salelifter.mrwallet.pl Open in urlscan Pro
188.137.103.95 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://salelifter.mrwallet.pl/
Effective URL:
https://salelifter.mrwallet.pl/pl/konto/zaloguj
Submission: On June 19 via api (June 19th 2024, 6:54:30 pm UTC) from US — Scanned from PL

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 188.137.103.95, located in Rybnik, Poland and belongs to LEON-AS, PL. The main domain is salelifter.mrwallet.pl.
TLS certificate: Issued by R11 on June 13th 2024. Valid for: 3 months.

This is the only time salelifter.mrwallet.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 19	188.137.103.95 188.137.103.95	13000 (LEON-AS) (LEON-AS)
1	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
19	3

19 188.137.103.95 (Rybnik, Poland) 2 redirects

ASN13000 (LEON-AS, PL)

salelifter.mrwallet.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	mrwallet.pl 2 redirects salelifter.mrwallet.pl	3 MB
1	gstatic.com www.gstatic.com	207 KB
1	google.com www.google.com — Cisco Umbrella Rank: 5	947 B
19	3

	Domain	Requested by
19	salelifter.mrwallet.pl	2 redirects salelifter.mrwallet.pl
1	www.gstatic.com	www.google.com
1	www.google.com	salelifter.mrwallet.pl
19	3

This site contains no links.

Subject Issuer	Validity	Valid
hrm.mrwallet.pl R11	`2024-06-13` - `2024-09-11`	3 months	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://salelifter.mrwallet.pl/pl/konto/zaloguj
Frame ID: B1DB1DEF85BC8C9D18A70D165880941E
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Strona logowania - Comarch HRM

Page URL History Show full URLs

https://salelifter.mrwallet.pl/ HTTP 302
https://salelifter.mrwallet.pl/konto/zaloguj HTTP 302
https://salelifter.mrwallet.pl/pl/konto/zaloguj Page URL

Detected technologies

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

3197 kB
Transfer

3512 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://salelifter.mrwallet.pl/ HTTP 302
https://salelifter.mrwallet.pl/konto/zaloguj HTTP 302
https://salelifter.mrwallet.pl/pl/konto/zaloguj Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request zaloguj Show response
salelifter.mrwallet.pl/pl/konto/
Redirect Chain

https://salelifter.mrwallet.pl/
https://salelifter.mrwallet.pl/konto/zaloguj
https://salelifter.mrwallet.pl/pl/konto/zaloguj

7 KB
2 KB

40ms
39ms

Document
text/html

188.137.103.95
LEON-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salelifter.mrwallet.pl/pl/konto/zaloguj

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.137.103.95 Rybnik, Poland, ASN13000 (LEON-AS, PL),

Reverse DNS

Software

Resource Hash

9acc17888ead9b7d420636c757b7ac879c3560ba8f76a6b8b360dec68fe7b1c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: pl-PL,pl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: public, no-store, max-age=0
content-encoding: gzip
content-length: 2168
content-security-policy: default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
content-type: text/html; charset=utf-8
date: Wed, 19 Jun 2024 18:54:25 GMT
expires: Wed, 19 Jun 2024 18:54:25 GMT
last-modified: Wed, 19 Jun 2024 18:54:25 GMT
permissions-policy: camera=(), geolocation=(), microphone=(), payment=()
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-ua-compatible: IE=edge

Redirect headers

cache-control: public, no-store, max-age=0
content-encoding: gzip
content-length: 121
content-security-policy: default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
content-type: text/html; charset=utf-8
date: Wed, 19 Jun 2024 18:54:25 GMT
expires: Wed, 19 Jun 2024 18:54:25 GMT
last-modified: Wed, 19 Jun 2024 18:54:25 GMT
location: /pl/konto/zaloguj
permissions-policy: camera=(), geolocation=(), microphone=(), payment=()
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: *
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-ua-compatible: IE=edge

