wniosek.tarata.pl Open in urlscan Pro
185.180.204.63 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://smms.me/V1qY716
Effective URL:
https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_noti...
Submission: On December 26 via manual (December 26th 2024, 1:42:28 pm UTC) from PL — Scanned from PL

Summary HTTP 47 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 17 domains to perform 47 HTTP transactions. The main IP is 185.180.204.63, located in Poland and belongs to CF-GDA Cyber_Folks S.A., PL. The main domain is wniosek.tarata.pl.
TLS certificate: Issued by E5 on December 12th 2024. Valid for: 3 months.

This is the only time wniosek.tarata.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	46.229.151.12 46.229.151.12	15694 (ATMAN-ISP...) (ATMAN-ISP-AS Atman Sp. z o.o.)
1 1	46.229.151.14 46.229.151.14	15694 (ATMAN-ISP...) (ATMAN-ISP-AS Atman Sp. z o.o.)
9	185.180.204.63 185.180.204.63	41079 (CF-GDA Cy...) (CF-GDA Cyber_Folks S.A.)
2	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
3	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
3 8	212.77.100.84 212.77.100.84	12827 (Wirtualna...) (WirtualnaPolska Wirtualna Polska Media S.A.)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
3	13.107.246.45 13.107.246.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	150.171.27.10 150.171.27.10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.250.185.68 142.250.185.68	15169 (GOOGLE) (GOOGLE)
1	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	142.251.173.156 142.251.173.156	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
1	13.107.21.237 13.107.21.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
2	20.10.16.51 20.10.16.51	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	204.79.197.237 204.79.197.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
47	20

1 46.229.151.12 (Warsaw, Poland) 1 redirects

ASN15694 (ATMAN-ISP-AS Atman Sp. z o.o., PL)
PTR: utl.sare25.com

smms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.229.151.14 (Warsaw, Poland) 1 redirects

ASN15694 (ATMAN-ISP-AS Atman Sp. z o.o., PL)
PTR: app2.enewsletter.pl

s.enewsletter.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.180.204.63 (Poland)

ASN41079 (CF-GDA Cyber_Folks S.A., PL)
PTR: vpshd2228.cyber-folks.pl

wniosek.tarata.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.77.100.84 (Poland) 3 redirects

ASN12827 (WirtualnaPolska Wirtualna Polska Media S.A., PL)
PTR: pixel.wp.pl

pixel.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.246.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 150.171.27.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.173.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wi-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

www.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.21.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.10.16.51 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

z.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	tarata.pl wniosek.tarata.pl	68 KB
8	wp.pl 3 redirects pixel.wp.pl — Cisco Umbrella Rank: 102537	26 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 625 z.clarity.ms — Cisco Umbrella Rank: 8729 c.clarity.ms — Cisco Umbrella Rank: 1269	32 KB
5	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 359 c.bing.com — Cisco Umbrella Rank: 205	18 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	3 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108	64 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	240 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	211 B
2	google.pl www.google.pl — Cisco Umbrella Rank: 28032	562 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	76 KB
2	gstatic.com fonts.gstatic.com	30 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	97 KB
1	bing.net bat.bing.net — Cisco Umbrella Rank: 8327	345 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	915 B
1	enewsletter.pl 1 redirects s.enewsletter.pl	1 KB
1	smms.me 1 redirects smms.me	465 B
47	17

	Domain	Requested by
9	wniosek.tarata.pl	wniosek.tarata.pl
8	pixel.wp.pl	3 redirects wniosek.tarata.pl pixel.wp.pl
4	bat.bing.com	wniosek.tarata.pl bat.bing.com
3	www.clarity.ms	wniosek.tarata.pl bat.bing.com www.clarity.ms
3	www.googletagmanager.com	wniosek.tarata.pl www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	z.clarity.ms	www.clarity.ms
2	www.facebook.com	wniosek.tarata.pl
2	www.google.pl	wniosek.tarata.pl
2	td.doubleclick.net	www.googletagmanager.com
2	www.google.com	www.googletagmanager.com wniosek.tarata.pl
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	code.jquery.com	wniosek.tarata.pl
1	c.bing.com	1 redirects
1	bat.bing.net	bat.bing.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	fonts.googleapis.com	wniosek.tarata.pl
1	s.enewsletter.pl	1 redirects
1	smms.me	1 redirects
47	23

This site contains links to these domains. Also see Links.

Domain
tarata.pl

Subject Issuer	Validity	Valid
api.tarata.pl E5	`2024-12-12` - `2025-03-12`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.wp.pl RapidSSL TLS RSA CA G1	`2024-03-04` - `2025-03-14`	a year	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-10-04` - `2025-01-02`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 08	`2024-12-15` - `2025-06-13`	6 months	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google.pl WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 07	`2024-10-27` - `2025-04-25`	6 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1
Frame ID: 5F31A560CB4D2859B145E1464FA28E96
Requests: 44 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwniosek.tarata.pl
Frame ID: 30175610998207C2FBDCDE76E90B4786
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-JZNWQZNQ6L&gacid=1998569015.1735220544&gtm=45je4cc1v9138446083z89138444113za200zb9138444113&dma=1&dma_cps=syphamo&gcs=G111&gcd=13r3r3r2r5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1781987697
Frame ID: 4A3D42385ABACF2EB5AB2D8D7DAEE9E7
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16746327277?random=1735220544123&cv=11&fst=1735220544123&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v9138446083z89138444113za200zb9138444113&gcd=13r3r3r2r5l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&hn=www.googleadservices.com&frm=0&tiba=Oferty%20-%20taRata.pl&npa=0&pscdl=noapi&auid=1221374180.1735220544&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: D7000244A7DBD4EB8AE5A95C92FB7A2A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oferty - taRata.pl

Page URL History Show full URLs

http://smms.me/V1qY716 HTTP 307
https://smms.me/V1qY716 HTTP 302
https://s.enewsletter.pl/kusms/6457/13473933/aee17/aHR0cHM6Ly93bmlvc2VrLnRhcmF0YS5wbC9vZmZlcnM/aWQ9OD... HTTP 302
https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

