pepa.vyskup.com Open in urlscan Pro
176.74.159.100 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://pepa.vyskup.com/
Submission Tags: falconsandbox
Submission: On January 17 via api (January 17th 2022, 3:39:18 pm UTC) from US — Scanned from DE

Summary HTTP 53 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 15 domains to perform 53 HTTP transactions. The main IP is 176.74.159.100, located in Brno, Czech Republic and belongs to NETDATACOMM, CZ. The main domain is pepa.vyskup.com.

This is the only time pepa.vyskup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	176.74.159.100 176.74.159.100	35613 (NETDATACOMM) (NETDATACOMM)
8	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	88.86.101.2 88.86.101.2	39392 (SUPERNETW...) (SUPERNETWORK ^_^)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::18 2a02:2638::18	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
53	22

6 176.74.159.100 (Brno, Czech Republic)

ASN35613 (NETDATACOMM, CZ)
PTR: 176-74-159-100.netdatacomm.cz

pepa.vyskup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.86.101.2 (Prague, Czech Republic)

ASN39392 (SUPERNETWORK ^_^, CZ)
PTR: www2.toplist.cz

toplist.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	234 KB
11	criteo.net static.criteo.net — Cisco Umbrella Rank: 645 pix.eu.criteo.net — Cisco Umbrella Rank: 7730 csm.eu.criteo.net — Cisco Umbrella Rank: 7881	57 KB
6	vyskup.com pepa.vyskup.com	48 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 46	15 KB
3	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14362 ads.eu.criteo.com — Cisco Umbrella Rank: 7925 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10834	45 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
2	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 98	3 KB
2	gstatic.com fonts.gstatic.com	91 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8028	914 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	84 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1009 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	5 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	38 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	642 B
1	toplist.cz toplist.cz — Cisco Umbrella Rank: 87403	1 KB
53	15

	Domain	Requested by
8	pagead2.googlesyndication.com	pepa.vyskup.com pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
7	static.criteo.net	ads.eu.criteo.com
6	pepa.vyskup.com	pepa.vyskup.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.facebook.com	1 redirects connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	pix.eu.criteo.net	ads.eu.criteo.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	connect.facebook.net	pepa.vyskup.com connect.facebook.net
1	www.google.com	tpc.googlesyndication.com
1	fonts.googleapis.com	cdnjs.cloudflare.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	toplist.cz	pepa.vyskup.com
53	21

This site contains links to these domains. Also see Links.

Domain
www.toplist.cz

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-26` - `2022-01-24`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-04`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://pepa.vyskup.com/
Frame ID: D0790DAD4778616BF914CEF2527A5EA1
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4242252424663028&output=html&h=15&adk=3479318690&adf=2037478136&w=728&lmt=1642433953&channel=3453425267&format=728x15_0ads_al_s&color_bg=333333&color_border=333333&color_link=FFFFFF&color_text=000000&color_url=008000&url=http%3A%2F%2Fpepa.vyskup.com%2F&flash=0&alt_color=333333&wgl=1&dt=1642433953416&bpp=16&bdt=261&idt=275&shv=r20220112&mjsv=m202201120101&ptt=5&saldr=sa&abxe=1&correlator=2446925110596&frm=20&pv=2&ga_vid=43134014.1642433954&ga_sid=1642433954&ga_hid=306692470&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064036%2C31064115%2C31064125&oid=2&pvsid=284198055710734&pem=30&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=fRZtAbsVfa&p=http%3A//pepa.vyskup.com&dtd=292
Frame ID: F930192A64285A06E89F91E11542AD43
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4242252424663028&output=html&h=60&adk=1314508960&adf=876494944&w=468&lmt=1642433953&channel=8519038815&ad_type=text_image&format=468x60_as&url=http%3A%2F%2Fpepa.vyskup.com%2F&flash=0&wgl=1&dt=1642433953442&bpp=4&bdt=287&idt=272&shv=r20220112&mjsv=m202201120101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x15_0ads_al_s&correlator=2446925110596&frm=20&pv=1&ga_vid=43134014.1642433954&ga_sid=1642433954&ga_hid=306692470&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=423&ady=1112&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064036%2C31064115%2C31064125&oid=2&pvsid=284198055710734&pem=30&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=surNCb45bX&p=http%3A//pepa.vyskup.com&dtd=275
Frame ID: 6401C28826C9263B52FA3D87FBBD93FE
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YeWNoQAMvrwKssWXAAETyuCn4mxb6MLRS71Q4Q&u=%7CVUiY1ehUbNPEGZpo1rEOoncZ8Erxj2tNZ%2FNol5PJhoM%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdXvSvBEh0H6zCpuUVqT_e-weovIFhP1cnex3pnTkCtKlfxcyFj04EkBrrtxZkGbKfDaahQnuQpcapdx8fO37Y26Sdaszp3-vHiV00tbqctpF1FRAl05XxgHGA41-jCsx4muTTCWMKJjQypg7u5SIURw0wa2hNyBJkIihQq_HRpgZVKGeCj6NMCji-81m_duQV_faEejijGaAvjJ7yqyYG81xEbmjgUzCsyR-A730yky5DYW7LVgiDI1bq6fjJZh6-JkrB0lW-G-Zy6CTwrCllgEtUREWTcoKMUBpb1DYxu3SnOLZf6-KOaD5TgRiNlSN6w7TOHc74-H8vAYHGJ4IhUs5vJPuBOTqSegvoUCIWAq0jnU2E9E-biXpixJMDQXUPrCPXdeENCFkLGkqt-3Yta&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEKtmoY3lYbz9MpeLywXKp4TYDcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDI0MjI1MjQyNDY2MzAyOKAB1bbS6gPIAQmpAmjnsl8XJrM-qAMBqgTVAU_Q_VSuO4a2R2EwIrWUaHKqcPT5oCaiJRb9jnXJkDCX_AI2eaI5wnZwsBOgqxhfub74yag-6AIXiUUUUJ9J3eqiMtEOrN8qEQTbicfJ2DcFkFh-vLOaIfIWd6EBAOFqcAQiaRCLh_9cOavSzFX73eiTV9TCnZotqm5x-qKQKVDUR7f1n2idXKUT7DAB18uFQ370TS7XAzQ90E615TodY3a9l5m7AfuwIzjaN4dDInoecQJJYzyGru7_O8P_MASNL-cnp6y_wha_WpUY2Hhhvc7cc4GEqoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0a9drcu7y8wScbkEwojrNZzz6_XQ%26client%3Dca-pub-4242252424663028%26adurl%3D
Frame ID: D994C2F1789E2BB5E9EE8C4FF500BB69
Requests: 17 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2e39d7fcc7d0d4%2526domain%253Dpepa.vyskup.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fpepa.vyskup.com%25252Ff23c4fac950a19%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D225%26header%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252FPepaVyskupCom%26locale%3Dcs_CZ%26sdk%3Djoey%26show_border%3Dtrue%26show_faces%3Dfalse%26stream%3Dfalse%26width%3D225
Frame ID: DED92A61E01ACA882E712222E20B1AF6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html
Frame ID: 35AE7526CC811ECDB02FB1020F0B6FA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4242252424663028&output=html&adk=1812271804&adf=3025194257&lmt=1642433957&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=3453425267&format=0x0&url=http%3A%2F%2Fpepa.vyskup.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1642433957613&bpp=2&bdt=4457&idt=2&shv=r20220112&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D40f3975bacfd1070-2207ef1521cd009c%3AT%3D1642433953%3ART%3D1642433953%3AS%3DALNI_MY07patsz7kMrBpl0np1-sBQ_Uk9g&prev_fmts=728x15_0ads_al_s%2C468x60_as&nras=1&correlator=2446925110596&pv_ch=3453425267%2B&frm=20&pv=1&ga_vid=43134014.1642433954&ga_sid=1642433954&ga_hid=306692470&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064036%2C31064115%2C31064125&oid=2&psts=AGkb-H_-7NoVWiWOHcOQFQ3rH14pDQgq3FM-nqLRkFtEcpOmfLx4s97ujHw-a3oIP0K6LWc-kxpiTfTzTaVa&pvsid=284198055710734&pem=30&tmod=908&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=16
Frame ID: 268BFB05CE1248AF9C8C4443A2342A48
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B847C3FAF95E774A02058995613A8157
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 794847D2CD7A947BD7CB04CCF364ED99
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nebudete nikdy sami, Pepa Vám vždycky rád naslouchá... :)

