urlscan.io logo urlscan.io
SecurityTrails logo

promocje.max-gym.pl Open in urlscan Pro
109.232.242.252  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.promocje.max-gym.pl/
Effective URL: https://promocje.max-gym.pl/
Submission: On August 20 via api from US — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 109.232.242.252, located in Poland and belongs to BENEFIT-SYSTEM, PL. The main domain is promocje.max-gym.pl.
TLS certificate: Issued by Certyfikat SSL on July 19th 2024. Valid for: a year.
This is the only time promocje.max-gym.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 109.232.242.252 60968 (BENEFIT-S...)
2 142.250.184.232 15169 (GOOGLE)
3 3.161.82.55 16509 (AMAZON-02)
1 142.250.181.226 15169 (GOOGLE)
1 216.239.34.36 15169 (GOOGLE)
20 6
14    109.232.242.252 (Poland)

ASN60968 (BENEFIT-SYSTEM, PL)
www.promocje.max-gym.pl
promocje.max-gym.pl
2    142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net
www.googletagmanager.com
3    3.161.82.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-55.fra56.r.cloudfront.net
sdk.privacy-center.org
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pagead2.googlesyndication.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
14 max-gym.pl
www.promocje.max-gym.pl
promocje.max-gym.pl
229 KB
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 4906
154 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
209 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
64 B
20 5
Domain Requested by
13 promocje.max-gym.pl promocje.max-gym.pl
3 sdk.privacy-center.org www.googletagmanager.com
sdk.privacy-center.org
2 www.googletagmanager.com promocje.max-gym.pl
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 www.promocje.max-gym.pl 1 redirects
20 6

This site contains links to these domains. Also see Links.

Domain
www.benefitsystems.pl
Subject Issuer Validity Valid
promocje.max-gym.pl
Certyfikat SSL		 2024-07-19 -
2025-07-19		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.privacy-center.org
Amazon RSA 2048 M03		 2024-03-10 -
2025-04-07		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://promocje.max-gym.pl/
Frame ID: B9CDB824A4394061213BE327C785C164
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Megapromocja – dołącz do nas! Zacznij za 49zł - Max-Gym

Page URL History Show full URLs

  1. https://www.promocje.max-gym.pl/ HTTP 301
    https://promocje.max-gym.pl/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

592 kB
Transfer

2154 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.promocje.max-gym.pl/ HTTP 301
    https://promocje.max-gym.pl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
promocje.max-gym.pl/
Redirect Chain
  • https://www.promocje.max-gym.pl/
  • https://promocje.max-gym.pl/
12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promocje.max-gym.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.232.242.252 , Poland, ASN60968 (BENEFIT-SYSTEM, PL),
Reverse DNS
Software
/
Resource Hash
3638dde125cd46efa9d8c5e3735961bc173d8047aff2fff61bea5ff1164e59b0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, must-revalidate, private, s-maxage=240
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Tue, 20 Aug 2024 07:37:52 GMT
expires
Tue, 20 Aug 2024 07:37:52 GMT
vary
Accept-Encoding
x-content-type-options
nosniff
x-forwarded-port
443
x-forwarded-proto
https

Redirect headers

content-type
text/html; charset=UTF-8
location
https://promocje.max-gym.pl/
LatoLatin-Bold.woff2
promocje.max-gym.pl/build/web/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://promocje.max-gym.pl/build/web/fonts/LatoLatin-Bold.woff2
Requested by
Host: promocje.max-gym.pl
URL: https://promocje.max-gym.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.232.242.252 , Poland, ASN60968 (BENEFIT-SYSTEM, PL),
Reverse DNS
Software
/
Resource Hash
276401632a998400be8a5895038f4f72d3760d3c3d6aaf3cf445d109cb9d1540
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff

Request headers

Referer
https://promocje.max-gym.pl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 07:37:52 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 11:49:56 GMT
etag
"6051ece4-ad5c"
content-type
font/woff2
accept-ranges
bytes
x-forwarded-proto
https
x-forwarded-port
443
LatoLatin-Regular.woff2
promocje.max-gym.pl/build/web/fonts/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://promocje.max-gym.pl/build/web/fonts/LatoLatin-Regular.woff2
Requested by
Host: promocje.max-gym.pl
URL: https://promocje.max-gym.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.232.242.252 , Poland, ASN60968 (BENEFIT-SYSTEM, PL),
Reverse DNS
Software
/
Resource Hash
ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff

