Submitted URL: https://lesa.prodajakozmetike.com/
Effective URL: https://www.lesa.prodajakozmetike.com/
Submission: On May 23 via api from US — Scanned from DE

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 34 HTTP transactions. The main IP is 185.119.90.91, located in Belgrade, Serbia and belongs to UNITED, RS. The main domain is www.lesa.prodajakozmetike.com.
TLS certificate: Issued by R3 on April 10th 2024. Valid for: 3 months.
This is the only time www.lesa.prodajakozmetike.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
19 biola.rs
www.biola.rs
1 MB
8 gstatic.com
fonts.gstatic.com
137 KB
2 prodajakozmetike.com
lesa.prodajakozmetike.com
www.lesa.prodajakozmetike.com
106 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 7810
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
255 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3095
264 B
1 etrustmark.rs
verify.etrustmark.rs
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
104 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1023 B
34 9
Domain Requested by
19 www.biola.rs www.lesa.prodajakozmetike.com
8 fonts.gstatic.com fonts.googleapis.com
1 www.google.de www.lesa.prodajakozmetike.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 verify.etrustmark.rs www.lesa.prodajakozmetike.com
1 www.googletagmanager.com www.lesa.prodajakozmetike.com
1 fonts.googleapis.com www.lesa.prodajakozmetike.com
1 www.lesa.prodajakozmetike.com
1 lesa.prodajakozmetike.com 1 redirects
34 10

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.biola.rs
Subject Issuer Validity Valid
*.biola.rs
R3
2024-04-10 -
2024-07-09
3 months crt.sh
biola.rs
E1
2024-04-21 -
2024-07-20
3 months crt.sh
upload.video.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.google-analytics.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
verify.etrustmark.rs
R3
2024-03-30 -
2024-06-28
3 months crt.sh
*.gstatic.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-05-06 -
2024-07-29
3 months crt.sh
*.google.de
WR2
2024-05-06 -
2024-07-29
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.lesa.prodajakozmetike.com/
Frame ID: 8DC220F2A6FEC46AC85C0F9605172BA0
Requests: 36 HTTP requests in this frame

Screenshot

Page Title

Biola - Online Shop – Kozmetika i kozmetički preparati | Biola - Online kozmetika

Page URL History Show full URLs

  1. https://lesa.prodajakozmetike.com/ HTTP 301
    https://www.lesa.prodajakozmetike.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

