klient.shopai.pl Open in urlscan Pro
135.125.154.4  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response klient.shopai.pl/	4 KB 2 KB	274ms 105ms	Document text/html	135.125.154.4 OVH
General Check archive.org Show headers Download Go to Full URL https://klient.shopai.pl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 135.125.154.4 , France, ASN16276 (OVH, FR), Reverse DNS ip4.ip-135-125-154.eu Software nginx/1.18.0 (Ubuntu) / Resource Hash 987798a463cd2ee422bd0897cd9fc52ab4bc5558e425f639157f5a3d5245c02a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 accept-language pl-PL,pl;q=0.9 Response headers content-encoding gzip content-type text/html date Fri, 15 Sep 2023 09:07:30 GMT etag W/"629095df-117b" last-modified Fri, 27 May 2022 09:11:59 GMT server nginx/1.18.0 (Ubuntu)
GET H2	200	css fonts.googleapis.com/	5 KB 958 B	159ms 57ms	Stylesheet text/css	216.58.212.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700 Requested by Host: klient.shopai.pl URL: https://klient.shopai.pl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.170 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f10.1e100.net Software ESF / Resource Hash dc2a9ecb9eae34a409e66cbdd46b3562c560f8ffa1c1f80ea84532999d6d408c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer https://klient.shopai.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 15 Sep 2023 09:07:30 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 15 Sep 2023 08:37:08 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 15 Sep 2023 09:07:30 GMT
GET H2	200	splash-screen.css klient.shopai.pl/	398 B 540 B	55ms 55ms	Stylesheet text/css	135.125.154.4 OVH
General Check archive.org Show headers Download Go to Full URL https://klient.shopai.pl/splash-screen.css Requested by Host: klient.shopai.pl URL: https://klient.shopai.pl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 135.125.154.4 , France, ASN16276 (OVH, FR), Reverse DNS ip4.ip-135-125-154.eu Software nginx/1.18.0 (Ubuntu) / Resource Hash 6773b5c58cb75d514c78961d07304939c7d15c193d1188e83115f9c11e135789 Request headers accept-language pl-PL,pl;q=0.9 Referer https://klient.shopai.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Fri, 15 Sep 2023 09:07:30 GMT last-modified Fri, 27 May 2022 09:10:05 GMT server nginx/1.18.0 (Ubuntu) accept-ranges bytes etag "6290956d-18e" content-length 398 content-type text/css
GET H2	200	main.d21275fe.chunk.css klient.shopai.pl/static/css/	1015 KB 1016 KB	56ms 56ms	Stylesheet text/css	135.125.154.4 OVH
General Check archive.org Show headers Download Go to Full URL https://klient.shopai.pl/static/css/main.d21275fe.chunk.css Requested by Host: klient.shopai.pl URL: https://klient.shopai.pl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 135.125.154.4 , France, ASN16276 (OVH, FR), Reverse DNS ip4.ip-135-125-154.eu Software nginx/1.18.0 (Ubuntu) / Resource Hash 57d99d32e6ad1bc1e89013ca32d76d0dc07c06c02fba4cfeffe7cb680d394607 Request headers accept-language pl-PL,pl;q=0.9 Referer https://klient.shopai.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Fri, 15 Sep 2023 09:07:30 GMT last-modified Fri, 27 May 2022 09:11:59 GMT server nginx/1.18.0 (Ubuntu) accept-ranges bytes etag "629095df-fdc15" content-length 1039381 content-type text/css
GET H2	200	Logo_Sempai_svg.svg klient.shopai.pl/media/logos/	2 KB 2 KB	256ms 256ms	Image image/svg+xml	135.125.154.4 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://klient.shopai.pl/media/logos/Logo_Sempai_svg.svg Requested by Host: klient.shopai.pl URL: https://klient.shopai.pl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 135.125.154.4 , France, ASN16276 (OVH, FR), Reverse DNS ip4.ip-135-125-154.eu Software nginx/1.18.0 (Ubuntu) / Resource Hash b7615f330871278a3eb22a5a3279b996070cc8bb6dc43cb6dc9b9463ec293a3a Request headers accept-language pl-PL,pl;q=0.9 Referer https://klient.shopai.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Fri, 15 Sep 2023 09:07:30 GMT last-modified Fri, 27 May 2022 09:10:05 GMT server nginx/1.18.0 (Ubuntu) accept-ranges bytes etag "6290956d-675" content-length 1653 content-type image/svg+xml
GET H2	200	5.d7656acb.chunk.js Show response klient.shopai.pl/static/js/	1 MB 1 MB	256ms 256ms	Script application/javascript	135.125.154.4 OVH