Request headers

Referer
https://promocje.max-gym.pl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 07:37:52 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 11:49:56 GMT
etag
"6051ece4-aaf0"
content-type
font/woff2
accept-ranges
bytes
x-forwarded-proto
https
x-forwarded-port
443
MPLUSRounded1c-ExtraBold.woff2
promocje.max-gym.pl/build/web/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://promocje.max-gym.pl/build/web/fonts/MPLUSRounded1c-ExtraBold.woff2
Requested by
Host: promocje.max-gym.pl
URL: https://promocje.max-gym.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.232.242.252 , Poland, ASN60968 (BENEFIT-SYSTEM, PL),
Reverse DNS
Software
/
Resource Hash
57bbb78bd68b67b914d507fe4a8730cbd4e503f8803c8e28ffe377bddf3c036d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff

Request headers

Referer
https://promocje.max-gym.pl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 07:37:52 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 11:49:56 GMT
etag
"6051ece4-a304"
content-type
font/woff2
accept-ranges
bytes
x-forwarded-proto
https
x-forwarded-port
443
main-d2a3bbcf4b28b25f69e7049a081764d7.css
promocje.max-gym.pl/build/web/ 		534 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promocje.max-gym.pl/build/web/main-d2a3bbcf4b28b25f69e7049a081764d7.css
Requested by
Host: promocje.max-gym.pl
URL: https://promocje.max-gym.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.232.242.252 , Poland, ASN60968 (BENEFIT-SYSTEM, PL),
Reverse DNS
Software
/
Resource Hash
f6871d2156f1eecc6fd1eda0613ef2e6c8b59ea881ff32f7d300f163a9f77a71
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff

Request headers

Referer
https://promocje.max-gym.pl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 07:37:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 01 Aug 2024 12:37:52 GMT
etag
W/"66ab81a0-8564d"
vary
Accept-Encoding
content-type
text/css
x-forwarded-proto
https
x-forwarded-port
443
all-fdaeed7c3ccfc6997b23f07b83fdf677.js
promocje.max-gym.pl/build/web/ 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promocje.max-gym.pl/build/web/all-fdaeed7c3ccfc6997b23f07b83fdf677.js
Requested by
Host: promocje.max-gym.pl
URL: https://promocje.max-gym.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.232.242.252 , Poland, ASN60968 (BENEFIT-SYSTEM, PL),
Reverse DNS
Software
/
Resource Hash
f6808434419f83623f958ce08a36f7d5abc4f478f8a44af1143681b812c517ca
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff

Request headers

Referer
https://promocje.max-gym.pl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 07:37:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 01 Aug 2024 12:37:47 GMT
etag
W/"66ab819b-1453a"
vary
Accept-Encoding
content-type
application/javascript
x-forwarded-proto
https
x-forwarded-port
443
gtm.js
www.googletagmanager.com/ 		298 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MVVZN6N8
Requested by
Host: promocje.max-gym.pl
URL: https://promocje.max-gym.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
efeb48bf5b3b3945841059770e0e7b6aca8c40a4b08020463ec35c961d836893
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://promocje.max-gym.pl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 07:37:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104557
x-xss-protection
0
last-modified
Tue, 20 Aug 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Aug 2024 07:37:52 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
logo.svg
promocje.max-gym.pl/build/web/svg/maxgym/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promocje.max-gym.pl/build/web/svg/maxgym/logo.svg
Requested by
Host: promocje.max-gym.pl
URL: https://promocje.max-gym.pl/build/web/main-d2a3bbcf4b28b25f69e7049a081764d7.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.232.242.252 , Poland, ASN60968 (BENEFIT-SYSTEM, PL),
Reverse DNS
Software
/
Resource Hash
26997538f623ea17fac28ec590ceb224debb62b85454486bbd2c998d6f2060fb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff

