urlscan.io logo urlscan.io
SecurityTrails logo

www.kosmetyczne-wow.co.pl Open in urlscan Pro
54.36.175.107  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://promailer.net/?nltr=MTk7Njg1ODM2O2h0dHBzOi8vY3V0dC5seS9ReTVEZGo1OzsxYzJlNjVmNjhiNTI1MTM1MDc3MmY2YmFlMDQxNjM0NQ...
Effective URL: https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
Submission: On June 18 via manual from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 13 domains to perform 27 HTTP transactions. The main IP is 54.36.175.107, located in Poland and belongs to OVH, FR. The main domain is www.kosmetyczne-wow.co.pl.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 17th 2020. Valid for: 3 months.
This is the only time www.kosmetyczne-wow.co.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    94.152.13.54 (Poland)

ASN29522 (KEI, PL)
PTR: host54.e-kei.pl
promailer.net
1    2606:4700:10::6816:1e8 (United States)

ASN13335 (CLOUDFLARENET, US)
cutt.ly
3    2606:4700:3036::681b:ac46 (United States)

ASN13335 (CLOUDFLARENET, US)
leadhere.pl
2    104.111.253.247 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-253-247.deploy.static.akamaitechnologies.com
www.g2a.com
1    23.37.62.189 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-62-189.deploy.static.akamaitechnologies.com
www.gearbest.com
3    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700:3033::681f:5a85 (United States)

ASN13335 (CLOUDFLARENET, US)
mlpixel.pl
14    54.36.175.107 (Poland)

ASN16276 (OVH, FR)
PTR: ns3101300.ip-54-36-175.eu
www.kosmetyczne-wow.co.pl
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
14 www.kosmetyczne-wow.co.pl www.kosmetyczne-wow.co.pl
3 stats.g.doubleclick.net 1 redirects leadhere.pl
www.kosmetyczne-wow.co.pl
3 www.google-analytics.com 1 redirects leadhere.pl
www.google-analytics.com
3 leadhere.pl leadhere.pl
2 www.g2a.com 1 redirects leadhere.pl
1 www.google.de www.kosmetyczne-wow.co.pl
1 www.google.com 1 redirects
1 ajax.googleapis.com www.kosmetyczne-wow.co.pl
1 mlpixel.pl leadhere.pl
1 www.gearbest.com leadhere.pl
1 cutt.ly 1 redirects
1 promailer.net 1 redirects
0 best.aliexpress.com Failed leadhere.pl
27 13

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-04-16 -
2020-10-09		 6 months crt.sh
www.g2a.com
DigiCert SHA2 Extended Validation Server CA		 2019-09-12 -
2021-10-11		 2 years crt.sh
*.gearbest.com
DigiCert SHA2 Secure Server CA		 2020-04-13 -
2021-07-13		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
www.kosmetyczne-wow.co.pl
Let's Encrypt Authority X3		 2020-06-17 -
2020-09-15		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
Frame ID: CA07807C75D1152688F84CDF6B4E5CBF
Requests: 24 HTTP requests in this frame

Frame: https://www.g2a.com/?gname=user-5b2d088386a83
Frame ID: 4110A70A7FDAEACEC6B3F9FD1EFFDF00
Requests: 1 HTTP requests in this frame

Frame: https://best.aliexpress.com/?aff_platform=portals-promotion&sk=_d6GDFTu&aff_trace_key=a085c05b7836472cba8f249717bfa477-1592460462029-04643-_d6GDFTu&terminal_id=66fcbfe76c3446dbbe6641c8f4c59c79&aff_request_id=a085c05b7836472cba8f249717bfa477-1592460462029-04643-_d6GDFTu
Frame ID: 641FF5E5682C5772C4BA92F4C9F01021
Requests: 1 HTTP requests in this frame

Frame: https://www.gearbest.com/?lkid=78540179
Frame ID: 7D63C2F747D60841E4795F228E7F94E3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://promailer.net/?nltr=MTk7Njg1ODM2O2h0dHBzOi8vY3V0dC5seS9ReTVEZGo1OzsxYzJlNjVmNjhiNTI1MTM1MD... HTTP 302
    https://cutt.ly/Qy5Ddj5 HTTP 301
    https://leadhere.pl/p/4z2C/l0z3/d28g Page URL
  2. https://mlpixel.pl/redirect.php?id=VTuE7oeiX7DDlAHpRA5Ns3ZsgELrK555OOi5ShyYOmuXxbihWF8PDJg1KkYo... Page URL
  3. https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