47
Requests

91 %
HTTPS

0 %
IPv6

17
Domains

23
Subdomains

20
IPs

4
Countries

586 kB
Transfer

1920 kB
Size

22
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://tarata.pl/

Search URL Search Domain Scan URL

URL: https://tarata.pl/ranking
Title: Przechodzę

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://smms.me/V1qY716 HTTP 307
https://smms.me/V1qY716 HTTP 302
https://s.enewsletter.pl/kusms/6457/13473933/aee17/aHR0cHM6Ly93bmlvc2VrLnRhcmF0YS5wbC9vZmZlcnM/aWQ9ODNFOTg2REMtQTkyQUMwMDc0RDYyJnR5cGU9c21zJm9yZGVyPUExJnV0bV9zb3VyY2U9c21zX3JldGFya2V0aW5nJnV0bV9tZWRpdW09c21zX25vdGlmeV91bnVzZWRfb2ZmZXJzJnV0bV9jYW1wYWlnbj1zbXNfbjE= HTTP 302
https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://pixel.wp.pl/api/collect?e=init&k=WP-FIND-A6I1M-5Q3&h=wniosek.tarata.pl&r=&l=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&t=1735220543865&v=6.34.2&wph_a=4004850526.1735220543807&wph_st=2591710489.1735220543807&tz=Europe%2FWarsaw&c_integration_version=0.1.0&i=a48eb5ba6a48001d527641e4b783b808eff88afd HTTP 301
https://pixel.wp.pl/r1735220543/wppixeln?e=init&k=WP-FIND-A6I1M-5Q3&h=wniosek.tarata.pl&r=&l=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&t=1735220543865&v=6.34.2&wph_a=4004850526.1735220543807&wph_st=2591710489.1735220543807&tz=Europe%2FWarsaw&c_integration_version=0.1.0&i=a48eb5ba6a48001d527641e4b783b808eff88afd

Request Chain 15

https://pixel.wp.pl/api/collect?k=WP-FIND-A6I1M-5Q3&h=wniosek.tarata.pl&r=&l=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&t=1735220543866&v=6.34.2&wph_a=4004850526.1735220543807&wph_st=2591710489.1735220543807&e=UserCreated&tz=Europe%2FWarsaw&c_integration_version=0.1.0&i=79d884b5128fe1532d30fa52e396a6c9bcb5f5f6 HTTP 301
https://pixel.wp.pl/r1735220543/wppixeln?k=WP-FIND-A6I1M-5Q3&h=wniosek.tarata.pl&r=&l=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&t=1735220543866&v=6.34.2&wph_a=4004850526.1735220543807&wph_st=2591710489.1735220543807&e=UserCreated&tz=Europe%2FWarsaw&c_integration_version=0.1.0&i=79d884b5128fe1532d30fa52e396a6c9bcb5f5f6

Request Chain 16

https://pixel.wp.pl/api/collect?k=WP-FIND-A6I1M-5Q3&h=wniosek.tarata.pl&r=&l=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&t=1735220543866&v=6.34.2&wph_a=4004850526.1735220543807&wph_st=2591710489.1735220543807&e=ViewContent&tz=Europe%2FWarsaw&c_content_type=Site&c_content_name=View&c_integration_version=0.1.0&i=32f08faa55895882568d71001a1d946527215371 HTTP 301
https://pixel.wp.pl/r1735220543/wppixeln?k=WP-FIND-A6I1M-5Q3&h=wniosek.tarata.pl&r=&l=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&t=1735220543866&v=6.34.2&wph_a=4004850526.1735220543807&wph_st=2591710489.1735220543807&e=ViewContent&tz=Europe%2FWarsaw&c_content_type=Site&c_content_name=View&c_integration_version=0.1.0&i=32f08faa55895882568d71001a1d946527215371

Request Chain 42

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3B707140A17143C1A00D3E4E61149293&RedC=c.clarity.ms&MXFR=09983C251B5767792D9D29441F57697C HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3B707140A17143C1A00D3E4E61149293&MUID=1455537F9FA36B402CCB461E9EF66A8B

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request offers Show response
wniosek.tarata.pl/
Redirect Chain

http://smms.me/V1qY716
https://smms.me/V1qY716
https://s.enewsletter.pl/kusms/6457/13473933/aee17/aHR0cHM6Ly93bmlvc2VrLnRhcmF0YS5wbC9vZmZlcnM/aWQ9ODNFOTg2REMtQTkyQUMwMDc0RDYyJnR5cGU9c21zJm9yZGVyPUExJnV0bV9zb3VyY2U9c21zX3JldGFya2V0aW5nJnV0bV9tZW...
https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1

7 KB
3 KB

246ms
83ms

Document
text/html

185.180.204.63
CF-GDA Cyber_Folk...

General

Check archive.org

Show headers Download Go to

Full URL: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.180.204.63 , Poland, ASN41079 (CF-GDA Cyber_Folks S.A., PL),
Reverse DNS: vpshd2228.cyber-folks.pl
Software: Apache /
Resource Hash: 0705af8036580bb40a07de78f6ead328f96dff729d56354aa8a28f5dd07cf030

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 2736
content-type: text/html; charset=UTF-8
date: Thu, 26 Dec 2024 13:42:23 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding,User-Agent

Redirect headers

cache-control: no cache, no store, must-revalidate, max-age=0, s-maxage=0
content-length: 0
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' https://editor.sareapps.pl/ https://editor.digiapps.pl/ https://dev-editor.sare25.com/;block-all-mixed-content;default-src 'self' data:;object-src 'none';base-uri 'self' http://n.enewsletter.pl https://n.enewsletter.pl http://n.enewsletter.pl https://n.enewsletter.pl;manifest-src 'self';font-src 'self' cdnjs.cloudflare.com fonts.googleapis.com fonts.gstatic.com https://cdn.sare25.com;script-src 'self' https://cdn.enewsletter.com.pl https://cdn.sareapps.pl https://cdn.digiapps.pl https://cdn.speakhub.live https://public.speakhub.live https://cdnjs.cloudflare.com https://code.jquery.com https://blueimp.github.io https://cdn.sare25.com https://ajax.googleapis.com https://www.google.com https://www.gstatic.com;style-src 'self' 'report-sample' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com https://cdn.sare25.com n.enewsletter.pl;frame-src 'self' dev-editor.sare25.com editor.sareapps.pl editor.digiapps.pl https://www.google.com data:;img-src * data: blob:;worker-src 'self' blob:;media-src * data: blob:;connect-src 'self' *.enewsletter.pl *.sare25.com *.sareapps.pl *.digiapps.pl wss://ws-sare-wire.sareapps.pl wss://ws-sare-wire.digiapps.pl wss://ws.speakhub.live public.speakhub.live cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com;child-src 'self' https://cdn.sare25.com;
content-type: text/html; charset=UTF-8
date: Thu, 26 Dec 2024 13:42:22 GMT
expect-ct: max-age=86400, enforce
expires: 0
location: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1
permissions-policy: default 'none'
pragma: no-cache
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
wniosek.tarata.pl/assets/css/ 126 KB
21 KB 61ms
59ms Stylesheet
text/css 185.180.204.63
CF-GDA Cyber_Folk...

