www.mercedeseqr.com Open in urlscan Pro
82.202.194.13  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.mercedeseqr.com/	318 KB 44 KB	1126ms 135ms	Document text/html	82.202.194.13 SELECTEL
General Check archive.org Show headers Download Go to Full URL http://www.mercedeseqr.com/ Protocol HTTP/1.1 Server 82.202.194.13 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 28f990a66e6f12393e486aab57b6413ed5aa6ce1a9cd58bf7dee7381133597b9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 31 May 2022 10:51:13 GMT Expires 0 Pragma no-cache Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	styles.css www.mercedeseqr.com/lander/sa996-duda/assets/css/	310 KB 47 KB	104ms 56ms	Stylesheet text/css	82.202.194.13 SELECTEL
General Check archive.org Show headers Download Go to Full URL http://www.mercedeseqr.com/lander/sa996-duda/assets/css/styles.css Requested by Host: www.mercedeseqr.com URL: http://www.mercedeseqr.com/ Protocol HTTP/1.1 Server 82.202.194.13 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash bdcf9446252821415d8560fdfe24295bcfe90a1ca67fa99e2e90ab9b4d8c1f50 Request headers accept-language de-DE,de;q=0.9 Referer http://www.mercedeseqr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 31 May 2022 10:51:13 GMT Content-Encoding gzip Last-Modified Tue, 17 May 2022 19:18:05 GMT Server nginx ETag W/"6283f4ed-4d9c8" Transfer-Encoding chunked Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=864000 Connection keep-alive Expires Fri, 10 Jun 2022 10:51:13 GMT
GET H/1.1	200 OK	app.css www.mercedeseqr.com/lander/sa996-duda/assets/css/	4 KB 4 KB	94ms 47ms	Stylesheet text/css	82.202.194.13 SELECTEL
General Check archive.org Show headers Download Go to Full URL http://www.mercedeseqr.com/lander/sa996-duda/assets/css/app.css Requested by Host: www.mercedeseqr.com URL: http://www.mercedeseqr.com/ Protocol HTTP/1.1 Server 82.202.194.13 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 156bc32a0a97c01db7bacef3483ed6da7aac55cfa3207877eecd72f31adc0862 Request headers accept-language de-DE,de;q=0.9 Referer http://www.mercedeseqr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 31 May 2022 10:51:13 GMT Last-Modified Tue, 17 May 2022 19:18:05 GMT Server nginx ETag "6283f4ed-e6d" Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 3693 Expires Fri, 10 Jun 2022 10:51:13 GMT
GET H2	200	m25126235.png bi.im-g.pl/im/5/25126/	4 KB 5 KB	135ms 35ms	Image image/png	80.252.0.134 AGORA
General Check archive.org Show headers Download Go to Show image Full URL https://bi.im-g.pl/im/5/25126/m25126235.png Requested by Host: www.mercedeseqr.com URL: http://www.mercedeseqr.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.252.0.134 Warsaw, Poland, ASN8535 (AGORA, PL), Reverse DNS bi.gazeta.pl Software Apache / Resource Hash 825e7ac9e05aa3f3842fa15e81252ee186605b7a66e22c9afcd8b9383a53c146 Request headers accept-language de-DE,de;q=0.9 Referer http://www.mercedeseqr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 14 May 2022 23:01:07 GMT last-modified Tue, 27 Aug 2019 10:33:02 GMT server Apache content-type image/png cache-control max-age=7776000 accept-ranges bytes content-length 4499 expires Fri, 12 Aug 2022 23:01:07 GMT
GET H/1.1	200 OK	1.jpeg www.mercedeseqr.com/lander/sa996-duda/assets/img/	51 KB 51 KB	71ms 48ms	Image image/jpeg	82.202.194.13 SELECTEL
General Check archive.org Show headers Download Go to Show image Full URL http://www.mercedeseqr.com/lander/sa996-duda/assets/img/1.jpeg Requested by Host: www.mercedeseqr.com URL: http://www.mercedeseqr.com/ Protocol HTTP/1.1 Server 82.202.194.13 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash d40e21e2d3e922f2beebb81e9446ce1e3f0905b22e724573caca542caff25d9c Request headers accept-language de-DE,de;q=0.9 Referer http://www.mercedeseqr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 31 May 2022 10:51:13 GMT Last-Modified Tue, 17 May 2022 19:18:05 GMT Server nginx ETag "6283f4ed-cb8a" Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 52106 Expires Fri, 10 Jun 2022 10:51:13 GMT
GET H/1.1	200 OK	2.jpg www.mercedeseqr.com/lander/sa996-duda/assets/img/	252 KB 252 KB	90ms 48ms	Image image/jpeg	82.202.194.13 SELECTEL