27
Requests

96 %
HTTPS

67 %
IPv6

13
Domains

13
Subdomains

10
IPs

5
Countries

340 kB
Transfer

617 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://promailer.net/?nltr=MTk7Njg1ODM2O2h0dHBzOi8vY3V0dC5seS9ReTVEZGo1OzsxYzJlNjVmNjhiNTI1MTM1MDc3MmY2YmFlMDQxNjM0NQ%3D%3D HTTP 302
    https://cutt.ly/Qy5Ddj5 HTTP 301
    https://leadhere.pl/p/4z2C/l0z3/d28g Page URL
  2. https://mlpixel.pl/redirect.php?id=VTuE7oeiX7DDlAHpRA5Ns3ZsgELrK555OOi5ShyYOmuXxbihWF8PDJg1KkYocPuy&click_id=mlClick-Eat3Lutx&uid=33091 Page URL
  3. https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://promailer.net/?nltr=MTk7Njg1ODM2O2h0dHBzOi8vY3V0dC5seS9ReTVEZGo1OzsxYzJlNjVmNjhiNTI1MTM1MDc3MmY2YmFlMDQxNjM0NQ%3D%3D HTTP 302
  • https://cutt.ly/Qy5Ddj5 HTTP 301
  • https://leadhere.pl/p/4z2C/l0z3/d28g
Request Chain 2
  • https://www.g2a.com/r/user-5b2d088386a83 HTTP 302
  • https://www.g2a.com/?gname=user-5b2d088386a83
Request Chain 3
  • https://s.click.aliexpress.com/e/_d6GDFTu HTTP 302
  • https://best.aliexpress.com/?aff_platform=portals-promotion&sk=_d6GDFTu&aff_trace_key=a085c05b7836472cba8f249717bfa477-1592460462029-04643-_d6GDFTu&terminal_id=66fcbfe76c3446dbbe6641c8f4c59c79&aff_request_id=a085c05b7836472cba8f249717bfa477-1592460462029-04643-_d6GDFTu
Request Chain 7
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1737753004&t=pageview&_s=1&dl=https%3A%2F%2Fleadhere.pl%2Fp%2F4z2C%2Fl0z3%2Fd28g&ul=en-us&de=UTF-8&dt=leadhere.pl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=963683430&gjid=1745177197&cid=1385675257.1592460462&tid=UA-110090096-2&_gid=1671003601.1592460462&_r=1&z=782069656 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=1385675257.1592460462&jid=963683430&_gid=1671003601.1592460462&gjid=1745177197&_v=j83&z=782069656
Request Chain 25
  • https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=371753117&utmhn=www.kosmetyczne-wow.co.pl&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Kosmetyczne%20WOW&utmhid=132974547&utmr=https%3A%2F%2Fmlpixel.pl%2Fredirect.php%3Fid%3DVTuE7oeiX7DDlAHpRA5Ns3ZsgELrK555OOi5ShyYOmuXxbihWF8PDJg1KkYocPuy%26click_id%3DmlClick-Eat3Lutx%26uid%3D33091&utmp=%2Fankieta%2F%2C%2C%2C.html%3Fver%3D229%26from%3D13611%26ets%3D1593647999%26cid%3DmlClick-Eat3Lutx%26uid%3D33091&utmht=1592460463170&utmac=UA-38057940-2&utmcc=__utma%3D32851620.1652354988.1592460463.1592460463.1592460463.1%3B%2B__utmz%3D32851620.1592460463.1.1.utmcsr%3Dmlpixel.pl%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2Fredirect.php%3B&utmjid=1593898111&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38057940-2&cid=1652354988.1592460463&jid=1593898111&_v=5.7.2dc&z=371753117 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38057940-2&cid=1652354988.1592460463&jid=1593898111&_v=5.7.2dc&z=371753117&slf_rd=1&random=3179149530

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
d28g
leadhere.pl/p/4z2C/l0z3/
Redirect Chain
  • http://promailer.net/?nltr=MTk7Njg1ODM2O2h0dHBzOi8vY3V0dC5seS9ReTVEZGo1OzsxYzJlNjVmNjhiNTI1MTM1MDc3MmY2YmFlMDQxNjM0NQ%3D%3D
  • https://cutt.ly/Qy5Ddj5
  • https://leadhere.pl/p/4z2C/l0z3/d28g
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leadhere.pl/p/4z2C/l0z3/d28g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:ac46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eab587383eafddd2d52dd0533daaa2a9a59b9909cc0d5f2b0d073c7ce4e92cf

Request headers

:method
GET
:authority
leadhere.pl
:scheme
https
:path
/p/4z2C/l0z3/d28g
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 18 Jun 2020 06:07:41 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d042e503e36e0ea0680a60bcee72fe7611592460461; expires=Sat, 18-Jul-20 06:07:41 GMT; path=/; domain=.leadhere.pl; HttpOnly; SameSite=Lax 71ff54ebddb1e090fbf173d96e2342c8=71ff54ebddb1e090fbf173d96e2342c8; expires=Fri, 18-Jun-2021 06:07:41 GMT; Max-Age=31536000; path=/; httponly
vary
Accept-Encoding
cache-control
no-cache, no-store, private
x-robots-tag
noindex, nofollow
cf-cache-status
DYNAMIC
cf-request-id
0367a35cab0000faa41617c200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5a52d4daadbffaa4-AMS
content-encoding
br

Redirect headers

status
301
date
Thu, 18 Jun 2020 06:07:41 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=df47987e11b80ea26552075c53308d5a61592460461; expires=Sat, 18-Jul-20 06:07:41 GMT; path=/; domain=.cutt.ly; HttpOnly; SameSite=Lax PHPSESSID=h6k59c9nfmprnosj24houjpn0r; path=/; secure
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
location
https://leadhere.pl/p/4z2C/l0z3/d28g
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0367a35c040000bf147f903200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5a52d4d9ab30bf14-FRA
03032020.min.js
leadhere.pl/js/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leadhere.pl/js/03032020.min.js
Requested by
Host: leadhere.pl
URL: https://leadhere.pl/p/4z2C/l0z3/d28g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:ac46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a0dd05cafdce90b48c1b89ae4d86f1120a0fdc7a9e929edb1ebe0404f663dad

