doczytamyinfo.click Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://doczytamyinfo.click/
Submission: On December 14 via api (December 14th 2023, 11:59:05 pm UTC) from PL — Scanned from NL

Summary HTTP 149 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 34 domains to perform 149 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is doczytamyinfo.click.
TLS certificate: Issued by GTS CA 1P5 on December 14th 2023. Valid for: 3 months.

This is the only time doczytamyinfo.click was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 5	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	62.129.206.181 62.129.206.181	12824 (HOMEPL-AS) (HOMEPL-AS)
11	2606:4700:440... 2606:4700:4400::6812:291f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	195.177.217.192 195.177.217.192	50599 (Autonomou...) (Autonomous System for Data Space Sp. z o.o.)
11	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2 4	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
19	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	54.220.4.214 54.220.4.214	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2.23.196.80 2.23.196.80	() ()
1	2600:9000:209... 2600:9000:2090:c600:1d:bf0a:0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
1	35.244.188.9 35.244.188.9	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	() ()
2	2a04:4e42:8d::84 2a04:4e42:8d::84	54113 (FASTLY) (FASTLY)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	18.239.67.245 18.239.67.245	() ()
1	64.158.223.140 64.158.223.140	() ()
2	107.178.244.119 107.178.244.119	() ()
2	35.190.43.134 35.190.43.134	() ()
2	35.71.131.137 35.71.131.137	() ()
1	37.252.172.123 37.252.172.123	() ()
149	34

5 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

doczytamyinfo.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 62.129.206.181 (Poland)

ASN12824 (HOMEPL-AS, PL)
PTR: cloudserver011865.home.pl

www.pizzadominium.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:4400::6812:291f (United States)

ASN13335 (CLOUDFLARENET, US)

www.restauracja-anima.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.177.217.192 (Poland)

ASN50599 (Autonomous System for Data Space Sp. z o.o., PL)
PTR: host-195-177-217-192.dataspace.pl

t.goadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.38 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f6.1e100.net

10121152.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10902911.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.4.214 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-4-214.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
marriottinternationa.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.196.80 (None, )

ASN- ()

cache.marriott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2090:c600:1d:bf0a:0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.188.9 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (None, )

ASN- ()

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8d::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.67.245 (None, )

ASN- ()

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.158.223.140 (None, )

ASN- ()

login.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.244.119 (None, )

ASN- ()

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.43.134 (None, )

ASN- ()

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.123 (None, )

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 431	152 KB
11	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	804 KB
11	restauracja-anima.pl www.restauracja-anima.pl	495 KB
10	doubleclick.net 2 redirects 10121152.fls.doubleclick.net 10902911.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net Failed cm.g.doubleclick.net Failed	10 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2693 adservice.google.com — Cisco Umbrella Rank: 93	2 KB
7	google.nl www.google.nl — Cisco Umbrella Rank: 9642 adservice.google.nl — Cisco Umbrella Rank: 21366	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	42 KB
5	doczytamyinfo.click 1 redirects doczytamyinfo.click	19 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	157 KB
3	sojern.com static.sojern.com — Cisco Umbrella Rank: 14090 beacon.sojern.com	12 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1355 match.adsrvr.org Failed	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 329	14 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	257 B
3	pizzadominium.pl www.pizzadominium.pl
2	snapchat.com tr.snapchat.com	1 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 745	21 KB
2	marriott.com cache.marriott.com smetrics.marriott.com Failed	7 KB
2	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 208 marriottinternationa.demdex.net	5 KB
2	goadservices.com t.goadservices.com — Cisco Umbrella Rank: 258430	1 KB
1	adnxs.com secure.adnxs.com Failed ib.adnxs.com Failed	575 B
1	dotomi.com login.dotomi.com	365 B
1	sc-static.net sc-static.net	18 KB
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 630	7 KB
1	licdn.com snap.licdn.com	15 KB
1	tvpixel.com c.tvpixel.com — Cisco Umbrella Rank: 9225 p.tvpixel.com Failed	32 KB
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2199
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138	19 KB
0	onetrust.com Failed geolocation.onetrust.com Failed
0	rlcdn.com Failed idsync.rlcdn.com Failed
0	pinterest.com Failed ct.pinterest.com Failed
0	adform.net Failed c1.adform.net Failed
0	linkedin.com Failed px.ads.linkedin.com Failed
0	everesttech.net Failed cm.everesttech.net Failed
0	jivox.com Failed pxl.jivox.com Failed
149	34

	Domain	Requested by
19	assets.adobedtm.com	doczytamyinfo.click assets.adobedtm.com
11	www.googletagmanager.com	doczytamyinfo.click www.googletagmanager.com www.google-analytics.com assets.adobedtm.com
11	www.restauracja-anima.pl	doczytamyinfo.click www.restauracja-anima.pl
6	www.google.nl	doczytamyinfo.click
5	www.google.com	doczytamyinfo.click
5	doczytamyinfo.click	1 redirects doczytamyinfo.click
4	googleads.g.doubleclick.net	www.googleadservices.com
4	connect.facebook.net	doczytamyinfo.click connect.facebook.net
3	bat.bing.com	assets.adobedtm.com bat.bing.com
3	www.facebook.com	doczytamyinfo.click
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.pizzadominium.pl	doczytamyinfo.click www.restauracja-anima.pl
2	tr.snapchat.com	sc-static.net
2	match.adsrvr.org	js.adsrvr.org static.sojern.com
2	beacon.sojern.com	doczytamyinfo.click static.sojern.com
2	s.pinimg.com	doczytamyinfo.click s.pinimg.com
2	cache.marriott.com	doczytamyinfo.click cache.marriott.com
2	adservice.google.com	10121152.fls.doubleclick.net 10902911.fls.doubleclick.net
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	region1.google-analytics.com	www.googletagmanager.com
2	10902911.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	10121152.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	t.goadservices.com	doczytamyinfo.click t.goadservices.com
1	ib.adnxs.com	static.sojern.com
1	marriottinternationa.demdex.net	assets.adobedtm.com
1	login.dotomi.com	doczytamyinfo.click
1	sc-static.net	doczytamyinfo.click
1	s.yimg.com	doczytamyinfo.click s.yimg.com
1	snap.licdn.com	doczytamyinfo.click
1	static.sojern.com	doczytamyinfo.click
1	js.adsrvr.org	doczytamyinfo.click
1	c.tvpixel.com	doczytamyinfo.click
1	dpm.demdex.net	assets.adobedtm.com
1	adservice.google.nl	adservice.google.com
1	region1.analytics.google.com	www.googletagmanager.com
1	script.crazyegg.com	www.googletagmanager.com
1	www.googleadservices.com	doczytamyinfo.click
0	geolocation.onetrust.com Failed	cache.marriott.com
0	idsync.rlcdn.com Failed
0	ct.pinterest.com Failed	s.pinimg.com
0	c1.adform.net Failed	static.sojern.com
0	cm.g.doubleclick.net Failed	static.sojern.com
0	secure.adnxs.com Failed	static.sojern.com
0	ad.doubleclick.net Failed
0	px.ads.linkedin.com Failed
0	p.tvpixel.com Failed	c.tvpixel.com
0	smetrics.marriott.com Failed	assets.adobedtm.com
0	cm.everesttech.net Failed
0	pxl.jivox.com Failed
149	49

This site contains links to these domains. Also see Links.

Domain
www.pizzadominium.pl
www.facebook.com
www.instagram.com
www.restauracja-anima.pl
uk6.eveve.com
www.marriott.com
mgscloud.marriott.com

Subject Issuer	Validity	Valid
doczytamyinfo.click GTS CA 1P5	`2023-12-14` - `2024-03-13`	3 months	crt.sh
*.pizzadominium.pl Certyfikat SSL	`2023-06-21` - `2024-06-20`	a year	crt.sh
www.restauracja-anima.pl Cloudflare Inc ECC CA-3	`2023-06-06` - `2024-06-05`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.goadservices.com DOMENY SSL DV Certification Authority	`2023-05-30` - `2024-05-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-09` - `2024-03-08`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-23` - `2023-12-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
www.marriott.com Entrust Certification Authority - L1K	`2023-10-18` - `2024-11-09`	a year	crt.sh
*.tvpixel.com Amazon RSA 2048 M03	`2023-11-15` - `2024-12-13`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-12` - `2024-01-31`	2 months	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://doczytamyinfo.click/
Frame ID: E87460021921902C882FFED4CCEA908E
Requests: 129 HTTP requests in this frame

Frame: https://10121152.fls.doubleclick.net/activityi;dc_pre=CIrT_YmRkIMDFQRckQUdgC0OMQ;src=10121152;type=invmedia;cat=sg-za0;ord=4223824201237;auiddc=2012779293.1702598340;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F
Frame ID: DD13DB737EA1673FB13CC291C9639A9E
Requests: 1 HTTP requests in this frame

Frame: https://10902911.fls.doubleclick.net/activityi;dc_pre=CLSd_4mRkIMDFTlbkQUdmvQE0Q;src=10902911;type=rmkt0;cat=domin0;ord=8695727460896;auiddc=2012779293.1702598340;u1=https%3A%2F%2Fdoczytamyinfo.click%2F;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F
Frame ID: 58BC6B119DC03B1AFF9FC30EC804E2D8
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIrT_YmRkIMDFQRckQUdgC0OMQ;src=10121152;type=invmedia;cat=sg-za0;ord=4223824201237;auiddc=2012779293.1702598340;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F
Frame ID: 4ED50A21BA630D8C3B6AEBE030018BA3
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.nl/ddm/fls/i/dc_pre=CIrT_YmRkIMDFQRckQUdgC0OMQ;src=10121152;type=invmedia;cat=sg-za0;ord=4223824201237;auiddc=2012779293.1702598340;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F
Frame ID: EDCD16AAA145826512A6381239F0D1AD
Requests: 1 HTTP requests in this frame

Frame: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Frame ID: C00EE6194FDC76E6F97C422A2030257E
Requests: 9 HTTP requests in this frame

Frame: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=&canonical_url=https%3A%2F%2Fwww.pizzadominium.pl%2F&dtm_user_token=&dtmc_ref=https%3A%2F%2Fdoczytamyinfo.click%2F&dtmc_loc=https%3A%2F%2Fdoczytamyinfo.click%2F&fpc_status=
Frame ID: 43CB16E8951DE54525A8C71641BBAF7B
Requests: 1 HTTP requests in this frame

Frame: https://marriottinternationa.demdex.net/dest5.html?d_nsid=0
Frame ID: BDA97CAFB2BE60362ACC8AA296AF64A9
Requests: 3 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=hbq9bjg&ref=https%3A%2F%2Fdoczytamyinfo.click%2F&upid=byw7ch4&upv=1.1.0
Frame ID: 39EB824956A0F07524BD19F4C2238B10
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&u_scsid=6ac1a54f-8f6e-4791-9cfb-9bc2214db3a2&u_sclid=a90a53df-db23-48bd-859f-1d143067654e
Frame ID: AE3A77A23365512D6B4C65840CE30D6F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

": Zobacz nagranie potrącenia dziecka przed szkołą! [+18]"Restauracja Anima

Page URL History Show full URLs

https://doczytamyinfo.click/ Page URL
https://doczytamyinfo.click/cdn-cgi/phish-bypass?atok=rsSdr17qNybbkcRD0u0RqmiRGu0yZSzCThrKe_0SwFU-170259... HTTP 301
https://doczytamyinfo.click/ Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Page Statistics

149
Requests

74 %
HTTPS

58 %
IPv6

34
Domains

49
Subdomains

34
IPs

6
Countries

1835 kB
Transfer

5373 kB
Size

18
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pizzadominium.pl/#skip-main
Title: Skip to main content

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Restauracja-Anima-111263601355642
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/restauracja.anima/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.restauracja-anima.pl/

Search URL Search Domain Scan URL

URL: https://www.restauracja-anima.pl/photos
Title: Zdjęcia

Search URL Search Domain Scan URL

URL: https://www.restauracja-anima.pl/contact-location
Title: Kontakt

Search URL Search Domain Scan URL

URL: https://www.restauracja-anima.pl/our-menus
Title: Menu

Search URL Search Domain Scan URL

URL: https://www.restauracja-anima.pl/meet-the-chef
Title: Szef

Search URL Search Domain Scan URL

URL: https://www.restauracja-anima.pl/specialoffers
Title: Oferty

Search URL Search Domain Scan URL

URL: https://uk6.eveve.com/web/form?est=AnimaKrakow
Title: Zarezerwuj teraz booking widget