34
Requests

97 %
HTTPS

56 %
IPv6

9
Domains

10
Subdomains

10
IPs

4
Countries

1394 kB
Transfer

2696 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lesa.prodajakozmetike.com/ HTTP 301
    https://www.lesa.prodajakozmetike.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.lesa.prodajakozmetike.com/
Redirect Chain
  • https://lesa.prodajakozmetike.com/
  • https://www.lesa.prodajakozmetike.com/
811 KB
105 KB
Document
General
Full URL
https://www.lesa.prodajakozmetike.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.119.90.91 Belgrade, Serbia, ASN207604 (UNITED, RS),
Reverse DNS
stiv.unlimited.rs
Software
LiteSpeed /
Resource Hash
68e4a1ff01ae825f563282c7d409b76954cf3316e307486d9ed7b0dab5c17a3e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 23 May 2024 09:16:49 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 May 2024 09:16:48 GMT
location
https://www.lesa.prodajakozmetike.com/
server
LiteSpeed
vary
Accept-Encoding,User-Agent
icomoon.woff2
www.biola.rs/catalog/view/theme/journal3/icons/fonts/
150 KB
151 KB
Font
General
Full URL
https://www.biola.rs/catalog/view/theme/journal3/icons/fonts/icomoon.woff2?v1
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d3cb8c2161075a2a868afc19fe3c026c5f4ed4552d43a4bf22ce9e34b8057b7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Origin
https://www.lesa.prodajakozmetike.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
153680
last-modified
Tue, 06 Jul 2021 12:55:36 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TeF07%2BCYfVc0Kon%2FDximQi06pad4f1lrK7zQqiPVX4hP6%2BRM9Hwf7CfotuZEU%2BJrH%2F8xzBWFXC%2BwncFz6aZV0%2BxBSyVNcgELtP5evOgXNoNvLzAy4DCy9tN32jBg9VM%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8883f30e9f725d90-FRA
priority
u=1,i=?0
expires
Thu, 30 May 2024 09:16:49 GMT
css
fonts.googleapis.com/
5 KB
1023 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Barlow:400,300,700,500%7CAlex+Brush:400&subset=latin-ext
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c9ee1d07b258e60668186a3a148a122b9cc2258620ed628f8f8ee18b2d40041
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 May 2024 09:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 May 2024 09:16:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 May 2024 09:16:50 GMT
32a8ccaa6bf8cace05729243ad33f899.js
www.biola.rs/catalog/view/theme/journal3/assets/
133 KB
44 KB
Script
General
Full URL
https://www.biola.rs/catalog/view/theme/journal3/assets/32a8ccaa6bf8cace05729243ad33f899.js?v=14218c54
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d7c96d698993b46f5423a7736e2cbeff6ddfa57de98a2b45a077bbb77f907b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=136177
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 29 Jun 2023 10:01:09 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0zBwHuLAni2OWNuwzsv0NQ5SX1zm7TsLZPLYMqE29zcby1m0RZmzgA8BREJDV3fcnHrMQzMPmEv1bS1YHUkrewpL%2BRvCuYv3rQKpf8k1oBK8F2yM21BEbWIHOoezpEI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8883f30faabb3650-FRA
priority
u=3,i=?0
expires
Sun, 28 Apr 2024 15:38:37 GMT
js
www.googletagmanager.com/gtag/
314 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PK50FZMLY1
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c5469341f5bc65ccd0318be8511dfa60d2348f5d45a314047d744801ea918bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106267
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 May 2024 09:16:50 GMT
gaufenh.js
www.biola.rs/catalog/view/javascript/
3 KB
1 KB
Script
General
Full URL
https://www.biola.rs/catalog/view/javascript/gaufenh.js?vr=1311887801
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57cd2c510214eb8892184762b518de491056acc66d2011168730bfda53572f66

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 29 Jun 2023 09:58:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qwT1wI3RgthizN%2FDc%2Be%2F1MlltigHCaXheLAzu3dXAqW0mU96hu63rZiqTSL38qJ1LXI2JrSwoJfW9IBWLjS4SBiLiriDaUrmC1RcAhTi7aPbYWzQDxXABVU8KsH3nQs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2678400
x-turbo-charged-by
LiteSpeed
cf-ray
8883f30eb9993650-FRA
alt-svc
h3=":443"; ma=86400
priority
u=1,i=?0
expires
Thu, 30 May 2024 09:16:49 GMT
biola-logo-novo-225x130.png
www.biola.rs/image/cache/catalog/logo/
26 KB
26 KB
Image
General
Full URL
https://www.biola.rs/image/cache/catalog/logo/biola-logo-novo-225x130.png
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec9b323dccb52c7b330dd773b459365d49ae0ec3764538fdae0afddd10403826

