Submitted URL: https://wiadomosci.life/247zat9k?creative_id=2076T
Effective URL: https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Submission: On November 17 via api from PL — Scanned from PL

Summary

This website contacted 21 IPs in 4 countries across 17 domains to perform 49 HTTP transactions. The main IP is 165.227.132.139, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is e-choix.com.
TLS certificate: Issued by E5 on November 15th 2024. Valid for: 3 months.
This is the only time e-choix.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 66.220.23.67 6939 (HURRICANE)
1 165.227.132.139 14061 (DIGITALOC...)
6 185.30.126.115 20853 (ETOP-AS e...)
2 142.250.186.42 15169 (GOOGLE)
2 142.250.184.200 15169 (GOOGLE)
10 172.217.18.3 15169 (GOOGLE)
1 3.160.150.40 16509 (AMAZON-02)
2 142.250.184.238 15169 (GOOGLE)
1 18.66.102.51 16509 (AMAZON-02)
2 157.240.30.27 32934 (FACEBOOK)
1 172.67.70.115 13335 (CLOUDFLAR...)
1 13.33.187.74 16509 (AMAZON-02)
2 136.243.70.185 24940 (HETZNER-A...)
1 151.101.129.229 54113 (FASTLY)
2 157.240.30.35 32934 (FACEBOOK)
2 216.239.34.36 15169 (GOOGLE)
1 173.194.76.156 15169 (GOOGLE)
1 172.217.16.195 15169 (GOOGLE)
2 142.250.185.78 15169 (GOOGLE)
5 142.250.181.228 15169 (GOOGLE)
1 172.217.16.206 15169 (GOOGLE)
49 21
Apex Domain
Subdomains
Transfer
10 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4108
cse.google.com — Cisco Umbrella Rank: 3364
www.google.com — Cisco Umbrella Rank: 3
clients1.google.com — Cisco Umbrella Rank: 510
164 KB
10 gstatic.com
fonts.gstatic.com
179 KB
6 deon.pl
deon.pl
230 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
216 B
2 justid.io
justid.io — Cisco Umbrella Rank: 157436
36 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
75 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888
script.hotjar.com — Cisco Umbrella Rank: 1185
61 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
219 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 google.pl
www.google.pl — Cisco Umbrella Rank: 28032
409 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
552 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
1 KB
1 wtg-ads.com
lib.wtg-ads.com — Cisco Umbrella Rank: 88009
157 KB
1 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 5292
331 B
1 e-choix.com
e-choix.com
9 KB
1 wiadomosci.life
wiadomosci.life
712 B
49 17
Domain Requested by
10 fonts.gstatic.com fonts.googleapis.com
6 deon.pl e-choix.com
deon.pl
5 www.google.com cse.google.com
www.google.com
2 cse.google.com deon.pl
www.google.com
2 region1.analytics.google.com www.googletagmanager.com
2 www.facebook.com e-choix.com
2 justid.io lib.wtg-ads.com
justid.io
2 connect.facebook.net e-choix.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com e-choix.com
www.googletagmanager.com
2 fonts.googleapis.com e-choix.com
1 clients1.google.com
1 www.google.pl e-choix.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 cdn.jsdelivr.net lib.wtg-ads.com
1 script.hotjar.com static.hotjar.com
1 lib.wtg-ads.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 cmp.inmobi.com e-choix.com
1 e-choix.com
1 wiadomosci.life 1 redirects
49 21
Subject Issuer Validity Valid
e-choix.com
E5
2024-11-15 -
2025-02-13
3 months crt.sh
deon.pl
Sectigo RSA Domain Validation Secure Server CA
2024-08-31 -
2025-09-30
a year crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA
2024-07-31 -
2025-07-31
a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-08-26 -
2024-11-24
3 months crt.sh
wtg-ads.com
WE1
2024-09-21 -
2024-12-20
3 months crt.sh
justid.io
E6
2024-09-05 -
2024-12-04
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google.pl
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh

This page contains 1 frames:

Primary Page: https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Frame ID: 447ACBFC18B48DCF4431CCB6A2A8505A
Requests: 49 HTTP requests in this frame

Screenshot

Page Title

Konto użytkownika / DEON.pl

Page URL History Show full URLs

  1. https://wiadomosci.life/247zat9k?creative_id=2076T HTTP 301
    https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