Search URL Search Domain Scan URL

URL: http://www.restauracja-anima.pl/
Title: Zarezerwuj teraz

Search URL Search Domain Scan URL

URL: https://www.pizzadominium.pl/
Title: Dalej

Search URL Search Domain Scan URL

URL: https://www.pizzadominium.pl/

Search URL Search Domain Scan URL

URL: https://www.pizzadominium.pl/cdn-cgi/l/email-protection#f19a9e9f85909a85b18394828590848390929b90dc909f989c90df819d
Title: Anima - [email protected][email protected]

Search URL Search Domain Scan URL

URL: https://www.restauracja-anima.pl/accessibility
Title: Dostępność witryny

Search URL Search Domain Scan URL

URL: https://www.marriott.com/about/privacy.mi
Title: Polityka Prywatności

Search URL Search Domain Scan URL

URL: https://www.restauracja-anima.pl/site-map
Title: Mapa strony

Search URL Search Domain Scan URL

URL: https://mgscloud.marriott.com/common/sales-mktg-and-rev-mgmt/ecommerce/marriott-digital-services
Title: Powered by MDS

Search URL Search Domain Scan URL

URL: https://www.pizzadominium.pl/#modal-full
Title: GODZINY OTWARCIA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://doczytamyinfo.click/ Page URL
https://doczytamyinfo.click/cdn-cgi/phish-bypass?atok=rsSdr17qNybbkcRD0u0RqmiRGu0yZSzCThrKe_0SwFU-1702598334-0-%2F HTTP 301
https://doczytamyinfo.click/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://10121152.fls.doubleclick.net/activityi;src=10121152;type=invmedia;cat=sg-za0;ord=4223824201237;auiddc=2012779293.1702598340;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F HTTP 302
https://10121152.fls.doubleclick.net/activityi;dc_pre=CIrT_YmRkIMDFQRckQUdgC0OMQ;src=10121152;type=invmedia;cat=sg-za0;ord=4223824201237;auiddc=2012779293.1702598340;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F

Request Chain 17

https://10902911.fls.doubleclick.net/activityi;src=10902911;type=rmkt0;cat=domin0;ord=8695727460896;auiddc=2012779293.1702598340;u1=https%3A%2F%2Fdoczytamyinfo.click%2F;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F HTTP 302
https://10902911.fls.doubleclick.net/activityi;dc_pre=CLSd_4mRkIMDFTlbkQUdmvQE0Q;src=10902911;type=rmkt0;cat=domin0;ord=8695727460896;auiddc=2012779293.1702598340;u1=https%3A%2F%2Fdoczytamyinfo.click%2F;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F

Request Chain 118

https://insight.adsrvr.org/track/up?adv=hbq9bjg&ref=https%3A%2F%2Fdoczytamyinfo.click%2F&upid=byw7ch4&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=hbq9bjg&ref=https%3A%2F%2Fdoczytamyinfo.click%2F&upid=byw7ch4&upv=1.1.0

Request Chain 123

https://secure.adnxs.com/px?id=1565798&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1565798%26t%3D1

Request Chain 124

https://secure.adnxs.com/seg?add=29464183&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29464183%26t%3D1

Request Chain 131

https://secure.adnxs.com/px?id=1228256&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1228256%26t%3D1

Request Chain 132

https://secure.adnxs.com/seg?add=21126164&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D21126164%26t%3D1

149 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
doczytamyinfo.click/ 4 KB
2 KB 127ms
28ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e43bd3c3c4d1ac19e17bad809c9cfe1818fe05273f9ba021af388ca790a1c1c4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cf-ray: 835a65c3cdcd6692-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 14 Dec 2023 23:58:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYbRKfqgL0bTsUDFhKXIj3Jdv7luLF%2B6wt4MwF3ZZyXGdLjWBwEbqkvR4EW75LId5D7jGXlgnr%2F%2Ffe0Qrm6drM7Afvu7gx2Kxbe5gJbN%2B3rzVYpaQ%2FShESCBc85L1GzLsL3LV73f%2FwGiawRmpWawcZQJ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 cf.errors.css
doczytamyinfo.click/cdn-cgi/styles/ 24 KB
5 KB 27ms
27ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://doczytamyinfo.click/cdn-cgi/styles/cf.errors.css

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 01 Dec 2023 15:04:24 GMT
server: cloudflare
etag: W/"6569f5f8-5e44"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 835a65c3fdeb6692-AMS
expires: Fri, 15 Dec 2023 01:58:54 GMT

GET
H2 200 icon-exclamation.png
doczytamyinfo.click/cdn-cgi/images/ 452 B
541 B 27ms
26ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://doczytamyinfo.click/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/cdn-cgi/styles/cf.errors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:58:54 GMT
x-content-type-options: nosniff
last-modified: Fri, 01 Dec 2023 15:04:24 GMT
server: cloudflare
etag: "6569f5f8-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 835a65c42e096692-AMS
content-length: 452
expires: Fri, 15 Dec 2023 01:58:54 GMT

GET
H2

200

Primary Request / Show response
doczytamyinfo.click/
Redirect Chain

https://doczytamyinfo.click/cdn-cgi/phish-bypass?atok=rsSdr17qNybbkcRD0u0RqmiRGu0yZSzCThrKe_0SwFU-1702598334-0-%2F
https://doczytamyinfo.click/

42 KB
11 KB

88ms
88ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://doczytamyinfo.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: b2bcac7425a222ac6f9fb4409aa30493bd5bc9f4c8ad575c4c9fc2591c72967e

Request headers

Referer: https://doczytamyinfo.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 835a65e3e8126692-AMS
content-encoding: br
content-type: text/html
date: Thu, 14 Dec 2023 23:58:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idGQRx%2Bj3RBdEQS94qCdmLUsLhP3%2BsFP4AV5xlMzdsmh3uYS%2F96Hh2b%2FzYGdsY6Ja%2BvIexX0sTQ%2Fp43Ppf6fZaPpGSihhcLisnepM2%2BfV9o1SXEO39O1TUmi2hvJuYmmMxzWHM%2BrxjKjI7jCxgaePPvM"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
x-turbo-charged-by: LiteSpeed

Redirect headers

cache-control: private, no-cache
cf-ray: 835a65e3bff06692-AMS
content-length: 167
content-type: text/html
date: Thu, 14 Dec 2023 23:58:59 GMT
location: https://doczytamyinfo.click/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 403 40f51bac67bbf527dc16315c49927b14.css
www.pizzadominium.pl/public/resources/style/packed/ 0
0 216ms
53ms Stylesheet
text/html 62.129.206.181
HOMEPL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pizzadominium.pl/public/resources/style/packed/40f51bac67bbf527dc16315c49927b14.css
Requested by: Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.129.206.181 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS: cloudserver011865.home.pl
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 403 c6eee5fe262225c62db5effc6ceab34a.js
www.pizzadominium.pl/public/resources/javascript/packed/ 0
0 218ms
55ms Script
text/html 62.129.206.181
HOMEPL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pizzadominium.pl/public/resources/javascript/packed/c6eee5fe262225c62db5effc6ceab34a.js
Requested by: Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.129.206.181 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS: cloudserver011865.home.pl
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 home.aspx
www.restauracja-anima.pl/dynamic/css/ 384 KB
74 KB 898ms
724ms Stylesheet
text/css 2606:4700:4400::6812:291f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.restauracja-anima.pl/dynamic/css/home.aspx?version=10112023054447

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:291f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

441686f25f9fe903fd1cead85124dd5c112992c4d92e6f1b46b0903eacf4fffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:00 GMT
content-encoding: gzip
ms-content-tags: cms-css, df-1861783, df-1861787, df-1861789, pt-417408
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1
request-context: appId=cid-v1:2222bae7-6b65-488b-a7a8-8f50b5e55838
x-trace-id: d28f9b99-b970-449b-b40c-e6da17145a01
server: cloudflare
etag: 10112023054447
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: public, max-age=15600
cf-ray: 835a65e59cb8667c-AMS

GET
H2 200 anima-cracow-logo.png
www.restauracja-anima.pl/resourcefiles/logo/ 2 KB
2 KB 671ms
510ms Image
image/png 2606:4700:4400::6812:291f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.restauracja-anima.pl/resourcefiles/logo/anima-cracow-logo.png

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:291f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11a16c9a26c0142b882e221b0ed174ebaa5986919837ed99ba09bb759db459d8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1,mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:58:59 GMT
ms-content-tags: qg5QJG
cf-cache-status: MISS
last-modified: Tue, 11 Jan 2022 13:31:07 GMT
server: cloudflare
etag: 10162023115735
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png; charset=utf-8
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 835a65e59cbb667c-AMS
content-length: 1850
x-xss-protection: 1,mode=block
expires: Thu, 21 Dec 2023 23:58:59 GMT

GET
H2 403 email-decode.min.js
www.pizzadominium.pl/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 0
0 217ms
54ms Script
text/html 62.129.206.181
HOMEPL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pizzadominium.pl/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by: Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.129.206.181 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS: cloudserver011865.home.pl
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 autoanalyticsmanager_marriott.js Show response
www.restauracja-anima.pl/milestone_common/ 42 KB
6 KB 671ms
498ms Script
application/javascript 2606:4700:4400::6812:291f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.restauracja-anima.pl/milestone_common/autoanalyticsmanager_marriott.js
Requested by: Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:291f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b97828fd8cb1d86f9ae1559c7ed38d09999db41d1d7b5e90ecd7ceee77530268

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:58:59 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 07:31:20 GMT
server: cloudflare
etag: "0d4e8df8326da1:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
cf-ray: 835a65e59cb9667c-AMS
content-length: 6303

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 50 KB
19 KB 266ms
107ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

756cca29e306e66f94e7b705c45bb0bc0315d7e745c159971cbecc65e62e7d3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:58:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18841
x-xss-protection: 0
server: cafe
etag: 14511532860437540159
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 23:58:59 GMT

GET
H/1.1 200
OK 2e80fdf3-9946-473d-96ce-7db59482af2c Show response
t.goadservices.com/tags/ 782 B
1013 B 226ms
54ms Script
application/javascript 195.177.217.192
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.goadservices.com/tags/2e80fdf3-9946-473d-96ce-7db59482af2c
Requested by: Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.177.217.192 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-195-177-217-192.dataspace.pl
Software: nginx /
Resource Hash: 48a3fb42b4179a24fa50c6eabaa509e7a54b6da6db26eca6b8f8a4f9b6405027

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 23:58:59 GMT
Cache-Control: private, no-cache, no-store
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 243 KB
84 KB 157ms
63ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N26QLB

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e827b7c8dbc0ddc51b3da6a3d95d0653848b709eb10f3bd4823ceea4b22edcb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:58:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85377
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Dec 2023 23:58:59 GMT

GET
H2 200 print.aspx
www.restauracja-anima.pl/css/ 2 KB
2 KB 48ms
47ms Stylesheet
text/css 2606:4700:4400::6812:291f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.restauracja-anima.pl/css/print.aspx

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:291f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02518efb2cd133d811b1f8c16d44fc8e2bb5f0a0e40109d12c929ed0971464e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:58:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
ms-content-tags: cms-css, df-1861777
age: 117453
cf-polished: origSize=1873
content-length: 1857
x-xss-protection: 1
request-context: appId=cid-v1:2222bae7-6b65-488b-a7a8-8f50b5e55838
x-trace-id: 7dd942fb-3f59-474b-b685-abe19eb0b30e
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:21:26 GMT
server: cloudflare
etag: 10112023054447
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: public, max-age=15600
accept-ranges: bytes
cf-ray: 835a65e5ed12667c-AMS
expires: Wed, 20 Dec 2023 15:21:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-15N31ETXG9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N26QLB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b27c4b31af098d27b6f5321554f930ce039314e746073323b8a914aa989ed33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:58:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85553
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 23:58:59 GMT

GET
H2 410 7476.js
script.crazyegg.com/pages/scripts/0092/ 0
0 93ms
34ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0092/7476.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N26QLB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:58:59 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Dec 2023 08:14:16 GMT
server: cloudflare
age: 56683
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 835a65e7dff91c10-AMS
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 128ms
36ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N26QLB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 23:48:14 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 645
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 15 Dec 2023 01:48:14 GMT

GET
H2

200

activityi;dc_pre=CIrT_YmRkIMDFQRckQUdgC0OMQ;src=10121152;type=invmedia;cat=sg-za0;ord=4223824201237;auiddc=2012779293.1702598340;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;... Show response
10121152.fls.doubleclick.net/ Frame DD13
Redirect Chain

https://10121152.fls.doubleclick.net/activityi;src=10121152;type=invmedia;cat=sg-za0;ord=4223824201237;auiddc=2012779293.1702598340;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;ua...
https://10121152.fls.doubleclick.net/activityi;dc_pre=CIrT_YmRkIMDFQRckQUdgC0OMQ;src=10121152;type=invmedia;cat=sg-za0;ord=4223824201237;auiddc=2012779293.1702598340;gtm=45He3bt0v71743015;gcd=11l1l...