Request headers

Referer
https://promocje.max-gym.pl/build/web/main-d2a3bbcf4b28b25f69e7049a081764d7.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 07:37:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 18 Jul 2024 15:00:59 GMT
etag
W/"66992e2b-159e"
vary
Accept-Encoding
content-type
image/svg+xml
x-forwarded-proto
https
x-forwarded-port
443
LatoLatin-Bold.woff2
promocje.max-gym.pl/build/web/fonts/ 		43 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://promocje.max-gym.pl/build/web/fonts/LatoLatin-Bold.woff2
Requested by
Host: promocje.max-gym.pl
URL: https://promocje.max-gym.pl/build/web/main-d2a3bbcf4b28b25f69e7049a081764d7.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.232.242.252 , Poland, ASN60968 (BENEFIT-SYSTEM, PL),
Reverse DNS
Software
/
Resource Hash
276401632a998400be8a5895038f4f72d3760d3c3d6aaf3cf445d109cb9d1540
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff

Request headers

Referer
https://promocje.max-gym.pl/build/web/main-d2a3bbcf4b28b25f69e7049a081764d7.css
Origin
https://promocje.max-gym.pl
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 07:37:52 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 11:49:56 GMT
etag
"6051ece4-ad5c"
content-type
font/woff2
accept-ranges
bytes
x-forwarded-proto
https
x-forwarded-port
443
truncated
/ 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0778dcb46432638d72af9f5a1d0db613d08210fed7fea54934c2ca7b931df14

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
MPLUSRounded1c-ExtraBold.woff2
promocje.max-gym.pl/build/web/fonts/ 		41 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://promocje.max-gym.pl/build/web/fonts/MPLUSRounded1c-ExtraBold.woff2
Requested by
Host: promocje.max-gym.pl
URL: https://promocje.max-gym.pl/build/web/main-d2a3bbcf4b28b25f69e7049a081764d7.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.232.242.252 , Poland, ASN60968 (BENEFIT-SYSTEM, PL),
Reverse DNS
Software
/
Resource Hash
57bbb78bd68b67b914d507fe4a8730cbd4e503f8803c8e28ffe377bddf3c036d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff

Request headers

Referer
https://promocje.max-gym.pl/build/web/main-d2a3bbcf4b28b25f69e7049a081764d7.css
Origin
https://promocje.max-gym.pl
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 07:37:52 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 11:49:56 GMT
etag
"6051ece4-a304"
content-type
font/woff2
accept-ranges
bytes
x-forwarded-proto
https
x-forwarded-port
443
LatoLatin-Regular.woff2
promocje.max-gym.pl/build/web/fonts/ 		43 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://promocje.max-gym.pl/build/web/fonts/LatoLatin-Regular.woff2
Requested by
Host: promocje.max-gym.pl
URL: https://promocje.max-gym.pl/build/web/main-d2a3bbcf4b28b25f69e7049a081764d7.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.232.242.252 , Poland, ASN60968 (BENEFIT-SYSTEM, PL),
Reverse DNS
Software
/
Resource Hash
ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff

Request headers

Referer
https://promocje.max-gym.pl/build/web/main-d2a3bbcf4b28b25f69e7049a081764d7.css
Origin
https://promocje.max-gym.pl
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 07:37:52 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 11:49:56 GMT
etag
"6051ece4-aaf0"
content-type
font/woff2
accept-ranges
bytes
x-forwarded-proto
https
x-forwarded-port
443
loading.svg
promocje.max-gym.pl/build/web/svg/ 		2 KB
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promocje.max-gym.pl/build/web/svg/loading.svg
Requested by
Host: promocje.max-gym.pl
URL: https://promocje.max-gym.pl/build/web/main-d2a3bbcf4b28b25f69e7049a081764d7.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.232.242.252 , Poland, ASN60968 (BENEFIT-SYSTEM, PL),
Reverse DNS
Software
/
Resource Hash
97db43a2d13d703b7206692d5554d1f748aa0761b56cf1cf10a2d0d07cc8cf6e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff