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
26145
last-modified
Fri, 27 May 2022 07:18:12 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ai%2Bn2Uy0ZzLwZ9Qr9H9Ii1ElWhk3jtFQ0QakQzTw1jM7oli1tiFCdz3A2w5GH2Yjhq98Bad%2F9tA%2Ffj5LRDanOeWlVaSrSitKuwCcRE5mgkJpNFZZaWgeEZbq1%2BEpFoY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8883f30eb99c3650-FRA
priority
u=2,i
expires
Sun, 26 May 2024 18:53:26 GMT
Biola-Banner-1920x600.jpg
www.biola.rs/image/cache/catalog/journal/layout/home/
112 KB
113 KB
Image
General
Full URL
https://www.biola.rs/image/cache/catalog/journal/layout/home/Biola-Banner-1920x600.jpg
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eeea801525a19a4a86ab12aac49967bc35411b3308fa31269a158b235f6bad9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
114761
last-modified
Fri, 06 Oct 2023 08:20:44 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uERn1%2FpVL4AYmeUTX8QjCX0eIAsCA1WWeIKsGAQo968T3fZpqNAAriwxj4SwteBjSGyLh1EF%2FRJXE2bINKk2CykMMERPfhC0GxeBm6Uls%2BB0IVOLurhxVlI%2FihZ8I08%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8883f30eb99d3650-FRA
priority
u=2,i
expires
Sun, 26 May 2024 22:22:43 GMT
biolanaslovna-1920x600.jpg
www.biola.rs/image/cache/catalog/journal/layout/home/
61 KB
62 KB
Image
General
Full URL
https://www.biola.rs/image/cache/catalog/journal/layout/home/biolanaslovna-1920x600.jpg
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeb5c582f5936a2ee6746bd447f62e6e1185b4b54010dbd5beb75def5e201ebb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
62815
last-modified
Wed, 28 Sep 2022 06:31:58 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Jr3DNPsBHwrff9i7ndz9MjvaQEZFE4OVgrJe%2B9OuiywIAgPntZM%2FE2kTGbauiE8rv7t8CAqHUfJ2x21P3BnOM60boFiToKj%2FpAxfyz43kNks9bkKA6jDVOqBRVLttE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8883f30f2a213650-FRA
priority
u=2,i
expires
Thu, 30 May 2024 09:16:49 GMT
hiper-hama-gel-1920x600.jpg
www.biola.rs/image/cache/catalog/journal/layout/home/
72 KB
73 KB
Image
General
Full URL
https://www.biola.rs/image/cache/catalog/journal/layout/home/hiper-hama-gel-1920x600.jpg
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c68597a949cee33c00c4c2c907ddf12b2c46e8e3c6579813cc73dd8f60324b33

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
74045
last-modified
Fri, 30 Sep 2022 08:31:43 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gMu6RSzvtdG%2FEzHFjzX1VHFpM0k7wQt1hFWCPIcSPtdclZcPIlGnfi82arRcaJXmxfnq40X7PiA9a8mgGyNyqWaqobkSm%2B7KVqKDDeZGGhdue9MkL%2FqNJCwTMak9Tjw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8883f30f6a723650-FRA
priority
u=2,i
expires
Sun, 26 May 2024 22:22:43 GMT
svi-tipovi-200x200.jpg
www.biola.rs/image/cache/catalog/Biola%20Ikonice/
10 KB
10 KB
Image
General
Full URL
https://www.biola.rs/image/cache/catalog/Biola%20Ikonice/svi-tipovi-200x200.jpg
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a59f67dbdbc02500c5377297127e0450fc536fcf65b9cfa13f432a96960a84f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
10188
last-modified
Thu, 20 Oct 2022 10:39:28 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uM28PWCIGVB0JGgLTDQs7ZxMPWlfaEWf1z2qDy9x643Es1EJueOCS6oKAZzeyDsviWbsBLqPTegjI70ZmxZ8E9im%2BMphvvJAmueQoe3P9YIyxjqW3925A%2BNpb6Vysqw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8883f30faac03650-FRA
priority
u=3,i
expires
Sun, 26 May 2024 22:22:43 GMT
zena-200x200.jpg
www.biola.rs/image/cache/catalog/Biola%20Ikonice/
9 KB
10 KB
Image
General
Full URL
https://www.biola.rs/image/cache/catalog/Biola%20Ikonice/zena-200x200.jpg
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d279566b88e312a70fd525206c87243300925da0a891595fabc1d29d597882