588 B
505 B

104ms
104ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10121152.fls.doubleclick.net/activityi;dc_pre=CIrT_YmRkIMDFQRckQUdgC0OMQ;src=10121152;type=invmedia;cat=sg-za0;ord=4223824201237;auiddc=2012779293.1702598340;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N26QLB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f6.1e100.net

Software

cafe /

Resource Hash

3746d1353b296a88ef29c02cd3933197880129b6e231cf9a9fdc8f1681e34d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://doczytamyinfo.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 329
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 23:59:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 23:58:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10121152.fls.doubleclick.net/activityi;dc_pre=CIrT_YmRkIMDFQRckQUdgC0OMQ;src=10121152;type=invmedia;cat=sg-za0;ord=4223824201237;auiddc=2012779293.1702598340;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CLSd_4mRkIMDFTlbkQUdmvQE0Q;src=10902911;type=rmkt0;cat=domin0;ord=8695727460896;auiddc=2012779293.1702598340;u1=https%3A%2F%2Fdoczytamyinfo.click%2F;gtm=45He3bt0v71743015;gcd=11l1l... Show response
10902911.fls.doubleclick.net/ Frame 58BC
Redirect Chain

https://10902911.fls.doubleclick.net/activityi;src=10902911;type=rmkt0;cat=domin0;ord=8695727460896;auiddc=2012779293.1702598340;u1=https%3A%2F%2Fdoczytamyinfo.click%2F;gtm=45He3bt0v71743015;gcd=11...
https://10902911.fls.doubleclick.net/activityi;dc_pre=CLSd_4mRkIMDFTlbkQUdmvQE0Q;src=10902911;type=rmkt0;cat=domin0;ord=8695727460896;auiddc=2012779293.1702598340;u1=https%3A%2F%2Fdoczytamyinfo.cli...

536 B
512 B

108ms
107ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10902911.fls.doubleclick.net/activityi;dc_pre=CLSd_4mRkIMDFTlbkQUdmvQE0Q;src=10902911;type=rmkt0;cat=domin0;ord=8695727460896;auiddc=2012779293.1702598340;u1=https%3A%2F%2Fdoczytamyinfo.click%2F;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N26QLB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f6.1e100.net

Software

cafe /

Resource Hash

86777dfd5db50d5089741f4cef3b46d94da613e3df437a57801d802a865df2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://doczytamyinfo.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 301
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 23:59:00 GMT
expires: Thu, 14 Dec 2023 23:59:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 23:58:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10902911.fls.doubleclick.net/activityi;dc_pre=CLSd_4mRkIMDFTlbkQUdmvQE0Q;src=10902911;type=rmkt0;cat=domin0;ord=8695727460896;auiddc=2012779293.1702598340;u1=https%3A%2F%2Fdoczytamyinfo.click%2F;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 100ms
33ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Dec 2023 23:58:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 68hJ0sczdW2gbnlweRGeswkHQ6EhNhPLodnmRvUM8GA2nuMjLMSULUZ+rF0U0UBz1T4uoYU+DsouyUJYGtMl7g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 81ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-15N31ETXG9&gtm=45je3bt0v883405594z871743015&_p=1702598339479&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1669709776.1702598340&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702598339&sct=1&seg=0&dl=https%3A%2F%2Fdoczytamyinfo.click%2F&dr=https%3A%2F%2Fdoczytamyinfo.click%2F&dt=%22%3A%20Zobacz%20nagranie%20potr%C4%85cenia%20dziecka%20przed%20szko%C5%82%C4%85!%20%5B%2B18%5D%22&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=705
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-15N31ETXG9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:58:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://doczytamyinfo.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
225 B 56ms
56ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=96276795&t=pageview&_s=1&dl=https%3A%2F%2Fdoczytamyinfo.click%2F&ul=en-us&de=UTF-8&dt=%22%3A%20Zobacz%20nagranie%20potr%C4%85cenia%20dziecka%20przed%20szko%C5%82%C4%85!%20%5B%2B18%5D%22&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=809032348&gjid=1015039506&cid=1669709776.1702598340&tid=UA-15952150-9&_gid=1944505841.1702598340&_r=1&_slc=1&gtm=45He3bt0n71N26QLBv71743015&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=453887142

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2e67ed6358a4d4ac2d7d776c10a5711c1600eb3cd5d94c6b5c6f23ea8f7023fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://doczytamyinfo.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:58:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://doczytamyinfo.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 965654053972556 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 108ms
107ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/965654053972556?v=2.9.138&r=stable&domain=doczytamyinfo.click

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6d9e43ce1538a763aa4ac11b5540e6c061ebdbd52d39fb02e60ebd16b8c4c850

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Dec 2023 23:59:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: hVc5drEXA6vSRzg3ACQO4lxOWUFct1Qu/9GRz0XScspy4U8miILTQ+u/xIkRnWOjRkXcQ/762LBuKW6/X9Kfhg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 98ms
33ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-15952150-9&cid=1669709776.1702598340&jid=809032348&gjid=1015039506&_gid=1944505841.1702598340&_u=YADAAEAAAAAAACAAI~&z=1889063671

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doczytamyinfo.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 14 Dec 2023 23:59:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://doczytamyinfo.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 250 KB
85 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N0WGMNV8JE&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

abef7ba00bdc5a5b59f148dc922db72824d8134c5cd1afe9c50a0f22c091d39a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:58:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86549
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 23:58:59 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 152ms
60ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-15952150-9&cid=1669709776.1702598340&jid=809032348&_u=YADAAEAAAAAAACAAI~&z=2004191606

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 156ms
61ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-15952150-9&cid=1669709776.1702598340&jid=809032348&_u=YADAAEAAAAAAACAAI~&z=2004191606

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 99ms
33ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=965654053972556&ev=PageView&dl=https%3A%2F%2Fdoczytamyinfo.click%2F&rl=https%3A%2F%2Fdoczytamyinfo.click%2F&if=false&ts=1702598340065&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702598340065.1192195972&it=1702598339938&coo=false&rqm=GET

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Dec 2023 23:59:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 29ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N0WGMNV8JE&gtm=45je3bt0v9135581334&_p=1702598339479&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1669709776.1702598340&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fdoczytamyinfo.click%2F&dt=%22%3A%20Zobacz%20nagranie%20potr%C4%85cenia%20dziecka%20przed%20szko%C5%82%C4%85!%20%5B%2B18%5D%22&sid=1702598340&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=975
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N0WGMNV8JE&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://doczytamyinfo.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 33ms
32ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N0WGMNV8JE&cid=1669709776.1702598340&gtm=45je3bt0v9135581334&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N0WGMNV8JE&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://doczytamyinfo.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 87ms
62ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N0WGMNV8JE&cid=1669709776.1702598340&gtm=45je3bt0v9135581334&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=751074635

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CIrT_YmRkIMDFQRckQUdgC0OMQ;src=10121152;type=invmedia;cat=sg-za0;ord=4223824201237;auiddc=2012779293.1702598340;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uam... Show response
adservice.google.com/ddm/fls/i/ Frame 4ED5 587 B
424 B 172ms
77ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIrT_YmRkIMDFQRckQUdgC0OMQ;src=10121152;type=invmedia;cat=sg-za0;ord=4223824201237;auiddc=2012779293.1702598340;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F

Requested by

Host: 10121152.fls.doubleclick.net
URL: https://10121152.fls.doubleclick.net/activityi;dc_pre=CIrT_YmRkIMDFQRckQUdgC0OMQ;src=10121152;type=invmedia;cat=sg-za0;ord=4223824201237;auiddc=2012779293.1702598340;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1dd87a0436aa2ba93f67edadf5b259fe422813e3bcfc31e22255e85ed0a3fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10121152.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 332
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 23:59:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CLSd_4mRkIMDFTlbkQUdmvQE0Q;src=10902911;type=rmkt0;cat=domin0;ord=8695727460896;auiddc=*;u1=https%3A%2F%2Fdoczytamyinfo.click%2F;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa...
adservice.google.com/ddm/fls/z/ Frame 58BC 42 B
401 B 148ms
76ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLSd_4mRkIMDFTlbkQUdmvQE0Q;src=10902911;type=rmkt0;cat=domin0;ord=8695727460896;auiddc=*;u1=https%3A%2F%2Fdoczytamyinfo.click%2F;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F

Requested by

Host: 10902911.fls.doubleclick.net
URL: https://10902911.fls.doubleclick.net/activityi;dc_pre=CLSd_4mRkIMDFTlbkQUdmvQE0Q;src=10902911;type=rmkt0;cat=domin0;ord=8695727460896;auiddc=2012779293.1702598340;u1=https%3A%2F%2Fdoczytamyinfo.click%2F;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://10902911.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 home.aspx Show response
www.restauracja-anima.pl/dynamic/js/ 243 KB
102 KB 750ms
750ms Script
text/javascript 2606:4700:4400::6812:291f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.restauracja-anima.pl/dynamic/js/home.aspx?version=7152022094906

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:291f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ad9f0ac06bcf0daff0fdcd5310fc3ff1bf8d06aef0f082d7a7753bbc158628d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://doczytamyinfo.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 14 Dec 2023 23:59:00 GMT
content-encoding: gzip
ms-content-tags: cms-js, df-1861784, df-1861786, df-1861788, df-1861814, pt-417408
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1
request-context: appId=cid-v1:2222bae7-6b65-488b-a7a8-8f50b5e55838
x-trace-id: 015867b4-6d18-492e-b4c7-1e305a1dc553
server: cloudflare
etag: 7152022094906
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: public, max-age=15600
cf-ray: 835a65ea48b2667c-AMS

GET
H2 200 dc_pre=CIrT_YmRkIMDFQRckQUdgC0OMQ;src=10121152;type=invmedia;cat=sg-za0;ord=4223824201237;auiddc=2012779293.1702598340;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uam... Show response
adservice.google.nl/ddm/fls/i/ Frame EDCD 194 B
303 B 122ms
77ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/ddm/fls/i/dc_pre=CIrT_YmRkIMDFQRckQUdgC0OMQ;src=10121152;type=invmedia;cat=sg-za0;ord=4223824201237;auiddc=2012779293.1702598340;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIrT_YmRkIMDFQRckQUdgC0OMQ;src=10121152;type=invmedia;cat=sg-za0;ord=4223824201237;auiddc=2012779293.1702598340;gtm=45He3bt0v71743015;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 23:59:00 GMT
expires: Thu, 14 Dec 2023 23:59:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET Montserrat-Regular.woff2
www.restauracja-anima.pl/fonts/ 0
0

GET mimiconfont.ttf
www.restauracja-anima.pl/fonts/ 0
0

GET ArchivoBlack-Regular.woff2
www.restauracja-anima.pl/fonts/ 0
0

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET autoanalyticsrules_marriott.json
www.pizzadominium.pl/milestone_common/ 0
0

GET
H3 200 1060844193962204 Show response
connect.facebook.net/signals/config/ 115 KB
31 KB 93ms
93ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1060844193962204?v=2.9.138&r=stable&domain=doczytamyinfo.click