General

Check archive.org

Show headers Download Go to

Full URL: https://wniosek.tarata.pl/assets/css/style.min.css?ver=2.1.17
Requested by: Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.180.204.63 , Poland, ASN41079 (CF-GDA Cyber_Folks S.A., PL),
Reverse DNS: vpshd2228.cyber-folks.pl
Software: Apache /
Resource Hash: 5e51bf361497316e515ea630261632348a6754c609c0c8f85c6c5c407fd48ef0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1

Response headers

content-encoding: gzip
etag: "1f62d-629ecef8da0f3-gzip"
accept-ranges: bytes
content-length: 21011
date: Thu, 26 Dec 2024 13:42:23 GMT
last-modified: Mon, 23 Dec 2024 09:51:08 GMT
vary: Accept-Encoding,User-Agent
server: Apache
content-type: text/css

GET
H2 200 logo.svg
wniosek.tarata.pl/assets/img/ 4 KB
2 KB 74ms
73ms Image
image/svg+xml 185.180.204.63
CF-GDA Cyber_Folk...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wniosek.tarata.pl/assets/img/logo.svg
Requested by: Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.180.204.63 , Poland, ASN41079 (CF-GDA Cyber_Folks S.A., PL),
Reverse DNS: vpshd2228.cyber-folks.pl
Software: Apache /
Resource Hash: 8bdc72cc13ce7f6dda39e84c6a70aa2f10b025669f4d88ae18beb3ef42994f6c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1

Response headers

content-encoding: gzip
etag: "112d-613eda4bcf33c-gzip"
accept-ranges: bytes
content-length: 1464
date: Thu, 26 Dec 2024 13:42:23 GMT
last-modified: Mon, 18 Mar 2024 11:27:32 GMT
vary: Accept-Encoding,User-Agent
server: Apache
content-type: image/svg+xml

GET
H2 200 logo-light.svg
wniosek.tarata.pl/assets/img/ 4 KB
2 KB 68ms
66ms Image
image/svg+xml 185.180.204.63
CF-GDA Cyber_Folk...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wniosek.tarata.pl/assets/img/logo-light.svg
Requested by: Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.180.204.63 , Poland, ASN41079 (CF-GDA Cyber_Folks S.A., PL),
Reverse DNS: vpshd2228.cyber-folks.pl
Software: Apache /
Resource Hash: 24a16cc1c7204acdc34ea9c398847c995e473710d19c6f70ee2de88fccf3d152

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1

Response headers

content-encoding: gzip
etag: "1162-613eda4ba7a6b-gzip"
accept-ranges: bytes
content-length: 1488
date: Thu, 26 Dec 2024 13:42:23 GMT
last-modified: Mon, 18 Mar 2024 11:27:32 GMT
vary: Accept-Encoding,User-Agent
server: Apache
content-type: image/svg+xml

GET
H2 200 findao_secure.svg
wniosek.tarata.pl/assets/img/ 5 KB
2 KB 77ms
76ms Image
image/svg+xml 185.180.204.63
CF-GDA Cyber_Folk...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wniosek.tarata.pl/assets/img/findao_secure.svg
Requested by: Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.180.204.63 , Poland, ASN41079 (CF-GDA Cyber_Folks S.A., PL),
Reverse DNS: vpshd2228.cyber-folks.pl
Software: Apache /
Resource Hash: b74ce8fbc13ae6be7517bc1e57c4f4724ce5c0b42aec09c847e3edfca8ed506d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1

Response headers

content-encoding: gzip
etag: "1556-613eda4a89848-gzip"
accept-ranges: bytes
content-length: 2378
date: Thu, 26 Dec 2024 13:42:23 GMT
last-modified: Mon, 18 Mar 2024 11:27:30 GMT
vary: Accept-Encoding,User-Agent
server: Apache
content-type: image/svg+xml

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 244ms
94ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wniosek.tarata.pl
Referer: https://wniosek.tarata.pl/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15d9d"
age: 3743833
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 13:42:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 17, 591414
x-served-by: cache-lga21931-LGA, cache-vie6367-VIE
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1735220543.430357,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30875
server: nginx

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.13.2/ 249 KB
66 KB 129ms
60ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.13.2/jquery-ui.min.js
Requested by: Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wniosek.tarata.pl
Referer: https://wniosek.tarata.pl/

Response headers

content-encoding: gzip
etag: W/"28feccc0-3e46c"
age: 4421150
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 13:42:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-cache-hits: 47, 54946
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-served-by: cache-lga13623-LGA, cache-vie6367-VIE
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1735220543.430339,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 67628
server: nginx

GET
H2 200 commons.min.js Show response
wniosek.tarata.pl/assets/js/ 104 KB
30 KB 53ms
52ms Script
text/javascript 185.180.204.63
CF-GDA Cyber_Folk...

General

Check archive.org

Show headers Download Go to

Full URL: https://wniosek.tarata.pl/assets/js/commons.min.js?ver=2.1.17
Requested by: Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.180.204.63 , Poland, ASN41079 (CF-GDA Cyber_Folks S.A., PL),
Reverse DNS: vpshd2228.cyber-folks.pl
Software: Apache /
Resource Hash: 9bbd0c52694ab58b4b133b4b5a2eb197c02555ae7e16a522ce63b89500dc1925

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1

Response headers

content-encoding: gzip
etag: "1a1fc-628eb9fc7ce02-gzip"
accept-ranges: bytes
content-length: 30784
date: Thu, 26 Dec 2024 13:42:23 GMT
last-modified: Tue, 10 Dec 2024 14:52:03 GMT
vary: Accept-Encoding,User-Agent
server: Apache
content-type: text/javascript

GET
H2 200 offers_return.js Show response
wniosek.tarata.pl/assets/js/ 25 KB
6 KB 70ms
69ms Script
text/javascript 185.180.204.63
CF-GDA Cyber_Folk...

General

Check archive.org

Show headers Download Go to

Full URL: https://wniosek.tarata.pl/assets/js/offers_return.js?ver=2.1.17
Requested by: Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.180.204.63 , Poland, ASN41079 (CF-GDA Cyber_Folks S.A., PL),
Reverse DNS: vpshd2228.cyber-folks.pl
Software: Apache /
Resource Hash: 44632ea34744018689323fa00bbc264f7ba6e5221ce68c74d8b2c51fb48d1193

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1

Response headers

content-encoding: gzip
etag: "6205-626c7f2690d56-gzip"
accept-ranges: bytes
content-length: 5890
date: Thu, 26 Dec 2024 13:42:23 GMT
last-modified: Wed, 13 Nov 2024 09:27:47 GMT
vary: Accept-Encoding,User-Agent
server: Apache
content-type: text/javascript

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
915 B 279ms
138ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Figtree:wght@300;400;500;600;700&display=swap

Requested by

Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/assets/css/style.min.css?ver=2.1.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

9e50885c08820d2c2f4d548d0e2bf7192ff85b297303d13a936c1b234fffa8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 26 Dec 2024 13:42:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 13:42:23 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 26 Dec 2024 13:33:44 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 304 KB
104 KB 241ms
101ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJW4NJ7Z