49
Requests

94 %
HTTPS

0 %
IPv6

17
Domains

21
Subdomains

21
IPs

4
Countries

1156 kB
Transfer

3703 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wiadomosci.life/247zat9k?creative_id=2076T HTTP 301
    https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request b4yrpP3v
e-choix.com/
Redirect Chain
  • https://wiadomosci.life/247zat9k?creative_id=2076T
  • https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
63 KB
9 KB
Document
General
Full URL
https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
165.227.132.139 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
68895755821adc8a5dd3c9273fa9e4f505b86b5655fb537413b86ec9de34a664

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 17 Nov 2024 07:46:57 GMT
Expires
Sun, 17 Nov 2024 07:46:57 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
cloudflare-cdn-cache-control
max-age=900, stale-if-error=86400
content-length
558
content-type
text/html; charset=utf-8
date
Sun, 17 Nov 2024 07:46:57 GMT
location
https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
referrer-policy
unsafe-url
server
Caddy
status
301 Moved Permanently
x-content-type-options
nosniff
x-lighttpd-longurl
https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
x-robots-tag
noindex
x-tinyurl-redirect
eyJpdiI6IlErOHluOERyUURuMjdmZGR3YnBFaVE9PSIsInZhbHVlIjoib0NOVkk2SlV2M3VSYjZhejVzM1dUbmZGakoyRzlLUkNGNENHUkJzNmdMMnlzMk5kWjhXNXpYMWtQcllOQ2E1ZThZR3N3V09wbyt1UFk2LzNESzkxSHc9PSIsIm1hYyI6IjE3NTczNjY5MDhlOTNiODM0ZGE3ZGIyZTE4NDJiODY0NWI3YmVmYjNlYTMxMGFlYTVmMzI3NGNmYWYxYmU4ZjMiLCJ0YWciOiIifQ==
x-tinyurl-redirect-type
redirect
x-xss-protection
1; mode=block
app.css
deon.pl/themes/deon/css/
416 KB
48 KB
Stylesheet
General
Full URL
https://deon.pl/themes/deon/css/app.css?id=5129b6fe81c26f21065f
Requested by
Host: e-choix.com
URL: https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.30.126.115 , Poland, ASN20853 (ETOP-AS eTOP sp. z o.o., PL),
Reverse DNS
Software
/
Resource Hash
a48bc322b0d1bf7c8d92402cf3f88819955fef483026350d0dd8106d9adaf695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
public, max-age=2678400
content-encoding
br
etag
W/"6721f929-67e7f"
x-cache
HIT
date
Sun, 17 Nov 2024 07:46:58 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 09:15:21 GMT
css2
fonts.googleapis.com/
15 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Requested by
Host: e-choix.com
URL: https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
e60ff9dcc2ef4ae77a58e6f26c92748a8a29df25164b0e254d88f1380c49ac71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://e-choix.com
Referer
https://e-choix.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 07:46:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 07:46:58 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 17 Nov 2024 07:46:58 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: e-choix.com
URL: https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
3326f8f2c0780ffb99ab0c49e047619e0edaa3cb99527b269cc462f9d033f08b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://e-choix.com
Referer
https://e-choix.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 07:46:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 07:46:58 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 17 Nov 2024 07:39:46 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
icons.css
deon.pl/themes/deon/fonts/
0
0

logo-ua.svg
deon.pl/themes/deon/images/
7 KB
3 KB
Image
General
Full URL
https://deon.pl/themes/deon/images/logo-ua.svg
Requested by
Host: e-choix.com
URL: https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.30.126.115 , Poland, ASN20853 (ETOP-AS eTOP sp. z o.o., PL),
Reverse DNS
Software
/
Resource Hash
76ba7dc8a7ea6aa985da94e895c4ee749081e706550665cb53c0a1fe460e44c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
public, max-age=604800
content-encoding
br
etag
W/"6721f927-1c16"
x-cache
HIT
date
Sun, 17 Nov 2024 07:46:58 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 09:15:19 GMT
app.js
deon.pl/themes/deon/js/
635 KB
178 KB
Script
General
Full URL
https://deon.pl/themes/deon/js/app.js?id=9688d37b0f7aa54f1063
Requested by
Host: e-choix.com
URL: https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.30.126.115 , Poland, ASN20853 (ETOP-AS eTOP sp. z o.o., PL),
Reverse DNS
Software
/
Resource Hash
34a4e1ebc55d498948312b6d8bbc41c57fc9a14152301c626d02544167956892
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
public, max-age=2678400
content-encoding
br
etag
W/"6721f933-9edb9"
x-cache
HIT
date
Sun, 17 Nov 2024 07:46:58 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 09:15:31 GMT
token
deon.pl/api/v1/
1 KB
706 B
Script
General
Full URL
https://deon.pl/api/v1/token
Requested by
Host: e-choix.com
URL: https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.30.126.115 , Poland, ASN20853 (ETOP-AS eTOP sp. z o.o., PL),
Reverse DNS
Software
/
Resource Hash
11a025cbee46569d16a55436dd3eb1eb4258c06be5dfedb8bc5907d955265067
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
public, s-maxage=7200
content-encoding
gzip
accept-ranges
bytes
x-cache
HIT
content-length
516
date
Sun, 17 Nov 2024 07:46:58 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
gtm.js
www.googletagmanager.com/
252 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5D6ZSD9
Requested by
Host: e-choix.com
URL: https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fe5c71a5f2cd8c99f1098809d9c48bdfb10691d897e98f0dc093bbd9ab716041
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sun, 17 Nov 2024 07:46:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 07:46:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 17 Nov 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
89630
x-xss-protection
0
server
Google Tag Manager
logo-ua.svg
deon.pl/themes/deon/images/
7 KB
0
Image
General
Full URL
https://deon.pl/themes/deon/images/logo-ua.svg
Requested by
Host: e-choix.com
URL: https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.30.126.115 , Poland, ASN20853 (ETOP-AS eTOP sp. z o.o., PL),
Reverse DNS
Software
/
Resource Hash
76ba7dc8a7ea6aa985da94e895c4ee749081e706550665cb53c0a1fe460e44c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
W/"6721f927-1c16"
x-cache
HIT
date
Sun, 17 Nov 2024 07:46:58 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 09:15:19 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://e-choix.com
Referer
https://fonts.googleapis.com/