Request headers

Device-Memory
8
Referer
https://leadhere.pl/p/4z2C/l0z3/d28g
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 06:07:41 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 03 Mar 2020 10:38:41 GMT
server
cloudflare
etag
W/"5e5e33b1-813d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5a52d4dd9a27faa4-AMS
cf-request-id
0367a35e830000faa416193200000001
/
www.g2a.com/ Frame 4110
Redirect Chain
  • https://www.g2a.com/r/user-5b2d088386a83
  • https://www.g2a.com/?gname=user-5b2d088386a83
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.g2a.com/?gname=user-5b2d088386a83
Requested by
Host: leadhere.pl
URL: https://leadhere.pl/p/4z2C/l0z3/d28g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.253.247 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-253-247.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.g2a.com
:scheme
https
:path
/?gname=user-5b2d088386a83
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://leadhere.pl/p/4z2C/l0z3/d28g
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
gol_ref=dXNlci01YjJkMDg4Mzg2YTgzO2ZiZjY2ZTlkLTNjNjYtNGRhYy04ZmJlLTBhM2M0NWM0NTk2MzsxNTkyNDYwNDYx; ak_bmsc=C6AC127AE060DE337A8CED128C8A0C660210BB36AB400000AD04EB5EF2061264~pl5WAz0EK+/E/rI2UMyguRk87VqEe+xDBhWhSG89Wj1cbdkFT2DHVaJFcibKAuIRIuteCelEYAB9ZJdNbTIuT4oLws0GbcUrxv2+/9H/EHxnMkrirHtXBmG+pVZk/cORDcVUxqVtNID3zwXGuUwd+ybhuDKcNqQRO0PROjA9MKVz4JQm0RJmDHrBXiCPwImanYY/Zg4jIxmWGkqDDsyXO+kRdw4yqjV31BGN1NiNq8BIk=; bm_sz=F393CF97EA25F1BF01CB389B3CC1A6F9~YAAQNrsQAphAbZlyAQAAsUYKxgjA8IaJjolRVLFfDEpWhoRhKk8lB4KDfmmMkHS3jG/LTrxWZ2UqSARXl/JrdXcwPmp9WJVGC0goqk+tz7HPbOj/8YC4sAH+tQwi1huanu9XM1b6Q8AgR9QnaTa07M/P0H3zq8HSWdb8KpabBV2WfXKuXw0PAo+r6Kkc; _abck=EBEC944040D6281A9385A760914731BC~-1~YAAQNrsQAplAbZlyAQAAsUYKxgRgaAOWJYA5fDPeIs3cro+RBTQOzCG7WbYxW0eAKZp5zTUEGEBiFRe3CV3tHhXLGMRvY+NJdIfXIaW/q7lRfh0oo92VGAVGVrmT5m3UsB+YUjKoflTKjm8/LAhaK7V3NHW13mYf/IIFNmxOGe7FX9RHQDtjCnjxAiNf7GalDduJBpOFxnm+mPD1mP7yK3IASysjK/r79mB0CqQ9zJFMFupJMKlAWgHAHxjjQBFftGSYBH/soCJmacHXK4WbCZAkaZt61/t8RcBap/1JRyDfh4cMp4kt~-1~-1~-1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://leadhere.pl/p/4z2C/l0z3/d28g

Response headers

status
200
server
nginx
content-type
text/html; charset=utf-8
vary
Accept-Encoding User-Agent
x-dns-prefetch-control
off
x-download-options
noopen
x-xss-protection
1; mode=block
cache-control
no-store, must-revalidate, max-age=0
g2a-dbg
1
etag
W/"65631-uusmXgwNkMpK76/mAD5itORjDHk"
content-encoding
gzip
x-backend
new-layout-am4
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-content-type-options
nosniff
g2a-server
am4-min01
x-akamai-transformed
9 - 0 pmb=mTOE,3
date
Thu, 18 Jun 2020 06:07:41 GMT
set-cookie
skc=14e264fd-8957-4a79-8508-d82ba5f811cd-1592460461; Expires=Sat, 01 Jan 2050 00:00:00 GMT; Domain=.g2a.com; Path=/; Secure; HttpOnly cart-v2=true; Expires=Sat, 01 Jan 2050 00:00:00 GMT; Domain=.g2a.com; Path=/ bm_mi=6916971E8224BA792B0A4C3D2A1655EA~M2KjGq2dFvME45sC20s8JY3YdCk9psEhbgXK581xcdvAheybF1SUOrZmr+qevp9aQTkBJx9jhfB9ZVIFyJgvHc7sfkYPR3OgiDXqMvDbmG81LXdBl50oIr3G9U6wfW3QUaFpm0jbxvs/L447axJnZTr0bnGJfwuqWz0DO1NqKd/jtc/ZpmPYn3kEqLuB4KQyNqaSbDr6uyVfb8vxJpHRJg==; Domain=.g2a.com; Path=/; Max-Age=7200; HttpOnly bm_sv=25E7B02BFB127D30C304903BF738977A~KfKvh7VE0uay5tcQqVWvhhiiRPI4O7s2Uv1mkhY6rEgnx3qhirnpbo/x5ECczVRZV6uTXile8U/KzEQyhOTRllfXnFdTkOAbVJ1MMvP47AVzSRglmGeWc3kGkKr43N32knVx74hrdpx7isNyRXdwXQ==; Domain=.g2a.com; Path=/; Max-Age=7200; HttpOnly