Requested by

Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7f0edef61a2e5a99edf46f377039c28fa33db4fda36494be64c40f0065dc31bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 26 Dec 2024 13:42:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 13:42:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 26 Dec 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105681
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 tr.js Show response
pixel.wp.pl/w/ 101 KB
22 KB 190ms
79ms Script
application/javascript 212.77.100.84
WirtualnaPolska W...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.wp.pl/w/tr.js
Requested by: Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.100.84 , Poland, ASN12827 (WirtualnaPolska Wirtualna Polska Media S.A., PL),
Reverse DNS: pixel.wp.pl
Software: nginx /
Resource Hash: 034a4867a0da53a56d864fb57132073d8778106a008088d258d0bdd901d048b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

cache-control: max-age=60, must-revalidate
content-encoding: gzip
etag: W/"67617e31-1925f"
access-control-allow-credentials: true
date: Thu, 26 Dec 2024 13:42:23 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 13:35:45 GMT
server: nginx

GET
H3 200 _Xms-HUzqDCFdgfMm4S9DQ.woff2
fonts.gstatic.com/s/figtree/v6/ 20 KB
20 KB 116ms
59ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/figtree/v6/_Xms-HUzqDCFdgfMm4S9DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Figtree:wght@300;400;500;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

93a68eaa293304b947a167d0f7d0e00a1a8b5cf4972dc0da3da2094359a33e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wniosek.tarata.pl
Referer: https://fonts.googleapis.com/

Response headers

age: 79882
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 25 Dec 2025 15:31:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Dec 2024 15:31:01 GMT
last-modified: Fri, 27 Sep 2024 00:41:54 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20016
x-xss-protection: 0
server: sffe

GET
H3 200 _Xms-HUzqDCFdgfMm4q9DbZs.woff2
fonts.gstatic.com/s/figtree/v6/ 10 KB
10 KB 106ms
49ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/figtree/v6/_Xms-HUzqDCFdgfMm4q9DbZs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Figtree:wght@300;400;500;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

c96d7b7b085414ae99598c1cbd72b09c8aa6d4732d7a120c408a044f46425428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wniosek.tarata.pl
Referer: https://fonts.googleapis.com/

Response headers

age: 602348
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 19 Dec 2025 14:23:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 14:23:15 GMT
last-modified: Fri, 27 Sep 2024 00:41:43 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10232
x-xss-protection: 0
server: sffe

GET
H2 200 ir.js Show response
pixel.wp.pl/w/WP-FIND-A6I1M-5Q3/ 468 B
560 B 49ms
48ms XHR
application/javascript 212.77.100.84
WirtualnaPolska W...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.wp.pl/w/WP-FIND-A6I1M-5Q3/ir.js
Requested by: Host: pixel.wp.pl
URL: https://pixel.wp.pl/w/tr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.100.84 , Poland, ASN12827 (WirtualnaPolska Wirtualna Polska Media S.A., PL),
Reverse DNS: pixel.wp.pl
Software: nginx /
Resource Hash: 43e67ea3450c697166ec74ed98a297d6dbf5d85e99b48b01b167ee761ad3b32d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

cache-control: max-age=60, must-revalidate
etag: "67617e0e-1d4"
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: https://wniosek.tarata.pl
content-length: 468
date: Thu, 26 Dec 2024 13:42:23 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 13:35:10 GMT
server: nginx

GET
H2

204

wppixeln
pixel.wp.pl/r1735220543/
Redirect Chain

https://pixel.wp.pl/api/collect?e=init&k=WP-FIND-A6I1M-5Q3&h=wniosek.tarata.pl&r=&l=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&t=1735220543865&v=6.34.2&wph_a=4004850526.1735220543807&wph_st=259171048...
https://pixel.wp.pl/r1735220543/wppixeln?e=init&k=WP-FIND-A6I1M-5Q3&h=wniosek.tarata.pl&r=&l=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&t=1735220543865&v=6.34.2&wph_a=4004850526.1735220543807&wph_st=...

0
137 B

52ms
52ms

Image
text/plain

212.77.100.84
WirtualnaPolska W...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.pl/r1735220543/wppixeln?e=init&k=WP-FIND-A6I1M-5Q3&h=wniosek.tarata.pl&r=&l=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&t=1735220543865&v=6.34.2&wph_a=4004850526.1735220543807&wph_st=2591710489.1735220543807&tz=Europe%2FWarsaw&c_integration_version=0.1.0&i=a48eb5ba6a48001d527641e4b783b808eff88afd
Requested by: Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers
Protocol: H2
Server: 212.77.100.84 , Poland, ASN12827 (WirtualnaPolska Wirtualna Polska Media S.A., PL),
Reverse DNS: pixel.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

cache-control: no-cache, no-store, must-revalidate
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect, sec-ch-ua, sec-ch-ua-platform, sec-ch-ua-mobile, sec-ch-ua-full-version-list, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-model
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
x-server-details: BuVsD91JBk1sDkViDEfEDFfJDs2cBTlsDFZsBul6oEVJBFV6O1nXN41YoEhJduZcBTh2RF0aDzJlGzOvpzVv04ivS4BsdTNiBTNvptUaSHeExtYCStOvDEZcRTI7Z7BUSkc1D7UCp6==
accept-ch-lifetime: 604800
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CON TEL OUR SAM IND"
date: Thu, 26 Dec 2024 13:42:23 GMT
server: nginx

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: /r1735220543/wppixeln?e=init&k=WP-FIND-A6I1M-5Q3&h=wniosek.tarata.pl&r=&l=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&t=1735220543865&v=6.34.2&wph_a=4004850526.1735220543807&wph_st=2591710489.1735220543807&tz=Europe%2FWarsaw&c_integration_version=0.1.0&i=a48eb5ba6a48001d527641e4b783b808eff88afd
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect, sec-ch-ua, sec-ch-ua-platform, sec-ch-ua-mobile, sec-ch-ua-full-version-list, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-model
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
x-server-details: BuVsD91JBk1sBsViDufsBEf1Dk2UDu6cRF0UBEX6oEVJBFV6O1nXN41YoEhEduBzBE0iRTlEByJlGzOvpzVv04ivS4BsdTNiBTNvptUaSHeExtYCStOvDEZcRTI7Z7BUSk12puNap6==
accept-ch-lifetime: 604800
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
content-length: 371
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CON TEL OUR SAM IND"
date: Thu, 26 Dec 2024 13:42:23 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H2

204

wppixeln
pixel.wp.pl/r1735220543/
Redirect Chain

https://pixel.wp.pl/api/collect?k=WP-FIND-A6I1M-5Q3&h=wniosek.tarata.pl&r=&l=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&t=1735220543866&v=6.34.2&wph_a=4004850526.1735220543807&wph_st=2591710489.17352...
https://pixel.wp.pl/r1735220543/wppixeln?k=WP-FIND-A6I1M-5Q3&h=wniosek.tarata.pl&r=&l=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&t=1735220543866&v=6.34.2&wph_a=4004850526.1735220543807&wph_st=2591710...