Request headers

Referer
https://promocje.max-gym.pl/build/web/main-d2a3bbcf4b28b25f69e7049a081764d7.css
Origin
https://promocje.max-gym.pl
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 07:37:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 16 Aug 2021 03:23:53 GMT
etag
W/"6119da49-89e"
vary
Accept-Encoding
content-type
image/svg+xml
x-forwarded-proto
https
x-forwarded-port
443
content-length
873
close.svg
promocje.max-gym.pl/build/web/svg/ 		1 KB
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promocje.max-gym.pl/build/web/svg/close.svg
Requested by
Host: promocje.max-gym.pl
URL: https://promocje.max-gym.pl/build/web/main-d2a3bbcf4b28b25f69e7049a081764d7.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.232.242.252 , Poland, ASN60968 (BENEFIT-SYSTEM, PL),
Reverse DNS
Software
/
Resource Hash
708493bb463a4c0dd467b64cf598bd3c145071c9b306bfe4703d8862a7c7ef71
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff

Request headers

Referer
https://promocje.max-gym.pl/build/web/main-d2a3bbcf4b28b25f69e7049a081764d7.css
Origin
https://promocje.max-gym.pl
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 07:37:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 16 Aug 2021 03:23:52 GMT
etag
W/"6119da48-4a1"
vary
Accept-Encoding
content-type
image/svg+xml
x-forwarded-proto
https
x-forwarded-port
443
content-length
485
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
loader.js
sdk.privacy-center.org/bf226e0f-8b65-4a01-bdb1-0e0c29c4bf20/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/bf226e0f-8b65-4a01-bdb1-0e0c29c4bf20/loader.js?target_type=notice&target=ytDCFkkr
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVVZN6N8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-55.fra56.r.cloudfront.net
Software
/
Resource Hash
8ca8e27613343abb94a23f7f09ab273330884c56ee6ac57ff9b1cdec1b28c608

Request headers

Referer
https://promocje.max-gym.pl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-didomi-configs-version
112
content-encoding
br
x-didomi-remote-config-metadata
multiReg:true;legacyGlobalGdpr:true
date
Tue, 20 Aug 2024 07:37:53 GMT
via
1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-amzn-requestid
cb521dde-dff7-4bc9-b7db-b484d3565a81
x-amzn-trace-id
root=1-66c367bb-51756a66008264011192a2e3;parent=651215b49acc11be;sampled=0;lineage=eaae1266:0
vary
Accept-Encoding
etag
W/"d7cda765690173032b38b1fe0670a93c"
content-type
application/javascript; charset=utf-8
x-cache
RefreshHit from cloudfront
cache-control
max-age=7200, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
QN2pBrBoQFB4n-WKmqwM5aeYjTRBNP7DUFGQMogKW6ogBdknmoZHYA==
sdk.9fa0f7caba0135420f3f75b242d5e300a68f5970.js
sdk.privacy-center.org/sdk/9fa0f7caba0135420f3f75b242d5e300a68f5970/modern/ 		354 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/9fa0f7caba0135420f3f75b242d5e300a68f5970/modern/sdk.9fa0f7caba0135420f3f75b242d5e300a68f5970.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/bf226e0f-8b65-4a01-bdb1-0e0c29c4bf20/loader.js?target_type=notice&target=ytDCFkkr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6fbda2d121e3398d8904455c695d75de1a36cbd569fbe8cfebc8cf94b7edbc80

Request headers

Referer
https://promocje.max-gym.pl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 12:06:17 GMT
content-encoding
br
via
1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
last-modified
Mon, 19 Aug 2024 12:06:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
age
70297
etag
W/"845eeeec876910dc513e6de4b25c1f9f-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
8VkOoaEyiUsm9R0x7cXX_qb4XeVEVdLK2qx2jOt5eBUs_z2-9bpypw==
ui-gdpr-pl-web.9fa0f7caba0135420f3f75b242d5e300a68f5970.js
sdk.privacy-center.org/sdk/9fa0f7caba0135420f3f75b242d5e300a68f5970/modern/ 		275 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/9fa0f7caba0135420f3f75b242d5e300a68f5970/modern/ui-gdpr-pl-web.9fa0f7caba0135420f3f75b242d5e300a68f5970.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/9fa0f7caba0135420f3f75b242d5e300a68f5970/modern/sdk.9fa0f7caba0135420f3f75b242d5e300a68f5970.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.161.82.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8629e5b192b9760e8952af8527fb65f5d181e6d7d1c1bfd7ecf83eb67377a927