Redirect headers

status
302
content-type
application/json; charset=UTF-8
content-length
0
location
https://www.g2a.com?gname=user-5b2d088386a83
request-id
|3918c4fa-e193-4170-9153-a2b8d075380a.gFPFzsiL_
strict-transport-security
max-age=15724800; includeSubDomains
date
Thu, 18 Jun 2020 06:07:41 GMT
set-cookie
gol_ref=dXNlci01YjJkMDg4Mzg2YTgzO2ZiZjY2ZTlkLTNjNjYtNGRhYy04ZmJlLTBhM2M0NWM0NTk2MzsxNTkyNDYwNDYx; Path=/; Expires=Fri, 19 Jun 2020 06:07:41 GMT ak_bmsc=C6AC127AE060DE337A8CED128C8A0C660210BB36AB400000AD04EB5EF2061264~pl5WAz0EK+/E/rI2UMyguRk87VqEe+xDBhWhSG89Wj1cbdkFT2DHVaJFcibKAuIRIuteCelEYAB9ZJdNbTIuT4oLws0GbcUrxv2+/9H/EHxnMkrirHtXBmG+pVZk/cORDcVUxqVtNID3zwXGuUwd+ybhuDKcNqQRO0PROjA9MKVz4JQm0RJmDHrBXiCPwImanYY/Zg4jIxmWGkqDDsyXO+kRdw4yqjV31BGN1NiNq8BIk=; expires=Thu, 18 Jun 2020 08:07:41 GMT; max-age=7200; path=/; domain=.g2a.com; HttpOnly bm_sz=F393CF97EA25F1BF01CB389B3CC1A6F9~YAAQNrsQAphAbZlyAQAAsUYKxgjA8IaJjolRVLFfDEpWhoRhKk8lB4KDfmmMkHS3jG/LTrxWZ2UqSARXl/JrdXcwPmp9WJVGC0goqk+tz7HPbOj/8YC4sAH+tQwi1huanu9XM1b6Q8AgR9QnaTa07M/P0H3zq8HSWdb8KpabBV2WfXKuXw0PAo+r6Kkc; Domain=.g2a.com; Path=/; Expires=Thu, 18 Jun 2020 10:07:41 GMT; Max-Age=14400; HttpOnly _abck=EBEC944040D6281A9385A760914731BC~-1~YAAQNrsQAplAbZlyAQAAsUYKxgRgaAOWJYA5fDPeIs3cro+RBTQOzCG7WbYxW0eAKZp5zTUEGEBiFRe3CV3tHhXLGMRvY+NJdIfXIaW/q7lRfh0oo92VGAVGVrmT5m3UsB+YUjKoflTKjm8/LAhaK7V3NHW13mYf/IIFNmxOGe7FX9RHQDtjCnjxAiNf7GalDduJBpOFxnm+mPD1mP7yK3IASysjK/r79mB0CqQ9zJFMFupJMKlAWgHAHxjjQBFftGSYBH/soCJmacHXK4WbCZAkaZt61/t8RcBap/1JRyDfh4cMp4kt~-1~-1~-1; Domain=.g2a.com; Path=/; Expires=Fri, 18 Jun 2021 06:07:41 GMT; Max-Age=31536000; Secure
/
best.aliexpress.com/ Frame 641F
Redirect Chain
  • https://s.click.aliexpress.com/e/_d6GDFTu
  • https://best.aliexpress.com/?aff_platform=portals-promotion&sk=_d6GDFTu&aff_trace_key=a085c05b7836472cba8f249717bfa477-1592460462029-04643-_d6GDFTu&terminal_id=66fcbfe76c3446dbbe6641c8f4c59c79&aff_...
0
0
/
www.gearbest.com/ Frame 7D63 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gearbest.com/?lkid=78540179
Requested by
Host: leadhere.pl
URL: https://leadhere.pl/p/4z2C/l0z3/d28g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.62.189 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-62-189.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash

Request headers

:method
GET
:authority
www.gearbest.com
:scheme
https
:path
/?lkid=78540179
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://leadhere.pl/p/4z2C/l0z3/d28g
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://leadhere.pl/p/4z2C/l0z3/d28g