General Check archive.org Show headers Download Go to Full URL https://klient.shopai.pl/static/js/5.d7656acb.chunk.js Requested by Host: klient.shopai.pl URL: https://klient.shopai.pl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 135.125.154.4 , France, ASN16276 (OVH, FR), Reverse DNS ip4.ip-135-125-154.eu Software nginx/1.18.0 (Ubuntu) / Resource Hash 947a965a032f51fad61be3d97448603da86ae8e072fac6cf35283474683a0127 Request headers accept-language pl-PL,pl;q=0.9 Referer https://klient.shopai.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Fri, 15 Sep 2023 09:07:30 GMT last-modified Fri, 27 May 2022 09:11:59 GMT server nginx/1.18.0 (Ubuntu) accept-ranges bytes etag "629095df-158b40" content-length 1411904 content-type application/javascript
GET H2	200	main.9e12b24c.chunk.js Show response klient.shopai.pl/static/js/	239 KB 239 KB	256ms 256ms	Script application/javascript	135.125.154.4 OVH
General Check archive.org Show headers Download Go to Full URL https://klient.shopai.pl/static/js/main.9e12b24c.chunk.js Requested by Host: klient.shopai.pl URL: https://klient.shopai.pl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 135.125.154.4 , France, ASN16276 (OVH, FR), Reverse DNS ip4.ip-135-125-154.eu Software nginx/1.18.0 (Ubuntu) / Resource Hash 32212e93832edbda798d5673588bb3783747d84dc4de2340c42881af07aabf4f Request headers accept-language pl-PL,pl;q=0.9 Referer https://klient.shopai.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Fri, 15 Sep 2023 09:07:30 GMT last-modified Fri, 27 May 2022 09:11:59 GMT server nginx/1.18.0 (Ubuntu) accept-ranges bytes etag "629095df-3bc17" content-length 244759 content-type application/javascript
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	149ms 47ms	Font font/woff2	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://klient.shopai.pl accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Tue, 12 Sep 2023 07:45:30 GMT x-content-type-options nosniff age 264121 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7884 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:03:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 11 Sep 2024 07:45:30 GMT
GET DATA	200 OK	truncated /	261 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6a5b433051a0658b3c47998c32f8b58e71500843f2f7d12913494f4c56f58c31 Request headers accept-language pl-PL,pl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	47ms 47ms	Font font/woff2	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software sffe / Resource Hash f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://klient.shopai.pl accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Fri, 15 Sep 2023 07:35:17 GMT x-content-type-options nosniff age 5534 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8000 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:59:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 14 Sep 2024 07:35:17 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	150ms 49ms	Script application/x-javascript	157.240.253.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: klient.shopai.pl URL: https://klient.shopai.pl/static/js/5.d7656acb.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra5.fbcdn.net Software / Resource Hash 4e4c15c199340baa8b26313d8160d00905f01407baf2428a127552c4b0ede483 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language pl-PL,pl;q=0.9 Referer https://klient.shopai.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Fri, 15 Sep 2023 09:07:31 GMT content-md5 4jidpKU59/oq4V3OCQIkHA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1686 x-fb-debug tUdpdKhaDfhpeRFrb4ncmj9Y083hcs7Eobu9NMg7xnhNSrYpmRZ4xK3AEke3g/2VcVclrlimKzvSg7Bzb+CLMg== x-fb-content-md5 7107545c208802ccc4dfe97555bb756f cross-origin-opener-policy same-origin-allow-popups etag "902591d3d472f17036335b5d1fc36d1a" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Fri, 15 Sep 2023 09:17:00 GMT
GET H2	200	Logo_Sempai_svg.svg klient.shopai.pl/media/logos/	2 KB 2 KB	55ms 54ms	Image image/svg+xml	135.125.154.4 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://klient.shopai.pl/media/logos/Logo_Sempai_svg.svg Requested by Host: klient.shopai.pl URL: https://klient.shopai.pl/auth/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 135.125.154.4 , France, ASN16276 (OVH, FR), Reverse DNS ip4.ip-135-125-154.eu Software nginx/1.18.0 (Ubuntu) / Resource Hash b7615f330871278a3eb22a5a3279b996070cc8bb6dc43cb6dc9b9463ec293a3a Request headers accept-language pl-PL,pl;q=0.9 Referer https://klient.shopai.pl/auth/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Fri, 15 Sep 2023 09:07:31 GMT last-modified Fri, 27 May 2022 09:10:05 GMT server nginx/1.18.0 (Ubuntu) accept-ranges bytes etag "6290956d-675" content-length 1653 content-type image/svg+xml