GET
H2 200 bundle
salelifter.mrwallet.pl/content/css/ 1 MB
1 MB 99ms
96ms Stylesheet
text/css 188.137.103.95
LEON-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salelifter.mrwallet.pl/content/css/bundle?v=flTZ6O-6wT65Zaxx_wbuYjo2m6qBH50Xl3eswh_S4_01

Requested by

Host: salelifter.mrwallet.pl
URL: https://salelifter.mrwallet.pl/pl/konto/zaloguj

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.137.103.95 Rybnik, Poland, ASN13000 (LEON-AS, PL),

Reverse DNS

Software

Resource Hash

09863ec33968db7620b2d4b1b17cf6d50d732d0c7e2f63c8784717361f35f7c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salelifter.mrwallet.pl/pl/konto/zaloguj
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
content-security-policy: default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
date: Wed, 19 Jun 2024 18:54:25 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 19 Jun 2024 18:54:25 GMT
x-permitted-cross-domain-policies: none
vary: User-Agent
content-type: text/css; charset=utf-8
cache-control: public
permissions-policy: camera=(), geolocation=(), microphone=(), payment=()
content-length: 1367518
expires: Thu, 19 Jun 2025 18:54:25 GMT

GET
H2 200 modernizr Show response
salelifter.mrwallet.pl/scripts/ 11 KB
11 KB 67ms
65ms Script
text/javascript 188.137.103.95
LEON-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salelifter.mrwallet.pl/scripts/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1

Requested by

Host: salelifter.mrwallet.pl
URL: https://salelifter.mrwallet.pl/pl/konto/zaloguj

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.137.103.95 Rybnik, Poland, ASN13000 (LEON-AS, PL),

Reverse DNS

Software

Resource Hash

9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salelifter.mrwallet.pl/pl/konto/zaloguj
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
content-security-policy: default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
date: Wed, 19 Jun 2024 18:54:25 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 19 Jun 2024 18:54:25 GMT
x-permitted-cross-domain-policies: none
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
permissions-policy: camera=(), geolocation=(), microphone=(), payment=()
content-length: 11095
expires: Thu, 19 Jun 2025 18:54:25 GMT

GET
H2 200 jquery_3.6.js Show response
salelifter.mrwallet.pl/Scripts/ 105 KB
105 KB 190ms
188ms Script
application/javascript 188.137.103.95
LEON-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salelifter.mrwallet.pl/Scripts/jquery_3.6.js

Requested by

Host: salelifter.mrwallet.pl
URL: https://salelifter.mrwallet.pl/pl/konto/zaloguj

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.137.103.95 Rybnik, Poland, ASN13000 (LEON-AS, PL),

Reverse DNS

Software

Resource Hash

528a1886f07e7777a6ee359f49155202a3ca8670e7f8feb399ca186a8bf80ac6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salelifter.mrwallet.pl/pl/konto/zaloguj
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
date: Wed, 19 Jun 2024 18:54:25 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 17 Dec 2023 07:34:55 GMT
x-permitted-cross-domain-policies: none
etag: "ec41e887bb30da1:0"
content-type: application/javascript
permissions-policy: camera=(), geolocation=(), microphone=(), payment=()
accept-ranges: bytes
content-length: 107752
x-ua-compatible: IE=edge

GET
H2 200 core Show response
salelifter.mrwallet.pl/scripts/ 1 MB
1 MB 206ms
204ms Script
text/javascript 188.137.103.95
LEON-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salelifter.mrwallet.pl/scripts/core?v=_S57GBLcPwRXqCZcETcT1va58y8935Hzeb2nOsK1IEE1

Requested by

Host: salelifter.mrwallet.pl
URL: https://salelifter.mrwallet.pl/pl/konto/zaloguj

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.137.103.95 Rybnik, Poland, ASN13000 (LEON-AS, PL),