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

53
Requests

81 %
HTTPS

71 %
IPv6

15
Domains

21
Subdomains

22
IPs

4
Countries

621 kB
Transfer

1434 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.toplist.cz/stat/209232

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://toplist.cz/count.asp?id=209232&logo=mc HTTP 307
https://toplist.cz/count.asp?id=209232&logo=mc

Request Chain 7

http://connect.facebook.net/cs_CZ/all.js HTTP 307
https://connect.facebook.net/cs_CZ/all.js

Request Chain 40

https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e39d7fcc7d0d4%26domain%3Dpepa.vyskup.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpepa.vyskup.com%252Ff23c4fac950a19%26relation%3Dparent.parent&color_scheme=light&container_width=225&header=false&href=http%3A%2F%2Fwww.facebook.com%2FPepaVyskupCom&locale=cs_CZ&sdk=joey&show_border=true&show_faces=false&stream=false&width=225 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2e39d7fcc7d0d4%2526domain%253Dpepa.vyskup.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fpepa.vyskup.com%25252Ff23c4fac950a19%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D225%26header%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252FPepaVyskupCom%26locale%3Dcs_CZ%26sdk%3Djoey%26show_border%3Dtrue%26show_faces%3Dfalse%26stream%3Dfalse%26width%3D225

53 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
pepa.vyskup.com/ 10 KB
3 KB 825ms
508ms Document
text/html 176.74.159.100
NETDATACOMM

General

Check archive.org

Show headers Download Go to

Full URL: http://pepa.vyskup.com/
Protocol: HTTP/1.1
Server: 176.74.159.100 Brno, Czech Republic, ASN35613 (NETDATACOMM, CZ),
Reverse DNS: 176-74-159-100.netdatacomm.cz
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 53fdf05331dd54564f42a5e7295c71e05977aceca9f8ff4da520116379eb2b58

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 17 Jan 2022 15:39:12 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2816
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK styles.css
pepa.vyskup.com/ 503 B
574 B 238ms
238ms Stylesheet
text/css 176.74.159.100
NETDATACOMM

General

Check archive.org

Show headers Download Go to

Full URL: http://pepa.vyskup.com/styles.css
Requested by: Host: pepa.vyskup.com
URL: http://pepa.vyskup.com/
Protocol: HTTP/1.1
Server: 176.74.159.100 Brno, Czech Republic, ASN35613 (NETDATACOMM, CZ),
Reverse DNS: 176-74-159-100.netdatacomm.cz
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 1ad165b28ebee869811f4ab7437a1eb41d9cdc93d485747a986f563e69447093

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 15:39:13 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Jan 2007 11:16:32 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1f7-42817e4a1a400-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 239

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 111 KB
39 KB 110ms
60ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: pepa.vyskup.com
URL: http://pepa.vyskup.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

184468e068ac63b8e6a6584e4bdbd3faab16413a2fce266b11b76b0c01760b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 17 Jan 2022 15:39:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 16834975675771228631
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 39621
X-XSS-Protection: 0
Expires: Mon, 17 Jan 2022 15:39:13 GMT