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
9372
last-modified
Thu, 20 Oct 2022 10:41:53 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FZ6mZSXmbinQesXULjB8xLx0a4756SXsa1eXgY8Exur3XdSmWw1nZ47OvkI8s6ey1kjkuYNbZzUM0jDURwITzeZQvqLQCTHYUMhOcYS861oMao6u4%2F8FFhkdk%2FooNVM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8883f30faac23650-FRA
priority
u=3,i
expires
Fri, 24 May 2024 03:25:10 GMT
we-are-here-200x200.jpg
www.biola.rs/image/cache/catalog/Biola%20Ikonice/
11 KB
11 KB
Image
General
Full URL
https://www.biola.rs/image/cache/catalog/Biola%20Ikonice/we-are-here-200x200.jpg
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
920e8c8e793ebc595516137176ed73f4a1fcf357eccee5783622c76c5b7571f5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
11144
last-modified
Thu, 20 Oct 2022 10:41:53 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ULh64AbSGw6bciQVyihMCMFkRa06zoe90NLGDWn8doR75%2BnPxce6Eu1ItVcVCdit6SS%2Fruyn%2BCVwoDQwxmKhmbKY7NawOWXo%2B6BiSe3rXddFqSAoDp56ihlLsMC12C4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8883f30faac33650-FRA
priority
u=3,i
expires
Sun, 26 May 2024 22:22:43 GMT
image.php
verify.etrustmark.rs/cert/
15 KB
15 KB
Image
General
Full URL
https://verify.etrustmark.rs/cert/image.php
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.109.212 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
etrgovina.mystableservers.com
Software
nginx /
Resource Hash
ce52683f8309cb425eedead12efef0b11a73d2707a272c0176faa697d28cc1db

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 09:16:50 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
server
nginx
content-type
image/jpeg
e3a9e581d036f911586f49cfd7af7274.js
www.biola.rs/catalog/view/theme/journal3/assets/
400 KB
100 KB
Script
General
Full URL
https://www.biola.rs/catalog/view/theme/journal3/assets/e3a9e581d036f911586f49cfd7af7274.js?v=14218c54
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a2bb540ba2407d12d0a0181623d89d35a2b860cb56685aaecab062fd5fa9de2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=409625
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 29 Jun 2023 10:01:09 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dyiETVCNxTno%2FM5pwv%2FWrtmWpOZCCLtndvc37Q9BHcv9JpGSkRFrJxTrAuWi69PY%2B%2BfAHjRsz%2F%2B4tqtdGMLchQXYDPdWnbBsfVvT2cVpF%2BV0wnWnqY5WQdDx3oceOck%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8883f30faac43650-FRA
priority
u=3,i=?0
expires
Sat, 18 May 2024 20:00:57 GMT
truncated
/
147 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
075b7c01d19ea6d2bf4aa17fbe4fb8332108e08825f40eeeb0185c7b3aa9e9e5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
144 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d004f1da60f7c1b11234a8c56990c8ca740ee507b93055b22e01cc41f033f70

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
before-156x98.png
www.biola.rs/image/cache/catalog/jorunal/layout/home/naslovi/
5 KB
6 KB
Image
General
Full URL
https://www.biola.rs/image/cache/catalog/jorunal/layout/home/naslovi/before-156x98.png
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5bb921e6b34cb9d62160144a6b739519f4856e87d41426c7c22538ac3e6ef4e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
5165
last-modified
Sat, 23 Apr 2022 18:41:44 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iqYMGA%2BpwgVrK9NcpMnG3yb2sdim4afm9ppG2whtHp4MLMqTWULIfh19Q1Uky0zCSIY8FjpS33jJum2XvyoRsinYTz7Gi8PDPeM6KtZCgMBnyOuD92RYKKTyUrrEnNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8883f3103b8f3650-FRA
priority
u=3,i
expires
Thu, 30 May 2024 09:16:50 GMT
pozadina-za-baner-na-sredini-10-1920x509.jpg
www.biola.rs/image/cache/catalog/Biola%20Ikonice/
48 KB
48 KB
Image
General
Full URL
https://www.biola.rs/image/cache/catalog/Biola%20Ikonice/pozadina-za-baner-na-sredini-10-1920x509.jpg
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfafd57dd53656de1518e2f90fbdbe5cac0b46df3e4ef3fc04bc5c3728398647