Response headers

age
254509
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 09:05:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 09:05:09 GMT
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14892
x-xss-protection
0
server
sffe
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://e-choix.com
Referer
https://fonts.googleapis.com/

Response headers

age
318332
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:21:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:21:26 GMT
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14824
x-xss-protection
0
server
sffe
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://e-choix.com
Referer
https://fonts.googleapis.com/

Response headers

age
316226
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:56:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:56:32 GMT
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20028
x-xss-protection
0
server
sffe
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://e-choix.com
Referer
https://fonts.googleapis.com/

Response headers

age
317521
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:34:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:34:57 GMT
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
19740
x-xss-protection
0
server
sffe
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://e-choix.com
Referer
https://fonts.googleapis.com/

Response headers

age
258022
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 08:06:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 08:06:36 GMT
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14712
x-xss-protection
0
server
sffe
u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2
fonts.gstatic.com/s/merriweather/v30/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
9e26ab5064dab4ccd659362ecb893cd010d78264a4ae5b540766820d1026815d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://e-choix.com
Referer
https://fonts.googleapis.com/

Response headers

age
220807
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 18:26:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 18:26:51 GMT
last-modified
Tue, 26 Apr 2022 15:44:29 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18836
x-xss-protection
0
server
sffe
6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
39cf9abce51786437c69ac45ac5f39aa19af7f859d87e347478b6bd96abe52c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://e-choix.com
Referer
https://fonts.googleapis.com/

Response headers

age
318181
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:23:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:23:57 GMT
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20616
x-xss-protection
0
server
sffe
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRduz8A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
4cc56528364598716c3aed2711f3cbdc4036f503be0af787ff3f6b1ac74a0274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://e-choix.com
Referer
https://fonts.googleapis.com/

Response headers

age
316565
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:50:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:50:53 GMT
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20428
x-xss-protection
0
server
sffe
u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2
fonts.gstatic.com/s/merriweather/v30/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
c885b71cffb1153ba213e090165c17fdda244b4807b622c1cee91025b536dd53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://e-choix.com
Referer
https://fonts.googleapis.com/

Response headers

age
317521
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:34:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:34:57 GMT
last-modified
Tue, 26 Apr 2022 15:45:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18416
x-xss-protection
0
server
sffe
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
22982053d357ec33aa4d613859733c23000ba767d919853d002f15129f7afc9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://e-choix.com
Referer
https://fonts.googleapis.com/

Response headers

age
262986
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 06:43:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 06:43:52 GMT
last-modified
Thu, 01 Jun 2023 22:53:12 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20392
x-xss-protection
0
server
sffe
token
deon.pl/api/v1/
0
0

ip
deon.pl/api/
0
0

choice.js
cmp.inmobi.com/choice/ZYp2ntKSHxCJR/e-choix.com/
0
331 B
Script
General
Full URL
https://cmp.inmobi.com/choice/ZYp2ntKSHxCJR/e-choix.com/choice.js?tag_version=V3
Requested by
Host: e-choix.com
URL: https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-40.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