General Check archive.org Show headers Download Go to Show image Full URL http://www.mercedeseqr.com/lander/sa996-duda/assets/img/2.jpg Requested by Host: www.mercedeseqr.com URL: http://www.mercedeseqr.com/ Protocol HTTP/1.1 Server 82.202.194.13 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 67742b391f5a63dbed89546e9be0b4529b127e18c595c96905fe5fe967c99ca6 Request headers accept-language de-DE,de;q=0.9 Referer http://www.mercedeseqr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 31 May 2022 10:51:13 GMT Last-Modified Tue, 17 May 2022 19:18:05 GMT Server nginx ETag "6283f4ed-3ef72" Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 257906 Expires Fri, 10 Jun 2022 10:51:13 GMT
GET H/1.1	200 OK	3.jpg www.mercedeseqr.com/lander/sa996-duda/assets/img/	194 KB 195 KB	94ms 48ms	Image image/jpeg	82.202.194.13 SELECTEL
General Check archive.org Show headers Download Go to Show image Full URL http://www.mercedeseqr.com/lander/sa996-duda/assets/img/3.jpg Requested by Host: www.mercedeseqr.com URL: http://www.mercedeseqr.com/ Protocol HTTP/1.1 Server 82.202.194.13 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 41df872bb90aa6a94390541a32c42e5c9c887a18d03e73ddef4f579b1a856845 Request headers accept-language de-DE,de;q=0.9 Referer http://www.mercedeseqr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 31 May 2022 10:51:13 GMT Last-Modified Tue, 17 May 2022 19:18:05 GMT Server nginx ETag "6283f4ed-309e9" Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 199145 Expires Fri, 10 Jun 2022 10:51:13 GMT
GET H/1.1	404 Not Found	m26203059,2020-WYBORCZA-PL-WHITE.svg tarhandrutstercue.tk/lander/preland-duda-pge-pl/assets/img/	0 0	149ms 96ms	Image text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://tarhandrutstercue.tk/lander/preland-duda-pge-pl/assets/img/m26203059,2020-WYBORCZA-PL-WHITE.svg Requested by Host: www.mercedeseqr.com URL: http://www.mercedeseqr.com/ Protocol HTTP/1.1 Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://www.mercedeseqr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers
GET H/1.1	200 OK	app_store.svg www.mercedeseqr.com/lander/sa996-duda/assets/img/	8 KB 9 KB	93ms 47ms	Image image/svg+xml	82.202.194.13 SELECTEL
General Check archive.org Show headers Download Go to Show image Full URL http://www.mercedeseqr.com/lander/sa996-duda/assets/img/app_store.svg Requested by Host: www.mercedeseqr.com URL: http://www.mercedeseqr.com/ Protocol HTTP/1.1 Server 82.202.194.13 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 8ec459be681c06e086cebef6d30319d6990344776e867545a83748a342a1015c Request headers accept-language de-DE,de;q=0.9 Referer http://www.mercedeseqr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 31 May 2022 10:51:13 GMT Last-Modified Tue, 17 May 2022 19:18:05 GMT Server nginx ETag "6283f4ed-21a1" Content-Type image/svg+xml Access-Control-Allow-Origin * Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 8609 Expires Fri, 10 Jun 2022 10:51:13 GMT
GET H/1.1	200 OK	google_play.svg www.mercedeseqr.com/lander/sa996-duda/assets/img/	5 KB 5 KB	53ms 48ms	Image image/svg+xml	82.202.194.13 SELECTEL
General Check archive.org Show headers Download Go to Show image Full URL http://www.mercedeseqr.com/lander/sa996-duda/assets/img/google_play.svg Requested by Host: www.mercedeseqr.com URL: http://www.mercedeseqr.com/ Protocol HTTP/1.1 Server 82.202.194.13 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 2d35e4ccd7512e02a1f4b4339820cb02f6b1b01176491a348390b1b9a0461ca0 Request headers accept-language de-DE,de;q=0.9 Referer http://www.mercedeseqr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 31 May 2022 10:51:13 GMT Last-Modified Tue, 17 May 2022 19:18:05 GMT Server nginx ETag "6283f4ed-12db" Content-Type image/svg+xml Access-Control-Allow-Origin * Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 4827 Expires Fri, 10 Jun 2022 10:51:13 GMT
GET H2	200	css fonts.googleapis.com/	8 KB 1 KB	41ms 18ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700|Oswald:700&subset=latin,latin-ext Requested by Host: www.mercedeseqr.com URL: http://www.mercedeseqr.com/lander/sa996-duda/assets/css/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f934d7cbf68b26f551ac725a572f8e576f94d9a4219be4e8bb5f92feef74f39c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://www.mercedeseqr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 31 May 2022 10:51:13 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 31 May 2022 10:51:13 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 31 May 2022 10:51:13 GMT