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
48677
last-modified
Thu, 20 Oct 2022 10:45:12 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sZP0VP3KcyA5GFQjzXByVa8Hs6pmX9crKhs%2FYVPFO5Q%2BgwM5tPsh7XyrAoY1dqcYc5jK9KcBDrtvhaLaKW6B56bAr%2Bswf1G1obZva8zkSpWUjj2jpDjmUTyKS7sqSGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8883f3103b923650-FRA
priority
u=3,i
expires
Sun, 26 May 2024 20:51:47 GMT
7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,300,700,500%7CAlex+Brush:400&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.lesa.prodajakozmetike.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 19:32:23 GMT
x-content-type-options
nosniff
age
222267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21144
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:43:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 May 2025 19:32:23 GMT
7cHqv4kjgoGqM7E3p-ks51os.woff2
fonts.gstatic.com/s/barlow/v12/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3p-ks51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,300,700,500%7CAlex+Brush:400&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6563f08627fa2cd60c0c300318405b6f545f0d7f469df6ba87c9e31ecc987217
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.lesa.prodajakozmetike.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 06:05:12 GMT
x-content-type-options
nosniff
age
184298
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20992
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:13:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 06:05:12 GMT
7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/
20 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,300,700,500%7CAlex+Brush:400&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.lesa.prodajakozmetike.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 19:24:11 GMT
x-content-type-options
nosniff
age
481959
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20960
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:18:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 May 2025 19:24:11 GMT
7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,300,700,500%7CAlex+Brush:400&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.lesa.prodajakozmetike.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 21:42:42 GMT
x-content-type-options
nosniff
age
214448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21724
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:29:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 May 2025 21:42:42 GMT
7cHpv4kjgoGqM7E_Ass52Hs.woff2
fonts.gstatic.com/s/barlow/v12/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_Ass52Hs.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,300,700,500%7CAlex+Brush:400&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e117aea294873c889a6118be17dedae219b12e46a4a039c420fbb032aa0acde5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.lesa.prodajakozmetike.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 02:45:03 GMT
x-content-type-options
nosniff
age
23507
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13316
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:44:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 02:45:03 GMT
7cHqv4kjgoGqM7E3p-ks6VospT4.woff2
fonts.gstatic.com/s/barlow/v12/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3p-ks6VospT4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,300,700,500%7CAlex+Brush:400&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ad49c15f3f437bc90c3ac9876571075f8c484bc39e07fd23e07c3907f264721
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.lesa.prodajakozmetike.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 02:42:57 GMT
x-content-type-options
nosniff
age
23633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13124
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:05:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 02:42:57 GMT
7cHqv4kjgoGqM7E3t-4s6VospT4.woff2
fonts.gstatic.com/s/barlow/v12/
13 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s6VospT4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,300,700,500%7CAlex+Brush:400&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68548b453a6799bd3dbe23d6025305801713b490b839dbf6fe03736cc712b514
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.lesa.prodajakozmetike.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 02:28:42 GMT
x-content-type-options
nosniff
age
197288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:29:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 02:28:42 GMT
7cHqv4kjgoGqM7E3_-gs6VospT4.woff2
fonts.gstatic.com/s/barlow/v12/
13 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs6VospT4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,300,700,500%7CAlex+Brush:400&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2112123d3e95728befd75dcbd262b213509a77625075eb036f3d7f5fd0295b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.lesa.prodajakozmetike.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 22:19:40 GMT
x-content-type-options
nosniff
age
212230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13436
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:06:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 May 2025 22:19:40 GMT
grab.png
www.biola.rs/catalog/view/theme/journal3/lib/masterslider/style/
149 B
641 B
Image
General
Full URL
https://www.biola.rs/catalog/view/theme/journal3/lib/masterslider/style/grab.png
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80ba75bd8d2e4ef465a408b44ac86d6f86240d1435390dc712ea41db2b99738a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
149
last-modified
Tue, 06 Jul 2021 12:55:36 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ainG2LBtuiGEP0DyEN98lgRHLeX%2BrnOZr%2FrYcwmFPiweFFDid58f8y0%2Fa%2FizH8ytQ8Qr3EOQTNwwfqZXqg3z2OrAnyKzhgDTD8itO2YrgiGWFkX679iA6d6IxzzQsU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8883f3116def3650-FRA
priority
u=3,i
expires
Wed, 29 May 2024 10:01:37 GMT
R-emulzija-350x350.png
www.biola.rs/image/cache/catalog/proizvodi/000326/
59 KB
60 KB
Image
General
Full URL
https://www.biola.rs/image/cache/catalog/proizvodi/000326/R-emulzija-350x350.png
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ba50879fa4ed0f346760bd259a6983613355c2dd6369cd27d5fb2327df5685a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
60709
last-modified
Mon, 26 Feb 2024 10:22:43 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AMIQjRK7O%2BdvQUi0ajbsJq3YJX5SAz%2BdnFYB7qc0LJRUCFw93t0yAF3DlyQDEA%2FKFBDUTfbSB8am%2B0F0RSw4D0j85w4cDo2NZdSCndfpdccZd1gQgVX01J1n8PzxHh8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8883f3118e223650-FRA
priority
u=3,i
expires
Sun, 26 May 2024 02:32:12 GMT
Nenaslovljeni-dizajn---2024-02-26T114226.065-350x350.png
www.biola.rs/image/cache/catalog/proizvodi/000326/
68 KB
68 KB
Image
General
Full URL
https://www.biola.rs/image/cache/catalog/proizvodi/000326/Nenaslovljeni-dizajn---2024-02-26T114226.065-350x350.png
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a2cd15042eb8bbe93f1041141d19489ddd1f6ef5f804f615d1ee071bfca0dc4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
69237
last-modified
Mon, 26 Feb 2024 11:04:08 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mvX234CMUmI%2Bvc%2FHKvj%2F0vJBAI8Mw0J0o18yY9l%2F7TFDmxdIRhXniSRmmG%2FsTePSNN7QAnK4j7h1JDbSG4vncTVN5IOTN4G8MUp%2FyyJfb8ktj0uRkhDM59dxRvOxc6I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8883f3118e233650-FRA
priority
u=3,i
expires
Wed, 29 May 2024 08:12:40 GMT
Nenaslovljeni-dizajn---2022-10-24T123406.321-350x350.png
www.biola.rs/image/cache/catalog/proizvodi/4235/
127 KB
127 KB
Image
General
Full URL
https://www.biola.rs/image/cache/catalog/proizvodi/4235/Nenaslovljeni-dizajn---2022-10-24T123406.321-350x350.png
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae5adeb1daba83eeadbc2b8cd15521d5323b77ae4129224803b10c6d8f0f174f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
129624
last-modified
Mon, 24 Oct 2022 10:47:14 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H041WzCMcRNSgw%2B17r8H%2FaoTO8qesEyEyYf0MG93F%2BlaT3nUJsGqaoRhu5CkzcSk9HUCoeikPPmMMqD%2FB9aT5REQHI20gtJoBi%2BQMwI4vD632Q3XJr%2Fi%2BrGgxggvt8s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8883f3118e263650-FRA
priority
u=3,i
expires
Sat, 25 May 2024 04:52:02 GMT
sekundarno-350x350.png
www.biola.rs/image/cache/catalog/proizvodi/344/
112 KB
112 KB
Image
General
Full URL
https://www.biola.rs/image/cache/catalog/proizvodi/344/sekundarno-350x350.png
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
326226b46743daeb4d036242846354ec4b9d2ab5eefa2fdeeb64ddd5fee4d010