GET
H/1.1 200
OK empty.gif
pepa.vyskup.com/images/ 814 B
1 KB 407ms
407ms Image
image/gif 176.74.159.100
NETDATACOMM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pepa.vyskup.com/images/empty.gif
Requested by: Host: pepa.vyskup.com
URL: http://pepa.vyskup.com/
Protocol: HTTP/1.1
Server: 176.74.159.100 Brno, Czech Republic, ASN35613 (NETDATACOMM, CZ),
Reverse DNS: 176-74-159-100.netdatacomm.cz
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 08ac46da9a8e0c271fb51c67c21ba18e779378901e797b5e537db5c7b7aae3f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 15:39:13 GMT
Last-Modified: Sun, 28 Jan 2007 11:14:06 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "32e-42817dbeddb80"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 814

GET
H/1.1 200
OK top.jpg
pepa.vyskup.com/images/ 32 KB
32 KB 319ms
318ms Image
image/jpeg 176.74.159.100
NETDATACOMM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pepa.vyskup.com/images/top.jpg
Requested by: Host: pepa.vyskup.com
URL: http://pepa.vyskup.com/
Protocol: HTTP/1.1
Server: 176.74.159.100 Brno, Czech Republic, ASN35613 (NETDATACOMM, CZ),
Reverse DNS: 176-74-159-100.netdatacomm.cz
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 4e33528d0aa8bf4c9aa1fc8dd5651c0d8ea67b02c34d47cce105021996601b7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 15:39:13 GMT
Last-Modified: Wed, 30 May 2007 16:47:30 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "805f-431b2bce66c80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 32863

GET
H/1.1 200
OK pepa.jpg
pepa.vyskup.com/images/ 7 KB
8 KB 1426ms
1271ms Image
image/jpeg 176.74.159.100
NETDATACOMM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pepa.vyskup.com/images/pepa.jpg
Requested by: Host: pepa.vyskup.com
URL: http://pepa.vyskup.com/
Protocol: HTTP/1.1
Server: 176.74.159.100 Brno, Czech Republic, ASN35613 (NETDATACOMM, CZ),
Reverse DNS: 176-74-159-100.netdatacomm.cz
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: c27920b1cab8663111b1c4db1a57f47cc868a4f3cd5e12ae0caf92950be06912

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 15:39:13 GMT
Last-Modified: Sun, 28 Jan 2007 11:14:08 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1d1e-42817dc0c6000"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7454

GET
H/1.1 200
OK pepa-ref.gif
pepa.vyskup.com/banners/ 3 KB
3 KB 1304ms
1148ms Image
image/gif 176.74.159.100
NETDATACOMM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pepa.vyskup.com/banners/pepa-ref.gif
Requested by: Host: pepa.vyskup.com
URL: http://pepa.vyskup.com/
Protocol: HTTP/1.1
Server: 176.74.159.100 Brno, Czech Republic, ASN35613 (NETDATACOMM, CZ),
Reverse DNS: 176-74-159-100.netdatacomm.cz
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: f3d15e78cccbc9810d28c8588616ea008640b55a526f8768109f866591f493a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 15:39:13 GMT
Last-Modified: Sun, 28 Jan 2007 11:13:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "aca-42817db73c980"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2762

GET
H2

200

count.asp
toplist.cz/
Redirect Chain

http://toplist.cz/count.asp?id=209232&logo=mc
https://toplist.cz/count.asp?id=209232&logo=mc

947 B
1 KB

112ms
35ms

Image
image/gif

88.86.101.2
SUPERNETWORK ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://toplist.cz/count.asp?id=209232&logo=mc

Requested by

Host: pepa.vyskup.com
URL: http://pepa.vyskup.com/

Protocol

Server

88.86.101.2 Prague, Czech Republic, ASN39392 (SUPERNETWORK ^_^, CZ),

Reverse DNS

www2.toplist.cz

Software

Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 /

Resource Hash

e9d6a35b39a917281c705089cb1870e0b615d018011d162c6d404e8da1fd04bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 15:39:13 GMT
server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-w: 4
p3p: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
cache-control: private,no-cache,no-store,must-revalidate,max-age=0
content-type: image/gif
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Location: https://toplist.cz/count.asp?id=209232&logo=mc
Non-Authoritative-Reason: HSTS

GET
H2

200

all.js Show response
connect.facebook.net/cs_CZ/
Redirect Chain

http://connect.facebook.net/cs_CZ/all.js
https://connect.facebook.net/cs_CZ/all.js

3 KB
2 KB

23ms
7ms

Script
application/x-javascript

2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/cs_CZ/all.js

Requested by

Host: pepa.vyskup.com
URL: http://pepa.vyskup.com/

Protocol

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8df1906deaecf9dbc0ddeda7f52a404bc2f71892fe7a954a1c6064bfb3d91681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: dQPnu2xjdXfWLFLsdGwlqw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: 8qis+GKQwYfpFLMxF44NthwfeG0Po2n8zQYf30pjrgTAaBJQ84tDEfdHCHVRHkelGAclvgWw0zkRL5uq/VIhTA==
x-fb-trip-id: 917726464
x-fb-content-md5: 0cb9538701471a9d7ce0325478df9855
x-frame-options: DENY
date: Mon, 17 Jan 2022 15:39:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "98844af6c78f95789704dffad0226a6d"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 17 Jan 2022 15:56:04 GMT

Redirect headers

Location: https://connect.facebook.net/cs_CZ/all.js#xfbml=1
Non-Authoritative-Reason: HSTS

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/ 284 KB
103 KB 156ms
67ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=pub-4242252424663028&plah=pepa.vyskup.com&bust=31064115

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94264e80d02aee478cab597737b2e4defdb90659167ceb87e82543494b98d9f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 15:39:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104505
x-xss-protection: 0
server: cafe
etag: 8896997718913292229
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 17 Jan 2022 15:39:13 GMT