Reverse DNS

Software

Resource Hash

1b0cbc7f0f4a432494bfd67fe2f3d9fa36a3017d42d37cb34f9a64fe8c95ea61

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salelifter.mrwallet.pl/pl/konto/zaloguj
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
content-security-policy: default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
date: Wed, 19 Jun 2024 18:54:25 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 19 Jun 2024 18:54:25 GMT
x-permitted-cross-domain-policies: none
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
permissions-policy: camera=(), geolocation=(), microphone=(), payment=()
content-length: 1477744
expires: Thu, 19 Jun 2025 18:54:25 GMT

GET
H2 200 LogowanieJs Show response
salelifter.mrwallet.pl/scripts/ 2 KB
3 KB 67ms
66ms Script
text/javascript 188.137.103.95
LEON-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salelifter.mrwallet.pl/scripts/LogowanieJs?v=qAC01637mwiwHvgMhoYZi1-ghCXMn1BRWoALxKFUjx01

Requested by

Host: salelifter.mrwallet.pl
URL: https://salelifter.mrwallet.pl/pl/konto/zaloguj

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.137.103.95 Rybnik, Poland, ASN13000 (LEON-AS, PL),

Reverse DNS

Software

Resource Hash

cb415cf4d307a2a85ee34d8cd4c2f43635f5bff5cf3e64680131bc63041d85ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salelifter.mrwallet.pl/pl/konto/zaloguj
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
content-security-policy: default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
date: Wed, 19 Jun 2024 18:54:25 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 19 Jun 2024 18:54:25 GMT
x-permitted-cross-domain-policies: none
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
permissions-policy: camera=(), geolocation=(), microphone=(), payment=()
content-length: 2551
expires: Thu, 19 Jun 2025 18:54:25 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
947 B 142ms
56ms Script
text/javascript 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=pl

Requested by

Host: salelifter.mrwallet.pl
URL: https://salelifter.mrwallet.pl/pl/konto/zaloguj

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

GSE /

Resource Hash

68741985f67e485122e454bdd80595c80856413e4fe2d3367f9eb678495079d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salelifter.mrwallet.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 18:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 19 Jun 2024 18:54:26 GMT

GET
H2 200 JezykJs Show response
salelifter.mrwallet.pl/scripts/ 1 KB
1 KB 221ms
220ms Script
text/javascript 188.137.103.95
LEON-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salelifter.mrwallet.pl/scripts/JezykJs?v=gpGfAtaT2gyMt9ei4hzQedId2qGTPsrAS81c3LtoUkQ1

Requested by

Host: salelifter.mrwallet.pl
URL: https://salelifter.mrwallet.pl/pl/konto/zaloguj

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.137.103.95 Rybnik, Poland, ASN13000 (LEON-AS, PL),

Reverse DNS

Software

Resource Hash

9824f6c1a903886a9d6e2cd4c5281d91fc8216d51d333dee21140c46f4e18eb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salelifter.mrwallet.pl/pl/konto/zaloguj
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
content-security-policy: default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
date: Wed, 19 Jun 2024 18:54:25 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 19 Jun 2024 18:54:25 GMT
x-permitted-cross-domain-policies: none
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
permissions-policy: camera=(), geolocation=(), microphone=(), payment=()
content-length: 1185
expires: Thu, 19 Jun 2025 18:54:25 GMT

GET
H2 200 flag_pl.png
salelifter.mrwallet.pl/Images/ 1 KB
1 KB 62ms
61ms Image
image/png 188.137.103.95
LEON-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salelifter.mrwallet.pl/Images/flag_pl.png

Requested by

Host: salelifter.mrwallet.pl
URL: https://salelifter.mrwallet.pl/pl/konto/zaloguj

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.137.103.95 Rybnik, Poland, ASN13000 (LEON-AS, PL),