cache-control
max-age=900
age
24
cross-origin-resource-policy
cross-origin
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
wDd2cSynpRQVEZgXxe0zO08o_5eJD7SSMUf-pxDMlUgVckogA44smA==
date
Sun, 17 Nov 2024 07:46:33 GMT
x-amz-cf-pop
FRA60-P7
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
server
AmazonS3
js
www.googletagmanager.com/gtag/
408 KB
131 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X57FNHKTNL&l=dataLayer&cx=c&gtm=45He4bc0v812784396za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D6ZSD9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ab9e580898959ba61420826ba05059e5f73b4883b51a7e069b3259a8b0abb277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 17 Nov 2024 07:46:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 07:46:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
133977
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D6ZSD9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

content-encoding
gzip
age
3935
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 08:41:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 06:41:24 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
hotjar-698555.js
static.hotjar.com/c/
13 KB
6 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-698555.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D6ZSD9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-51.fra56.r.cloudfront.net
Software
/
Resource Hash
40855226c6e92569016603857b5490f2c975ad0a73120f923efef6f42ee5450b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

content-encoding
br
etag
W/856ad01052f3009e7ede67a102fd3e40
age
35
x-content-type-options
nosniff
x-cache-hit
1
x-cache
Hit from cloudfront
x-amz-cf-id
Mw9iqw2391NoUBdAjL06QxHXu7qje8gr7KONWFAMpFnqvhUDkgx-vw==
date
Sun, 17 Nov 2024 07:46:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P2
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: e-choix.com
URL: https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.30.27 Prague, Czech Republic, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-prg1.fbcdn.net
Software
/
Resource Hash
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-4Saje4Ik' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 07:46:58 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-4Saje4Ik' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=49, rtx=0, c=23, mss=1232, tbw=4430, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
hnnyEKdjFSYKPk0953MZC4v/drsYZrD3bc45XDnBBlRGqCMxC/2Pq6sDlH+1p9oZhdnvedS5mCjzAYvL5MAS6w==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62152
x-xss-protection
0
origin-agent-cluster
?1
lib.min.js
lib.wtg-ads.com/publisher/deon.pl/
523 KB
157 KB
Script
General
Full URL
https://lib.wtg-ads.com/publisher/deon.pl/lib.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D6ZSD9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.70.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28b83c8e93874f748fd41f9427aa9c41ecdc124cba86be1c9678e39a05028a2a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

access-control-max-age
1728000
content-encoding
br
cf-cache-status
HIT
etag
W/"671f7041-82c67"
age
858365
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8DMMFdMqYKL%2F8BA2jucsHQwoNiSMVU63CSh5UXs1e7e7lvMnPNRzBiK%2FyQCv3atkdH8XeeOHewK08%2FIilN6nY7NLR9LKvPh8Tiet2fZhCD9NHeNxSVg481qJidGjSP3GFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
expires
Thu, 07 Nov 2024 12:20:53 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=3841&sent=6&recv=10&lost=0&retrans=0&sent_bytes=4040&recv_bytes=2273&delivery_rate=5838709&cwnd=254&unsent_bytes=0&cid=6a77da3766adb25b&ts=84&x=0"
date
Sun, 17 Nov 2024 07:46:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 28 Oct 2024 11:06:41 GMT
vary
Accept-Encoding
x-visitor-country
PL
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=10800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8e3e1c2e6ffbbbc6-WAW
access-control-allow-origin
*
server
cloudflare
modules.6f60e575cf8ad7cb10f7.js
script.hotjar.com/
222 KB
55 KB
Script
General
Full URL
https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-698555.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-74.fra60.r.cloudfront.net
Software
/
Resource Hash
f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