GET
H3 200 all.js Show response
connect.facebook.net/cs_CZ/ 290 KB
82 KB 21ms
10ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/cs_CZ/all.js?hash=bae195270c685dc2b91af9d956df059b

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/cs_CZ/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

71ac4ca0582e83d042e965ca525865b045137bbfff87dcd28873efd9ae9fd3d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://pepa.vyskup.com/
Origin: http://pepa.vyskup.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: e7LkufGch0dx13ooohTTFA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83574
x-fb-rlafr: 0
x-fb-debug: 1CVRdv/B4Z7dBCHb61yUVliR9Q8Z85wG0iobwK7T/fbJgWhrZwf/fC7jj40c/uhxwzLsclWKJsEJxVt2E3Lg3g==
x-fb-content-md5: a0787520c5af2ee33b949b31dd2f098e
x-frame-options: DENY
date: Mon, 17 Jan 2022 15:39:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "2a7b0adbcdc5ffc126d8c470f336ac78"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 17 Jan 2023 13:23:04 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
642 B 134ms
49ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pepa.vyskup.com&callback=_gfp_s_&client=ca-pub-4242252424663028

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=pub-4242252424663028&plah=pepa.vyskup.com&bust=31064115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

2b13e8ae533a1c08580e19ad8940cd256dd041881faffad79bcfbfebcb2246d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 15:39:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 134ms
49ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pepa.vyskup.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Jan 2022 15:39:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 136ms
48ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pepa.vyskup.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Jan 2022 15:39:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F930 461 B
801 B 208ms
124ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4242252424663028&output=html&h=15&adk=3479318690&adf=2037478136&w=728&lmt=1642433953&channel=3453425267&format=728x15_0ads_al_s&color_bg=333333&color_border=333333&color_link=FFFFFF&color_text=000000&color_url=008000&url=http%3A%2F%2Fpepa.vyskup.com%2F&flash=0&alt_color=333333&wgl=1&dt=1642433953416&bpp=16&bdt=261&idt=275&shv=r20220112&mjsv=m202201120101&ptt=5&saldr=sa&abxe=1&correlator=2446925110596&frm=20&pv=2&ga_vid=43134014.1642433954&ga_sid=1642433954&ga_hid=306692470&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064036%2C31064115%2C31064125&oid=2&pvsid=284198055710734&pem=30&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=fRZtAbsVfa&p=http%3A//pepa.vyskup.com&dtd=292

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebe168b3f4356987e242033a619ebc3c11a7ee94576a7e20698a233ed4fccb48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 17 Jan 2022 15:39:13 GMT
server: cafe
content-length: 220
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 Jan 2022 15:39:13 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6401 22 KB
9 KB 565ms
488ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4242252424663028&output=html&h=60&adk=1314508960&adf=876494944&w=468&lmt=1642433953&channel=8519038815&ad_type=text_image&format=468x60_as&url=http%3A%2F%2Fpepa.vyskup.com%2F&flash=0&wgl=1&dt=1642433953442&bpp=4&bdt=287&idt=272&shv=r20220112&mjsv=m202201120101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x15_0ads_al_s&correlator=2446925110596&frm=20&pv=1&ga_vid=43134014.1642433954&ga_sid=1642433954&ga_hid=306692470&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=423&ady=1112&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064036%2C31064115%2C31064125&oid=2&pvsid=284198055710734&pem=30&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=surNCb45bX&p=http%3A//pepa.vyskup.com&dtd=275

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5c51f865973b53970e9a3d1c4d55e4b3cd9ef64104db3c1c0361d91f5b46ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 17 Jan 2022 15:39:14 GMT
server: cafe
content-length: 9371
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 Jan 2022 15:39:14 GMT
cache-control: private