GET H2	200	TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 fonts.gstatic.com/s/oswald/v48/	10 KB 10 KB	41ms 18ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v48/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700|Oswald:700&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://www.mercedeseqr.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Mon, 30 May 2022 16:01:18 GMT x-content-type-options nosniff age 67795 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10172 x-xss-protection 0 last-modified Mon, 09 May 2022 18:36:20 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 30 May 2023 16:01:18 GMT
GET H2	200	ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 fonts.gstatic.com/s/robotocondensed/v25/	15 KB 16 KB	32ms 9ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700|Oswald:700&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://www.mercedeseqr.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 31 May 2022 08:45:21 GMT x-content-type-options nosniff age 7552 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15700 x-xss-protection 0 last-modified Tue, 19 Apr 2022 18:51:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 31 May 2023 08:45:21 GMT
GET H/1.1	200 OK	hinted-subset-Heuristica-Regular.woff2 www.mercedeseqr.com/lander/sa996-duda/wpc/_font/	50 KB 50 KB	49ms 49ms	Font application/octet-stream	82.202.194.13 SELECTEL
General Check archive.org Show headers Download Go to Full URL http://www.mercedeseqr.com/lander/sa996-duda/wpc/_font/hinted-subset-Heuristica-Regular.woff2 Requested by Host: www.mercedeseqr.com URL: http://www.mercedeseqr.com/lander/sa996-duda/assets/css/styles.css Protocol HTTP/1.1 Server 82.202.194.13 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 3d000bdd688d6d77e36ad8e00ede36915c1a96d8b54283c658b1a44dd4aca63a Request headers Referer http://www.mercedeseqr.com/lander/sa996-duda/assets/css/styles.css Origin http://www.mercedeseqr.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 31 May 2022 10:51:13 GMT Last-Modified Tue, 17 May 2022 19:18:05 GMT Server nginx ETag "6283f4ed-c82c" Content-Type application/octet-stream Access-Control-Allow-Origin * Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 51244 Expires Fri, 10 Jun 2022 10:51:13 GMT
GET H2	200	ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 fonts.gstatic.com/s/robotocondensed/v25/	15 KB 15 KB	38ms 16ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700|Oswald:700&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://www.mercedeseqr.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 24 May 2022 22:33:24 GMT x-content-type-options nosniff age 562669 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15528 x-xss-protection 0 last-modified Tue, 19 Apr 2022 18:53:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 May 2023 22:33:24 GMT
GET H/1.1	200 OK	hinted-subset-Heuristica-Bold.woff2 www.mercedeseqr.com/lander/sa996-duda/wpc/_font/	51 KB 51 KB	48ms 48ms	Font application/octet-stream	82.202.194.13 SELECTEL
General Check archive.org Show headers Download Go to Full URL http://www.mercedeseqr.com/lander/sa996-duda/wpc/_font/hinted-subset-Heuristica-Bold.woff2 Requested by Host: www.mercedeseqr.com URL: http://www.mercedeseqr.com/lander/sa996-duda/assets/css/styles.css Protocol HTTP/1.1 Server 82.202.194.13 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 84cd4347667147630fe9e5f22e20aae0a66c119f14037852836fb73cb266ee7b Request headers Referer http://www.mercedeseqr.com/lander/sa996-duda/assets/css/styles.css Origin http://www.mercedeseqr.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 31 May 2022 10:51:13 GMT Last-Modified Tue, 17 May 2022 19:18:05 GMT Server nginx ETag "6283f4ed-cb18" Content-Type application/octet-stream Access-Control-Allow-Origin * Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 51992 Expires Fri, 10 Jun 2022 10:51:13 GMT