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ea61599e69c89e0ed7d385b0363698ce8faf328971341fd58308adeb4e05cdb3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Dec 2023 23:59:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 1DytThzFy/Y//npkUPegDP1WW5lPSBWcr6girliUb0wj3As6yLoKiOXtAy88Jiilb+h5gRZHPBNOmgZxZX3jQQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/991090543/ 3 KB
2 KB 158ms
65ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991090543/?random=1702598341124&cv=9&fst=1702598341124&num=1&label=5lXtCKmFz2IQ767L2AM&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdoczytamyinfo.click%2F&ref=https%3A%2F%2Fdoczytamyinfo.click%2F&tiba=%22%3A%20Zobacz%20nagranie%20potr%C4%85cenia%20dziecka%20przed%20szko%C5%82%C4%85!%20%5B%2B18%5D%22&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6249d1f0f95a73d21542e37f81045548b1837be150cf293e5ffca05c1ba20261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1439
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/969732012/ 3 KB
2 KB 153ms
63ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/969732012/?random=1702598341129&cv=9&fst=1702598341124&num=2&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdoczytamyinfo.click%2F&ref=https%3A%2F%2Fdoczytamyinfo.click%2F&tiba=%22%3A%20Zobacz%20nagranie%20potr%C4%85cenia%20dziecka%20przed%20szko%C5%82%C4%85!%20%5B%2B18%5D%22&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7dde83e5b547e0a550f4b89bb98d29d4c4eafdffe9cd1b87bbf3dbf1393bd3af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1396
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/946161663/ 3 KB
2 KB 148ms
62ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/946161663/?random=1702598341134&cv=9&fst=1702598341124&num=3&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdoczytamyinfo.click%2F&ref=https%3A%2F%2Fdoczytamyinfo.click%2F&tiba=%22%3A%20Zobacz%20nagranie%20potr%C4%85cenia%20dziecka%20przed%20szko%C5%82%C4%85!%20%5B%2B18%5D%22&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0229d15ecf41be75f67af38ce4e580bcb0a0c022569b4d1d802ff4a322f2852c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1392
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/968643253/ 3 KB
2 KB 146ms
62ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/968643253/?random=1702598341135&cv=9&fst=1702598341124&num=4&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdoczytamyinfo.click%2F&ref=https%3A%2F%2Fdoczytamyinfo.click%2F&tiba=%22%3A%20Zobacz%20nagranie%20potr%C4%85cenia%20dziecka%20przed%20szko%C5%82%C4%85!%20%5B%2B18%5D%22&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96ced48f15348f3e6ce0943efd4152fee946d3ec88e49217504247e9954b01d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1395
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 2e80fdf3-9946-473d-96ce-7db59482af2c Show response
t.goadservices.com/engine/ 0
180 B 53ms
53ms Script
application/javascript 195.177.217.192
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.goadservices.com/engine/2e80fdf3-9946-473d-96ce-7db59482af2c
Requested by: Host: t.goadservices.com
URL: https://t.goadservices.com/tags/2e80fdf3-9946-473d-96ce-7db59482af2c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.177.217.192 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-195-177-217-192.dataspace.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 23:59:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8

GET GetCountryBasedOnLocationHandler.ashx
www.restauracja-anima.pl/ 0
0

GET ArchivoBlack-Regular.woff
www.restauracja-anima.pl/fonts/ 0
0

GET Montserrat-Regular.woff
www.restauracja-anima.pl/fonts/ 0
0

GET mimiconfont.woff
www.restauracja-anima.pl/fonts/ 0
0

GET ArchivoBlack-Regular.ttf
www.restauracja-anima.pl/fonts/ 0
0

GET Montserrat-Regular.ttf
www.restauracja-anima.pl/fonts/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 35ms
34ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1060844193962204&ev=PageView&dl=https%3A%2F%2Fdoczytamyinfo.click&rl=https%3A%2F%2Fdoczytamyinfo.click&if=false&ts=1702598341251&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1702598340065.1192195972&pm=1&hrl=076728&it=1702598339938&coo=false&cs_cc=1&rqm=GET

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Dec 2023 23:59:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/968643253/ 42 B
108 B 66ms
62ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/968643253/?random=1702598341135&cv=9&fst=1702594800000&num=4&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fdoczytamyinfo.click%2F&ref=https%3A%2F%2Fdoczytamyinfo.click%2F&tiba=%22%3A%20Zobacz%20nagranie%20potr%C4%85cenia%20dziecka%20przed%20szko%C5%82%C4%85!%20%5B%2B18%5D%22&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_vKZLgWz1Cw2D3hseo7Le0WUCPsfML9-4NdAsiauCNX-BMumJ&random=1513242238&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/968643253/ 42 B
108 B 69ms
65ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/968643253/?random=1702598341135&cv=9&fst=1702594800000&num=4&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fdoczytamyinfo.click%2F&ref=https%3A%2F%2Fdoczytamyinfo.click%2F&tiba=%22%3A%20Zobacz%20nagranie%20potr%C4%85cenia%20dziecka%20przed%20szko%C5%82%C4%85!%20%5B%2B18%5D%22&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_vKZLgWz1Cw2D3hseo7Le0WUCPsfML9-4NdAsiauCNX-BMumJ&random=1513242238&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/946161663/ 42 B
154 B 62ms
60ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/946161663/?random=1702598341134&cv=9&fst=1702594800000&num=3&guid=ON&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fdoczytamyinfo.click%2F&ref=https%3A%2F%2Fdoczytamyinfo.click%2F&tiba=%22%3A%20Zobacz%20nagranie%20potr%C4%85cenia%20dziecka%20przed%20szko%C5%82%C4%85!%20%5B%2B18%5D%22&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_K2Cn0iX_HUBETfsQzjTn0rQhR8ynz173kSjp5xDl4pJFM0y2&random=676678287&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/946161663/ 42 B
108 B 66ms
64ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/946161663/?random=1702598341134&cv=9&fst=1702594800000&num=3&guid=ON&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fdoczytamyinfo.click%2F&ref=https%3A%2F%2Fdoczytamyinfo.click%2F&tiba=%22%3A%20Zobacz%20nagranie%20potr%C4%85cenia%20dziecka%20przed%20szko%C5%82%C4%85!%20%5B%2B18%5D%22&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_K2Cn0iX_HUBETfsQzjTn0rQhR8ynz173kSjp5xDl4pJFM0y2&random=676678287&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/991090543/ 42 B
108 B 62ms
61ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/991090543/?random=1702598341124&cv=9&fst=1702594800000&num=1&label=5lXtCKmFz2IQ767L2AM&guid=ON&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fdoczytamyinfo.click%2F&ref=https%3A%2F%2Fdoczytamyinfo.click%2F&tiba=%22%3A%20Zobacz%20nagranie%20potr%C4%85cenia%20dziecka%20przed%20szko%C5%82%C4%85!%20%5B%2B18%5D%22&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_VC6cykhtoE4krrzERMUHO69vtL9bKytvP_AI2mD4aoURd4jd&random=1428194597&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/991090543/ 42 B
108 B 67ms
66ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/991090543/?random=1702598341124&cv=9&fst=1702594800000&num=1&label=5lXtCKmFz2IQ767L2AM&guid=ON&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fdoczytamyinfo.click%2F&ref=https%3A%2F%2Fdoczytamyinfo.click%2F&tiba=%22%3A%20Zobacz%20nagranie%20potr%C4%85cenia%20dziecka%20przed%20szko%C5%82%C4%85!%20%5B%2B18%5D%22&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_VC6cykhtoE4krrzERMUHO69vtL9bKytvP_AI2mD4aoURd4jd&random=1428194597&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/969732012/ 42 B
108 B 63ms
63ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/969732012/?random=1702598341129&cv=9&fst=1702594800000&num=2&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fdoczytamyinfo.click%2F&ref=https%3A%2F%2Fdoczytamyinfo.click%2F&tiba=%22%3A%20Zobacz%20nagranie%20potr%C4%85cenia%20dziecka%20przed%20szko%C5%82%C4%85!%20%5B%2B18%5D%22&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_j3zy9rYLsnvZl4qWbEYwiW4a27CG6knBKZdPj634OOWoHFSL&random=4247256777&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/969732012/ 42 B
154 B 64ms
64ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/969732012/?random=1702598341129&cv=9&fst=1702594800000&num=2&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fdoczytamyinfo.click%2F&ref=https%3A%2F%2Fdoczytamyinfo.click%2F&tiba=%22%3A%20Zobacz%20nagranie%20potr%C4%85cenia%20dziecka%20przed%20szko%C5%82%C4%85!%20%5B%2B18%5D%22&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_j3zy9rYLsnvZl4qWbEYwiW4a27CG6knBKZdPj634OOWoHFSL&random=4247256777&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 naglowek-testowy.jpg
www.restauracja-anima.pl/resourcefiles/homeimages/ 126 KB
0 743ms
742ms Image
image/jpeg 2606:4700:4400::6812:291f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.restauracja-anima.pl/resourcefiles/homeimages/naglowek-testowy.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:291f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1,mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
ms-content-tags: 3miqov
cf-cache-status: MISS
last-modified: Tue, 10 May 2022 08:45:00 GMT
server: cloudflare
etag: 10162023115735
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg; charset=utf-8
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 835a6602dbe3667c-AMS
content-length: 371031
x-xss-protection: 1,mode=block
expires: Thu, 21 Dec 2023 23:59:04 GMT

GET
H2 200 anima.png
www.restauracja-anima.pl/resourcefiles/home-first-snippet/ 126 KB
0 726ms
725ms Image
image/png 2606:4700:4400::6812:291f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.restauracja-anima.pl/resourcefiles/home-first-snippet/anima.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:291f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1,mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
ms-content-tags: Zyv04L
cf-cache-status: MISS
last-modified: Thu, 05 Jan 2023 13:45:28 GMT
server: cloudflare
etag: 10162023115735
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png; charset=utf-8
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 835a6602dbe5667c-AMS
content-length: 1074264
x-xss-protection: 1,mode=block
expires: Thu, 21 Dec 2023 23:59:04 GMT

GET
H2 200 drinks.jpg
www.restauracja-anima.pl/resourcefiles/home-second-snippet/ 92 KB
92 KB 743ms
743ms Image
image/jpeg 2606:4700:4400::6812:291f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.restauracja-anima.pl/resourcefiles/home-second-snippet/drinks.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:291f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29b82695f6be8eb6e8c4d7481fb7c40e1e9bad47b54f7386451223e44b663d71

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1,mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
ms-content-tags: y1hjiX
cf-cache-status: MISS
last-modified: Tue, 11 Jan 2022 11:01:12 GMT
server: cloudflare
etag: 10162023115735
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg; charset=utf-8
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 835a6602dbe9667c-AMS
content-length: 93899
x-xss-protection: 1,mode=block
expires: Thu, 21 Dec 2023 23:59:04 GMT

GET
H2 200 olive-oil.jpg
www.restauracja-anima.pl/resourcefiles/home-second-snippet/ 101 KB
101 KB 742ms
741ms Image
image/jpeg 2606:4700:4400::6812:291f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.restauracja-anima.pl/resourcefiles/home-second-snippet/olive-oil.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:291f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67a7e7e8222c341164d90009e8a1e9c87e7ab37a15e5b37d412a05416ec03784

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1,mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
ms-content-tags: QL6muo
cf-cache-status: MISS
last-modified: Tue, 11 Jan 2022 12:56:39 GMT
server: cloudflare
etag: 10162023115735
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg; charset=utf-8
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 835a6602dbea667c-AMS
content-length: 103139
x-xss-protection: 1,mode=block
expires: Thu, 21 Dec 2023 23:59:04 GMT

GET
H2 200 food.jpg
www.restauracja-anima.pl/resourcefiles/home-third-snippet/ 115 KB
115 KB 740ms
740ms Image
image/jpeg 2606:4700:4400::6812:291f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.restauracja-anima.pl/resourcefiles/home-third-snippet/food.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:291f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65322df16f7b5419d4888a6a7be07817884f470cf3c287f48e128d56e6083a8e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1,mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
ms-content-tags: t0cWTS
cf-cache-status: MISS
last-modified: Tue, 11 Jan 2022 11:32:14 GMT
server: cloudflare
etag: 10162023115735
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg; charset=utf-8
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 835a6602ebeb667c-AMS
content-length: 117309
x-xss-protection: 1,mode=block
expires: Thu, 21 Dec 2023 23:59:04 GMT

GET
H2 200 restauracja-anima.png
www.restauracja-anima.pl/resourcefiles/home-first-snippet/ 126 KB
0 748ms
748ms Image
image/png 2606:4700:4400::6812:291f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.restauracja-anima.pl/resourcefiles/home-first-snippet/restauracja-anima.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:291f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1,mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
ms-content-tags: zyrkQL
cf-cache-status: MISS
last-modified: Fri, 30 Dec 2022 14:18:27 GMT
server: cloudflare
etag: 10162023115735
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png; charset=utf-8
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 835a6602ebec667c-AMS
content-length: 1088735
x-xss-protection: 1,mode=block
expires: Thu, 21 Dec 2023 23:59:04 GMT