Response headers

status
403
server
AkamaiGHost
mime-version
1.0
content-type
text/html
content-length
271
cache-control
max-age=60
expires
Thu, 18 Jun 2020 06:08:41 GMT
date
Thu, 18 Jun 2020 06:07:41 GMT
set-cookie
AKAM_CLIENTID=060f887eb1f6b054497130e7724e0220; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.gearbest.com AKA_A2=A; expires=Thu, 18-Jun-2020 07:07:41 GMT; path=/; domain=gearbest.com; secure; HttpOnly
vary
User-Agent
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: leadhere.pl
URL: https://leadhere.pl/p/4z2C/l0z3/d28g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://leadhere.pl/p/4z2C/l0z3/d28g
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
5283
date
Thu, 18 Jun 2020 04:39:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Thu, 18 Jun 2020 06:39:38 GMT
collect
www.google-analytics.com/ 		35 B
141 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://leadhere.pl/p/4z2C/l0z3/d28g
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Jun 2020 06:07:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
https://leadhere.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1737753004&t=pageview&_s=1&dl=https%3A%2F%2Fleadhere.pl%2Fp%2F4z2C%2Fl0z3%2Fd28g&ul=en-us&de=UTF-8&dt=leadhere.pl&sd=24-bit&sr=1600x1200&vp=1...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=1385675257.1592460462&jid=963683430&_gid=1671003601.1592460462&gjid=1745177197&_v=j83&z=782069656
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=1385675257.1592460462&jid=963683430&_gid=1671003601.1592460462&gjid=1745177197&_v=j83&z=782069656
Requested by
Host: leadhere.pl
URL: https://leadhere.pl/p/4z2C/l0z3/d28g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://leadhere.pl/p/4z2C/l0z3/d28g
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 18 Jun 2020 06:07:41 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Jun 2020 06:07:41 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=1385675257.1592460462&jid=963683430&_gid=1671003601.1592460462&gjid=1745177197&_v=j83&z=782069656
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
419
expires
Fri, 01 Jan 1990 00:00:00 GMT
finger
leadhere.pl/ 		20 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadhere.pl/finger
Requested by
Host: leadhere.pl
URL: https://leadhere.pl/js/03032020.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:ac46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Device-Memory
8
Referer
https://leadhere.pl/p/4z2C/l0z3/d28g
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 18 Jun 2020 06:07:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
status
200
cache-control
no-cache, private
cf-ray
5a52d4dffd45faa4-AMS
cf-request-id
0367a35ff80000faa4161af200000001
redirect.php
mlpixel.pl/ 		163 B
585 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mlpixel.pl/redirect.php?id=VTuE7oeiX7DDlAHpRA5Ns3ZsgELrK555OOi5ShyYOmuXxbihWF8PDJg1KkYocPuy&click_id=mlClick-Eat3Lutx&uid=33091
Requested by
Host: leadhere.pl
URL: https://leadhere.pl/js/03032020.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5a85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
mlpixel.pl
:scheme
https
:path
/redirect.php?id=VTuE7oeiX7DDlAHpRA5Ns3ZsgELrK555OOi5ShyYOmuXxbihWF8PDJg1KkYocPuy&click_id=mlClick-Eat3Lutx&uid=33091
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://leadhere.pl/p/4z2C/l0z3/d28g
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://leadhere.pl/p/4z2C/l0z3/d28g

Response headers

status
200
date
Thu, 18 Jun 2020 06:07:42 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dd001fd8088f2434f810c42310c99b3131592460462; expires=Sat, 18-Jul-20 06:07:42 GMT; path=/; domain=.mlpixel.pl; HttpOnly; SameSite=Lax VTuE7oeiX7DDlAHpRA5Ns3ZsgELrK555OOi5ShyYOmuXxbihWF8PDJg1KkYocPuy=mlClick-Eat3Lutx; expires=Sat, 18-Jul-2020 06:07:42 GMT; Max-Age=2592000; path=/
cf-cache-status
DYNAMIC
cf-request-id
0367a360e50000fa980a297200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5a52d4e168effa98-AMS
content-encoding
br
Primary Request Cookie set ,,,.html
www.kosmetyczne-wow.co.pl/ankieta/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.175.107 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3101300.ip-54-36-175.eu
Software
Apache/2.4.25 (Debian) /
Resource Hash
06bde6fcf8de2c7d3ae2ded11845e77328f618ec03d2aeff81e1a30b978fa86f

Request headers

Host
www.kosmetyczne-wow.co.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://mlpixel.pl/redirect.php?id=VTuE7oeiX7DDlAHpRA5Ns3ZsgELrK555OOi5ShyYOmuXxbihWF8PDJg1KkYocPuy&click_id=mlClick-Eat3Lutx&uid=33091
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mlpixel.pl/redirect.php?id=VTuE7oeiX7DDlAHpRA5Ns3ZsgELrK555OOi5ShyYOmuXxbihWF8PDJg1KkYocPuy&click_id=mlClick-Eat3Lutx&uid=33091

Response headers

Date
Thu, 18 Jun 2020 06:07:42 GMT
Server
Apache/2.4.25 (Debian)
Set-Cookie
PHPSESSID=bn4j1ig9hpva9keebk17a8imp2; path=/ bq_tr_usr_ident=29c801fb0c1bd60fa21c77304d223e92; expires=Sat, 18-Jun-2022 06:07:42 GMT; Max-Age=63072000; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2190
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
bootstrap.min.css
www.kosmetyczne-wow.co.pl/apps/zawody/prelander/bootstrap/css/ 		147 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kosmetyczne-wow.co.pl/apps/zawody/prelander/bootstrap/css/bootstrap.min.css
Requested by
Host: www.kosmetyczne-wow.co.pl
URL: https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.175.107 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3101300.ip-54-36-175.eu
Software
Apache/2.4.25 (Debian) /
Resource Hash
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e