x-robots-tag
none
content-encoding
br
etag
"56b1b49a4bdc4c874445907df778d045"
age
1099621
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
1A8x3r3xP9P3vVCRMQYfTqT133Ptiu5hA4LXNLjN-0gJSauCACjJTA==
date
Mon, 04 Nov 2024 14:19:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 Nov 2024 14:19:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56128
x-amz-cf-pop
FRA60-P9
505434860431119
connect.facebook.net/signals/config/
69 KB
14 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/505434860431119?v=2.9.177&r=stable&domain=e-choix.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.30.27 Prague, Czech Republic, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-prg1.fbcdn.net
Software
/
Resource Hash
0080397374e177d92c9fe01843797e076816c36f4cbfcc5c18ba42d27cb7640a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-c94wDWDi' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 07:46:59 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-c94wDWDi' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=50, rtx=0, c=76, mss=1232, tbw=70318, tp=65, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
cEi7iO1CJmLYGxXJ6xsTlhvu6nCqSDZspu+Lyl1JW/W1soqVqc3qMSQM8FlKsfwqFreUhtCmAVGPIckbYecQzA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
14185
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google-analytics.com/j/
3 B
419 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=589863149&t=pageview&_s=1&dl=https%3A%2F%2Fe-choix.com%2Fb4yrpP3v%3Fcreative_id%3D%7B%7Bcreative_id%7D%7D%26creative_id%3D2076T&ul=pl-pl&de=UTF-8&dt=Konto%20u%C5%BCytkownika%20%2F%20DEON.pl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1938282472&gjid=451876756&cid=1975721574.1731829619&tid=UA-6543454-4&_gid=540456235.1731829619&_r=1&_slc=1&gtm=45He4bc0n815D6ZSD9v812784396za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=101925629~102067554~102067808~102077855&npa=1&z=1302995465
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://e-choix.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 07:46:59 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://e-choix.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
kv.js
justid.io/front/
108 KB
35 KB
Script
General
Full URL
https://justid.io/front/kv.js?code=CG8CPGPY&callback=__jtSegCallback
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/publisher/deon.pl/lib.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.70.185 Cologne, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
9-spd-dict.funcns.net
Software
nginx /
Resource Hash
66197600c290f75f5da2e9b86d6d973ab11a9c99fa0d6ac3c09e82f772102193

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T

Response headers

cache-control
private, no-cache
p3p
CP="CAO COR COR CON TEL IVD SAM IND BUS"
content-encoding
gzip
date
Sun, 17 Nov 2024 07:46:59 GMT
etag
W/"b053717f"
content-type
application/javascript;charset=UTF-8
server
nginx
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241117
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/publisher/deon.pl/lib.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
09e11dfec44339bd69dbf7ee3724c33e39ca776e5c705557e20b93a933e9417b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"639-fmUmInbOeYaa2IOJqoVoDnVDSG4"
age
13570
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Sun, 17 Nov 2024 07:46:59 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230127-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
840
x-jsd-version
1.0.2242
/
www.facebook.com/tr/
0
19 B
Image
General
Full URL
https://www.facebook.com/tr/?id=505434860431119&ev=PageView&dl=https%3A%2F%2Fe-choix.com%2Fb4yrpP3v%3Fcreative_id%3D%7B%7Bcreative_id%7D%7D%26creative_id%3D2076T&rl=&if=false&ts=1731829619139&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1731829619138.989736015615807830&ler=empty&cdl=API_unavailable&it=1731829619046&coo=false&rqm=GET
Requested by
Host: e-choix.com
URL: https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.30.35 Prague, Czech Republic, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-prg1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=51, rtx=0, c=23, mss=1232, tbw=4477, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 17 Nov 2024 07:46:59 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
197 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=505434860431119&ev=PageView&dl=https%3A%2F%2Fe-choix.com%2Fb4yrpP3v%3Fcreative_id%3D%7B%7Bcreative_id%7D%7D%26creative_id%3D2076T&rl=&if=false&ts=1731829619139&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1731829619138.989736015615807830&ler=empty&cdl=API_unavailable&it=1731829619046&coo=false&rqm=FGET
Requested by
Host: e-choix.com
URL: https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.30.35 Prague, Czech Republic, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-prg1.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438151577643499786"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 07:46:59 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
QyDzazBPJDGECDSNpZph+imq52HhZL2wby20XubGHXKJP2iWO5KtMDL54y+xcZNjJMhCqVG0Tp48yXRDQvbtcg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438151577643499786", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=50, rtx=0, c=23, mss=1232, tbw=4845, tp=13, tpl=0, uplat=311, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
kvConfig.json
justid.io/front/
341 B
622 B
XHR
General
Full URL
https://justid.io/front/kvConfig.json?code=CG8CPGPY&r=755594720
Requested by
Host: justid.io
URL: https://justid.io/front/kv.js?code=CG8CPGPY&callback=__jtSegCallback
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.70.185 Cologne, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
9-spd-dict.funcns.net
Software
nginx /
Resource Hash
409be24db88d438a59e456c385e976433da0d24232a38161f0ee22aa2de625cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://e-choix.com
p3p
CP="CAO COR COR CON TEL IVD SAM IND BUS"
date
Sun, 17 Nov 2024 07:46:59 GMT
content-type
application/json;charset=UTF-8
vary
Origin
server
nginx
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-X57FNHKTNL&gtm=45je4bc0h1v884845988z8812784396za200zb812784396&_p=1731829618483&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=1000h&tag_exp=101925629~102067554~102067808~102077855&cid=1975721574.1731829619&ul=pl-pl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731829618&sct=1&seg=0&dl=https%3A%2F%2Fe-choix.com%2Fb4yrpP3v%3Fcreative_id%3D%7B%7Bcreative_id%7D%7D%26creative_id%3D2076T&dt=Konto%20u%C5%BCytkownika%20%2F%20DEON.pl&en=page_view&_fv=1&_ss=1&tfd=2774
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X57FNHKTNL&l=dataLayer&cx=c&gtm=45He4bc0v812784396za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://e-choix.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 07:46:59 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
552 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X57FNHKTNL&cid=1975721574.1731829619&gtm=45je4bc0h1v884845988z8812784396za200zb812784396&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067554~102067808~102077855
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X57FNHKTNL&l=dataLayer&cx=c&gtm=45He4bc0v812784396za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://e-choix.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 07:46:59 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.pl/ads/
42 B
409 B
Image
General
Full URL
https://www.google.pl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X57FNHKTNL&cid=1975721574.1731829619&gtm=45je4bc0h1v884845988z8812784396za200zb812784396&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067554~102067808~102077855&tag_exp=101925629~102067554~102067808~102077855&z=244019015
Requested by
Host: e-choix.com
URL: https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 17 Nov 2024 07:46:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
favicon.png
deon.pl/themes/deon/images/
269 B
465 B
Other
General
Full URL
https://deon.pl/themes/deon/images/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.30.126.115 , Poland, ASN20853 (ETOP-AS eTOP sp. z o.o., PL),
Reverse DNS
Software
/
Resource Hash
24cb90c11101bccd6736f06fad84904fe92bae01afbbd1ccf3d20a24fb762d12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
public, max-age=604800
etag
"6721f927-10d"
accept-ranges
bytes
x-cache
HIT
content-length
269
date
Sun, 17 Nov 2024 07:46:59 GMT
content-type
image/png
last-modified
Wed, 30 Oct 2024 09:15:19 GMT
cse.js
cse.google.com/
6 KB
3 KB
Script
General
Full URL
https://cse.google.com/cse.js?cx=003711900088985514282:6cke2vg27lo
Requested by
Host: deon.pl
URL: https://deon.pl/themes/deon/js/app.js?id=9688d37b0f7aa54f1063
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
gws /
Resource Hash
5a1b55749bc06730a9519f03c9b91cbba74000926aa4b8f1be4d48206e922cb2
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-rW5aSgue826Ra7GWafxQyQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-rW5aSgue826Ra7GWafxQyQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
content-encoding
br
accept-ch
Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy
unload=()
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2626
date
Sun, 17 Nov 2024 07:47:01 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
gws
x-frame-options
SAMEORIGIN
cse_element__pl.js
www.google.com/cse/static/element/8fa85d58e016b414/
286 KB
94 KB
Script
General
Full URL
https://www.google.com/cse/static/element/8fa85d58e016b414/cse_element__pl.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=003711900088985514282:6cke2vg27lo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
sffe /
Resource Hash
1f807527d21c307b911c30547689863d641e260ee47b552de5afe50af5f01b10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