0
137 B

108ms
108ms

Image
text/plain

212.77.100.84
WirtualnaPolska W...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.pl/r1735220543/wppixeln?k=WP-FIND-A6I1M-5Q3&h=wniosek.tarata.pl&r=&l=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&t=1735220543866&v=6.34.2&wph_a=4004850526.1735220543807&wph_st=2591710489.1735220543807&e=UserCreated&tz=Europe%2FWarsaw&c_integration_version=0.1.0&i=79d884b5128fe1532d30fa52e396a6c9bcb5f5f6
Requested by: Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers
Protocol: H2
Server: 212.77.100.84 , Poland, ASN12827 (WirtualnaPolska Wirtualna Polska Media S.A., PL),
Reverse DNS: pixel.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

cache-control: no-cache, no-store, must-revalidate
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect, sec-ch-ua, sec-ch-ua-platform, sec-ch-ua-mobile, sec-ch-ua-full-version-list, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-model
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
x-server-details: BuVsD91JBk1sDkViDEf1BEfiDW2ERF6UDEBaRT66oEVJBFV6O1nXN41YoEhsduVzBE0sBuOaDHJlGzOvpzVv04ivS4BsdTNiBTNvptUaSHeExtYCStOvDEZcRTI7Z7BUSk1aRyqzRV==
accept-ch-lifetime: 604800
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CON TEL OUR SAM IND"
date: Thu, 26 Dec 2024 13:42:23 GMT
server: nginx

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: /r1735220543/wppixeln?k=WP-FIND-A6I1M-5Q3&h=wniosek.tarata.pl&r=&l=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&t=1735220543866&v=6.34.2&wph_a=4004850526.1735220543807&wph_st=2591710489.1735220543807&e=UserCreated&tz=Europe%2FWarsaw&c_integration_version=0.1.0&i=79d884b5128fe1532d30fa52e396a6c9bcb5f5f6
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect, sec-ch-ua, sec-ch-ua-platform, sec-ch-ua-mobile, sec-ch-ua-full-version-list, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-model
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
x-server-details: BuVsD91JBk1sDkViRFf1DufsRW2zBuliBuOcBkV3BFhiB9KFInO6GT13BTZCRFO1DF0JBE6cA4Imp9cz09ciG9clZENvBuVJBkccGgSb0gDqGaUbS91zDuXUD4SkZEb7dTeQp7S3
accept-ch-lifetime: 604800
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
content-length: 378
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CON TEL OUR SAM IND"
date: Thu, 26 Dec 2024 13:42:23 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H2

204

wppixeln
pixel.wp.pl/r1735220543/
Redirect Chain

https://pixel.wp.pl/api/collect?k=WP-FIND-A6I1M-5Q3&h=wniosek.tarata.pl&r=&l=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&t=1735220543866&v=6.34.2&wph_a=4004850526.1735220543807&wph_st=2591710489.17352...
https://pixel.wp.pl/r1735220543/wppixeln?k=WP-FIND-A6I1M-5Q3&h=wniosek.tarata.pl&r=&l=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&t=1735220543866&v=6.34.2&wph_a=4004850526.1735220543807&wph_st=2591710...

0
137 B

94ms
93ms

Image
text/plain

212.77.100.84
WirtualnaPolska W...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.pl/r1735220543/wppixeln?k=WP-FIND-A6I1M-5Q3&h=wniosek.tarata.pl&r=&l=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&t=1735220543866&v=6.34.2&wph_a=4004850526.1735220543807&wph_st=2591710489.1735220543807&e=ViewContent&tz=Europe%2FWarsaw&c_content_type=Site&c_content_name=View&c_integration_version=0.1.0&i=32f08faa55895882568d71001a1d946527215371
Requested by: Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers
Protocol: H2
Server: 212.77.100.84 , Poland, ASN12827 (WirtualnaPolska Wirtualna Polska Media S.A., PL),
Reverse DNS: pixel.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

cache-control: no-cache, no-store, must-revalidate
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect, sec-ch-ua, sec-ch-ua-platform, sec-ch-ua-mobile, sec-ch-ua-full-version-list, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-model
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
x-server-details: BuVsD91JBk1sDkVJBFfJBFfsBW2sBuVzRThsDEX6oEVJBFV6O1nXN41YoEh1duBiBEOEDThJBHJlGzOvpzVv04ivS4BsdTNiBTNvptUaSHeExtYCStOvDEZcRTI7Z7BUSkcv0yhsZi==
accept-ch-lifetime: 604800
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CON TEL OUR SAM IND"
date: Thu, 26 Dec 2024 13:42:23 GMT
server: nginx

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: /r1735220543/wppixeln?k=WP-FIND-A6I1M-5Q3&h=wniosek.tarata.pl&r=&l=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&t=1735220543866&v=6.34.2&wph_a=4004850526.1735220543807&wph_st=2591710489.1735220543807&e=ViewContent&tz=Europe%2FWarsaw&c_content_type=Site&c_content_name=View&c_integration_version=0.1.0&i=32f08faa55895882568d71001a1d946527215371
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect, sec-ch-ua, sec-ch-ua-platform, sec-ch-ua-mobile, sec-ch-ua-full-version-list, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-model
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
x-server-details: BuVsD91JBk1sDkViDEfcBEfcD92zRTXERThaRFO6oEVJBFV6O1nXN41YoEhsduBaDT6UDFhiByJlGzOvpzVv04ivS4BsdTNiBTNvptUaSHeExtYCStOvDEZcRTI7Z7BUSkcz0te1B6==
accept-ch-lifetime: 604800
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
content-length: 426
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CON TEL OUR SAM IND"
date: Thu, 26 Dec 2024 13:42:23 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 426 KB
136 KB 101ms
100ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JZNWQZNQ6L&l=dataLayer&cx=c&gtm=45He4cc1v9138444113za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJW4NJ7Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

677715d6a5fdb68d2cd88d2a3113d4487e88c461a5c31d805c532034b4aa2c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 26 Dec 2024 13:42:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 13:42:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 138482
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
pagead2.googlesyndication.com/ccm/ 0
0 163ms
58ms Ping
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&scrsrc=www.googletagmanager.com&frm=0&rnd=658469743.1735220544&navt=n&npa=1&gtm=45He4cc1v9138444113za200&gcs=G100&gcd=13p3p3p2p5l1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1735220543948&tfd=2274&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJW4NJ7Z
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 99ms
51ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJW4NJ7Z

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-EXfsMmbe' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 13:42:24 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-EXfsMmbe' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=44, rtx=0, c=23, mss=1232, tbw=4492, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: Z8Ophy2lLun0XAB2aBC7S1Et/3RC/sgacm6wJgsQq/pjyDMcfokoOoCrBFHo3XqTJrKsTxtW6YI9AAvBx6841w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62282
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 kmpxnwhvsi Show response
www.clarity.ms/tag/ 853 B
1 KB 384ms
176ms Script
application/x-javascript 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/kmpxnwhvsi?ref=gtm2
Requested by: Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0c11156545e4f4479f52b84ae9a4f79346d62b4673cf14ba9d52efb4cd742b22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 853
date: Thu, 26 Dec 2024 13:42:24 GMT
content-type: application/x-javascript
x-azure-ref: 20241226T134224Z-1777998d8f9chx5lhC1DUStu0w00000008sg00000000s5ku