GET H2	200	google-icon.svg klient.shopai.pl/media/svg/brand-logos/	1 KB 1 KB	55ms 55ms	Image image/svg+xml	135.125.154.4 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://klient.shopai.pl/media/svg/brand-logos/google-icon.svg Requested by Host: klient.shopai.pl URL: https://klient.shopai.pl/auth/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 135.125.154.4 , France, ASN16276 (OVH, FR), Reverse DNS ip4.ip-135-125-154.eu Software nginx/1.18.0 (Ubuntu) / Resource Hash 1ae715bf3974963d0a5011c5470242dd73690dae9afc6af1f74a229032b6ef51 Request headers accept-language pl-PL,pl;q=0.9 Referer https://klient.shopai.pl/auth/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Fri, 15 Sep 2023 09:07:31 GMT last-modified Fri, 27 May 2022 09:10:05 GMT server nginx/1.18.0 (Ubuntu) accept-ranges bytes etag "6290956d-4b3" content-length 1203 content-type image/svg+xml
GET H2	200	facebook-4.svg klient.shopai.pl/media/svg/brand-logos/	448 B 595 B	57ms 56ms	Image image/svg+xml	135.125.154.4 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://klient.shopai.pl/media/svg/brand-logos/facebook-4.svg Requested by Host: klient.shopai.pl URL: https://klient.shopai.pl/auth/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 135.125.154.4 , France, ASN16276 (OVH, FR), Reverse DNS ip4.ip-135-125-154.eu Software nginx/1.18.0 (Ubuntu) / Resource Hash 59c5a9ca0a8872e8a0732f3bff4541eca37aba16bd9d161fbabc79050a1a0df3 Request headers accept-language pl-PL,pl;q=0.9 Referer https://klient.shopai.pl/auth/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Fri, 15 Sep 2023 09:07:31 GMT last-modified Fri, 27 May 2022 09:10:05 GMT server nginx/1.18.0 (Ubuntu) accept-ranges bytes etag "6290956d-1c0" content-length 448 content-type image/svg+xml
GET H2	200	api.js Show response apis.google.com/js/	18 KB 7 KB	164ms 63ms	Script text/javascript	142.250.185.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/api.js Requested by Host: klient.shopai.pl URL: https://klient.shopai.pl/static/js/5.d7656acb.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f14.1e100.net Software sffe / Resource Hash 194bd39212b224beb401afabdf6edbb2cfd7f9ae3585b46207ecea5bc13fe295 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer https://klient.shopai.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff date Fri, 15 Sep 2023 09:07:31 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7114 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" etag "fab6f40a71bed1fa" vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 accept-ranges bytes timing-allow-origin * expires Fri, 15 Sep 2023 09:07:31 GMT
GET H2	200	progress-hd.png klient.shopai.pl/media/illustrations/	105 KB 105 KB	55ms 54ms	Image image/png	135.125.154.4 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://klient.shopai.pl/media/illustrations/progress-hd.png Requested by Host: klient.shopai.pl URL: https://klient.shopai.pl/auth/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 135.125.154.4 , France, ASN16276 (OVH, FR), Reverse DNS ip4.ip-135-125-154.eu Software nginx/1.18.0 (Ubuntu) / Resource Hash a42437f073eb3797d1225c1ac12da0b6ddd7a2176e371c69eccaa2b047496fcb Request headers accept-language pl-PL,pl;q=0.9 Referer https://klient.shopai.pl/auth/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Fri, 15 Sep 2023 09:07:31 GMT last-modified Fri, 27 May 2022 09:10:05 GMT server nginx/1.18.0 (Ubuntu) accept-ranges bytes etag "6290956d-1a2a5" content-length 107173 content-type image/png
GET H2	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	47ms 47ms	Font font/woff2	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software sffe / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://klient.shopai.pl accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Sat, 09 Sep 2023 07:15:26 GMT x-content-type-options nosniff age 525125 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7748 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:21:30 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Sep 2024 07:15:26 GMT