content-encoding
gzip
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 07:47:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 07:47:01 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Wed, 12 Jun 2024 21:33:21 GMT
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
96074
x-xss-protection
0
server
sffe
default+pl.css
www.google.com/cse/static/element/8fa85d58e016b414/
41 KB
9 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/element/8fa85d58e016b414/default+pl.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=003711900088985514282:6cke2vg27lo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
sffe /
Resource Hash
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

content-encoding
gzip
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 07:47:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 07:47:01 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Wed, 12 Jun 2024 21:33:21 GMT
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
9068
x-xss-protection
0
server
sffe
default.css
www.google.com/cse/static/style/look/v4/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=003711900088985514282:6cke2vg27lo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

content-encoding
gzip
age
843
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 08:22:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 07:32:58 GMT
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=3000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
1345
x-xss-protection
0
server
sffe
async-ads.js
cse.google.com/adsense/search/
146 KB
53 KB
Script
General
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/8fa85d58e016b414/cse_element__pl.js?usqp=CAI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
sffe /
Resource Hash
a319f085c07c0583035e2f9015c4fd047f8009fd954468d1cb58e4bb782fc0f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

content-encoding
gzip
etag
"13221447535579535292"
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 07:47:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 07:47:02 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
link
<https://syndicatedsearch.goog>; rel="preconnect"
cache-control
private, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
x-xss-protection
0
server
sffe
clear.png
www.google.com/cse/static/css/v2/
1018 B
1 KB
Image
General
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/8fa85d58e016b414/default+pl.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.google.com/cse/static/element/8fa85d58e016b414/default+pl.css