Reverse DNS

Software

Resource Hash

1cc510cc544d64ebf21e8c11b4defa4e668994616be54684f61e946285599f21

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salelifter.mrwallet.pl/pl/konto/zaloguj
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
date: Wed, 19 Jun 2024 18:54:25 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 17 Dec 2023 07:34:55 GMT
x-permitted-cross-domain-policies: none
etag: "82f87c87bb30da1:0"
content-type: image/png
permissions-policy: camera=(), geolocation=(), microphone=(), payment=()
accept-ranges: bytes
content-length: 1165
x-ua-compatible: IE=edge

GET
H2 200 flag_en.png
salelifter.mrwallet.pl/Images/ 4 KB
4 KB 62ms
62ms Image
image/png 188.137.103.95
LEON-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salelifter.mrwallet.pl/Images/flag_en.png

Requested by

Host: salelifter.mrwallet.pl
URL: https://salelifter.mrwallet.pl/pl/konto/zaloguj

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.137.103.95 Rybnik, Poland, ASN13000 (LEON-AS, PL),

Reverse DNS

Software

Resource Hash

9542a8595fa2b667de12422b6f953e49220d0bf9c3ae0a282c3e8a362b9138a9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salelifter.mrwallet.pl/pl/konto/zaloguj
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
date: Wed, 19 Jun 2024 18:54:25 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 17 Dec 2023 07:34:55 GMT
x-permitted-cross-domain-policies: none
etag: "82f87c87bb30da1:0"
content-type: image/png
permissions-policy: camera=(), geolocation=(), microphone=(), payment=()
accept-ranges: bytes
content-length: 4307
x-ua-compatible: IE=edge

GET
H2 200 flag_ua.png
salelifter.mrwallet.pl/Images/ 2 KB
2 KB 159ms
159ms Image
image/png 188.137.103.95
LEON-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salelifter.mrwallet.pl/Images/flag_ua.png

Requested by

Host: salelifter.mrwallet.pl
URL: https://salelifter.mrwallet.pl/pl/konto/zaloguj

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.137.103.95 Rybnik, Poland, ASN13000 (LEON-AS, PL),

Reverse DNS

Software

Resource Hash

840c17bc99e985fcb544a33222e223fecc94f245773596ad105a245b7412800f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salelifter.mrwallet.pl/pl/konto/zaloguj
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
date: Wed, 19 Jun 2024 18:54:25 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 17 Dec 2023 07:34:55 GMT
x-permitted-cross-domain-policies: none
etag: "82f87c87bb30da1:0"
content-type: image/png
permissions-policy: camera=(), geolocation=(), microphone=(), payment=()
accept-ranges: bytes
content-length: 2055
x-ua-compatible: IE=edge

GET
H2 200 roboto-v20-latin-ext_latin-regular.woff2
salelifter.mrwallet.pl/content/fonts/RobotoModern/ 22 KB
22 KB 47ms
47ms Font
application/font-woff2 188.137.103.95
LEON-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salelifter.mrwallet.pl/content/fonts/RobotoModern/roboto-v20-latin-ext_latin-regular.woff2

Requested by

Host: salelifter.mrwallet.pl
URL: https://salelifter.mrwallet.pl/content/css/bundle?v=flTZ6O-6wT65Zaxx_wbuYjo2m6qBH50Xl3eswh_S4_01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.137.103.95 Rybnik, Poland, ASN13000 (LEON-AS, PL),

Reverse DNS

Software

Resource Hash

b86b128b0701a436d02aa06fb2027845a0e69e4bebdd22012c1e0578508e34d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salelifter.mrwallet.pl/content/css/bundle?v=flTZ6O-6wT65Zaxx_wbuYjo2m6qBH50Xl3eswh_S4_01
Origin: https://salelifter.mrwallet.pl
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
date: Wed, 19 Jun 2024 18:54:25 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 17 Dec 2023 07:34:55 GMT
x-permitted-cross-domain-policies: none
etag: "c8c7187bb30da1:0"
content-type: application/font-woff2
permissions-policy: camera=(), geolocation=(), microphone=(), payment=()
accept-ranges: bytes
content-length: 22644
x-ua-compatible: IE=edge