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
114611
last-modified
Thu, 22 Feb 2024 12:30:02 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q36xY%2B9J761m9XWBfy25t56l6FHC6OYezkJwB8oR9Es0XPNbBLxQylZqqeH7cMRNjMdvuSb%2FDmV7vjKGLCEKjJcZa11v3D5CyiHxoV3YBv0xJrBWdqirg%2BO0wcaaUBg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8883f3118e283650-FRA
priority
u=3,i
expires
Sat, 25 May 2024 12:16:24 GMT
collect
region1.analytics.google.com/g/
0
264 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-PK50FZMLY1&gtm=45je45k0v9117140216za200&_p=1716455810330&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=815315235.1716455811&ecid=1113359775&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716455810&sct=1&seg=0&dl=https%3A%2F%2Fwww.lesa.prodajakozmetike.com%2F&dt=Biola%20-%20Online%20Shop%20%E2%80%93%20Kozmetika%20i%20kozmeti%C4%8Dki%20preparati%20%7C%20Biola%20-%20Online%20kozmetika&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1666
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PK50FZMLY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 09:16:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.lesa.prodajakozmetike.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
255 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PK50FZMLY1&cid=815315235.1716455811&gtm=45je45k0v9117140216za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PK50FZMLY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 09:16:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.lesa.prodajakozmetike.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PK50FZMLY1&cid=815315235.1716455811&gtm=45je45k0v9117140216za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1941733122
Requested by
Host: www.lesa.prodajakozmetike.com
URL: https://www.lesa.prodajakozmetike.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 09:16:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
deta-favicon.png
www.biola.rs/image/catalog/logo/
9 KB
10 KB
Other
General
Full URL
https://www.biola.rs/image/catalog/logo/deta-favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6102e0334006cb598c6a9c31a01c4d30936b8bcfeca1664473b272c623fb296c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.lesa.prodajakozmetike.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
9219
last-modified
Fri, 27 May 2022 07:31:01 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Drz1324UmYQmnlQIj87NxfN2Dw55ULSZG8a1C1MEDdA2kO%2F8yBmSSJleGvA%2B9HXmzWfaMmGK2qmcCtkRBWrhedE%2FFj2%2BMypLsbVTb31pXCHsOTMp%2F9hnNirE%2FgPdMh0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8883f3128faa3650-FRA
priority
u=1,i
expires
Sun, 26 May 2024 18:53:27 GMT