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 6401 2 KB
1 KB 155ms
43ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4242252424663028&output=html&h=60&adk=1314508960&adf=876494944&w=468&lmt=1642433953&channel=8519038815&ad_type=text_image&format=468x60_as&url=http%3A%2F%2Fpepa.vyskup.com%2F&flash=0&wgl=1&dt=1642433953442&bpp=4&bdt=287&idt=272&shv=r20220112&mjsv=m202201120101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x15_0ads_al_s&correlator=2446925110596&frm=20&pv=1&ga_vid=43134014.1642433954&ga_sid=1642433954&ga_hid=306692470&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=423&ady=1112&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064036%2C31064115%2C31064125&oid=2&pvsid=284198055710734&pem=30&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=surNCb45bX&p=http%3A//pepa.vyskup.com&dtd=275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 15:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jan 2022 15:37:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6401 121 KB
38 KB 331ms
233ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 15:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Jan 2022 15:39:14 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 6401 15 KB
7 KB 150ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 15:36:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jan 2022 15:36:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6401 0
0 127ms
80ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPrhOoY3lYbz9MpeLywXKp4TYDcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDI0MjI1MjQyNDY2MzAyOKAB1bbS6gPIAQmpAmjnsl8XJrM-qAMBqgTSAU_Q_VSuO4a2R2EwIrWUaHKqcPT5oCaiJRb9jnXJkDCX_AI2eaI5wnZwsBOgqxhfub74yag-6AIXiUUUUJ9J3eqiMtEOrN8qEQTbicfJ2DcFkFh-vLOaIfIWd6EBAOFqcAQiaRCLh_9cOavSzFX73eiTV9TCnZotqm5x-qKQKVDUR7f1n2idXKUT7DAB18uFQ370TS7XAzQ90E615TodY3a9l5m7AfuwIzjaN4cBIFuM9o3VcIMauk0vBmUHORCHme0Jvy4LCisZqCoG9GDkF0rPzIAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQyNDIyNTI0MjQ2NjMwMjgYAA&sigh=HEq1FYyyEDg&uach_m=[UACH]&cid=CAQSGwCNIrLM6LTywOzgKTuwTXoWoV7a6ybDeYWHpRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4242252424663028&output=html&h=60&adk=1314508960&adf=876494944&w=468&lmt=1642433953&channel=8519038815&ad_type=text_image&format=468x60_as&url=http%3A%2F%2Fpepa.vyskup.com%2F&flash=0&wgl=1&dt=1642433953442&bpp=4&bdt=287&idt=272&shv=r20220112&mjsv=m202201120101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x15_0ads_al_s&correlator=2446925110596&frm=20&pv=1&ga_vid=43134014.1642433954&ga_sid=1642433954&ga_hid=306692470&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=423&ady=1112&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064036%2C31064115%2C31064125&oid=2&pvsid=284198055710734&pem=30&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=surNCb45bX&p=http%3A//pepa.vyskup.com&dtd=275
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 17 Jan 2022 15:39:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 17 Jan 2022 15:39:14 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 6401 0
0 60ms
18ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEYmvMNQDPJ2DYgICAAAAwJLENl25rUIQoY3lYdlXAAnR8pLQu-TVABI&wp=YeWNoQAMvrwKssWXAAETyuCn4mxb6MLRS71Q4Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 15:39:14 GMT
server: Kestrel
server-processing-duration-in-ticks: 233958
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D994 127 KB
44 KB 126ms
88ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YeWNoQAMvrwKssWXAAETyuCn4mxb6MLRS71Q4Q&u=%7CVUiY1ehUbNPEGZpo1rEOoncZ8Erxj2tNZ%2FNol5PJhoM%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdXvSvBEh0H6zCpuUVqT_e-weovIFhP1cnex3pnTkCtKlfxcyFj04EkBrrtxZkGbKfDaahQnuQpcapdx8fO37Y26Sdaszp3-vHiV00tbqctpF1FRAl05XxgHGA41-jCsx4muTTCWMKJjQypg7u5SIURw0wa2hNyBJkIihQq_HRpgZVKGeCj6NMCji-81m_duQV_faEejijGaAvjJ7yqyYG81xEbmjgUzCsyR-A730yky5DYW7LVgiDI1bq6fjJZh6-JkrB0lW-G-Zy6CTwrCllgEtUREWTcoKMUBpb1DYxu3SnOLZf6-KOaD5TgRiNlSN6w7TOHc74-H8vAYHGJ4IhUs5vJPuBOTqSegvoUCIWAq0jnU2E9E-biXpixJMDQXUPrCPXdeENCFkLGkqt-3Yta&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEKtmoY3lYbz9MpeLywXKp4TYDcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDI0MjI1MjQyNDY2MzAyOKAB1bbS6gPIAQmpAmjnsl8XJrM-qAMBqgTVAU_Q_VSuO4a2R2EwIrWUaHKqcPT5oCaiJRb9jnXJkDCX_AI2eaI5wnZwsBOgqxhfub74yag-6AIXiUUUUJ9J3eqiMtEOrN8qEQTbicfJ2DcFkFh-vLOaIfIWd6EBAOFqcAQiaRCLh_9cOavSzFX73eiTV9TCnZotqm5x-qKQKVDUR7f1n2idXKUT7DAB18uFQ370TS7XAzQ90E615TodY3a9l5m7AfuwIzjaN4dDInoecQJJYzyGru7_O8P_MASNL-cnp6y_wha_WpUY2Hhhvc7cc4GEqoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0a9drcu7y8wScbkEwojrNZzz6_XQ%26client%3Dca-pub-4242252424663028%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0793aeb1376af9c1d68aeef63d38e2fe696c35e0c6986b7b60550871fcf5ad49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Mon, 17 Jan 2022 15:39:13 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=toXmofTljM58lu1dR5XH6d0ApE37IKrvjWjfMCUInClNU-Bn-R3i6A1WgINcg8f-1GKoBSYt_aRilI_RrqXE5lt7RJ3K2l9vJ7vZUW5GX3Och4WR58bSQSfhEj_V-hEPObn60IZ0f6YPBrmd2HvLuBNFJWSS9RQhIVF3y8g31f1SFWg2LuMPnHoBidgZ_dfrt7KELvBRnxvc_DNnZeEzhvOyQSeLM6kA_NXYH2KZTSk9JOtV1w_sI_jLLdNNnwFCWZrDeQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 67930727
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D994 2 KB
1 KB 47ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YeWNoQAMvrwKssWXAAETyuCn4mxb6MLRS71Q4Q&u=%7CVUiY1ehUbNPEGZpo1rEOoncZ8Erxj2tNZ%2FNol5PJhoM%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdXvSvBEh0H6zCpuUVqT_e-weovIFhP1cnex3pnTkCtKlfxcyFj04EkBrrtxZkGbKfDaahQnuQpcapdx8fO37Y26Sdaszp3-vHiV00tbqctpF1FRAl05XxgHGA41-jCsx4muTTCWMKJjQypg7u5SIURw0wa2hNyBJkIihQq_HRpgZVKGeCj6NMCji-81m_duQV_faEejijGaAvjJ7yqyYG81xEbmjgUzCsyR-A730yky5DYW7LVgiDI1bq6fjJZh6-JkrB0lW-G-Zy6CTwrCllgEtUREWTcoKMUBpb1DYxu3SnOLZf6-KOaD5TgRiNlSN6w7TOHc74-H8vAYHGJ4IhUs5vJPuBOTqSegvoUCIWAq0jnU2E9E-biXpixJMDQXUPrCPXdeENCFkLGkqt-3Yta&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEKtmoY3lYbz9MpeLywXKp4TYDcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDI0MjI1MjQyNDY2MzAyOKAB1bbS6gPIAQmpAmjnsl8XJrM-qAMBqgTVAU_Q_VSuO4a2R2EwIrWUaHKqcPT5oCaiJRb9jnXJkDCX_AI2eaI5wnZwsBOgqxhfub74yag-6AIXiUUUUJ9J3eqiMtEOrN8qEQTbicfJ2DcFkFh-vLOaIfIWd6EBAOFqcAQiaRCLh_9cOavSzFX73eiTV9TCnZotqm5x-qKQKVDUR7f1n2idXKUT7DAB18uFQ370TS7XAzQ90E615TodY3a9l5m7AfuwIzjaN4dDInoecQJJYzyGru7_O8P_MASNL-cnp6y_wha_WpUY2Hhhvc7cc4GEqoAG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0a9drcu7y8wScbkEwojrNZzz6_XQ%26client%3Dca-pub-4242252424663028%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 15:39:14 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 12 Jan 2023 15:39:14 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D994 2 KB
1 KB 47ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 15:39:14 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 12 Jan 2023 15:39:14 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D994 308 B
636 B 47ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 15:39:14 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 12 Jan 2023 15:39:14 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame D994 507 B
835 B 49ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 15:39:14 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Thu, 12 Jan 2023 15:39:14 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame D994 43 B
347 B 468ms
19ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=zc_9jzMhM6cklM5tcbMYcOP_UXsepam4LFSamhNEsv_yWy8_lB3yPjgix5fiZ5YlTBH6lDTV9zvo91EMhZ4oTEeBZP_juHAE3sK4f5yxfy8QSsDLLtdKtvKqdtmQjyKwXpTjNo2JYuSBSLJf_4kJZ3TmtBANk_fSsnudYskmvHigBwckCfWbNqXAxQnvuFw6UYJ2hVMtpZmB7Me_6qKy6nmERSD7Ff2MNtFI9NAIbIRyY2a1C5hrB971VgEYK_F7WtQy5GMwMZi8wkjSeXNa5oKK6DJby9JtHfPbi_6nXYvqYg_JjAny4uPp9ih9ucXkTwkcVgo452m84gyGESqqti3-I85Ij-OMCO19BssomGSnBD-YtnXa55u9WMqi9a4RrQhZ7pgnn-VHZ04u4wKKhrZUr6enWrFRhI8AoguP41BJ3SqiJjgWzGGBQFM_2Hyvg0vd4A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 15:39:14 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3153916
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D994 12 KB
5 KB 35ms
16ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 15:39:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 116068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WkhiZoxAV6dKpOolmR7KbozgZleBVtKHm%2FUVIAPl3of9%2BozgJzs398KIYdXB4TrnSRx3XfSlTDvVG7h1a6nRVB0%2F%2BFSCfs102Yptk5%2F0a65zSoiN6gxqRs1sNLFZijhGdqsZbkXOprwvOfZkFKZYTvM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cf0acd76e105c6e-FRA
expires: Sat, 07 Jan 2023 15:39:14 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D994 12 KB
6 KB 35ms
25ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 15:39:14 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 12 Jan 2023 15:39:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D994 14 KB
15 KB 51ms
15ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=116&m=0&partner=90357&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F90357%2F211115%2F33300702bd0247d48074e3362ef06108_screenshot_2021-11-08_at_12.17.08.png&v=3&w=236&s=ciD-hYilmvrm0YD4_4YlKcYt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