GET
H2 200 login-theme.svg
salelifter.mrwallet.pl/content/images/HRMDS/ 14 KB
14 KB 58ms
58ms Image
image/svg+xml 188.137.103.95
LEON-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salelifter.mrwallet.pl/content/images/HRMDS/login-theme.svg

Requested by

Host: salelifter.mrwallet.pl
URL: https://salelifter.mrwallet.pl/content/css/bundle?v=flTZ6O-6wT65Zaxx_wbuYjo2m6qBH50Xl3eswh_S4_01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.137.103.95 Rybnik, Poland, ASN13000 (LEON-AS, PL),

Reverse DNS

Software

Resource Hash

2cb46d7ed2a9158ceccaba4284b69033c4b20fa8f075397538ae1635228e8a55

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salelifter.mrwallet.pl/content/css/bundle?v=flTZ6O-6wT65Zaxx_wbuYjo2m6qBH50Xl3eswh_S4_01
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
date: Wed, 19 Jun 2024 18:54:25 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 17 Dec 2023 07:34:50 GMT
x-permitted-cross-domain-policies: none
etag: "212fe84bb30da1:0"
content-type: image/svg+xml
permissions-policy: camera=(), geolocation=(), microphone=(), payment=()
accept-ranges: bytes
content-length: 14015
x-ua-compatible: IE=edge

GET
H2 200 Logo-Comarch_HRM-RGB-color.svg
salelifter.mrwallet.pl/content/images/logo/ 5 KB
5 KB 47ms
46ms Image
image/svg+xml 188.137.103.95
LEON-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salelifter.mrwallet.pl/content/images/logo/Logo-Comarch_HRM-RGB-color.svg

Requested by

Host: salelifter.mrwallet.pl
URL: https://salelifter.mrwallet.pl/content/css/bundle?v=flTZ6O-6wT65Zaxx_wbuYjo2m6qBH50Xl3eswh_S4_01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.137.103.95 Rybnik, Poland, ASN13000 (LEON-AS, PL),

Reverse DNS

Software

Resource Hash

62e8e84657478f50b362a0a0fedb1662c8af9b231a04692be938a4e4a488c467

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salelifter.mrwallet.pl/content/css/bundle?v=flTZ6O-6wT65Zaxx_wbuYjo2m6qBH50Xl3eswh_S4_01
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
date: Wed, 19 Jun 2024 18:54:25 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 17 Dec 2023 07:34:49 GMT
x-permitted-cross-domain-policies: none
etag: "aabd3584bb30da1:0"
content-type: image/svg+xml
permissions-policy: camera=(), geolocation=(), microphone=(), payment=()
accept-ranges: bytes
content-length: 5000
x-ua-compatible: IE=edge

GET
H2 200 check_box_outline_blank-24px.svg
salelifter.mrwallet.pl/content/images/HRMDS/ 228 B
322 B 45ms
45ms Image
image/svg+xml 188.137.103.95
LEON-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salelifter.mrwallet.pl/content/images/HRMDS/check_box_outline_blank-24px.svg

Requested by

Host: salelifter.mrwallet.pl
URL: https://salelifter.mrwallet.pl/content/css/bundle?v=flTZ6O-6wT65Zaxx_wbuYjo2m6qBH50Xl3eswh_S4_01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.137.103.95 Rybnik, Poland, ASN13000 (LEON-AS, PL),