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Journal function| gtag object| dataLayer string| ur115_20X string| url23X_30X string| url401X string| url402X function| getURLVar object| cart object| voucher object| wishlist object| compare object| Modernizr function| $ function| jQuery object| $jscomp object| $jscomp$this function| journal_enable_countdown function| journal_enable_stepper function| anime function| LazyLoad function| Countdown function| Cookies object| averta function| package boolean| _mobile boolean| _touch function| parseQueryString function| isMSIE object| matched object| browser function| CSSTween object| CTween object| EaseDic function| MSAligner function| pointerEventsPolyfill function| Controller function| MSLayerController function| MSOverlayLayerController function| MSOverlayLayers object| MSLayerEffects function| MSLayerElement function| MSImageLayerElement function| MSVideoLayerElement function| MSHotspotLayer function| MSButtonLayer function| MSSliderEvent function| MSSlide function| MSSlideController function| MasterSlider function| MSViewEvents function| MSBasicView function| MSWaveView function| MSFadeBasicView function| MSFadeWaveView function| MSFlowView function| MSFadeFlowView function| MSMaskView function| MSParallaxMaskView function| MSFadeView function| MSScaleView function| MSStackView function| MSFocusView function| MSPartialWaveView function| MSBoxView function| BaseControl function| MSArrows function| MSThumblist function| MSBulltes function| MSScrollbar function| MSTimerbar function| MSCircleTimer function| MSLightbox function| MSSlideInfo function| MSGallery function| MSFlickrV2 function| MSFacebookGallery function| MSScrollParallax function| Swiper function| quickview function| open_popup function| open_login_popup function| open_register_popup function| show_notification function| loader function| resize_iframe string| _jcsspfx string| _csspfx boolean| _cssanim boolean| _css3d boolean| _css2d boolean| _2d object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