GET
H2 200 launch-EN3963523be4674e5591a9c4d516697352.min.js Show response
assets.adobedtm.com/ 464 KB
117 KB 132ms
34ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Requested by: Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 98f567d4bac4c7484a2856ef850e5e530498edf065158eb88d2eb5f88f8d5254

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 01:44:33 GMT
server: AkamaiNetStorage
etag: "92a49d95a1c98bd1f29f6b2b29ffecdd:1702259073.588409"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://doczytamyinfo.click
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 119198
expires: Fri, 15 Dec 2023 00:59:04 GMT

GET
H2 200 id Show response
dpm.demdex.net/ 5 KB
2 KB 147ms
43ms XHR
application/json 54.220.4.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=664516D751E565010A490D4C%40AdobeOrg&d_nsid=0&ts=1702598344730

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.220.4.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-4-214.eu-west-1.compute.amazonaws.com

Software

Resource Hash

8691fa05bd2aed6a9da2c821f788eefeb1114f3105f314e685ad897a6eaa78f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://doczytamyinfo.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-2-v054-0d3c4063c.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Thu, 14 Dec 2023 23:59:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: FjeBWTiPTNg=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://doczytamyinfo.click
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 1736
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/ 34 KB
13 KB 33ms
33ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 089030d8bec22aa48ae59e27516a4e8a1fcec666e9d783c7a1df47220b750dc1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 03 Jun 2019 23:03:32 GMT
server: AkamaiNetStorage
etag: "72404253c27255247028f0ba11022cf8:1559603012"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://doczytamyinfo.click
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12916
expires: Fri, 15 Dec 2023 00:59:04 GMT

GET
H2 200 RC998a74cdbfb34e4eb70533b7acc285a2-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/ 573 B
593 B 34ms
34ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/RC998a74cdbfb34e4eb70533b7acc285a2-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d54891ba3097219a4b8f8428e046daeb723b89c2191c3b00c3fc96cbbbe01eab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 01:44:35 GMT
server: AkamaiNetStorage
etag: "f2c1a14270c0912967ac73a787cbd724:1702259075.343881"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://doczytamyinfo.click
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 334
expires: Fri, 15 Dec 2023 00:59:04 GMT

GET
H2 200 RCbbd572812c1d4d6381764b660217f8cb-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/ 2 KB
1 KB 33ms
33ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/RCbbd572812c1d4d6381764b660217f8cb-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d410325ea36bda62368a9e46a730b05b4c71315f691738824324585e19ab52c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 01:44:35 GMT
server: AkamaiNetStorage
etag: "f2c1a14270c0912967ac73a787cbd724:1702259075.343881"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://doczytamyinfo.click
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 876
expires: Fri, 15 Dec 2023 00:59:04 GMT

GET
H2 200 RCb500618f5ce84b22ac56f249cbc4d22d-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/ 422 B
528 B 34ms
33ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/RCb500618f5ce84b22ac56f249cbc4d22d-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ec3484206cc9ca2bf89cd0f4015ae6de7c12af134efcb8100e2a67665d1bc32f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 01:44:35 GMT
server: AkamaiNetStorage
etag: "f2c1a14270c0912967ac73a787cbd724:1702259075.343881"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://doczytamyinfo.click
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 270
expires: Fri, 15 Dec 2023 00:59:04 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
74 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-981033382&l=dataLayerB

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0fd4a2d14349f06f7fc11f7b087c32384c848fd757a6e2b2f2a49c6b6d57643b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75367
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Dec 2023 23:59:04 GMT

GET
H2 200 RCd27fea974d354655821709a78f4b1dd2-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/ 2 KB
895 B 33ms
33ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/RCd27fea974d354655821709a78f4b1dd2-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4b0a2dff03fbcb2a399122e94720242ff5a1cd04b401542c5223d1882875c1fe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 01:44:35 GMT
server: AkamaiNetStorage
etag: "f2c1a14270c0912967ac73a787cbd724:1702259075.343881"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://doczytamyinfo.click
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 636
expires: Fri, 15 Dec 2023 00:59:04 GMT

GET
H2 200 RC9cb1ec8ecf2a461187113443b47b5896-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/ 1 KB
976 B 33ms
33ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/RC9cb1ec8ecf2a461187113443b47b5896-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3b42793d1ce6c10fb4ee27dd4e3ddd43d60a807e18600379e8bfc754b6cb48ec

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 01:44:35 GMT
server: AkamaiNetStorage
etag: "f2c1a14270c0912967ac73a787cbd724:1702259075.343881"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://doczytamyinfo.click
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 717
expires: Fri, 15 Dec 2023 00:59:04 GMT

GET
H2 200 RC7397178f0a1540d798c3f1a3d2c85c1b-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/ 1 KB
904 B 33ms
33ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/RC7397178f0a1540d798c3f1a3d2c85c1b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: caafb5658f1dbb8eb00a355fd2a403a41d04a92a757e65afe304a3286848779c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 01:44:35 GMT
server: AkamaiNetStorage
etag: "f2c1a14270c0912967ac73a787cbd724:1702259075.343881"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://doczytamyinfo.click
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 645
expires: Fri, 15 Dec 2023 00:59:04 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 103ms
44ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 14 Dec 2023 23:59:04 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4AFEB023CE5E4998816A48BAEFC8F6E8 Ref B: AMS04EDGE3319 Ref C: 2023-12-14T23:59:04Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 RCb6c3578477864b5583591694fb0c7548-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/ 4 KB
1 KB 33ms
33ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/RCb6c3578477864b5583591694fb0c7548-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 66679eeeff1f95eb4130b7461e70a60beb8658dbbab557e08792189ab6f5dcfc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 01:44:35 GMT
server: AkamaiNetStorage
etag: "f2c1a14270c0912967ac73a787cbd724:1702259075.343881"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://doczytamyinfo.click
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1131
expires: Fri, 15 Dec 2023 00:59:04 GMT

GET
H2 200 RC69b12fc347724763b4d1d6b2bbb7bc67-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/ 1 KB
876 B 35ms
35ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/RC69b12fc347724763b4d1d6b2bbb7bc67-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 59d7f6386ba723011e303ae87b39e907312ee2d831f94cb1d5190874e3c83404

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 01:44:35 GMT
server: AkamaiNetStorage
etag: "f2c1a14270c0912967ac73a787cbd724:1702259075.343881"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://doczytamyinfo.click
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 617
expires: Fri, 15 Dec 2023 00:59:04 GMT

GET
H2 200 RC28f29f2c23a143e0acc4cd8133230ddf-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/ 2 KB
987 B 33ms
33ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/RC28f29f2c23a143e0acc4cd8133230ddf-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f889865eae63c2a6ac1ffa70f050658844cd48d30fd3491415680b3afb0cbd1c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 01:44:35 GMT
server: AkamaiNetStorage
etag: "f2c1a14270c0912967ac73a787cbd724:1702259075.343881"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://doczytamyinfo.click
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 728
expires: Fri, 15 Dec 2023 00:59:04 GMT

GET
H2 200 RCc37891c0d65e4f2581d609fc16498257-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/ 548 B
557 B 38ms
38ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/RCc37891c0d65e4f2581d609fc16498257-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6b682e8c6452862aeba0a0ca5d7e69a6d98ae0bc4769006f5019dad00d43bbcb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 01:44:35 GMT
server: AkamaiNetStorage
etag: "f2c1a14270c0912967ac73a787cbd724:1702259075.343881"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://doczytamyinfo.click
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 298
expires: Fri, 15 Dec 2023 00:59:04 GMT

GET
H2 200 RCb70d7bef713543b09b57afbc6f9e056a-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/ 3 KB
1 KB 41ms
41ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/RCb70d7bef713543b09b57afbc6f9e056a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b12eec8b895f4b89c78e83b9a7ebe3685bf4867f6cabdc6d37e473d142b43e2a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 01:44:35 GMT
server: AkamaiNetStorage
etag: "f2c1a14270c0912967ac73a787cbd724:1702259075.343881"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://doczytamyinfo.click
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1097
expires: Fri, 15 Dec 2023 00:59:04 GMT

GET
H2 200 RCe7ed036bb4cb4dc89bdf084029e843a5-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/ 776 B
755 B 37ms
37ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/RCe7ed036bb4cb4dc89bdf084029e843a5-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 54bdcdd51e9c21b7d971b532d693b6063a7d01cfac56c82c553a5e032385a514

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 01:44:35 GMT
server: AkamaiNetStorage
etag: "f2c1a14270c0912967ac73a787cbd724:1702259075.343881"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://doczytamyinfo.click
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 496
expires: Fri, 15 Dec 2023 00:59:04 GMT

GET
H2 200 RC1b12bbad598c4c1380765438bb0467a9-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/ 718 B
712 B 37ms
37ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/RC1b12bbad598c4c1380765438bb0467a9-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 529a6d1a39eaba1e4de7d51ec9eb786f66569bab254b40ad52d8b1836438637a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 01:44:35 GMT
server: AkamaiNetStorage
etag: "f2c1a14270c0912967ac73a787cbd724:1702259075.343881"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://doczytamyinfo.click
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 453
expires: Fri, 15 Dec 2023 00:59:04 GMT

GET
H2 200 RC9f906a1934ae46f6b85351f19bfa52f0-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/ 2 KB
1 KB 40ms
40ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/RC9f906a1934ae46f6b85351f19bfa52f0-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 80cb380eb82e70d01a20b206df7878d3cd63769afa75f194fce7081c421d86cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 01:44:35 GMT
server: AkamaiNetStorage
etag: "f2c1a14270c0912967ac73a787cbd724:1702259075.343881"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://doczytamyinfo.click
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 906
expires: Fri, 15 Dec 2023 00:59:04 GMT

GET
H2 200 RC62a22fd426a0470dad9c40c7f2f4b2fb-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/ 648 B
669 B 37ms
37ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/RC62a22fd426a0470dad9c40c7f2f4b2fb-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9ef4b3ee0798411af436abe571b0237d71d62ab1a48920f7063cd565c88e64d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 01:44:35 GMT
server: AkamaiNetStorage
etag: "f2c1a14270c0912967ac73a787cbd724:1702259075.343881"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://doczytamyinfo.click
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 411
expires: Fri, 15 Dec 2023 00:59:04 GMT

GET
H2 200 RC5144740cc710431e95a7dd7c05b8b386-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/ 1 KB
938 B 38ms
37ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/66543b347854/RC5144740cc710431e95a7dd7c05b8b386-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 63d4b2ba23cac4b4b5a1c4d44afe96a33724a177e8b3a40eba4bdc7cf6cc814c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 01:44:35 GMT
server: AkamaiNetStorage
etag: "f2c1a14270c0912967ac73a787cbd724:1702259075.343881"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://doczytamyinfo.click
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 679
expires: Fri, 15 Dec 2023 00:59:04 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/ 25 KB
9 KB 33ms
33ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 32bc033e13e02d8809b2c8c97ac5a5110c5f375a830ed6cace5ce1202ab5b480

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 03 Jun 2019 23:03:35 GMT
server: AkamaiNetStorage
etag: "e539ea6425ae55fa9f68995bc5a68886:1559603018"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://doczytamyinfo.click
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8640
expires: Fri, 15 Dec 2023 00:59:04 GMT

GET
H2 200 otSDKStub.js Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/ 20 KB
7 KB 188ms
45ms Script
application/x-javascript 2.23.196.80

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/otSDKStub.js?8144390700371842
Requested by: Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.196.80 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 19:38:47 GMT
server: AkamaiNetStorage
etag: "67b989d4e95276950bf7da56f7c0598d:1654544327.296254"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=737442
accept-ranges: bytes
content-length: 6886
expires: Sat, 23 Dec 2023 12:49:46 GMT

GET
H2 200 dpm_pixel_min.js Show response
c.tvpixel.com/js/current/ 103 KB
32 KB 107ms
29ms Script
application/javascript 2600:9000:2090:c600:1d:bf0a:0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=marriott-0af76d19-dfba-4407-860e-54c7ed29bed4
Requested by: Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:c600:1d:bf0a:0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
content-encoding: gzip
via: 1.1 650363fa7465273dd14fde086a851a86.cloudfront.net (CloudFront)
date: Thu, 14 Dec 2023 05:50:02 GMT
last-modified: Thu, 16 Sep 2021 18:14:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P1
age: 65343
etag: W/"08e770c8a17bf087d50cec01af0892c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: v7McEEg1On8f0cq9lQQsRApYtm28QsCcMUM-P6gXeBn_H7mZr5zFeg==