Request headers

Referer
https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 06:07:43 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Apr 2018 06:16:47 GMT
Server
Apache/2.4.25 (Debian)
ETag
"24dd4-5696459cc195b-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
20030
style.css
www.kosmetyczne-wow.co.pl/apps/zawody/prelander/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kosmetyczne-wow.co.pl/apps/zawody/prelander/css/style.css
Requested by
Host: www.kosmetyczne-wow.co.pl
URL: https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.175.107 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3101300.ip-54-36-175.eu
Software
Apache/2.4.25 (Debian) /
Resource Hash
ceb8523b82bd914be16b4592d1a970bdfa43b68766e9e788f6634f805d218d58

Request headers

Referer
https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 06:07:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Apr 2018 11:20:45 GMT
Server
Apache/2.4.25 (Debian)
ETag
"b01-569a4f25cd43a-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
840
version139.css
www.kosmetyczne-wow.co.pl/apps/zawody/prelander/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kosmetyczne-wow.co.pl/apps/zawody/prelander/css/version139.css
Requested by
Host: www.kosmetyczne-wow.co.pl
URL: https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.175.107 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3101300.ip-54-36-175.eu
Software
Apache/2.4.25 (Debian) /
Resource Hash
cbb968a0465cfa01c8f4542896de9ce9ebc555196e5a143c24732b5892c5f108

Request headers

Referer
https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 06:07:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Jun 2020 12:37:04 GMT
Server
Apache/2.4.25 (Debian)
ETag
"2442-5a846eadba79d-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1889
logo.png
www.kosmetyczne-wow.co.pl/apps/zawody/prelander/img/139/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosmetyczne-wow.co.pl/apps/zawody/prelander/img/139/logo.png
Requested by
Host: www.kosmetyczne-wow.co.pl
URL: https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.175.107 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3101300.ip-54-36-175.eu
Software
Apache/2.4.25 (Debian) /
Resource Hash
f6c62faee11556bbbc072feba64ebe3ed4e5f744933b3ec914d3c5608f2caad8

Request headers

Referer
https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 06:07:43 GMT
Last-Modified
Wed, 17 Jun 2020 12:37:05 GMT
Server
Apache/2.4.25 (Debian)
ETag
"1375-5a846eadc055d"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
4981
logo2.png
www.kosmetyczne-wow.co.pl/apps/zawody/prelander/img/139/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosmetyczne-wow.co.pl/apps/zawody/prelander/img/139/logo2.png
Requested by
Host: www.kosmetyczne-wow.co.pl
URL: https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.175.107 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3101300.ip-54-36-175.eu
Software
Apache/2.4.25 (Debian) /
Resource Hash
42db6bdcc702dcdaa6b8688f590666e9036b53b347a7ec3211128f112cbcb75e

Request headers

Referer
https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 06:07:43 GMT
Last-Modified
Wed, 17 Jun 2020 12:37:05 GMT
Server
Apache/2.4.25 (Debian)
ETag
"1b72-5a846eadc055d"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
7026
award.png
www.kosmetyczne-wow.co.pl/apps/zawody/prelander/img/139/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosmetyczne-wow.co.pl/apps/zawody/prelander/img/139/award.png
Requested by
Host: www.kosmetyczne-wow.co.pl
URL: https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.175.107 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3101300.ip-54-36-175.eu
Software
Apache/2.4.25 (Debian) /
Resource Hash
384d5e38a07c33d9277483a43ae6fdaa6f689caf4a802681b741b86de6a99509

Request headers

Referer
https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 06:07:43 GMT
Last-Modified
Wed, 17 Jun 2020 12:37:05 GMT
Server
Apache/2.4.25 (Debian)
ETag
"4215-5a846eadc055d"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
16917
timelane.gif
www.kosmetyczne-wow.co.pl/apps/zawody/prelander/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosmetyczne-wow.co.pl/apps/zawody/prelander/img/timelane.gif
Requested by
Host: www.kosmetyczne-wow.co.pl
URL: https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.175.107 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3101300.ip-54-36-175.eu
Software
Apache/2.4.25 (Debian) /
Resource Hash
1d440f3849911e54f09af07a32e1945b4b93cb40c3f025a0f7805171d6f87357

Request headers

Referer
https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 06:07:43 GMT
Last-Modified
Mon, 09 Apr 2018 06:16:46 GMT
Server
Apache/2.4.25 (Debian)
ETag
"1832-5696459b39fc0"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
6194
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: www.kosmetyczne-wow.co.pl
URL: https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 21:33:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
722030
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jun 2021 21:33:53 GMT
script.js
www.kosmetyczne-wow.co.pl/apps/zawody/prelander/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kosmetyczne-wow.co.pl/apps/zawody/prelander/js/script.js
Requested by
Host: www.kosmetyczne-wow.co.pl
URL: https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.175.107 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3101300.ip-54-36-175.eu
Software
Apache/2.4.25 (Debian) /
Resource Hash
ebd140babe9dfb74f2dd5a0d70cfecab083226b7a1f2c18c4409f182d1c0533f