6 Cookies

Domain/Path Name / Value
lesa.prodajakozmetike.com/ Name: OCSESSID
Value: 0eae6c5a0d76c7dfe69b8fa3ef
.lesa.prodajakozmetike.com/ Name: language
Value: sr-rs
.lesa.prodajakozmetike.com/ Name: currency
Value: RSD
www.lesa.prodajakozmetike.com/ Name: OCSESSID
Value: 3b72eaec899af19101a9caba9c
.prodajakozmetike.com/ Name: _ga_PK50FZMLY1
Value: GS1.1.1716455810.1.0.1716455810.60.0.1113359775
.prodajakozmetike.com/ Name: _ga
Value: GA1.1.815315235.1716455811

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
lesa.prodajakozmetike.com
region1.analytics.google.com
stats.g.doubleclick.net
verify.etrustmark.rs
www.biola.rs
www.google.de
www.googletagmanager.com
www.lesa.prodajakozmetike.com
116.202.109.212
142.250.74.195
172.67.166.89
185.119.90.91
2001:4860:4802:32::36
2a00:1450:4001:80f::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
2a00:1450:400c:c07::9c
075b7c01d19ea6d2bf4aa17fbe4fb8332108e08825f40eeeb0185c7b3aa9e9e5
10d279566b88e312a70fd525206c87243300925da0a891595fabc1d29d597882
1ba50879fa4ed0f346760bd259a6983613355c2dd6369cd27d5fb2327df5685a
1c9ee1d07b258e60668186a3a148a122b9cc2258620ed628f8f8ee18b2d40041
326226b46743daeb4d036242846354ec4b9d2ab5eefa2fdeeb64ddd5fee4d010
3a2cd15042eb8bbe93f1041141d19489ddd1f6ef5f804f615d1ee071bfca0dc4
4a2bb540ba2407d12d0a0181623d89d35a2b860cb56685aaecab062fd5fa9de2
4a59f67dbdbc02500c5377297127e0450fc536fcf65b9cfa13f432a96960a84f
57cd2c510214eb8892184762b518de491056acc66d2011168730bfda53572f66
5ad49c15f3f437bc90c3ac9876571075f8c484bc39e07fd23e07c3907f264721
6102e0334006cb598c6a9c31a01c4d30936b8bcfeca1664473b272c623fb296c
6563f08627fa2cd60c0c300318405b6f545f0d7f469df6ba87c9e31ecc987217
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
68548b453a6799bd3dbe23d6025305801713b490b839dbf6fe03736cc712b514
68e4a1ff01ae825f563282c7d409b76954cf3316e307486d9ed7b0dab5c17a3e
6c5469341f5bc65ccd0318be8511dfa60d2348f5d45a314047d744801ea918bc
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
80ba75bd8d2e4ef465a408b44ac86d6f86240d1435390dc712ea41db2b99738a
8eeea801525a19a4a86ab12aac49967bc35411b3308fa31269a158b235f6bad9
920e8c8e793ebc595516137176ed73f4a1fcf357eccee5783622c76c5b7571f5
9d004f1da60f7c1b11234a8c56990c8ca740ee507b93055b22e01cc41f033f70
9d3cb8c2161075a2a868afc19fe3c026c5f4ed4552d43a4bf22ce9e34b8057b7
ae5adeb1daba83eeadbc2b8cd15521d5323b77ae4129224803b10c6d8f0f174f
aeb5c582f5936a2ee6746bd447f62e6e1185b4b54010dbd5beb75def5e201ebb
b5bb921e6b34cb9d62160144a6b739519f4856e87d41426c7c22538ac3e6ef4e
c0d7c96d698993b46f5423a7736e2cbeff6ddfa57de98a2b45a077bbb77f907b
c2112123d3e95728befd75dcbd262b213509a77625075eb036f3d7f5fd0295b0
c68597a949cee33c00c4c2c907ddf12b2c46e8e3c6579813cc73dd8f60324b33
ce52683f8309cb425eedead12efef0b11a73d2707a272c0176faa697d28cc1db
dfafd57dd53656de1518e2f90fbdbe5cac0b46df3e4ef3fc04bc5c3728398647
e117aea294873c889a6118be17dedae219b12e46a4a039c420fbb032aa0acde5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec9b323dccb52c7b330dd773b459365d49ae0ec3764538fdae0afddd10403826
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629