GET
H3 200 836072006419889 Show response
connect.facebook.net/signals/config/ 143 KB
37 KB 164ms
164ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/836072006419889?v=2.9.138&r=stable&domain=doczytamyinfo.click

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8aba4509b7ad6addbbf031a95d30d9ca14933006d511750c08d9049382fb9438

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Dec 2023 23:59:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 3NnvjBLqjG81DNSe83rqjt8wE7Ayh+H3onaWSpuIqGirldeT5ScXO2al7RAoPVxjdNdpx97ASKXjIw1iEs28Qg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 114ms
34ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 06:08:18 GMT
Content-Encoding: gzip
Via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Nov 2023 03:37:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 64247
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: vkNW9s8wCOJ5IO047q8nRHFZshI2Nv3KfKLYQwDrLcgZQnwpVqNvCg==

GET pxrc.php
pxl.jivox.com/tags/re/ 0
0

GET
H2 200 mhotels.html Show response
static.sojern.com/marriott/ Frame C00E 9 KB
10 KB 101ms
27ms Document
text/html 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Requested by: Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2cac89100642acb92e8c705a639a012b32de7eb32db954a31890da8a091610c3

Request headers

Referer: https://doczytamyinfo.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2382
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 9706
content-type: text/html
date: Thu, 14 Dec 2023 23:19:22 GMT
etag: "61166aab6d850b40153da0ce87a22993"
expires: Fri, 15 Dec 2023 00:19:22 GMT
last-modified: Fri, 03 Feb 2023 17:26:13 GMT
server: UploadServer
x-goog-generation: 1675445173923779
x-goog-hash: crc32c=9DJkug== md5=YRZqq22FC0AVPaDOh6Ipkw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9706
x-guploader-uploadid: ABPtcPrRUhI_JdT_BacxGari4Aa26y3VpCYT2EuMcuj5Q2PQ6RrQ1kSAjpjm7KCyT-FJQtDk9g

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 42 KB
15 KB 118ms
34ms Script
application/javascript 2a02:26f0:3500:16::215:148d

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d -, , ASN (),

Reverse DNS

Software

Resource Hash

f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 13:09:33 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=38800
accept-ranges: bytes
content-length: 15541

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 4 KB
2 KB 116ms
33ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: br
x-cdn: fastly
etag: "8d7d8ce32aa2a45d64e9f04a9a5cb1c4"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1793

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 109ms
33ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 14 Dec 2023 23:04:57 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: R1GYTTEAWS624H12
age: 3248
x-amz-server-side-encryption: AES256
content-length: 6262
x-amz-id-2: VmCajs3IfJMP8PT4YjcIPj5sMxSYLUJGSpSYu0IW9IcYgSDlrR3DvbmpIs+nCO6c7Xc4tAVJhdg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 scevent.min.js Show response
sc-static.net/ 41 KB
18 KB 119ms
59ms Script
application/javascript 18.239.67.245

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.67.245 -, , ASN (),
Reverse DNS
Software: CloudFront /
Resource Hash: 167ee4702e76b96cfe396221bef5630f2182e4148a3406c303992ab2f44c357a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
via: 1.1 d1b1cc661d55a3f8a88f240826e4f38c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P4
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17610
x-amz-cf-id: Ii0aO4DrsY3bwL-p58OWRFHycTpB8Fnj-4UZ1e2_RcPJEuwRExalvg==

GET
H2 200 UCMController Show response
login.dotomi.com/ucm/ Frame 43CB 181 B
365 B 190ms
91ms Document
text/html 64.158.223.140

General

Check archive.org

Show headers Download Go to

Full URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=&canonical_url=https%3A%2F%2Fwww.pizzadominium.pl%2F&dtm_user_token=&dtmc_ref=https%3A%2F%2Fdoczytamyinfo.click%2F&dtmc_loc=https%3A%2F%2Fdoczytamyinfo.click%2F&fpc_status=
Requested by: Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.158.223.140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 9170f96d6133c832c41b8243196ad1955708ecb7f17e8d3dd0797d6a96ed6189

Request headers

Referer: https://doczytamyinfo.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, private, max-age=0, no-store
content-length: 181
content-type: text/html
date: Thu, 14 Dec 2023 23:59:04 GMT
expires: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma: no-cache
server: nginx

GET
H2 200 140436 Show response
beacon.sojern.com/pixel/p/ 5 KB
1 KB 143ms
32ms Script
application/javascript 107.178.244.119

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/140436?f_v=v6_js&p_v=1&vid=hot&pc=https%3A%2F%2Fdoczytamyinfo.click%2F&cid=
Requested by: Host: doczytamyinfo.click
URL: https://doczytamyinfo.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cb477f1da5f76c65fd219f6d7cb96e3226735873156609665a2960cd969183c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 893

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 72ms
72ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-1359549&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981033382&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35ec8beefb561f67e52a96755108f4419ef12f276bbeffc4b747d2c2b10cc7a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67479
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Dec 2023 23:59:04 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 149 KB
57 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-924374711&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981033382&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5329551e8716a3da3eaa42a19e56bc52c11be0e9a6cb5a02d67bfc2b4784f46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58005
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Dec 2023 23:59:04 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 62ms
61ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-950378023&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981033382&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71e0ceba62726a2675d97d5c91ec3b5fdaf330224280e02f9d20a04b2944cdc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77852
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Dec 2023 23:59:04 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 67ms
67ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9035495&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981033382&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13155fe30514a979913a2caf3873272fc467de924272cc7fb5aea615b5f7b2d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67479
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Dec 2023 23:59:04 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
72 KB 93ms
92ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-366134444&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981033382&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a8bcb710aa1ce904f8632f8018a6612bfbc08435f8dff0e2134ad00699e25c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74012
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Dec 2023 23:59:04 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
63 KB 104ms
103ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-203334133-1&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981033382&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf4fafab02166dfdab38af10490cf4d8ecd1a67560fb944842dcad0b56db008e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64893
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Dec 2023 23:59:04 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 116ms
115ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1LXTBF5X2V&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981033382&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

607b8f8eaeaca14070a55bfa769c6beaff676a999a775e8d19187028803cb2b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79504
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 23:59:04 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 29ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-15N31ETXG9&gtm=45je3bt0v883405594&_p=1702598339479&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1669709776.1702598340&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702598339&sct=1&seg=0&dl=https%3A%2F%2Fdoczytamyinfo.click%2F&dr=https%3A%2F%2Fdoczytamyinfo.click%2F&dt=%22%3A%20Zobacz%20nagranie%20potr%C4%85cenia%20dziecka%20przed%20szko%C5%82%C4%85!%20%5B%2B18%5D%22&en=scroll&epn.percent_scrolled=90&_et=6&tfd=5716
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-15N31ETXG9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://doczytamyinfo.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5140893.js Show response
bat.bing.com/p/action/ 0
117 B 44ms
44ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5140893.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 14 Dec 2023 23:59:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 08F72671B5DF4BB983E01044E640E1FA Ref B: AMS04EDGE3319 Ref C: 2023-12-14T23:59:04Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
288 B 65ms
65ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5140893&tm=al001&Ver=2&mid=61caa668-6373-4b33-ab26-78bcbb3e1aa9&sid=c2f100909adc11ee9366116415d7ed8e&vid=c2f148809adc11ee87fae72ae171066d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=%22%3A%20Zobacz%20nagranie%20potr%C4%85cenia%20dziecka%20przed%20szko%C5%82%C4%85!%20%5B%2B18%5D%22&kw=pizza,%20pizzeria,%20pizze,%20sie%C4%87%20pizzerii,%20pizzeri,%20na%20telefon,%20z%20dostaw%C4%85,%20dostawa,%20przepis%20na,%20dominium%20Krak%C3%B3w,%20Warszawa&p=https%3A%2F%2Fdoczytamyinfo.click%2F&r=https%3A%2F%2Fdoczytamyinfo.click%2F&lt=2584&pt=1702598339142,118,118,0,28,28,28,28,28,28,,28,116,117,118,1994,1994,1994,2581,2581,2584&pn=0,1&evt=pageLoad&sv=1&rn=191201

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 14 Dec 2023 23:59:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0693DC8BC2CC4E12BBCC5AFF2DC785FE Ref B: AMS04EDGE3319 Ref C: 2023-12-14T23:59:04Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dest5.html Show response
marriottinternationa.demdex.net/ Frame BDA9 7 KB
3 KB 65ms
42ms Document
text/html 54.220.4.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://marriottinternationa.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.220.4.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-4-214.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://doczytamyinfo.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 14 Dec 2023 23:59:04 GMT
dcs: dcs-prod-irl1-1-v054-052072f40.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 8 Nov 2023 20:59:54 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: br5zfKPfRDw=

GET dd
cm.everesttech.net/cm/ 0
0

GET
H2 200 213 Show response
beacon.sojern.com/pixel/cp/ Frame C00E 4 KB
904 B 32ms
32ms Script
application/javascript 107.178.244.119

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/cp/213?f_v=cp_v3_js&p_v=4&cid=MGP_201904%7Cundefined%7Chttps%3A%2F%2Fdoczytamyinfo.click%2F&p=undefined&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&t=undefined&hr=undefined&hp=undefined&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&pt=TRACKING&
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b7b8a345aee3f61738a2893ffc13657a4bfd8bd991e09a082eddcffd78e4ce1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 756

GET s77946065443040
smetrics.marriott.com/b/ss/marriottglobal,/10/JS-2.14.0-LDQM/ 0
0

GET 405909.json
s.yimg.com/wi/config/ 0
0

OPTIONS tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 0
0

POST tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ 0
0

GET
H2 200 main.74d80534.js Show response
s.pinimg.com/ct/lib/ 65 KB
19 KB 35ms
35ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:04 GMT
content-encoding: br
x-cdn: fastly
etag: "cb251578b1e91b3cc440fd1521770cc5"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 18895

GET

/
match.adsrvr.org/track/upb/ Frame 39EB
Redirect Chain

https://insight.adsrvr.org/track/up?adv=hbq9bjg&ref=https%3A%2F%2Fdoczytamyinfo.click%2F&upid=byw7ch4&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=hbq9bjg&ref=https%3A%2F%2Fdoczytamyinfo.click%2F&upid=byw7ch4&upv=1.1.0

0
0

GET collect
px.ads.linkedin.com/ 0
0

GET
H2 200 fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96.js
tr.snapchat.com/config/click/ 2 KB
894 B 143ms
35ms Script
application/javascript 35.190.43.134

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/click/fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96.js?v=3.7.2-2312071952

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 -, , ASN (),

Reverse DNS

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://doczytamyinfo.click/
Origin: https://doczytamyinfo.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://doczytamyinfo.click
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 i
tr.snapchat.com/cm/ Frame AE3A 0
201 B 138ms
32ms Document
text/html 35.190.43.134

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&u_scsid=6ac1a54f-8f6e-4791-9cfb-9bc2214db3a2&u_sclid=a90a53df-db23-48bd-859f-1d143067654e

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 -, , ASN (),

Reverse DNS

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://doczytamyinfo.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 14 Dec 2023 23:59:05 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET src=4810757;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fdoczytamyinfo.click%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
ad.doubleclick.net/ddm/activity/ 0
0

GET

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1565798&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1565798%26t%3D1

0
0

GET

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=29464183&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29464183%26t%3D1

0
0

GET pixel
cm.g.doubleclick.net/ 0
0

GET getuidnb
ib.adnxs.com/ 0
0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
148 B 41ms
41ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=Nw8Xf7ukZ-QB0K87_j8H7H-gC3VBEEvNz9uMIXkUjVjPqG_jcNnrndvQ8JbELnvo&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:05 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET match
c1.adform.net/serving/cookie/ 0
0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 33ms
33ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=836072006419889&ev=PageView&dl=https%3A%2F%2Fdoczytamyinfo.click%2F&rl=https%3A%2F%2Fdoczytamyinfo.click%2F&if=false&ts=1702598345012&cd[brand]=brand&cd[level]=&cd[signin]=&cd[language]=&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702598340065.1192195972&cs_est=true&it=1702598339938&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Dec 2023 23:59:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET

bounce
secure.adnxs.com/ Frame C00E
Redirect Chain

https://secure.adnxs.com/px?id=1228256&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1228256%26t%3D1

