.28.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26005642&tm=gtm002&Ver=2&mid=b50e35a3-fdcd-4aa0-8312-c6b7fcd2bb3d&sid=efd2e2307c4f11efadbc8159838cde27&vid=efd31d207c4f11ef9a008986a7e5c5be&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=CleverReach%20GmbH%20%26%20Co.%20KG&p=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&r=&lt=2374&evt=pageLoad&sv=1&cdb=AQAQ&rn=778622

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mailing.dorken.sk/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 15FE4DBFC36441AAA87DA18B70A82743 Ref B: YTO01EDGE0820 Ref C: 2024-09-26T21:40:23Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 26 Sep 2024 21:40:23 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
196 B 148ms
147ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mailing.dorken.sk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7D08F0EDA44D48A6B139636149B93032 Ref B: YTO01EDGE0521 Ref C: 2024-09-26T21:40:24Z
x-li-fabric: prod-lor1
access-control-allow-credentials: true
x-li-uuid: AAYjDJYPfeKdbuomuHpspg==
x-li-proto: http/2
access-control-allow-origin: https://mailing.dorken.sk
x-cache: CONFIG_NOCACHE
date: Thu, 26 Sep 2024 21:40:23 GMT
vary: Origin

GET
H2 204 unip Show response
trc-events.taboola.com/1455965/log/3/ 0
633 B 123ms
41ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1455965/log/3/unip?en=pre_d_eng_tb&tos=1566&scd=0&ssd=1&est=1727386823639&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1727386825206&vi=1727386823636&ri=582e0bc70daf3d6dd3673c23f209a5d8&sd=v2_1408018bc7dfb8e1b2353d4450b29940_28eed608-18f4-499e-bd05-feb4d595fd82-tuctdef5a47_1727386823_1727386823_CNawjgYQ3e5YGNTXnIKjMiABKAEwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABo9YyCzajipre0AXAB&ui=28eed608-18f4-499e-bd05-feb4d595fd82-tuctdef5a47&ref=null&cv=20240917-10-RELEASE&item-url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&cbp=Usercentrics&cbpv=1&cbcd=true&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1455965/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Attribution-Reporting-Eligible: trigger
Referer: https://mailing.dorken.sk/

Response headers

access-control-allow-origin: https://mailing.dorken.sk
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Thu, 26 Sep 2024 21:40:25 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

OPTIONS
H2 200 unip
trc-events.taboola.com/1455965/log/3/ Frame 0
0 189ms
40ms Preflight 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1455965/log/3/unip?en=pre_d_eng_tb&tos=1566&scd=0&ssd=1&est=1727386823639&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1727386825206&vi=1727386823636&ri=582e0bc70daf3d6dd3673c23f209a5d8&sd=v2_1408018bc7dfb8e1b2353d4450b29940_28eed608-18f4-499e-bd05-feb4d595fd82-tuctdef5a47_1727386823_1727386823_CNawjgYQ3e5YGNTXnIKjMiABKAEwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABo9YyCzajipre0AXAB&ui=28eed608-18f4-499e-bd05-feb4d595fd82-tuctdef5a47&ref=null&cv=20240917-10-RELEASE&item-url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&cbp=Usercentrics&cbpv=1&cbcd=true&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://mailing.dorken.sk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://mailing.dorken.sk
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Thu, 26 Sep 2024 21:40:25 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

GET
H2 204 unip Show response
trc-events.taboola.com/1455965/log/3/ 0
632 B 41ms
41ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1455965/log/3/unip?en=pre_d_eng_tb&tos=4568&scd=0&ssd=1&est=1727386823639&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1727386828208&vi=1727386823636&ri=582e0bc70daf3d6dd3673c23f209a5d8&sd=v2_1408018bc7dfb8e1b2353d4450b29940_28eed608-18f4-499e-bd05-feb4d595fd82-tuctdef5a47_1727386823_1727386823_CNawjgYQ3e5YGNTXnIKjMiABKAEwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABo9YyCzajipre0AXAB&ui=28eed608-18f4-499e-bd05-feb4d595fd82-tuctdef5a47&ref=null&cv=20240917-10-RELEASE&item-url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&cbp=Usercentrics&cbpv=1&cbcd=true&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1455965/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Attribution-Reporting-Eligible: trigger
Referer: https://mailing.dorken.sk/

Response headers

access-control-allow-origin: https://mailing.dorken.sk
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Thu, 26 Sep 2024 21:40:28 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