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 259ms
91ms Script
application/javascript 150.171.27.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers?id=83E986DC-A92AC0074D62&type=sms&order=A1&utm_source=sms_retarketing&utm_medium=sms_notify_unused_offers&utm_campaign=sms_n1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3BE548601E234E01A7F991A96C42CF42 Ref B: AMS231022012029 Ref C: 2024-12-26T13:42:24Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Thu, 26 Dec 2024 13:42:23 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

POST
H3 200 collect
www.google.com/ccm/ 0
0 154ms
56ms Ping
text/plain 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=consent_update&dl=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&scrsrc=www.googletagmanager.com&frm=0&rnd=658469743.1735220544&dt=Oferty%20-%20taRata.pl&auid=1221374180.1735220544&navt=n&npa=0&gcu=1&gtm=45He4cc1v9138444113za200&gcs=G111&gcd=13r3r3r2r5l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1735220543955&tfd=2281&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJW4NJ7Z
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 3017 0
0 180ms
51ms Document
text/html 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwniosek.tarata.pl

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJW4NJ7Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 55139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Wed, 25 Dec 2024 22:23:25 GMT
expires: Thu, 25 Dec 2025 22:23:25 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 162ms
54ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JZNWQZNQ6L&gtm=45je4cc1v9138446083z89138444113za200zb9138444113&_p=1735220543608&_gaz=1&gcs=G111&gcd=13r3r3r2r5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1998569015.1735220544&ecid=290050717&ul=pl-pl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1735220544&sct=1&seg=0&dl=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&dt=Oferty%20-%20taRata.pl&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2430
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZNWQZNQ6L&l=dataLayer&cx=c&gtm=45He4cc1v9138444113za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://wniosek.tarata.pl
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 13:42:24 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
555 B 305ms
155ms Ping
text/plain 142.251.173.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JZNWQZNQ6L&cid=1998569015.1735220544&gtm=45je4cc1v9138446083z89138444113za200zb9138444113&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13r3r3r2r5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZNWQZNQ6L&l=dataLayer&cx=c&gtm=45He4cc1v9138444113za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.173.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: wi-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://wniosek.tarata.pl
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 13:42:24 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 4A3D 0
0 214ms
75ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-JZNWQZNQ6L&gacid=1998569015.1735220544&gtm=45je4cc1v9138446083z89138444113za200zb9138444113&dma=1&dma_cps=syphamo&gcs=G111&gcd=13r3r3r2r5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1781987697

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZNWQZNQ6L&l=dataLayer&cx=c&gtm=45He4cc1v9138444113za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wniosek.tarata.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 26 Dec 2024 13:42:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16746327277/ 5 KB
2 KB 150ms
60ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16746327277/?random=1735220544123&cv=11&fst=1735220544123&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v9138446083z89138444113za200zb9138444113&gcd=13r3r3r2r5l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&hn=www.googleadservices.com&frm=0&tiba=Oferty%20-%20taRata.pl&npa=0&pscdl=noapi&auid=1221374180.1735220544&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZNWQZNQ6L&l=dataLayer&cx=c&gtm=45He4cc1v9138444113za200

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

d48dd6e6e7e381564b41b7782d7dece8aed53d85d9b5e4ce36a63eba983daff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2277
date: Thu, 26 Dec 2024 13:42:24 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 16746327277
td.doubleclick.net/td/rul/ Frame D700 0
0 238ms
103ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/16746327277?random=1735220544123&cv=11&fst=1735220544123&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v9138446083z89138444113za200zb9138444113&gcd=13r3r3r2r5l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&hn=www.googleadservices.com&frm=0&tiba=Oferty%20-%20taRata.pl&npa=0&pscdl=noapi&auid=1221374180.1735220544&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZNWQZNQ6L&l=dataLayer&cx=c&gtm=45He4cc1v9138444113za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wniosek.tarata.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 26 Dec 2024 13:42:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.pl/ads/ 42 B
107 B 220ms
92ms Image
image/gif 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.pl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JZNWQZNQ6L&cid=1998569015.1735220544&gtm=45je4cc1v9138446083z89138444113za200zb9138444113&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13r3r3r2r5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1138697547

Requested by

Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 26 Dec 2024 13:42:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 1000574318511127 Show response
connect.facebook.net/signals/config/ 69 KB
15 KB 210ms
210ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1000574318511127?v=2.9.179&r=stable&domain=wniosek.tarata.pl&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

a455ae788b70e663843ec1d4f75ce0a0f5b340b931bd7a21f035a6deed25b226

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-UXQxrqxv' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 13:42:24 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-UXQxrqxv' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=77, mss=1232, tbw=70508, tp=65, tpl=0, uplat=162, ullat=0
pragma: public
x-fb-debug: 9S1A/xflIYsrNs4G+radkQ362GE2bDIi3gpGkXhNGaE5DfE35xG0qmfwoFcDgSy6Y1PowhO7I8V/OHOi5SBbXQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 343162750.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 67ms
67ms Script
application/javascript 150.171.27.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343162750.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

10a3afa429e476fb0d8daac18661b0c212cf9c6e59742ec9121caff03ed0f09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=60
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 605B63D1BDC446B4911DC3B504769F01 Ref B: AMS231022012029 Ref C: 2024-12-26T13:42:24Z
x-cache: CONFIG_NOCACHE
date: Thu, 26 Dec 2024 13:42:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H3 200 /
www.google.com/pagead/1p-user-list/16746327277/ 42 B
64 B 59ms
59ms Image
image/gif 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16746327277/?random=1735220544123&cv=11&fst=1735218000000&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v9138446083z89138444113za200zb9138444113&gcd=13r3r3r2r5l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&hn=www.googleadservices.com&frm=0&tiba=Oferty%20-%20taRata.pl&npa=0&pscdl=noapi&auid=1221374180.1735220544&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dCPVhg_PyqzD6fP-A19E5xvd2in3EuQ&random=467381322&rmt_tld=0&ipr=y

Requested by

Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 26 Dec 2024 13:42:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.google.pl/pagead/1p-user-list/16746327277/ 42 B
455 B 70ms
69ms Image
image/gif 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.pl/pagead/1p-user-list/16746327277/?random=1735220544123&cv=11&fst=1735218000000&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v9138446083z89138444113za200zb9138444113&gcd=13r3r3r2r5l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&hn=www.googleadservices.com&frm=0&tiba=Oferty%20-%20taRata.pl&npa=0&pscdl=noapi&auid=1221374180.1735220544&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dCPVhg_PyqzD6fP-A19E5xvd2in3EuQ&random=467381322&rmt_tld=1&ipr=y