Reverse DNS

Software

Resource Hash

8f1f04b985c4bee8d34acd84d0c53b4c634b000f8a363dc6c20da3eb7c680ed0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salelifter.mrwallet.pl/content/css/bundle?v=flTZ6O-6wT65Zaxx_wbuYjo2m6qBH50Xl3eswh_S4_01
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
date: Wed, 19 Jun 2024 18:54:25 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 17 Dec 2023 07:34:50 GMT
x-permitted-cross-domain-policies: none
etag: "cb9ffb84bb30da1:0"
content-type: image/svg+xml
permissions-policy: camera=(), geolocation=(), microphone=(), payment=()
accept-ranges: bytes
content-length: 228
x-ua-compatible: IE=edge

GET
H2 200 arrow-down-gray.svg
salelifter.mrwallet.pl/content/images/sidebar-icon/ 430 B
513 B 45ms
45ms Image
image/svg+xml 188.137.103.95
LEON-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salelifter.mrwallet.pl/content/images/sidebar-icon/arrow-down-gray.svg

Requested by

Host: salelifter.mrwallet.pl
URL: https://salelifter.mrwallet.pl/content/css/bundle?v=flTZ6O-6wT65Zaxx_wbuYjo2m6qBH50Xl3eswh_S4_01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.137.103.95 Rybnik, Poland, ASN13000 (LEON-AS, PL),

Reverse DNS

Software

Resource Hash

b117495fefa0755b75f2ec0d5d389e3d555b35c4541edc7c0a71b3cda0cec890

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salelifter.mrwallet.pl/content/css/bundle?v=flTZ6O-6wT65Zaxx_wbuYjo2m6qBH50Xl3eswh_S4_01
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
date: Wed, 19 Jun 2024 18:54:25 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 17 Dec 2023 07:34:42 GMT
x-permitted-cross-domain-policies: none
etag: "64c9b37fbb30da1:0"
content-type: image/svg+xml
permissions-policy: camera=(), geolocation=(), microphone=(), payment=()
accept-ranges: bytes
content-length: 430
x-ua-compatible: IE=edge

GET
H2 200 roboto-v20-latin-ext_latin-700.woff2
salelifter.mrwallet.pl/content/fonts/RobotoModern/ 22 KB
22 KB 57ms
56ms Font
application/font-woff2 188.137.103.95
LEON-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salelifter.mrwallet.pl/content/fonts/RobotoModern/roboto-v20-latin-ext_latin-700.woff2

Requested by

Host: salelifter.mrwallet.pl
URL: https://salelifter.mrwallet.pl/content/css/bundle?v=flTZ6O-6wT65Zaxx_wbuYjo2m6qBH50Xl3eswh_S4_01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.137.103.95 Rybnik, Poland, ASN13000 (LEON-AS, PL),

Reverse DNS

Software

Resource Hash

8d9364a0dd956af9d5f0580c8247f61c49aebaefb9e4c48d60fb3d045f1cedd5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salelifter.mrwallet.pl/content/css/bundle?v=flTZ6O-6wT65Zaxx_wbuYjo2m6qBH50Xl3eswh_S4_01
Origin: https://salelifter.mrwallet.pl
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
date: Wed, 19 Jun 2024 18:54:25 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 17 Dec 2023 07:34:54 GMT
x-permitted-cross-domain-policies: none
etag: "19486c87bb30da1:0"
content-type: application/font-woff2
permissions-policy: camera=(), geolocation=(), microphone=(), payment=()
accept-ranges: bytes
content-length: 22724
x-ua-compatible: IE=edge

GET
H2 200 recaptcha__pl.js Show response
www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/ 520 KB
207 KB 429ms
37ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__pl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=pl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

ac4af1e947b3dfea2b85de7734d5ef2e1e99bab7b3740e0110fb422737999ddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salelifter.mrwallet.pl/
Origin: https://salelifter.mrwallet.pl
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210937
x-xss-protection: 0
last-modified: Sat, 15 Jun 2024 04:02:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jun 2025 14:44:56 GMT

GET
H2 200 favicon.ico
salelifter.mrwallet.pl/Content/images/ 15 KB
15 KB 46ms
46ms Other
image/x-icon 188.137.103.95
LEON-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salelifter.mrwallet.pl/Content/images/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.137.103.95 Rybnik, Poland, ASN13000 (LEON-AS, PL),