GET H3	200	sdk.js Show response connect.facebook.net/en_US/	307 KB 87 KB	100ms 50ms	Script application/x-javascript	157.240.253.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=8b4da7eed52ac776ba37453ea550b15e Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra5.fbcdn.net Software / Resource Hash 11d2eecd94e8730f545e81a1d3dd0084f4b9ec4d9b9b24eb5a73bf1ef24cfbf5 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://klient.shopai.pl/ Origin https://klient.shopai.pl accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Fri, 15 Sep 2023 09:07:31 GMT content-md5 BAVzSt1NnDk1oIvklsJr2A== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 88949 x-fb-debug FJnVFZ9JBnMzbOx9DOWa0YMSDApmYH2oSiIbxStUg1eNqxZOEDXCg/tTVmMGA3S+R22xkgXN5Zqn1TGyaLKdhg== x-fb-content-md5 9be9de89566726390ddc8ee153b8cc7a cross-origin-opener-policy same-origin-allow-popups etag "65a167c797f970a179d99939f83df0a8" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * priority u=3,i expires Sat, 14 Sep 2024 08:36:58 GMT
GET H2	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.pl.2Xd0g4S5Sac.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-YgBa3r88Cu-hljXVBHqINxaJmNg/	118 KB 40 KB	48ms 47ms	Script text/javascript	142.250.185.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.pl.2Xd0g4S5Sac.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-YgBa3r88Cu-hljXVBHqINxaJmNg/cb=gapi.loaded_0?le=scs Requested by Host: apis.google.com URL: https://apis.google.com/js/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f14.1e100.net Software sffe / Resource Hash 22c6e55165e14770b3760c8c59c350ff3c10839ad507763753479ea00500e951 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer https://klient.shopai.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Mon, 11 Sep 2023 22:46:15 GMT content-encoding gzip x-content-type-options nosniff age 296476 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 40739 x-xss-protection 0 last-modified Wed, 02 Aug 2023 15:23:50 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 10 Sep 2024 22:46:15 GMT
GET H2	200	iframe Show response accounts.google.com/o/oauth2/ Frame 3545	280 B 1 KB	574ms 472ms	Document text/html	172.217.16.205 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframe Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.pl.2Xd0g4S5Sac.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-YgBa3r88Cu-hljXVBHqINxaJmNg/cb=gapi.loaded_0?le=scs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.205 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f13.1e100.net Software ESF / Resource Hash d3680812a4271ef6d64e0f0d0322d77bc324b7faceceaf01e33190c4b975dbf7 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-rkGUg5jL1N6LXuuhTXs0xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://klient.shopai.pl/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 accept-language pl-PL,pl;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-rkGUg5jL1N6LXuuhTXs0xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Fri, 15 Sep 2023 09:07:32 GMT expires Mon, 01 Jan 1990 00:00:00 GMT permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache server ESF strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-xss-protection 0
GET H2	200	m=base Show response www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.pl.C-ZsMOuTSfQ.es5.O/d=1/rs=AOaEmlHOeFl0RCIWGGhC5kFM4HPbwc8mqA/ Frame 3545	103 KB 36 KB	158ms 52ms	Script text/javascript	142.250.181.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.pl.C-ZsMOuTSfQ.es5.O/d=1/rs=AOaEmlHOeFl0RCIWGGhC5kFM4HPbwc8mqA/m=base Requested by Host: accounts.google.com URL: https://accounts.google.com/o/oauth2/iframe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f3.1e100.net Software sffe / Resource Hash b5f93a00774dcc61d854f03958118747badfb5d87aac407bed6c196aa2142b18 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Tue, 12 Sep 2023 05:02:34 GMT content-encoding gzip x-content-type-options nosniff age 273898 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35944 x-xss-protection 0 last-modified Sat, 09 Sep 2023 02:44:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/identity-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Wed, 11 Sep 2024 05:02:34 GMT