Response headers

age
316396
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:53:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:53:46 GMT
last-modified
Mon, 25 May 2020 08:30:00 GMT
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
1018
x-xss-protection
0
server
sffe
branding.png
www.google.com/cse/static/images/1x/pl/
2 KB
2 KB
Image
General
Full URL
https://www.google.com/cse/static/images/1x/pl/branding.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
sffe /
Resource Hash
b264e726bae6ed9f3c7b7910693811c8db9ce1211708d86c13f3f6aeaa7fa1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

age
103334
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 03:04:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 03:04:48 GMT
last-modified
Thu, 07 Dec 2023 21:00:00 GMT
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
2328
x-xss-protection
0
server
sffe
generate_204
clients1.google.com/
0
117 B
Image
General
Full URL
https://clients1.google.com/generate_204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 17 Nov 2024 07:47:02 GMT
cross-origin-resource-policy
cross-origin
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-X57FNHKTNL&gtm=45je4bc0h1v884845988za200zb812784396&_p=1731829618483&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=1000h&tag_exp=101925629~102067554~102067808~102077855&cid=1975721574.1731829619&ul=pl-pl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1731829618&sct=1&seg=0&dl=https%3A%2F%2Fe-choix.com%2Fb4yrpP3v%3Fcreative_id%3D%7B%7Bcreative_id%7D%7D%26creative_id%3D2076T&dt=Konto%20u%C5%BCytkownika%20%2F%20DEON.pl&en=scroll&epn.percent_scrolled=90&_et=4&tfd=7784
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X57FNHKTNL&l=dataLayer&cx=c&gtm=45He4bc0v812784396za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://e-choix.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://e-choix.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 07:47:04 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
deon.pl
URL
https://deon.pl/themes/deon/fonts/icons.css?v=1
Domain
deon.pl
URL
https://deon.pl/api/v1/token
Domain
deon.pl
URL
https://deon.pl/api/ip

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer object| Constants object| _t function| darkmode function| setStorage function| getStorage function| delStorage function| anotherOption function| formValidation function| getScrollBarWidth function| getScreenWidth object| Loader function| treeify object| Datepicker object| LazyLoad object| ScrollToAnchor object| ArticlesStash object| ArticlesVoting object| FingerprintHelper object| ArticlesHistory object| App function| removeContainerMargin object| AsyncLoader object| Revive object| Hotjar object| Socials object| FoundationModal object| ArticleDrawsModule object| ArticlesModule object| i18n function| __ object| Contrast object| Fontsize object| WCAG_menu object| WCAG object| Articles object| CookieInfo object| Footer object| HotNews function| Login object| Menu function| Personalized function| Search function| Subscription object| Surveys object| DynamicVideo object| Weather function| $ function| jQuery object| Foundation function| moment function| Fingerprint2 function| setImmediate function| clearImmediate function| Vue object| ellipsed object| core object| __core-js_shared__ function| SimpleBar function| __c function| setToken object| google_tag_manager object| google_tag_data function| __tcfapi function| __uspapi string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| fbq function| _fbq function| onYouTubeIframeAPIReady object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| gaplugins object| gaGlobal object| gaData object| growTB object| w2g object| pbjs object| googletag object| lazyAds object| reloadAds object| wtgAllConfigAdunitsReload object| regeneratorRuntime object| __gcse object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId number| googleNDT_ number| googleAltLoader

9 Cookies

Domain/Path Name / Value
e-choix.com/ Name: _subid
Value: 3567t3s1v0eb
e-choix.com/ Name: bf757
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQyMThcIjoxNzMxODI5NjE3fSxcImNhbXBhaWduc1wiOntcIjEwNDFcIjoxNzMxODI5NjE3fSxcInRpbWVcIjoxNzMxODI5NjE3fSJ9.mt_jB-8-i2ZIQdc-XWapO57ZQ7ob4BbqeF-06PdbxmM
.e-choix.com/ Name: _gid
Value: GA1.2.540456235.1731829619
.e-choix.com/ Name: _gat_UA-6543454-4
Value: 1
.e-choix.com/ Name: _fbp
Value: fb.1.1731829619138.989736015615807830
.e-choix.com/ Name: _hjSessionUser_698555
Value: eyJpZCI6IjA3YWM2ODIzLTQ4ZGUtNTY3ZS04ZGYyLTUyZGQ0N2EzOTMzMCIsImNyZWF0ZWQiOjE3MzE4Mjk2MTkzMDMsImV4aXN0aW5nIjpmYWxzZX0=
.e-choix.com/ Name: _hjSession_698555
Value: eyJpZCI6ImM1NzdjZTZmLTAxMjItNDI3NS04MTBiLTYzN2ExNmY1M2U0NCIsImMiOjE3MzE4Mjk2MTkzMDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.e-choix.com/ Name: _ga
Value: GA1.1.1975721574.1731829619
.e-choix.com/ Name: _ga_X57FNHKTNL
Value: GS1.1.1731829618.1.0.1731829618.60.0.0