Requested by

Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 26 Dec 2024 13:42:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 0
bat.bing.net/actionp/ 0
345 B 338ms
142ms Ping
text/plain 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=343162750&Ver=2&mid=4bab1950-4bfe-4687-956b-892465315225&bo=1&evt=consent&src=default&cdb=AQAQ&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AF5C39A4F3DE42729AE30033EF7F6579 Ref B: AMS04EDGE2010 Ref C: 2024-12-26T13:42:24Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 26 Dec 2024 13:42:23 GMT

POST
H2 204 0
bat.bing.com/actionp/ 0
285 B 68ms
67ms Ping
text/plain 150.171.27.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/actionp/0?ti=343162750&Ver=2&mid=4bab1950-4bfe-4687-956b-892465315225&bo=2&evt=consent&src=update&cdb=AQAQ&asc=G

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6EAE375547E44F9185A30B816A3703A3 Ref B: AMS231022012029 Ref C: 2024-12-26T13:42:24Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 26 Dec 2024 13:42:23 GMT

GET
H2 200 343162750 Show response
www.clarity.ms/tag/uet/ 1 KB
1 KB 197ms
196ms Script
application/x-javascript 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/343162750?insights=1
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/343162750.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3878609da8fab4e54a39350fc02f46bccae3f0c19f44c78170765b6a92295de7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 1044
date: Thu, 26 Dec 2024 13:42:24 GMT
content-type: application/x-javascript
x-azure-ref: 20241226T134224Z-1777998d8f9chx5lhC1DUStu0w00000008sg00000000s5m8

GET
H2 204 0
bat.bing.com/action/ 0
231 B 133ms
132ms Image
text/plain 150.171.27.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343162750&Ver=2&mid=4bab1950-4bfe-4687-956b-892465315225&bo=3&sid=3d0661c0c38f11ef95f27544062513e3&vid=3d069fa0c38f11ef833103eeb6255c84&vids=1&msclkid=N&pi=918639831&lg=pl-PL&sw=1600&sh=1200&sc=24&tl=Oferty%20-%20taRata.pl&p=https%3A%2F%2Fwniosek.tarata.pl%2Foffers&r=&lt=1960&evt=pageLoad&sv=1&asc=G&cdb=AQAQ&rn=749749

Requested by

Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 699EDB13D6EC482ABF7A163A789B757E Ref B: AMS231022012029 Ref C: 2024-12-26T13:42:24Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 26 Dec 2024 13:42:23 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.59/ 67 KB
28 KB 105ms
104ms Script
application/javascript 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.59/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/kmpxnwhvsi?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

x-azure-ref: 20241226T134224Z-1777998d8f9chx5lhC1DUStu0w00000008sg00000000s5m9
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD202F1480E82A"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: f24d3db5-c01e-0014-5c57-5566b4000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Thu, 26 Dec 2024 13:42:24 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 19 Dec 2024 13:14:33 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 93ms
45ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1000574318511127&ev=PageView&dl=https%3A%2F%2Fwniosek.tarata.pl&rl=&if=false&ts=1735220544362&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1735220544361.761225609289000893&pm=1&hrl=fe90e5&ler=empty&cdl=API_unavailable&it=1735220544140&coo=false&tm=1&cs_cc=1&cas=8951662288185526&rqm=GET

Requested by

Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=44, rtx=0, c=23, mss=1232, tbw=4540, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 26 Dec 2024 13:42:24 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 264ms
216ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1000574318511127&ev=PageView&dl=https%3A%2F%2Fwniosek.tarata.pl&rl=&if=false&ts=1735220544362&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1735220544361.761225609289000893&pm=1&hrl=fe90e5&ler=empty&cdl=API_unavailable&it=1735220544140&coo=false&tm=1&cs_cc=1&cas=8951662288185526&rqm=FGET

Requested by

Host: wniosek.tarata.pl
URL: https://wniosek.tarata.pl/offers

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7452715487945390364"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 13:42:24 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: tUR94I/HgcJ0GHfr6a9NQaDKZPD5vt9OZMa34A63/swsyG7fmDtgBE3mdIRrmxXd2Mg7LaFEXGYiQmttNlhaiw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7452715487945390364", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=4908, tp=13, tpl=0, uplat=170, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H/1.1 204
No Content collect Show response
z.clarity.ms/ 0
281 B 560ms
247ms XHR
text/plain 20.10.16.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://wniosek.tarata.pl/

Response headers

Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
Access-Control-Allow-Origin: https://wniosek.tarata.pl
Date: Thu, 26 Dec 2024 13:42:25 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3B707140A17143C1A00D3E4E61149293&RedC=c.clarity.ms&MXFR=09983C251B5767792D9D29441F57697C
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3B707140A17143C1A00D3E4E61149293&MUID=1455537F9FA36B402CCB461E9EF66A8B

42 B
442 B

65ms
65ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3B707140A17143C1A00D3E4E61149293&MUID=1455537F9FA36B402CCB461E9EF66A8B
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "9270eb7934bdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Thu, 26 Dec 2024 13:42:24 GMT
content-type: image/gif
last-modified: Tue, 10 Dec 2024 13:00:24 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3B707140A17143C1A00D3E4E61149293&MUID=1455537F9FA36B402CCB461E9EF66A8B
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 866AE7A59599473EA932843FDD38D1BF Ref B: DUS30EDGE0917 Ref C: 2024-12-26T13:42:25Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Thu, 26 Dec 2024 13:42:24 GMT
x-powered-by: ASP.NET

GET
H2 200 favicon.ico
wniosek.tarata.pl/ 5 KB
2 KB 43ms
43ms Other
text/html 185.180.204.63
CF-GDA Cyber_Folk...

General

Check archive.org

Show headers Download Go to

Full URL: https://wniosek.tarata.pl/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.180.204.63 , Poland, ASN41079 (CF-GDA Cyber_Folks S.A., PL),
Reverse DNS: vpshd2228.cyber-folks.pl
Software: Apache /
Resource Hash: d47ab3e280aaa098fa7b14418deacfd8d23ceded683fc5dc677497e4131903b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/offers

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
pragma: no-cache
expires: Thu, 19 Nov 1981 08:52:00 GMT
content-length: 1710
date: Thu, 26 Dec 2024 13:42:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding,User-Agent
server: Apache

GET
H2 200 favicon-32x32.png
wniosek.tarata.pl/fav/ 2 KB
2 KB 40ms
40ms Other
image/png 185.180.204.63
CF-GDA Cyber_Folk...