771b7bab4b257fa716af4267a8daf406193561781111b0968a37e95f14218f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 13:12:19 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 527215
vary: Origin
x-cache: hit cached
content-type: image/png
cache-control: public, max-age=29588275
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 14577
expires: Tue, 20 Dec 2022 00:10:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D994 29 KB
30 KB 63ms
28ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1869280-_x600-nocrop.jpg&v=3&w=400&s=_BOKbeajDOx6IHyVWu03i-gB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

42c1bc55a67369b68ff20d684d3be5182c5eabc3ba7e888d7ff1850043b4c09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:04:19 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 520494
vary: Origin
x-cache: hit cached
content-type: image/webp
cache-control: public, max-age=29822401
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 30204
expires: Thu, 22 Dec 2022 19:04:21 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D994 0
127 B 51ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=toXmofTljM58lu1dR5XH6d0ApE37IKrvjWjfMCUInClNU-Bn-R3i6A1WgINcg8f-1GKoBSYt_aRilI_RrqXE5lt7RJ3K2l9vJ7vZUW5GX3Och4WR58bSQSfhEj_V-hEPObn60IZ0f6YPBrmd2HvLuBNFJWSS9RQhIVF3y8g31f1SFWg2LuMPnHoBidgZ_dfrt7KELvBRnxvc_DNnZeEzhvOyQSeLM6kA_NXYH2KZTSk9JOtV1w_sI_jLLdNNnwFCWZrDeQ&sds=2&rev=80076.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 17 Jan 2022 15:39:13 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D994 2 KB
1 KB 22ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 15:39:14 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 12 Jan 2023 15:39:14 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D994 2 KB
1 KB 26ms
25ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 15:39:14 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 12 Jan 2023 15:39:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D994 2 KB
1009 B 132ms
45ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 15:13:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 17 Jan 2022 15:39:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jan 2022 15:39:14 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame D994 44 KB
45 KB 127ms
40ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 21:17:17 GMT
x-content-type-options: nosniff
age: 584517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45416
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 10 Jan 2023 21:17:17 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame D994 46 KB
46 KB 181ms
94ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 14:03:04 GMT
x-content-type-options: nosniff
age: 524170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46988
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:11 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 14:03:04 GMT

GET
DATA 200
OK truncated
/ Frame 6401 205 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71bed13766de39ade0845dabbda95cc288f9c76ed989d8baff4f6d442a552b4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 all
csm.eu.criteo.net/ Frame D994 0
127 B 15ms
15ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 17 Jan 2022 15:39:14 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6401 42 B
64 B 121ms
73ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPd6DA2X3G8QsIJ8Ulr_4z_roBp_0PqMQXWWzW5jpaz5DXttAcyEDMXdv02LS3_qie948vIL-5mzr4uBG800De&sig=Cg0ArKJSzC9H0cQkj-TlEAE&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1314508960&rs=2&la=0&cr=0&vs=4&r=v&rst=1642433953718&rpt=980&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 15:39:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 125ms
77ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84b48d0ac043839fad27becc1eb0463f319811815d5295c5ef5fa1d831acfdc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 15:39:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51975
x-xss-protection: 0
server: cafe
etag: 13873075114000086845
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 Jan 2022 15:39:17 GMT

GET
H3

200

/
www.facebook.com/login/ Frame DED9
Redirect Chain

https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e39d7fcc7d0d4%26domain%3Dpepa.vyskup.com%26is...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253...