7 Console Messages

Source Level URL
Text
javascript error URL: https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Message:
Access to CSS stylesheet at 'https://deon.pl/themes/deon/fonts/icons.css?v=1' from origin 'https://e-choix.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://deon.pl/themes/deon/fonts/icons.css?v=1
Message:
Failed to load resource: net::ERR_FAILED
recommendation verbose URL: https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript error URL: https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Message:
Access to XMLHttpRequest at 'https://deon.pl/api/v1/token' from origin 'https://e-choix.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://deon.pl/api/v1/token
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://e-choix.com/b4yrpP3v?creative_id={{creative_id}}&creative_id=2076T
Message:
Access to XMLHttpRequest at 'https://deon.pl/api/ip' from origin 'https://e-choix.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://deon.pl/api/ip
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
clients1.google.com
cmp.inmobi.com
connect.facebook.net
cse.google.com
deon.pl
e-choix.com
fonts.googleapis.com
fonts.gstatic.com
justid.io
lib.wtg-ads.com
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
wiadomosci.life
www.facebook.com
www.google-analytics.com
www.google.com
www.google.pl
www.googletagmanager.com
deon.pl
13.33.187.74
136.243.70.185
142.250.181.228
142.250.184.200
142.250.184.238
142.250.185.78
142.250.186.42
151.101.129.229
157.240.30.27
157.240.30.35
165.227.132.139
172.217.16.195
172.217.16.206
172.217.18.3
172.67.70.115
173.194.76.156
18.66.102.51
185.30.126.115
216.239.34.36
3.160.150.40
66.220.23.67
0080397374e177d92c9fe01843797e076816c36f4cbfcc5c18ba42d27cb7640a
09e11dfec44339bd69dbf7ee3724c33e39ca776e5c705557e20b93a933e9417b
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
11a025cbee46569d16a55436dd3eb1eb4258c06be5dfedb8bc5907d955265067
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f807527d21c307b911c30547689863d641e260ee47b552de5afe50af5f01b10
22982053d357ec33aa4d613859733c23000ba767d919853d002f15129f7afc9e
24cb90c11101bccd6736f06fad84904fe92bae01afbbd1ccf3d20a24fb762d12
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
28b83c8e93874f748fd41f9427aa9c41ecdc124cba86be1c9678e39a05028a2a
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
3326f8f2c0780ffb99ab0c49e047619e0edaa3cb99527b269cc462f9d033f08b
34a4e1ebc55d498948312b6d8bbc41c57fc9a14152301c626d02544167956892
39cf9abce51786437c69ac45ac5f39aa19af7f859d87e347478b6bd96abe52c3
40855226c6e92569016603857b5490f2c975ad0a73120f923efef6f42ee5450b
409be24db88d438a59e456c385e976433da0d24232a38161f0ee22aa2de625cd
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
4cc56528364598716c3aed2711f3cbdc4036f503be0af787ff3f6b1ac74a0274
5a1b55749bc06730a9519f03c9b91cbba74000926aa4b8f1be4d48206e922cb2
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
66197600c290f75f5da2e9b86d6d973ab11a9c99fa0d6ac3c09e82f772102193
68895755821adc8a5dd3c9273fa9e4f505b86b5655fb537413b86ec9de34a664
76ba7dc8a7ea6aa985da94e895c4ee749081e706550665cb53c0a1fe460e44c9
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
9e26ab5064dab4ccd659362ecb893cd010d78264a4ae5b540766820d1026815d
a319f085c07c0583035e2f9015c4fd047f8009fd954468d1cb58e4bb782fc0f3
a48bc322b0d1bf7c8d92402cf3f88819955fef483026350d0dd8106d9adaf695
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab9e580898959ba61420826ba05059e5f73b4883b51a7e069b3259a8b0abb277
b264e726bae6ed9f3c7b7910693811c8db9ce1211708d86c13f3f6aeaa7fa1e9
c885b71cffb1153ba213e090165c17fdda244b4807b622c1cee91025b536dd53
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60ff9dcc2ef4ae77a58e6f26c92748a8a29df25164b0e254d88f1380c49ac71
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7
fe5c71a5f2cd8c99f1098809d9c48bdfb10691d897e98f0dc093bbd9ab716041