General

Check archive.org

Show headers Download Go to

Full URL: https://wniosek.tarata.pl/fav/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.180.204.63 , Poland, ASN41079 (CF-GDA Cyber_Folks S.A., PL),
Reverse DNS: vpshd2228.cyber-folks.pl
Software: Apache /
Resource Hash: 6973a19fb836c5ab45aef9bbf297670d758f8cdff130a715fcdde7f41f430672

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wniosek.tarata.pl/offers

Response headers

accept-ranges: bytes
content-length: 1697
etag: "6a1-613eda0763084"
date: Thu, 26 Dec 2024 13:42:24 GMT
last-modified: Mon, 18 Mar 2024 11:26:20 GMT
content-type: image/png
server: Apache

POST
H/1.1 204
No Content collect Show response
z.clarity.ms/ 0
281 B 285ms
284ms XHR
text/plain 20.10.16.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://wniosek.tarata.pl/

Response headers

Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
Access-Control-Allow-Origin: https://wniosek.tarata.pl
Date: Thu, 26 Dec 2024 13:42:25 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
s.enewsletter.pl/	1969-12-31 23:59:59	Name: PHPSESSID Value: ko6h7ifg111u8jivbgo7rclb33
wniosek.tarata.pl/	1969-12-31 23:59:59	Name: PHPSESSID Value: 88369f4fef8f2c3e6894079550d8fddd
.tarata.pl/	1970-01-21 10:45:56	Name: picoPreferedColorScheme Value: light
.tarata.pl/	1969-12-31 23:59:59	Name: visitor_id Value: 9e5fa100-c397-11ef-8dec-6666dc0a5711
.wp.pl/	1970-01-21 11:36:20	Name: statid Value: c5ff55d2b0e4bc3c6d1a33d972590748:0fb65a:1735220543:v3
.tarata.pl/	1970-01-21 04:09:56	Name: _gcl_au Value: 1.1.1221374180.1735220544
.tarata.pl/	1970-01-21 11:36:20	Name: _ga Value: GA1.1.1998569015.1735220544
.tarata.pl/	1970-01-21 11:36:20	Name: _ga_JZNWQZNQ6L Value: GS1.1.1735220544.1.0.1735220544.60.0.290050717
.doubleclick.net/	1970-01-21 02:00:21	Name: test_cookie Value: CheckForPermission
.tarata.pl/	1970-01-21 02:01:46	Name: _uetsid Value: 3d0661c0c38f11ef95f27544062513e3
.tarata.pl/	1970-01-21 11:21:56	Name: _uetvid Value: 3d069fa0c38f11ef833103eeb6255c84
.tarata.pl/	1970-01-21 04:09:56	Name: _fbp Value: fb.1.1735220544361.761225609289000893
.bing.com/	1970-01-21 11:21:56	Name: MUID Value: 1455537F9FA36B402CCB461E9EF66A8B
.tarata.pl/	1970-01-21 10:45:56	Name: _clck Value: 2vs9b9%7C2%7Cfs1%7C0%7C1821
www.clarity.ms/	1970-01-21 10:45:56	Name: CLID Value: c57e494892b44e2abc1903c9ab36cbf9.20241226.20251226
.tarata.pl/	1970-01-21 02:01:46	Name: _clsk Value: 19dlt3r%7C1735220545136%7C1%7C1%7Cz.clarity.ms%2Fcollect
.c.bing.com/	1970-01-21 02:10:25	Name: MR Value: 0
.c.bing.com/	1970-01-21 11:21:56	Name: SRM_B Value: 1455537F9FA36B402CCB461E9EF66A8B
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 11:21:56	Name: MUID Value: 1455537F9FA36B402CCB461E9EF66A8B
.c.clarity.ms/	1970-01-21 02:10:25	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 02:00:21	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
bat.bing.net
c.bing.com
c.clarity.ms
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pixel.wp.pl
region1.analytics.google.com
s.enewsletter.pl
smms.me
stats.g.doubleclick.net
td.doubleclick.net
wniosek.tarata.pl
www.clarity.ms
www.facebook.com
www.google.com
www.google.pl
www.googletagmanager.com
z.clarity.ms
13.107.21.237
13.107.246.45
13.74.129.1
142.250.184.194
142.250.185.195
142.250.185.234
142.250.185.68
142.250.186.168
142.250.186.35
142.250.186.66
142.251.173.156
150.171.27.10
151.101.130.137
157.240.0.35
157.240.251.9
172.217.16.194
185.180.204.63
20.10.16.51
204.79.197.237
212.77.100.84
216.239.34.36
46.229.151.12
46.229.151.14
034a4867a0da53a56d864fb57132073d8778106a008088d258d0bdd901d048b9
0705af8036580bb40a07de78f6ead328f96dff729d56354aa8a28f5dd07cf030
0c11156545e4f4479f52b84ae9a4f79346d62b4673cf14ba9d52efb4cd742b22
10a3afa429e476fb0d8daac18661b0c212cf9c6e59742ec9121caff03ed0f09b
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
24a16cc1c7204acdc34ea9c398847c995e473710d19c6f70ee2de88fccf3d152
3878609da8fab4e54a39350fc02f46bccae3f0c19f44c78170765b6a92295de7
43e67ea3450c697166ec74ed98a297d6dbf5d85e99b48b01b167ee761ad3b32d
44632ea34744018689323fa00bbc264f7ba6e5221ce68c74d8b2c51fb48d1193
5e51bf361497316e515ea630261632348a6754c609c0c8f85c6c5c407fd48ef0
677715d6a5fdb68d2cd88d2a3113d4487e88c461a5c31d805c532034b4aa2c87
6973a19fb836c5ab45aef9bbf297670d758f8cdff130a715fcdde7f41f430672
7f0edef61a2e5a99edf46f377039c28fa33db4fda36494be64c40f0065dc31bb
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27
8bdc72cc13ce7f6dda39e84c6a70aa2f10b025669f4d88ae18beb3ef42994f6c
93a68eaa293304b947a167d0f7d0e00a1a8b5cf4972dc0da3da2094359a33e9a
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bbd0c52694ab58b4b133b4b5a2eb197c02555ae7e16a522ce63b89500dc1925
9e50885c08820d2c2f4d548d0e2bf7192ff85b297303d13a936c1b234fffa8cf
a455ae788b70e663843ec1d4f75ce0a0f5b340b931bd7a21f035a6deed25b226
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
b74ce8fbc13ae6be7517bc1e57c4f4724ce5c0b42aec09c847e3edfca8ed506d
c96d7b7b085414ae99598c1cbd72b09c8aa6d4732d7a120c408a044f46425428
d47ab3e280aaa098fa7b14418deacfd8d23ceded683fc5dc677497e4131903b9
d48dd6e6e7e381564b41b7782d7dece8aed53d85d9b5e4ce36a63eba983daff4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

wniosek.tarata.pl Open in urlscan Pro 185.180.204.63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

91 %HTTPS

0 %IPv6

17 Domains

23 Subdomains

20 IPs

4 Countries

586 kBTransfer

1920 kBSize

22 Cookies

2 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wniosek.tarata.pl Open in urlscan Pro
185.180.204.63 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

91 %
HTTPS

0 %
IPv6

17
Domains

23
Subdomains

20
IPs

4
Countries

586 kB
Transfer

1920 kB
Size

22
Cookies

47 HTTP transactions
0 data transactions