OPTIONS
H2 200 unip
trc-events.taboola.com/1455965/log/3/ Frame 0
0 40ms
40ms Preflight 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1455965/log/3/unip?en=pre_d_eng_tb&tos=4568&scd=0&ssd=1&est=1727386823639&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1727386828208&vi=1727386823636&ri=582e0bc70daf3d6dd3673c23f209a5d8&sd=v2_1408018bc7dfb8e1b2353d4450b29940_28eed608-18f4-499e-bd05-feb4d595fd82-tuctdef5a47_1727386823_1727386823_CNawjgYQ3e5YGNTXnIKjMiABKAEwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABo9YyCzajipre0AXAB&ui=28eed608-18f4-499e-bd05-feb4d595fd82-tuctdef5a47&ref=null&cv=20240917-10-RELEASE&item-url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&cbp=Usercentrics&cbpv=1&cbcd=true&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://mailing.dorken.sk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://mailing.dorken.sk
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Thu, 26 Sep 2024 21:40:28 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/attribution_trigger?pid=3832250&time=1727386823680&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/taboolaaccount-feicrashgroup/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_1408018bc7dfb8e1b2353d4450b29940_28eed608-18f4-499e-bd05-feb4d595fd82-tuctdef5a47_1727386823_1727386823_CNawjgYQ3e5YGNTXnIKjMiABKAEwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABo9YyCzajipre0AXAB
mailing.dorken.sk/	1969-12-31 23:59:59	Name: PHPSESSID Value: Q1dwK98Z0uOlsh8S8YgPJo4tXf-DVyPMLPxCv1e%2CzTRRaP7T
.dorken.sk/	1970-01-21 01:59:22	Name: _gcl_au Value: 1.1.2097427958.1727386823
.dorken.sk/	1970-01-21 09:25:46	Name: _ga Value: GA1.1.753558976.1727386824
.dorken.sk/	1970-01-21 09:25:46	Name: _ga_Q09SDP4HXY Value: GS1.1.1727386823.1.0.1727386823.60.0.0
.taboola.com/	1970-01-21 08:35:22	Name: t_gid Value: 28eed608-18f4-499e-bd05-feb4d595fd82-tuctdef5a47
.taboola.com/	1970-01-21 08:35:22	Name: t_pt_gid Value: 28eed608-18f4-499e-bd05-feb4d595fd82-tuctdef5a47
.taboola.com/	1970-01-21 08:35:22	Name: receive-cookie-deprecation Value: 1
.dorken.sk/	1970-01-21 01:59:22	Name: _fbp Value: fb.1.1727386823834.902264119528294633
.doubleclick.net/	1970-01-20 23:49:47	Name: test_cookie Value: CheckForPermission
.dorken.sk/	1970-01-20 23:51:13	Name: _uetsid Value: efd2e2307c4f11efadbc8159838cde27
.dorken.sk/	1970-01-21 09:11:22	Name: _uetvid Value: efd31d207c4f11ef9a008986a7e5c5be
px.ads.linkedin.com/	1970-01-21 00:33:36	Name: ar_debug Value: 1
.linkedin.com/	1970-01-21 01:59:22	Name: li_sugr Value: 360a7c70-b9ae-4d48-bd90-99d05ad83ceb
.linkedin.com/	1970-01-21 08:35:22	Name: bcookie Value: "v=2&c5cfb3f9-1a65-45b9-8fce-8ad832249e59"
.linkedin.com/	1970-01-20 23:51:13	Name: lidc Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3402:u=1:x=1:i=1727386823:t=1727473223:v=2:sig=AQFw_U6LJxtcg11xwuIfRvvE3-70cRse"
.bing.com/	1970-01-21 09:11:22	Name: MUID Value: 1A38AE665C376DE32606BB605D1D6CE9
.bat.bing.com/	1970-01-20 23:59:51	Name: MR Value: 0
.linkedin.com/	1970-01-21 00:32:58	Name: UserMatchHistory Value: AQLBDQ-e0OORGQAAAZIwRy2KK2BbokWCkc8ZgcOlwVlBteQUKeFTNOhiIEEx667RDCjolz9ibROgmA
.linkedin.com/	1970-01-21 00:32:58	Name: AnalyticsSyncHistory Value: AQLfmILBFAVtyQAAAZIwRy2KrA4WwZHESYgkfuLWSEyf69Bt4LAUV5q11lCKtsrXTOyVZhb6pc4xqfG3twGjOw
.www.linkedin.com/	1970-01-21 08:35:22	Name: bscookie Value: "v=1&20240926214024423899a1-ff12-48fb-85b8-077fde386ed4AQE7BgI2si7YMl6cpXXzyCiC9Tyn_JS7"