Request headers

Referer
https://promocje.max-gym.pl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 12:06:38 GMT
content-encoding
br
via
1.1 ce9680b048a2aea06e1146ad2810fa14.cloudfront.net (CloudFront)
last-modified
Mon, 19 Aug 2024 12:06:10 GMT
server
AmazonS3
age
70276
x-amz-cf-pop
FRA56-P10
etag
W/"ac6b559167fe7714ea45c6be6fe8df54-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
UKevw7-FEcbL96f_5CMi9P8TMED3Gua5Kv7rV1jM-Goap-aIPaufkQ==
landing
pagead2.googlesyndication.com/pagead/ 		42 B
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5l1&tag_exp=0&rnd=2127025936.1724139473&url=https%3A%2F%2Fpromocje.max-gym.pl%2F&dma_cps=-&dma=1&npa=1&tcfd=1000h&gtm=45He48e0n91MVVZN6N8v9186173866za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVVZN6N8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promocje.max-gym.pl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Aug 2024 07:37:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		323 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2Q6MD6JG61&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVVZN6N8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ec9767c979a80af8596c103076fb3ee464ab7e8443db9797f2998670d7e3a6cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://promocje.max-gym.pl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 07:37:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
108741
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 20 Aug 2024 07:37:53 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2Q6MD6JG61&gtm=45je48e0v9191361207z89186173866za200zb9186173866&_p=1724139472066&em=tv.1~em.bi_5kgpZQ4tlTukaGqMTiB1_YAxCuic68yHu27qvNqc&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tcfd=1000h&tag_exp=0&gdid=dMTc4Zm&cid=1356146773.1724139473&ecid=893030185&ul=pl-pl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_s=1&sid=1724139473&sct=1&seg=0&dl=https%3A%2F%2Fpromocje.max-gym.pl%2F&dt=Megapromocja%20%E2%80%93%20do%C5%82%C4%85cz%20do%20nas!%20Zacznij%20za%2049z%C5%82%20-%20Max-Gym&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2280
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2Q6MD6JG61&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://promocje.max-gym.pl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Aug 2024 07:37:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promocje.max-gym.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
maxgym.png
promocje.max-gym.pl/build/web/favicon/ 		3 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://promocje.max-gym.pl/build/web/favicon/maxgym.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.232.242.252 , Poland, ASN60968 (BENEFIT-SYSTEM, PL),
Reverse DNS
Software
/
Resource Hash
5c09b3b5bcc9f7e3ac1c3af22e2fb1d663822b983e3b0d0cd9ff7e9f915143ef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff

Request headers

Referer
https://promocje.max-gym.pl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Tue, 20 Aug 2024 07:37:54 GMT
date
Tue, 20 Aug 2024 07:37:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=0, must-revalidate, private
x-forwarded-proto
https
x-forwarded-port
443
x-cache-tags
snippet_area-default,snippet_area-header,snippet_area-login,snippet_area-infopopup,snippet_area-cookies-info,snippet_area-footer,webspace-maxgym

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer function| updateAcademyScheduleHeader function| academySchedulePrevNext function| initializeActivityListColumns function| scrollToBestseller function| addMaps function| AddClubListButtonsEvent function| ClubList function| cookiesinforemove function| cookiesinfoaccepted function| checkcookiesinfo function| no_webp function| forceSuperscript function| collapseFormSummary function| updateLostPasswordLinks object| mediaDialog string| mediaDialogDefaultContent function| showMediaDialog function| playVimeo function| showImagePopup function| stopAllVideos function| updatePageHeader function| setValuesFromFilter function| recaptchasLoadedCallback function| addRecaptchas function| recaptchatoken function| addSorting function| updateSorting function| activateTab function| AutoScroller function| updateCurrentSections function| addCustomScrollbars function| sendFormJourneyEventForInput function| sendConversionEventForInput function| addDataLayerEvent function| addDataLayerEventForFilter function| sendSystemErrorForJSValidation function| salesUserdataFormInvalid function| salesAgreementsFormInvalid function| reportedFieldName function| updateFocusTrap function| restoreOpenersFocus function| closeModalDialog function| setButtonExpanded function| recalcExpandableHeights function| waitForDialog function| performRequest function| addFilters function| updateFilters object| invalidFormFields function| invalidFormNotification function| formblocked function| refreshRowsVisibility function| findScrollStep function| findClosestScrollButton function| loadscript number| updateCurrentSectionsTimeout function| delayedUpdateCurrentSection function| updateSectionVisibility function| updateSticky function| avoidDayWithoutResults function| scheduleRegisterAction function| addTooltips function| updateTooltip object| lazySizes object| google_tag_manager object| google_tag_data boolean| gdprAppliesGlobally object| __tcfapiBuffer function| __tcfapi object| didomiEventListeners object| didomiOnReady object| didomiRemoteConfig string| didomiCountry string| didomiRegion object| didomiGeoRegulations object| webpackChunkDidomi object| Didomi object| didomiState object| DidomiSanitizing function| onYouTubeIframeAPIReady object| gaGlobal