0
0

GET

bounce
secure.adnxs.com/ Frame C00E
Redirect Chain

https://secure.adnxs.com/seg?add=21126164&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D21126164%26t%3D1

0
0

GET pixel
cm.g.doubleclick.net/ Frame C00E 0
0

GET
H2 200 getuidnb
ib.adnxs.com/ Frame C00E 43 B
575 B 119ms
33ms Image
image/gif 37.252.172.123

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=nXuegX4ixf65YXZJITMcM8d3RUgI2a7rIFijUz1uYfeAngE5NhQcQ0upjQIkRR37

Requested by

Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 23:59:05 GMT
an-x-request-uuid: 345de0c4-7d1c-42b3-b2f6-a5a954fc3326
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.150.107; 31.204.150.107; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame C00E 70 B
149 B 132ms
41ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=nXuegX4ixf65YXZJITMcM8d3RUgI2a7rIFijUz1uYfeAngE5NhQcQ0upjQIkRR37&ttd_tpi=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:05 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET match
c1.adform.net/serving/cookie/ Frame C00E 0
0

GET
H2 200 b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test.json
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/ 4 KB
0 139ms
46ms XHR
application/json 2.23.196.80

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test.json
Requested by: Host: cache.marriott.com
URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/otSDKStub.js?8144390700371842
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.196.80 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:59:05 GMT
last-modified: Mon, 06 Jun 2022 19:54:53 GMT
server: AkamaiNetStorage
etag: "2f1c841426300bd3781a1752ab891f7c:1654545293.924385"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=84207
accept-ranges: bytes
content-length: 4006
expires: Fri, 15 Dec 2023 23:22:32 GMT

GET getuid
ib.adnxs.com/ Frame BDA9 0
0

GET /
ct.pinterest.com/user/ 0
0

GET /
ct.pinterest.com/v3/ 0
0

GET activity;src=1359549;type=marri003;cat=m1m_m0;ord=1114081897912;npa=1;auiddc=2012779293.1702598340;u7=%2F;gtm=45fe3bt0;gcd=11l1l1l1l3;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;ua...
ad.doubleclick.net/ 0
0

GET activity;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=9687585828252;npa=1;auiddc=2012779293.1702598340;u7=%2F;gtm=45fe3bt0;gcd=11l1l1l1l3;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
ad.doubleclick.net/ 0
0

GET
H3 200 analytics.js
www.google-analytics.com/ 52 KB
21 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-203334133-1&l=dataLayerB&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://doczytamyinfo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 23:48:14 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 651
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 15 Dec 2023 01:48:14 GMT

GET 365868.gif
idsync.rlcdn.com/ Frame BDA9 0
0

GET location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.restauracja-anima.pl
URL: https://www.restauracja-anima.pl/fonts/Montserrat-Regular.woff2

Domain: www.restauracja-anima.pl
URL: https://www.restauracja-anima.pl/fonts/mimiconfont.ttf?o3w0oc

Domain: www.restauracja-anima.pl
URL: https://www.restauracja-anima.pl/fonts/ArchivoBlack-Regular.woff2

Domain: www.pizzadominium.pl
URL: https://www.pizzadominium.pl/milestone_common/autoanalyticsrules_marriott.json

Domain: www.restauracja-anima.pl
URL: https://www.restauracja-anima.pl/GetCountryBasedOnLocationHandler.ashx

Domain: www.restauracja-anima.pl
URL: https://www.restauracja-anima.pl/fonts/ArchivoBlack-Regular.woff

Domain: www.restauracja-anima.pl
URL: https://www.restauracja-anima.pl/fonts/Montserrat-Regular.woff

Domain: www.restauracja-anima.pl
URL: https://www.restauracja-anima.pl/fonts/mimiconfont.woff?o3w0oc

Domain: www.restauracja-anima.pl
URL: https://www.restauracja-anima.pl/fonts/ArchivoBlack-Regular.ttf

Domain: www.restauracja-anima.pl
URL: https://www.restauracja-anima.pl/fonts/Montserrat-Regular.ttf

Domain: pxl.jivox.com
URL: https://pxl.jivox.com/tags/re/pxrc.php?px=958deafa6b01b7&ret=img&cData=N/A&px_558deaefe29b99=N/A&px_45c37cd1a3ffb5=%27%27&px_75c37cd56820dd=N/A%20&px_65c37cdd1171be=1&px_95c37ce084b3e1=1&px_15b33b35ba04d9=N/A&px_65b33b372611c8=doczytamyinfo.click/&px_45b33b3b62bcfa=N/A&px_25b33b3e68bd91=N/A&px_05b33b3f8d42f0=N/A&px_25d820700bc474=%27%27&px_25b33b410cb604=N/A&px_25d8208f4381f8=N/A

Domain: cm.everesttech.net
URL: https://cm.everesttech.net/cm/dd?d_uuid=38697575234364578134213235014590444123

Domain: smetrics.marriott.com
URL: https://smetrics.marriott.com/b/ss/marriottglobal,/10/JS-2.14.0-LDQM/s77946065443040?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=15%2F11%2F2023%200%3A59%3A4%205%20-60&d.&nsid=0&jsonv=1&.d&mid=38783723965849275484188055457527888946&aamlh=6&ce=UTF-8&pageName=doczytamyinfo.click%2F&g=https%3A%2F%2Fdoczytamyinfo.click%2F&r=https%3A%2F%2Fdoczytamyinfo.click%2F&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c5=No%20Site%20ID&c8=D%3Dv15&c26=Launch&v41=No%20Site%20ID&c71=Off-Platform%20Basic&v101=Default%20Cookie%20Opt-in&v192=doczytamyinfo.click%2F&v237=pl&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=664516D751E565010A490D4C%40AdobeOrg&AQE=1

Domain: s.yimg.com
URL: https://s.yimg.com/wi/config/405909.json

Domain: p.tvpixel.com
URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2

Domain: p.tvpixel.com
URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=hbq9bjg&ref=https%3A%2F%2Fdoczytamyinfo.click%2F&upid=byw7ch4&upv=1.1.0

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1702598344986&url=https%3A%2F%2Fdoczytamyinfo.click%2F

Domain: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/activity/src=4810757;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fdoczytamyinfo.click%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1565798%26t%3D1

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29464183%26t%3D1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=Q94b7Yx_y1J0oQ2611VwFw&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=Nw8Xf7ukZ-QB0K87_j8H7H-gC3VBEEvNz9uMIXkUjVjPqG_jcNnrndvQ8JbELnvo&sjrn_ula=673976618

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_hm=Q94b7Yx_y1J0oQ2611VwFw&google_nid=sojern_adh

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=Nw8Xf7ukZ-QB0K87_j8H7H-gC3VBEEvNz9uMIXkUjVjPqG_jcNnrndvQ8JbELnvo

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match?cid=43de1bed-8c7f-cb52-74a1-0dbad7557017&party=1296

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1228256%26t%3D1

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D21126164%26t%3D1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=MwKJ3y7VZEP46GL58iwl0w&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=nXuegX4ixf65YXZJITMcM8d3RUgI2a7rIFijUz1uYfeAngE5NhQcQ0upjQIkRR37&sjrn_ula=824794939

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_hm=MwKJ3y7VZEP46GL58iwl0w&google_nid=sojern_adh

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match?cid=330289df-2ed5-6443-f8e8-62f9f22c25d3&party=1296

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID

Domain: ct.pinterest.com
URL: https://ct.pinterest.com/user/?tid=2613977086519&pd=%7B%7D&cb=1702598345031&dep=2%2CPAGE_LOAD

Domain: ct.pinterest.com
URL: https://ct.pinterest.com/user/?event=pagevisit&tid=2613977086519&cb=1702598345031&dep=5%2CEVENT_TAGS_ABSENT

Domain: ct.pinterest.com
URL: https://ct.pinterest.com/user/?event=custom&ed=%7B%22value%22%3A334%2C%22currency%22%3A%22USD%22%7D&tid=2613977086519&cb=1702598345032&dep=5%2CEVENT_TAGS_ABSENT

Domain: ct.pinterest.com
URL: https://ct.pinterest.com/v3/?tid=2613977086519&pd=%7B%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fdoczytamyinfo.click%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fdoczytamyinfo.click%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2274d80534%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1702598345047

Domain: ad.doubleclick.net
URL: https://ad.doubleclick.net/activity;src=1359549;type=marri003;cat=m1m_m0;ord=1114081897912;npa=1;auiddc=2012779293.1702598340;u7=%2F;gtm=45fe3bt0;gcd=11l1l1l1l3;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F?

Domain: ad.doubleclick.net
URL: https://ad.doubleclick.net/activity;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=9687585828252;npa=1;auiddc=2012779293.1702598340;u7=%2F;gtm=45fe3bt0;gcd=11l1l1l1l3;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdoczytamyinfo.click%2F?

Domain: idsync.rlcdn.com
URL: https://idsync.rlcdn.com/365868.gif?partner_uid=38697575234364578134213235014590444123

Domain: geolocation.onetrust.com
URL: https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 16:58:04	Name: X-AB Value: undefined
.doczytamyinfo.click/	1970-01-20 16:58:04	Name: __cf_mw_byp Value: rsSdr17qNybbkcRD0u0RqmiRGu0yZSzCThrKe_0SwFU-1702598334-0-/
.doczytamyinfo.click/	1970-01-20 19:06:14	Name: _gcl_au Value: 1.1.2012779293.1702598340
.doczytamyinfo.click/	1970-01-21 02:32:38	Name: _ga_15N31ETXG9 Value: GS1.1.1702598339.1.0.1702598339.0.0.0
.doczytamyinfo.click/	1970-01-21 02:32:38	Name: _ga Value: GA1.2.1669709776.1702598340
.doczytamyinfo.click/	1970-01-20 16:58:04	Name: _gid Value: GA1.2.1944505841.1702598340
.doczytamyinfo.click/	1970-01-20 16:56:38	Name: _gat_UA-15952150-9 Value: 1
.doczytamyinfo.click/	1970-01-20 19:06:14	Name: _fbp Value: fb.1.1702598340065.1192195972
.doczytamyinfo.click/	1970-01-21 02:32:38	Name: _ga_N0WGMNV8JE Value: GS1.2.1702598340.1.0.1702598340.60.0.0
.www.restauracja-anima.pl/	1969-12-31 23:59:59	Name: _cfuvid Value: e3aqQLXDHiPMoFTgl11t_Y6HzgZxuCuuWGvm17SUoiQ-1702598340149-0-604800000
.doubleclick.net/	1970-01-21 02:18:14	Name: IDE Value: AHWqTUk6plQOnzQhNl71RiHpSRo1TNadkWG2WmtghK72cg9_0DNrgeirOHNOYSKn
.demdex.net/	1970-01-20 21:15:50	Name: demdex Value: 38697575234364578134213235014590444123
.doczytamyinfo.click/	1970-01-20 16:58:04	Name: _uetsid Value: c2f100909adc11ee9366116415d7ed8e
.doczytamyinfo.click/	1970-01-21 02:18:14	Name: _uetvid Value: c2f148809adc11ee87fae72ae171066d
doczytamyinfo.click/	1969-12-31 23:59:59	Name: AMCVS_664516D751E565010A490D4C%40AdobeOrg Value: 1
doczytamyinfo.click/	1970-01-21 02:32:38	Name: AMCV_664516D751E565010A490D4C%40AdobeOrg Value: -1712354808%7CMCIDTS%7C19706%7CMCMID%7C38783723965849275484188055457527888946%7CMCAAMLH-1703203144%7C6%7CMCAAMB-1703203144%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1702605544s%7CNONE%7CvVersion%7C4.3.0
.doczytamyinfo.click/	1970-01-20 16:56:40	Name: s_tbm Value: true
.doczytamyinfo.click/	1969-12-31 23:59:59	Name: s_cc Value: true