Reverse DNS

Software

Resource Hash

fa9bca51a020c18134c6e18fbacd33de4e071fd07ccb90717e993e99ae6f341d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salelifter.mrwallet.pl/pl/konto/zaloguj
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
date: Wed, 19 Jun 2024 18:54:26 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 17 Dec 2023 07:34:41 GMT
x-permitted-cross-domain-policies: none
etag: "4d2d977fbb30da1:0"
content-type: image/x-icon
permissions-policy: camera=(), geolocation=(), microphone=(), payment=()
accept-ranges: bytes
content-length: 15086
x-ua-compatible: IE=edge

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			salelifter.mrwallet.pl/	1969-12-31 23:59:59	Name: ComarchHRM_SessionId Value: wqn55nvzkwwboaid3pkun1uw
			salelifter.mrwallet.pl/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: xPKDN6smWeYTR7O0hPrPQC_IUVGf2pUjYPvPiBZXfT3jBeVMpVhDWW_NrF9Oztzkp1OSOe38ngBhGWl3a0DObI9Y4XkYAJhvpWpmu2cRJVI1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://salelifter.mrwallet.pl/pl/konto/zaloguj Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' www.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='; script-src 'self' 'nonce-+zb/Tl12ftLCaUZfJUXrzffy98jY+paPIUphkULL3LE='
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

salelifter.mrwallet.pl
www.google.com
www.gstatic.com
142.250.185.228
142.250.186.35
188.137.103.95
09863ec33968db7620b2d4b1b17cf6d50d732d0c7e2f63c8784717361f35f7c0
1b0cbc7f0f4a432494bfd67fe2f3d9fa36a3017d42d37cb34f9a64fe8c95ea61
1cc510cc544d64ebf21e8c11b4defa4e668994616be54684f61e946285599f21
2cb46d7ed2a9158ceccaba4284b69033c4b20fa8f075397538ae1635228e8a55
528a1886f07e7777a6ee359f49155202a3ca8670e7f8feb399ca186a8bf80ac6
62e8e84657478f50b362a0a0fedb1662c8af9b231a04692be938a4e4a488c467
68741985f67e485122e454bdd80595c80856413e4fe2d3367f9eb678495079d2
840c17bc99e985fcb544a33222e223fecc94f245773596ad105a245b7412800f
8d9364a0dd956af9d5f0580c8247f61c49aebaefb9e4c48d60fb3d045f1cedd5
8f1f04b985c4bee8d34acd84d0c53b4c634b000f8a363dc6c20da3eb7c680ed0
9542a8595fa2b667de12422b6f953e49220d0bf9c3ae0a282c3e8a362b9138a9
9824f6c1a903886a9d6e2cd4c5281d91fc8216d51d333dee21140c46f4e18eb3
9acc17888ead9b7d420636c757b7ac879c3560ba8f76a6b8b360dec68fe7b1c4
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
ac4af1e947b3dfea2b85de7734d5ef2e1e99bab7b3740e0110fb422737999ddd
b117495fefa0755b75f2ec0d5d389e3d555b35c4541edc7c0a71b3cda0cec890
b86b128b0701a436d02aa06fb2027845a0e69e4bebdd22012c1e0578508e34d1
cb415cf4d307a2a85ee34d8cd4c2f43635f5bff5cf3e64680131bc63041d85ab
fa9bca51a020c18134c6e18fbacd33de4e071fd07ccb90717e993e99ae6f341d

salelifter.mrwallet.pl Open in urlscan Pro 188.137.103.95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

3197 kBTransfer

3512 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

salelifter.mrwallet.pl Open in urlscan Pro
188.137.103.95 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

3197 kB
Transfer

3512 kB
Size

2
Cookies

19 HTTP transactions
0 data transactions