POST H2	400	cspreport accounts.google.com/_/IdpIFrameHttp/ Frame 3545	2 KB 916 B	66ms 65ms	Other text/html	172.217.16.205 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/_/IdpIFrameHttp/cspreport Requested by Host: klient.shopai.pl URL: https://klient.shopai.pl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.205 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f13.1e100.net Software GSE / Resource Hash 55bc3ab7e739bdfb44f46437f56fd65df7de59e3964dcf8936ee73880cbf838c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://accounts.google.com/o/oauth2/iframe accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Content-Type application/csp-report Response headers pragma no-cache date Fri, 15 Sep 2023 09:07:32 GMT content-encoding gzip x-content-type-options nosniff server GSE content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	iframerpc Show response accounts.google.com/o/oauth2/ Frame 3545	50 B 655 B	187ms 187ms	XHR application/json	172.217.16.205 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fklient.shopai.pl&client_id=119480044401-0kd7ldrufhm1kcpo4piggdqrlesssabq.apps.googleusercontent.com Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.pl.C-ZsMOuTSfQ.es5.O/d=1/rs=AOaEmlHOeFl0RCIWGGhC5kFM4HPbwc8mqA/m=base Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.205 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f13.1e100.net Software ESF / Resource Hash 427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-oP9tTnLgsatEGuWvXDrOng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://accounts.google.com/o/oauth2/iframe X-Requested-With XmlHttpRequest accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Fri, 15 Sep 2023 09:07:32 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy script-src 'report-sample' 'nonce-oP9tTnLgsatEGuWvXDrOng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport content-encoding gzip cross-origin-embedder-policy require-corp p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy same-site alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin content-type application/json; charset=utf-8 cache-control private, max-age=3600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Fri, 15 Sep 2023 09:07:32 GMT

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| webpackJsonpclient.front.sm360 object| regeneratorRuntime object| TreemapSquared function| SVG function| addResizeListener function| removeResizeListener object| Apex function| fbAsyncInit object| FB object| gapi object| ___jsl object| osapi object| __buffer

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.klient.shopai.pl/	1970-01-21 00:22:08	Name: G_ENABLED_IDPS Value: google
			.google.com/	1970-01-20 19:09:40	Name: NID Value: 511=gH4MOuhAfPUQIzc_tdKydmTZbvbqoECyr1rUb-4FDcxvl40RvHE-A6oIUa6Ujwr3v_5mDGoMnEoidglUKg1hpTBkX6loao28C3siAubd_P-lLkgFyHN4J2g6aaoUGsIXvFtVq3XbfZIPfmswL4fIVnEpMdGPuSpGhFv4ogygNB0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.pl.2Xd0g4S5Sac.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-YgBa3r88Cu-hljXVBHqINxaJmNg/cb=gapi.loaded_0?le=scs(Line 187) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
klient.shopai.pl
www.gstatic.com
135.125.154.4
142.250.181.227
142.250.185.174
142.250.186.131
157.240.253.1
172.217.16.205
216.58.212.170
11d2eecd94e8730f545e81a1d3dd0084f4b9ec4d9b9b24eb5a73bf1ef24cfbf5
194bd39212b224beb401afabdf6edbb2cfd7f9ae3585b46207ecea5bc13fe295
1ae715bf3974963d0a5011c5470242dd73690dae9afc6af1f74a229032b6ef51
22c6e55165e14770b3760c8c59c350ff3c10839ad507763753479ea00500e951
32212e93832edbda798d5673588bb3783747d84dc4de2340c42881af07aabf4f
427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d
4e4c15c199340baa8b26313d8160d00905f01407baf2428a127552c4b0ede483
55bc3ab7e739bdfb44f46437f56fd65df7de59e3964dcf8936ee73880cbf838c
57d99d32e6ad1bc1e89013ca32d76d0dc07c06c02fba4cfeffe7cb680d394607
59c5a9ca0a8872e8a0732f3bff4541eca37aba16bd9d161fbabc79050a1a0df3
6773b5c58cb75d514c78961d07304939c7d15c193d1188e83115f9c11e135789
6a5b433051a0658b3c47998c32f8b58e71500843f2f7d12913494f4c56f58c31
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
947a965a032f51fad61be3d97448603da86ae8e072fac6cf35283474683a0127
987798a463cd2ee422bd0897cd9fc52ab4bc5558e425f639157f5a3d5245c02a
a42437f073eb3797d1225c1ac12da0b6ddd7a2176e371c69eccaa2b047496fcb
b5f93a00774dcc61d854f03958118747badfb5d87aac407bed6c196aa2142b18
b7615f330871278a3eb22a5a3279b996070cc8bb6dc43cb6dc9b9463ec293a3a
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d3680812a4271ef6d64e0f0d0322d77bc324b7faceceaf01e33190c4b975dbf7
dc2a9ecb9eae34a409e66cbdd46b3562c560f8ffa1c1f80ea84532999d6d408c
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149