0
0

133ms
123ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2e39d7fcc7d0d4%2526domain%253Dpepa.vyskup.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fpepa.vyskup.com%25252Ff23c4fac950a19%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D225%26header%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252FPepaVyskupCom%26locale%3Dcs_CZ%26sdk%3Djoey%26show_border%3Dtrue%26show_faces%3Dfalse%26stream%3Dfalse%26width%3D225

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/cs_CZ/all.js?hash=bae195270c685dc2b91af9d956df059b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: AjNQ5MKQ2r9PIIq83EYQ+qloM9dfQnejw6i5Ux5JtwrHeI/4fwNUTrz4kXOs+k+VJ70ba5EzzjLe/X+3xuNICw==
date: Mon, 17 Jan 2022 15:39:17 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2e39d7fcc7d0d4%2526domain%253Dpepa.vyskup.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fpepa.vyskup.com%25252Ff23c4fac950a19%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D225%26header%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252FPepaVyskupCom%26locale%3Dcs_CZ%26sdk%3Djoey%26show_border%3Dtrue%26show_faces%3Dfalse%26stream%3Dfalse%26width%3D225
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: nHF5qiGpCoGBnbYPP/JQfeQPoQd3eGxui0Jd9SVIH5gZHUTrZ+U7QDbV4w8f8DienvUk50GHBHKvPCxIU68k4w==
content-length: 0
date: Mon, 17 Jan 2022 15:39:17 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 53ms
53ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220112&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d96135919f1caa51bc30135e66ce612d3d21b0a782b8a436f2dfc24d228227f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Jan 2022 15:39:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8702
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 152ms
106ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 15:39:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Jan 2022 15:39:17 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/ Frame 35AE 11 KB
5 KB 52ms
52ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4885
x-xss-protection: 0
date: Mon, 17 Jan 2022 01:57:44 GMT
expires: Mon, 31 Jan 2022 01:57:44 GMT
cache-control: public, max-age=1209600
age: 49293
etag: 13671712056976469594
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 111ms
52ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pepa.vyskup.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Jan 2022 15:39:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 100ms
46ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pepa.vyskup.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Jan 2022 15:39:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 268B 0
16 B 55ms
55ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4242252424663028&output=html&adk=1812271804&adf=3025194257&lmt=1642433957&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=3453425267&format=0x0&url=http%3A%2F%2Fpepa.vyskup.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1642433957613&bpp=2&bdt=4457&idt=2&shv=r20220112&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D40f3975bacfd1070-2207ef1521cd009c%3AT%3D1642433953%3ART%3D1642433953%3AS%3DALNI_MY07patsz7kMrBpl0np1-sBQ_Uk9g&prev_fmts=728x15_0ads_al_s%2C468x60_as&nras=1&correlator=2446925110596&pv_ch=3453425267%2B&frm=20&pv=1&ga_vid=43134014.1642433954&ga_sid=1642433954&ga_hid=306692470&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066433%2C31064036%2C31064115%2C31064125&oid=2&psts=AGkb-H_-7NoVWiWOHcOQFQ3rH14pDQgq3FM-nqLRkFtEcpOmfLx4s97ujHw-a3oIP0K6LWc-kxpiTfTzTaVa&pvsid=284198055710734&pem=30&tmod=908&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 17 Jan 2022 15:39:17 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B847 13 KB
5 KB 37ms
36ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Jan 2022 15:37:35 GMT
expires: Tue, 17 Jan 2023 15:37:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7948 783 B
1 KB 135ms
50ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6bdb33c4e0b135e7c0296282ee82327ef68593d15a24337ca7284bf88930b327