29 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.pizzadominium.pl/public/resources/style/packed/40f51bac67bbf527dc16315c49927b14.css Message: Failed to load resource: the server responded with a status of 403 ()
rendering	warning	URL: https://doczytamyinfo.click/(Line 138) Message: The value "160dpi" for key "target-densitydpi" was truncated to its numeric prefix.
rendering	warning	URL: https://doczytamyinfo.click/(Line 138) Message: The key "target-densitydpi" is not supported.
network	error	URL: https://www.pizzadominium.pl/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.pizzadominium.pl/public/resources/javascript/packed/c6eee5fe262225c62db5effc6ceab34a.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://script.crazyegg.com/pages/scripts/0092/7476.js Message: Failed to load resource: the server responded with a status of 410 ()
javascript	warning	URL: https://doczytamyinfo.click/(Line 155) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.restauracja-anima.pl/dynamic/js/home.aspx?version=7152022094906, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://doczytamyinfo.click/(Line 155) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.restauracja-anima.pl/dynamic/js/home.aspx?version=7152022094906, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: https://doczytamyinfo.click/ Message: Access to font at 'https://www.restauracja-anima.pl/fonts/ArchivoBlack-Regular.woff2' from origin 'https://doczytamyinfo.click' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.restauracja-anima.pl/fonts/ArchivoBlack-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://doczytamyinfo.click/ Message: Access to font at 'https://www.restauracja-anima.pl/fonts/Montserrat-Regular.woff2' from origin 'https://doczytamyinfo.click' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.restauracja-anima.pl/fonts/Montserrat-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://doczytamyinfo.click/ Message: Access to font at 'https://www.restauracja-anima.pl/fonts/mimiconfont.ttf?o3w0oc' from origin 'https://doczytamyinfo.click' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.restauracja-anima.pl/fonts/mimiconfont.ttf?o3w0oc Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://doczytamyinfo.click/ Message: Access to font at 'https://www.restauracja-anima.pl/fonts/ArchivoBlack-Regular.woff' from origin 'https://doczytamyinfo.click' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.restauracja-anima.pl/fonts/ArchivoBlack-Regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://doczytamyinfo.click/ Message: Access to font at 'https://www.restauracja-anima.pl/fonts/Montserrat-Regular.woff' from origin 'https://doczytamyinfo.click' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.restauracja-anima.pl/fonts/Montserrat-Regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://doczytamyinfo.click/ Message: Access to font at 'https://www.restauracja-anima.pl/fonts/mimiconfont.woff?o3w0oc' from origin 'https://doczytamyinfo.click' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.restauracja-anima.pl/fonts/mimiconfont.woff?o3w0oc Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://doczytamyinfo.click/ Message: Access to font at 'https://www.restauracja-anima.pl/fonts/Montserrat-Regular.ttf' from origin 'https://doczytamyinfo.click' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.restauracja-anima.pl/fonts/Montserrat-Regular.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://doczytamyinfo.click/ Message: Access to XMLHttpRequest at 'https://www.pizzadominium.pl/milestone_common/autoanalyticsrules_marriott.json' from origin 'https://doczytamyinfo.click' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.pizzadominium.pl/milestone_common/autoanalyticsrules_marriott.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://doczytamyinfo.click/ Message: Access to XMLHttpRequest at 'https://www.restauracja-anima.pl/GetCountryBasedOnLocationHandler.ashx' from origin 'https://doczytamyinfo.click' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.restauracja-anima.pl/GetCountryBasedOnLocationHandler.ashx Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://doczytamyinfo.click/ Message: Access to font at 'https://www.restauracja-anima.pl/fonts/ArchivoBlack-Regular.ttf' from origin 'https://doczytamyinfo.click' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.restauracja-anima.pl/fonts/ArchivoBlack-Regular.ttf Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://connect.facebook.net/signals/config/836072006419889?v=2.9.138&r=stable&domain=doczytamyinfo.click(Line 137) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10121152.fls.doubleclick.net
10902911.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
adservice.google.nl
assets.adobedtm.com
bat.bing.com
beacon.sojern.com
c.tvpixel.com
c1.adform.net
cache.marriott.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
doczytamyinfo.click
dpm.demdex.net
geolocation.onetrust.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
js.adsrvr.org
login.dotomi.com
marriottinternationa.demdex.net
match.adsrvr.org
p.tvpixel.com
px.ads.linkedin.com
pxl.jivox.com
region1.analytics.google.com
region1.google-analytics.com
s.pinimg.com
s.yimg.com
sc-static.net
script.crazyegg.com
secure.adnxs.com
smetrics.marriott.com
snap.licdn.com
static.sojern.com
stats.g.doubleclick.net
t.goadservices.com
tr.snapchat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.pizzadominium.pl
www.restauracja-anima.pl
ad.doubleclick.net
c1.adform.net
cm.everesttech.net
cm.g.doubleclick.net
ct.pinterest.com
geolocation.onetrust.com
ib.adnxs.com
idsync.rlcdn.com
match.adsrvr.org
p.tvpixel.com
px.ads.linkedin.com
pxl.jivox.com
s.yimg.com
secure.adnxs.com
smetrics.marriott.com
www.pizzadominium.pl
www.restauracja-anima.pl
107.178.244.119
108.138.15.119
142.250.186.98
18.239.67.245
195.177.217.192
2.23.196.80
2001:4860:4802:34::36
216.58.206.38
2600:9000:2090:c600:1d:bf0a:0:93a1
2606:4700:4400::6812:291f
2606:4700::6813:9308
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:400c:c00::9a
2a02:26f0:3500:16::215:148d
2a02:26f0:3500:587::1e80
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:8d::84
2a06:98c1:3120::3
35.190.43.134
35.244.188.9
35.71.131.137
37.252.172.123
54.220.4.214
62.129.206.181
64.158.223.140
0229d15ecf41be75f67af38ce4e580bcb0a0c022569b4d1d802ff4a322f2852c
02518efb2cd133d811b1f8c16d44fc8e2bb5f0a0e40109d12c929ed0971464e4
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
089030d8bec22aa48ae59e27516a4e8a1fcec666e9d783c7a1df47220b750dc1
0a8bcb710aa1ce904f8632f8018a6612bfbc08435f8dff0e2134ad00699e25c1
0fd4a2d14349f06f7fc11f7b087c32384c848fd757a6e2b2f2a49c6b6d57643b
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
11a16c9a26c0142b882e221b0ed174ebaa5986919837ed99ba09bb759db459d8
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
13155fe30514a979913a2caf3873272fc467de924272cc7fb5aea615b5f7b2d8
167ee4702e76b96cfe396221bef5630f2182e4148a3406c303992ab2f44c357a
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
1b7b8a345aee3f61738a2893ffc13657a4bfd8bd991e09a082eddcffd78e4ce1
1cb477f1da5f76c65fd219f6d7cb96e3226735873156609665a2960cd969183c
29b82695f6be8eb6e8c4d7481fb7c40e1e9bad47b54f7386451223e44b663d71
2cac89100642acb92e8c705a639a012b32de7eb32db954a31890da8a091610c3
2e67ed6358a4d4ac2d7d776c10a5711c1600eb3cd5d94c6b5c6f23ea8f7023fb
32bc033e13e02d8809b2c8c97ac5a5110c5f375a830ed6cace5ce1202ab5b480
35ec8beefb561f67e52a96755108f4419ef12f276bbeffc4b747d2c2b10cc7a9
3746d1353b296a88ef29c02cd3933197880129b6e231cf9a9fdc8f1681e34d3c
3b42793d1ce6c10fb4ee27dd4e3ddd43d60a807e18600379e8bfc754b6cb48ec
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
441686f25f9fe903fd1cead85124dd5c112992c4d92e6f1b46b0903eacf4fffb
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
48a3fb42b4179a24fa50c6eabaa509e7a54b6da6db26eca6b8f8a4f9b6405027
4b0a2dff03fbcb2a399122e94720242ff5a1cd04b401542c5223d1882875c1fe
529a6d1a39eaba1e4de7d51ec9eb786f66569bab254b40ad52d8b1836438637a
5329551e8716a3da3eaa42a19e56bc52c11be0e9a6cb5a02d67bfc2b4784f46f
54bdcdd51e9c21b7d971b532d693b6063a7d01cfac56c82c553a5e032385a514
59d7f6386ba723011e303ae87b39e907312ee2d831f94cb1d5190874e3c83404
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
607b8f8eaeaca14070a55bfa769c6beaff676a999a775e8d19187028803cb2b4
60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
6249d1f0f95a73d21542e37f81045548b1837be150cf293e5ffca05c1ba20261
63d4b2ba23cac4b4b5a1c4d44afe96a33724a177e8b3a40eba4bdc7cf6cc814c
65322df16f7b5419d4888a6a7be07817884f470cf3c287f48e128d56e6083a8e
66679eeeff1f95eb4130b7461e70a60beb8658dbbab557e08792189ab6f5dcfc
67a7e7e8222c341164d90009e8a1e9c87e7ab37a15e5b37d412a05416ec03784
6b27c4b31af098d27b6f5321554f930ce039314e746073323b8a914aa989ed33
6b682e8c6452862aeba0a0ca5d7e69a6d98ae0bc4769006f5019dad00d43bbcb
6d9e43ce1538a763aa4ac11b5540e6c061ebdbd52d39fb02e60ebd16b8c4c850
71e0ceba62726a2675d97d5c91ec3b5fdaf330224280e02f9d20a04b2944cdc6
756cca29e306e66f94e7b705c45bb0bc0315d7e745c159971cbecc65e62e7d3f
7ad9f0ac06bcf0daff0fdcd5310fc3ff1bf8d06aef0f082d7a7753bbc158628d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7dde83e5b547e0a550f4b89bb98d29d4c4eafdffe9cd1b87bbf3dbf1393bd3af
80cb380eb82e70d01a20b206df7878d3cd63769afa75f194fce7081c421d86cc
86777dfd5db50d5089741f4cef3b46d94da613e3df437a57801d802a865df2d6
8691fa05bd2aed6a9da2c821f788eefeb1114f3105f314e685ad897a6eaa78f3
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8aba4509b7ad6addbbf031a95d30d9ca14933006d511750c08d9049382fb9438
9170f96d6133c832c41b8243196ad1955708ecb7f17e8d3dd0797d6a96ed6189
96ced48f15348f3e6ce0943efd4152fee946d3ec88e49217504247e9954b01d8
98f567d4bac4c7484a2856ef850e5e530498edf065158eb88d2eb5f88f8d5254
9ef4b3ee0798411af436abe571b0237d71d62ab1a48920f7063cd565c88e64d7
abef7ba00bdc5a5b59f148dc922db72824d8134c5cd1afe9c50a0f22c091d39a
b12eec8b895f4b89c78e83b9a7ebe3685bf4867f6cabdc6d37e473d142b43e2a
b2bcac7425a222ac6f9fb4409aa30493bd5bc9f4c8ad575c4c9fc2591c72967e
b97828fd8cb1d86f9ae1559c7ed38d09999db41d1d7b5e90ecd7ceee77530268
bf4fafab02166dfdab38af10490cf4d8ecd1a67560fb944842dcad0b56db008e
c1dd87a0436aa2ba93f67edadf5b259fe422813e3bcfc31e22255e85ed0a3fbb
caafb5658f1dbb8eb00a355fd2a403a41d04a92a757e65afe304a3286848779c
d410325ea36bda62368a9e46a730b05b4c71315f691738824324585e19ab52c2
d54891ba3097219a4b8f8428e046daeb723b89c2191c3b00c3fc96cbbbe01eab
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43bd3c3c4d1ac19e17bad809c9cfe1818fe05273f9ba021af388ca790a1c1c4
e827b7c8dbc0ddc51b3da6a3d95d0653848b709eb10f3bd4823ceea4b22edcb3
ea61599e69c89e0ed7d385b0363698ce8faf328971341fd58308adeb4e05cdb3
ec3484206cc9ca2bf89cd0f4015ae6de7c12af134efcb8100e2a67665d1bc32f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
f889865eae63c2a6ac1ffa70f050658844cd48d30fd3491415680b3afb0cbd1c

doczytamyinfo.click Open in urlscan Pro 2a06:98c1:3120::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

149 Requests

74 %HTTPS

58 %IPv6

34 Domains

49 Subdomains

34 IPs

6 Countries

1835 kBTransfer

5373 kBSize

18 Cookies

19 Outgoing links

Page URL History

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

doczytamyinfo.click Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

74 %
HTTPS

58 %
IPv6

34
Domains

49
Subdomains

34
IPs

6
Countries

1835 kB
Transfer

5373 kB
Size

18
Cookies

149 HTTP transactions
1 data transactions