Request headers

Referer
https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 06:07:43 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Aug 2019 07:40:44 GMT
Server
Apache/2.4.25 (Debian)
ETag
"b39-58ffac217bb80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1089
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: www.kosmetyczne-wow.co.pl
URL: https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
805
date
Thu, 18 Jun 2020 05:54:18 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Thu, 18 Jun 2020 07:54:18 GMT
bg1.jpg
www.kosmetyczne-wow.co.pl/apps/zawody/prelander/img/139/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosmetyczne-wow.co.pl/apps/zawody/prelander/img/139/bg1.jpg
Requested by
Host: www.kosmetyczne-wow.co.pl
URL: https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.175.107 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3101300.ip-54-36-175.eu
Software
Apache/2.4.25 (Debian) /
Resource Hash
bc1de380b969b720c996687cdce4a81e2980b212f827da78867037eb7da81ab6

Request headers

Referer
https://www.kosmetyczne-wow.co.pl/apps/zawody/prelander/css/version139.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 06:07:43 GMT
Last-Modified
Wed, 17 Jun 2020 12:37:05 GMT
Server
Apache/2.4.25 (Debian)
ETag
"1fed8-5a846eadc055d"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
Content-Length
130776
zona_pro_semibold_thefontsmaster.com-webfont.woff2
www.kosmetyczne-wow.co.pl/apps/zawody/prelander/css/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.kosmetyczne-wow.co.pl/apps/zawody/prelander/css/fonts/zona_pro_semibold_thefontsmaster.com-webfont.woff2
Requested by
Host: www.kosmetyczne-wow.co.pl
URL: https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.175.107 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3101300.ip-54-36-175.eu
Software
Apache/2.4.25 (Debian) /
Resource Hash
571fb3effab87d09691862791526f90aab386c181a27bf01fc523c106db5a175

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.kosmetyczne-wow.co.pl/apps/zawody/prelander/css/version139.css
Origin
https://www.kosmetyczne-wow.co.pl

Response headers

Date
Thu, 18 Jun 2020 06:07:43 GMT
Last-Modified
Fri, 30 Aug 2019 09:14:22 GMT
Server
Apache/2.4.25 (Debian)
ETag
"44c4-591520c39dcfc"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
17604
zona_pro_bold_thefontsmaster.com-webfont.woff2
www.kosmetyczne-wow.co.pl/apps/zawody/prelander/css/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.kosmetyczne-wow.co.pl/apps/zawody/prelander/css/fonts/zona_pro_bold_thefontsmaster.com-webfont.woff2
Requested by
Host: www.kosmetyczne-wow.co.pl
URL: https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.175.107 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3101300.ip-54-36-175.eu
Software
Apache/2.4.25 (Debian) /
Resource Hash
b3526f37223174382874af83197695613412a8f2475aa258a72e4d5ed9372e2d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.kosmetyczne-wow.co.pl/apps/zawody/prelander/css/version139.css
Origin
https://www.kosmetyczne-wow.co.pl

Response headers

Date
Thu, 18 Jun 2020 06:07:43 GMT
Last-Modified
Fri, 30 Aug 2019 09:14:22 GMT
Server
Apache/2.4.25 (Debian)
ETag
"43d0-591520c39ec9c"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
17360
zona_pro_extrabold_thefontsmaster.com-webfont.woff2
www.kosmetyczne-wow.co.pl/apps/zawody/prelander/css/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.kosmetyczne-wow.co.pl/apps/zawody/prelander/css/fonts/zona_pro_extrabold_thefontsmaster.com-webfont.woff2
Requested by
Host: www.kosmetyczne-wow.co.pl
URL: https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.175.107 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3101300.ip-54-36-175.eu
Software
Apache/2.4.25 (Debian) /
Resource Hash
f67d4b40c30ee55ac559d76090286aa24c14d9d37218bc8a7ad9852a5a8522f0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.kosmetyczne-wow.co.pl/apps/zawody/prelander/css/version139.css
Origin
https://www.kosmetyczne-wow.co.pl

Response headers

Date
Thu, 18 Jun 2020 06:07:43 GMT
Last-Modified
Fri, 30 Aug 2019 09:14:22 GMT
Server
Apache/2.4.25 (Debian)
ETag
"41e4-591520c39ec9c"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
16868
zona_pro_regular_thefontsmaster.com-webfont.woff2
www.kosmetyczne-wow.co.pl/apps/zawody/prelander/css/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.kosmetyczne-wow.co.pl/apps/zawody/prelander/css/fonts/zona_pro_regular_thefontsmaster.com-webfont.woff2
Requested by
Host: www.kosmetyczne-wow.co.pl
URL: https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.175.107 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3101300.ip-54-36-175.eu
Software
Apache/2.4.25 (Debian) /
Resource Hash
af50dca6debcad36ea37332a8887e80eea8cf5704271371bdb2fb47798284164

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.kosmetyczne-wow.co.pl/apps/zawody/prelander/css/version139.css
Origin
https://www.kosmetyczne-wow.co.pl