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KP5LIuUfQw1K22EYkyhtQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 17 Jan 2022 15:39:17 GMT
date: Mon, 17 Jan 2022 15:39:17 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-KP5LIuUfQw1K22EYkyhtQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js Show response
pagead2.googlesyndication.com/bg/ Frame B847 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 15:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13653
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jan 2023 15:36:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7948 0
0 76ms
76ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220112&jk=284198055710734&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET generate_204
tpc.googlesyndication.com/ Frame B847 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220112&jk=284198055710734&bg=!dXaldjLNAAaocxMpqHM7ACkAdvg8WmCfN0XASpj7kfIdLFTWg0CXr0iS1WWzOux5GzUApkwdkAEaVgIAAABaUgAAAANoAQcKADbdJl9RAMrdJ1JTSvRfUR_RpNpwYHnlryaDdS5S4LDv0vbPKcXEbSbtnxotN7S3suGT45qW0bqZAra67V5pTqVCbW6jTh4GiHWRUOzv3c66UZrCrOX_Plzg79TCqBpBFpWOwqwYqgDvqLERWxHug8fNEgb7ngIi2fkECz2J0HS6K0aNCGvbnYz4OStvc9Ko4mmFL9QqWeNdWMzKiYRqj1lsfKWldkx98FcDRIdZ_7my4Wu5KXDoVmeGZAlSdq5JIZEmB_Tfj-sigK3uMdEIBizrjFECo92bYhT5G9E3y8nMrpMs8nPOFyDLnrCi7xI56SG5f5ni8R6BQ96W-hMDB5NJe4HlzraiNemprXe1WJpeUOarvBBPNaAo1fy3f5iJ7qVPo3PVjZjbuYqj64cHQdTC5lA5TTQE1bZPY4VdAIydTSk7t_LEdPN-D9IXLM9_9gm9F___tKDA-X7sO_wKGJoG775ic8T0Vu1q_Q3d4QyxoYqUMyBavnvIYXGvHrj_Mg1gfWU0ZfAefh9BkoHi6pOJGG22vCkMl_5o3rvI1Ftq9MXCg1jNRi7Jcbbs7j1tCICAWbB_h2OGVzQwUx75UcHqj6UpBSfNzKM5nLzSkMclORt0KBoNEJuGdObe7KrxEgWKjJvGTvbEK8mCbwfARvnslTUDvKzRlrbGF_EX2LNOWvgQdwjNRRtMLFU0ksMzFm4-hTaXPldA24fnRzK8OUlW-6h1pqonPkjjHzk81sK22ypUykUgtu3IriZgHAUEBJZ3Stx43KL3n31Z8Mi-f9Ll6AV75jOhFn5iqZEnD_xIa06n331FGT8wfk3z-z7yETSTvRwHjlWTUzc6k5YfRl230YkEQlsLfCa3zm3fVOdzx8BOwVcam9MGQLF9AvvHHJ-TD0tlGIbjaV-ujJUe3L0mJe30Dc5w9TCCl5R9phOCwNXC9D8oERxOXEr2-5mA0ZhF-uQQa1u6LE49fnwDyNmyKa_bYjPe5KypoLtRf5Kg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pepa.vyskup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 15:39:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?oOQTyQ

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vyskup.com/	1970-01-20 09:35:29	Name: __gads Value: ID=40f3975bacfd1070-2207ef1521cd009c:T=1642433953:RT=1642433953:S=ALNI_MY07patsz7kMrBpl0np1-sBQ_Uk9g
.doubleclick.net/	1970-01-20 09:35:29	Name: IDE Value: AHWqTUlcj6PjYZ7LZLnbdrAb-FbHUh93rV8rvwXdJFnt1ZjAbECG8HPdOMMXECsk3i0
.facebook.com/	1970-01-20 17:45:05	Name: sb Value: pY3lYT4GBj0Ox5whUuKy-dLX
.facebook.com/	1970-01-20 02:23:29	Name: fr Value: 0Hy8D66j3dfqwGoJo..Bh5Y2l.C-.AAA.0.0.Bh5Y2l.AWWp2nmhylg

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
connect.facebook.net
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pepa.vyskup.com
pix.eu.criteo.net
rtb.fr.eu.criteo.com
static.criteo.net
toplist.cz
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.googletagservices.com
tpc.googlesyndication.com
142.250.186.130
176.74.159.100
178.250.0.139
178.250.0.160
178.250.2.150
2606:4700::6810:125e
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:827::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a02:2638:1::3
2a02:2638::18
2a02:2638::2
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
88.86.101.2
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
0793aeb1376af9c1d68aeef63d38e2fe696c35e0c6986b7b60550871fcf5ad49
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
08ac46da9a8e0c271fb51c67c21ba18e779378901e797b5e537db5c7b7aae3f5
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
184468e068ac63b8e6a6584e4bdbd3faab16413a2fce266b11b76b0c01760b05
1ad165b28ebee869811f4ab7437a1eb41d9cdc93d485747a986f563e69447093
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
2b13e8ae533a1c08580e19ad8940cd256dd041881faffad79bcfbfebcb2246d1
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
42c1bc55a67369b68ff20d684d3be5182c5eabc3ba7e888d7ff1850043b4c09b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e33528d0aa8bf4c9aa1fc8dd5651c0d8ea67b02c34d47cce105021996601b7d
53fdf05331dd54564f42a5e7295c71e05977aceca9f8ff4da520116379eb2b58
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6bdb33c4e0b135e7c0296282ee82327ef68593d15a24337ca7284bf88930b327
71ac4ca0582e83d042e965ca525865b045137bbfff87dcd28873efd9ae9fd3d4
71bed13766de39ade0845dabbda95cc288f9c76ed989d8baff4f6d442a552b4e
771b7bab4b257fa716af4267a8daf406193561781111b0968a37e95f14218f9e
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
84b48d0ac043839fad27becc1eb0463f319811815d5295c5ef5fa1d831acfdc9
8df1906deaecf9dbc0ddeda7f52a404bc2f71892fe7a954a1c6064bfb3d91681
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
94264e80d02aee478cab597737b2e4defdb90659167ceb87e82543494b98d9f0
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
c27920b1cab8663111b1c4db1a57f47cc868a4f3cd5e12ae0caf92950be06912
d96135919f1caa51bc30135e66ce612d3d21b0a782b8a436f2dfc24d228227f8
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c51f865973b53970e9a3d1c4d55e4b3cd9ef64104db3c1c0361d91f5b46ed3
e9d6a35b39a917281c705089cb1870e0b615d018011d162c6d404e8da1fd04bf
ebe168b3f4356987e242033a619ebc3c11a7ee94576a7e20698a233ed4fccb48
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d15e78cccbc9810d28c8588616ea008640b55a526f8768109f866591f493a1
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

pepa.vyskup.com Open in urlscan Pro 176.74.159.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

53 Requests

81 %HTTPS

71 %IPv6

15 Domains

21 Subdomains

22 IPs

4 Countries

621 kBTransfer

1434 kBSize

4 Cookies

1 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pepa.vyskup.com Open in urlscan Pro
176.74.159.100 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

81 %
HTTPS

71 %
IPv6

15
Domains

21
Subdomains

22
IPs

4
Countries

621 kB
Transfer

1434 kB
Size

4
Cookies

53 HTTP transactions
1 data transactions