2 Cookies

Domain/Path Name / Value
promocje.max-gym.pl/ Name: SULUSESSID
Value: 5c4v5sg1a3rhrdlaf3vk2ar63c
.max-gym.pl/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTkxNmViODgtOWJlZC02ZWEwLThiMWYtMDViOGM2YzY3MDZkIiwiY3JlYXRlZCI6IjIwMjQtMDgtMjBUMDc6Mzc6NTMuMzQyWiIsInVwZGF0ZWQiOiIyMDI0LTA4LTIwVDA3OjM3OjUzLjM0MloiLCJ2ZXJzaW9uIjpudWxsfQ==

4 Console Messages

Source Level URL
Text
other warning URL: https://promocje.max-gym.pl/(Line 86)
Message:
A preload for 'https://promocje.max-gym.pl/build/web/fonts/MPLUSRounded1c-ExtraBold.woff2' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://promocje.max-gym.pl/(Line 86)
Message:
A preload for 'https://promocje.max-gym.pl/build/web/fonts/LatoLatin-Bold.woff2' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://promocje.max-gym.pl/(Line 86)
Message:
A preload for 'https://promocje.max-gym.pl/build/web/fonts/LatoLatin-Regular.woff2' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network error URL: https://promocje.max-gym.pl/build/web/favicon/maxgym.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pagead2.googlesyndication.com
promocje.max-gym.pl
region1.google-analytics.com
sdk.privacy-center.org
www.googletagmanager.com
www.promocje.max-gym.pl
109.232.242.252
142.250.181.226
142.250.184.232
216.239.34.36
3.161.82.55
26997538f623ea17fac28ec590ceb224debb62b85454486bbd2c998d6f2060fb
276401632a998400be8a5895038f4f72d3760d3c3d6aaf3cf445d109cb9d1540
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
3638dde125cd46efa9d8c5e3735961bc173d8047aff2fff61bea5ff1164e59b0
57bbb78bd68b67b914d507fe4a8730cbd4e503f8803c8e28ffe377bddf3c036d
5c09b3b5bcc9f7e3ac1c3af22e2fb1d663822b983e3b0d0cd9ff7e9f915143ef
6fbda2d121e3398d8904455c695d75de1a36cbd569fbe8cfebc8cf94b7edbc80
708493bb463a4c0dd467b64cf598bd3c145071c9b306bfe4703d8862a7c7ef71
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
8629e5b192b9760e8952af8527fb65f5d181e6d7d1c1bfd7ecf83eb67377a927
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8ca8e27613343abb94a23f7f09ab273330884c56ee6ac57ff9b1cdec1b28c608
97db43a2d13d703b7206692d5554d1f748aa0761b56cf1cf10a2d0d07cc8cf6e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0
ec9767c979a80af8596c103076fb3ee464ab7e8443db9797f2998670d7e3a6cd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efeb48bf5b3b3945841059770e0e7b6aca8c40a4b08020463ec35c961d836893
f0778dcb46432638d72af9f5a1d0db613d08210fed7fea54934c2ca7b931df14
f6808434419f83623f958ce08a36f7d5abc4f478f8a44af1143681b812c517ca
f6871d2156f1eecc6fd1eda0613ef2e6c8b59ea881ff32f7d300f163a9f77a71