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://mailing.dorken.sk/admin/login.php?ref=%2Fadmin%2Findex.php Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://px.ads.linkedin.com/attribution_trigger?pid=3832250&time=1727386823680&url=https%3A%2F%2Fmailing.dorken.sk%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php Message: Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.usercentrics.eu
app.usercentrics.eu
bat.bing.com
cdn.taboola.com
cds.taboola.com
connect.facebook.net
consent-api.service.consent.usercentrics.eu
fonts.crsend.com
googleads.g.doubleclick.net
login.cleverreach.com
mailing.dorken.sk
pips.taboola.com
psb.taboola.com
px.ads.linkedin.com
s3-eu-west-1.amazonaws.com
snap.licdn.com
stats.g.doubleclick.net
td.doubleclick.net
trc-events.taboola.com
trc.taboola.com
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
www.linkedin.com
px.ads.linkedin.com
108.128.116.133
13.107.42.14
141.226.224.32
141.226.224.48
150.171.28.10
151.101.193.44
151.101.65.44
157.240.229.1
157.240.229.35
172.217.222.154
172.217.222.155
172.253.63.97
173.194.205.94
173.194.66.147
194.42.96.31
209.85.144.155
216.239.34.181
23.218.218.173
34.253.139.43
35.190.14.188
35.201.111.240
35.241.3.184
52.92.3.88
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
1461ae6a53a55f2dac7d5a051ec752d992d721a1f3e753661616d4bb2907a8df
1f5097adfb3c2e229960fa024109b3548c3d108e2bdf7169a44e3d0067799760
297a37de633af8bb9a5cb0a54358370dcb2719612a58bb81c2599aaf1873fb58
298a826a0ff3cc92b312e768e4739e9b5fd84e097275de128ee0f3f5df2df59b
4576de1dd5b373f578b18da3ab756a23d844e0df3e21e1fc0ac18e9eb9c5691c
45ea5d2059f2946319670dbcdf9810b53dfba5ce9b6673bc48b2e0bdc07f2cff
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
5786263782a5628ac8b4a143a20d2e90357dd3ba010110f3d964e49351a2d710
5fe64b723a7e2217982ad21b77d62cf63af26f869ff996b0b4cd4d56fd0bd9c4
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ecd9df0b4ee41bcc7a1fd93f1fe280a570c5a5205a5b38c66d35284649f162a
8395d72ab340a6fb7923d93b019bffa5570553f6762dc56eeb4e5ee603ae3dda
8fd8b8dfdb6c3c4f4adfd0b313566cab91b11ae9793245a6498d9561604d4b8c
951c5b7cb6a0af9d32789f92b5eb25132c18386fe8a5d09a727b337b4e01b204
979d977217c7032b1cd864c0b65ce5d4ff834aa9ca116198873299b5a60cfc9a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad29a345ff4e0d3d78a7c95c1e39c24a5e39ce0b1c36ce1f1ad9510382fefd44
b87b19292646e22496e031a5a7b55b2b65ea48ef8e9cebf37f322a7195306afb
bcab8e47ce2442c9718317733f34de3ac40b0393ff78325fb38a341f61424947
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d2f6d3baf18f11be268dfd37b575bb408f64c3b5fae2ced96e1e0547f12d16d6
d69ae55e54344e32d32eaeebe9ba01f1bdb575223f4ae380313b00fd19e45261
d798ef91a6ad855999b0bb052edf6a6eef008b01443a33614ad8e8c4713fa32e
dae218d2a75a885eea1e330bd4eced6c487c2054a0d17f9cffe10005c06c4c0e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e407972c0295beeb5198a7b5c9b7e900c126fb0fe615c67f3bc5de13d5efbf66
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
ebbf51132ac80c2070995d82e1b1237526521386eaced499d94c36a05804141f
ec50653c69d9552193d14086210f2facf1bdc97786e38da1c476a8dfa9d52689
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28b5ad2fc996872e55c2942de82618d740d670984454dbce6f134ac44940637
f4f172dc999bb1c038ac931090738e4978ff8d1975c3f8b4ee44c6714cc33008
fab5cda5682da8425e7110db62aa4c2163e2bbd8e2eec76139e3b1451520fa92
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fce461e0fefe1d6d687b3eab8304d3affaf23fb674b18bfb5242ccfc544e1bb7
fcf4ad57046af8b44b9f85d4398ca15757c54cdbdecfdfdf438266ff0bd996f8

mailing.dorken.sk Open in urlscan Pro 194.42.96.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

95 %HTTPS

0 %IPv6

15 Domains

26 Subdomains

24 IPs

3 Countries

673 kBTransfer

2119 kBSize

21 Cookies

2 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mailing.dorken.sk Open in urlscan Pro
194.42.96.31 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

95 %
HTTPS

0 %
IPv6

15
Domains

26
Subdomains

24
IPs

3
Countries

673 kB
Transfer

2119 kB
Size

21
Cookies

63 HTTP transactions
0 data transactions