Response headers

Date
Thu, 18 Jun 2020 06:07:43 GMT
Last-Modified
Fri, 30 Aug 2019 09:14:22 GMT
Server
Apache/2.4.25 (Debian)
ETag
"42c4-591520c39dcfc"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
17092
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=371753117&utmhn=www.kosmetyczne-wow.co.pl&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&...
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38057940-2&cid=1652354988.1592460463&jid=1593898111&_v=5.7.2dc&z=371753117
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38057940-2&cid=1652354988.1592460463&jid=1593898111&_v=5.7.2dc&z=371753117&slf_rd=1&random=3179149530
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38057940-2&cid=1652354988.1592460463&jid=1593898111&_v=5.7.2dc&z=371753117&slf_rd=1&random=3179149530
Requested by
Host: www.kosmetyczne-wow.co.pl
URL: https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kosmetyczne-wow.co.pl/ankieta/,,,.html?ver=229&from=13611&ets=1593647999&cid=mlClick-Eat3Lutx&uid=33091
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jun 2020 06:07:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Jun 2020 06:07:43 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38057940-2&cid=1652354988.1592460463&jid=1593898111&_v=5.7.2dc&z=371753117&slf_rd=1&random=3179149530
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
best.aliexpress.com
URL
https://best.aliexpress.com/?aff_platform=portals-promotion&sk=_d6GDFTu&aff_trace_key=a085c05b7836472cba8f249717bfa477-1592460462029-04643-_d6GDFTu&terminal_id=66fcbfe76c3446dbbe6641c8f4c59c79&aff_request_id=a085c05b7836472cba8f249717bfa477-1592460462029-04643-_d6GDFTu

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _gaq function| startPrelander function| $ function| jQuery number| version string| hash string| fromNr number| questionCount string| realName string| realEmail number| curr number| editionFor string| failText string| redirectDomain string| saverUrl string| rCookie object| resolution function| createCookie function| readCookie function| eraseCookie function| analize function| send function| redirect function| nextQuestionOrRedirect function| saveQuestion function| changeResolution function| start object| jQuery111108367457667099871 object| $name object| _gat object| gaGlobal

7 Cookies

Domain/Path Name / Value
.kosmetyczne-wow.co.pl/ Name: __utmt
Value: 1
.kosmetyczne-wow.co.pl/ Name: __utmb
Value: 32851620.1.10.1592460463
www.kosmetyczne-wow.co.pl/ Name: PHPSESSID
Value: bn4j1ig9hpva9keebk17a8imp2
.kosmetyczne-wow.co.pl/ Name: __utmz
Value: 32851620.1592460463.1.1.utmcsr=mlpixel.pl|utmccn=(referral)|utmcmd=referral|utmcct=/redirect.php
.kosmetyczne-wow.co.pl/ Name: __utma
Value: 32851620.1652354988.1592460463.1592460463.1592460463.1
.kosmetyczne-wow.co.pl/ Name: __utmc
Value: 32851620
www.kosmetyczne-wow.co.pl/ Name: bq_tr_usr_ident
Value: 29c801fb0c1bd60fa21c77304d223e92

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
best.aliexpress.com
cutt.ly
leadhere.pl
mlpixel.pl
promailer.net
stats.g.doubleclick.net
www.g2a.com
www.gearbest.com
www.google-analytics.com
www.google.com
www.google.de
www.kosmetyczne-wow.co.pl
best.aliexpress.com
104.111.253.247
23.37.62.189
2606:4700:10::6816:1e8
2606:4700:3033::681f:5a85
2606:4700:3036::681b:ac46
2a00:1450:4001:800::200e
2a00:1450:4001:814::2003
2a00:1450:4001:819::2004
2a00:1450:4001:820::200a
2a00:1450:400c:c00::9a
54.36.175.107
94.152.13.54
06bde6fcf8de2c7d3ae2ded11845e77328f618ec03d2aeff81e1a30b978fa86f
1d440f3849911e54f09af07a32e1945b4b93cb40c3f025a0f7805171d6f87357
384d5e38a07c33d9277483a43ae6fdaa6f689caf4a802681b741b86de6a99509
42db6bdcc702dcdaa6b8688f590666e9036b53b347a7ec3211128f112cbcb75e
4a0dd05cafdce90b48c1b89ae4d86f1120a0fdc7a9e929edb1ebe0404f663dad
4eab587383eafddd2d52dd0533daaa2a9a59b9909cc0d5f2b0d073c7ce4e92cf
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
571fb3effab87d09691862791526f90aab386c181a27bf01fc523c106db5a175
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
af50dca6debcad36ea37332a8887e80eea8cf5704271371bdb2fb47798284164
b3526f37223174382874af83197695613412a8f2475aa258a72e4d5ed9372e2d
bc1de380b969b720c996687cdce4a81e2980b212f827da78867037eb7da81ab6
cbb968a0465cfa01c8f4542896de9ce9ebc555196e5a143c24732b5892c5f108
ceb8523b82bd914be16b4592d1a970bdfa43b68766e9e788f6634f805d218d58
ebd140babe9dfb74f2dd5a0d70cfecab083226b7a1f2c18c4409f182d1c0533f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f67d4b40c30ee55ac559d76090286aa24c14d9d37218bc8a7ad9852a5a8522f0
f6c62faee11556bbbc072feba64ebe3ed4e5f744933b3ec914d3c5608f2caad8
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955