GET H2	200	TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUhiZTaR.woff2 fonts.gstatic.com/s/oswald/v48/	8 KB 8 KB	21ms 11ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v48/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUhiZTaR.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700|Oswald:700&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5500a0b8fe7dac5491317e13d1602c805e37a4c5c4d0ff49f73897e541df398 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://www.mercedeseqr.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Mon, 30 May 2022 13:08:20 GMT x-content-type-options nosniff age 78173 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8484 x-xss-protection 0 last-modified Mon, 09 May 2022 18:34:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 30 May 2023 13:08:20 GMT
GET H2	200	ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCoYb8td.woff2 fonts.gstatic.com/s/robotocondensed/v25/	11 KB 12 KB	9ms 8ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCoYb8td.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700|Oswald:700&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a4f58434b93fbf37fcc36c1c167d30a4b1dc1f5fe8fc8f74796cab974aabd65 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://www.mercedeseqr.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 24 May 2022 23:17:37 GMT x-content-type-options nosniff age 560016 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11736 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:06:20 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 May 2023 23:17:37 GMT
GET H2	200	ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2 fonts.gstatic.com/s/robotocondensed/v25/	12 KB 12 KB	10ms 10ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700|Oswald:700&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 30fa70635379ae1b58491bc41572760c1f3c8445265436a5fec4c36a197e4121 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://www.mercedeseqr.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 31 May 2022 08:45:49 GMT x-content-type-options nosniff age 7524 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11816 x-xss-protection 0 last-modified Tue, 19 Apr 2022 18:52:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 31 May 2023 08:45:49 GMT

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.mercedeseqr.com/	1970-01-20 04:11:12	Name: _subid Value: 1b8jl2j2jcb0
			www.mercedeseqr.com/	1970-02-08 06:54:34	Name: d83e0 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjEyNTVcIjoxNjUzOTk0MjczfSxcImNhbXBhaWduc1wiOntcIjQzOFwiOjE2NTM5OTQyNzN9LFwidGltZVwiOjE2NTM5OTQyNzN9In0.IKBnWfcnH3qcTRxvZhrczo7kpZHLvxhvqqEAYCAmLFI
			www.mercedeseqr.com/	1970-01-20 04:11:12	Name: _token Value: uuid_1b8jl2j2jcb0_1b8jl2j2jcb06295f321441d00.85798640

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://tarhandrutstercue.tk/lander/preland-duda-pge-pl/assets/img/m26203059,2020-WYBORCZA-PL-WHITE.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bi.im-g.pl
fonts.googleapis.com
fonts.gstatic.com
tarhandrutstercue.tk
www.mercedeseqr.com
2a00:1450:4001:802::2003
2a00:1450:4001:82a::200a
2a06:98c1:3121::3
80.252.0.134
82.202.194.13
156bc32a0a97c01db7bacef3483ed6da7aac55cfa3207877eecd72f31adc0862
28f990a66e6f12393e486aab57b6413ed5aa6ce1a9cd58bf7dee7381133597b9
2d35e4ccd7512e02a1f4b4339820cb02f6b1b01176491a348390b1b9a0461ca0
30fa70635379ae1b58491bc41572760c1f3c8445265436a5fec4c36a197e4121
3d000bdd688d6d77e36ad8e00ede36915c1a96d8b54283c658b1a44dd4aca63a
41df872bb90aa6a94390541a32c42e5c9c887a18d03e73ddef4f579b1a856845
4a4f58434b93fbf37fcc36c1c167d30a4b1dc1f5fe8fc8f74796cab974aabd65
67742b391f5a63dbed89546e9be0b4529b127e18c595c96905fe5fe967c99ca6
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
825e7ac9e05aa3f3842fa15e81252ee186605b7a66e22c9afcd8b9383a53c146
84cd4347667147630fe9e5f22e20aae0a66c119f14037852836fb73cb266ee7b
8ec459be681c06e086cebef6d30319d6990344776e867545a83748a342a1015c
bdcf9446252821415d8560fdfe24295bcfe90a1ca67fa99e2e90ab9b4d8c1f50
d40e21e2d3e922f2beebb81e9446ce1e3f0905b22e724573caca542caff25d9c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5500a0b8fe7dac5491317e13d1602c805e37a4c5c4d0ff49f73897e541df398
f934d7cbf68b26f551ac725a572f8e576f94d9a4219be4e8bb5f92feef74f39c