srv.twoimzdaniem.com Open in urlscan Pro
54.171.219.193 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s.mail-source.pl/k/106217/9mwo/6f6214fd26692/d
Effective URL:
http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firs...
Submission: On September 29 via api (September 29th 2020, 4:55:59 pm UTC) from US

Summary HTTP 35 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 15 domains to perform 35 HTTP transactions. The main IP is 54.171.219.193, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is srv.twoimzdaniem.com.

This is the only time srv.twoimzdaniem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	89.25.206.18 89.25.206.18	31242 (TKPSA-AS) (TKPSA-AS)
1 2	78.46.165.145 78.46.165.145	24940 (HETZNER-AS) (HETZNER-AS)
1 1	79.137.71.12 79.137.71.12	16276 (OVH) (OVH)
1 14	54.171.219.193 54.171.219.193	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE)
5	52.218.30.59 52.218.30.59	16509 (AMAZON-02) (AMAZON-02)
35	16

2 89.25.206.18 (Poland) 1 redirects

ASN31242 (TKPSA-AS, PL)
PTR: system.inis.pl

s.mail-source.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.165.145 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.145.165.46.78.clients.your-server.de

app.revhunter.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.137.71.12 (Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: rt.inistrack.net

rt.inistrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 54.171.219.193 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-219-193.eu-west-1.compute.amazonaws.com

srv.lamarsau5.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
srv.twoimzdaniem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.natexo-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.218.30.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	twoimzdaniem.com srv.twoimzdaniem.com	28 KB
5	amazonaws.com s3-eu-west-1.amazonaws.com	50 KB
3	gstatic.com fonts.gstatic.com	32 KB
3	natexo-programmatic.com d.natexo-programmatic.com	155 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	35 KB
2	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	googletagmanager.com www.googletagmanager.com	61 KB
2	revhunter.tech 1 redirects app.revhunter.tech	566 B
2	mail-source.pl 1 redirects s.mail-source.pl	2 KB
1	google.de www.google.de	153 B
1	google.com www.google.com	137 B
1	googleadservices.com www.googleadservices.com	12 KB
1	lamarsau5.eu 1 redirects srv.lamarsau5.eu	597 B
1	inistrack.net 1 redirects rt.inistrack.net	605 B
35	15

	Domain	Requested by
10	srv.twoimzdaniem.com	s.mail-source.pl srv.twoimzdaniem.com
5	s3-eu-west-1.amazonaws.com
3	fonts.gstatic.com	fonts.googleapis.com
3	d.natexo-programmatic.com	srv.twoimzdaniem.com d.natexo-programmatic.com
2	www.google-analytics.com	srv.twoimzdaniem.com www.google-analytics.com
2	www.googletagmanager.com	srv.twoimzdaniem.com
2	fonts.googleapis.com	srv.twoimzdaniem.com
2	app.revhunter.tech	1 redirects s.mail-source.pl
2	s.mail-source.pl	1 redirects
1	www.google.de	srv.twoimzdaniem.com
1	www.google.com	srv.twoimzdaniem.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	ajax.googleapis.com	srv.twoimzdaniem.com
1	srv.lamarsau5.eu	1 redirects
1	rt.inistrack.net	1 redirects
35	17

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
s.mail-source.pl Let's Encrypt Authority X3	`2020-09-01` - `2020-11-30`	3 months	crt.sh
app.revhunter.tech Let's Encrypt Authority X3	`2020-09-10` - `2020-12-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.mafringue.fr Sectigo RSA Domain Validation Secure Server CA	`2020-07-13` - `2021-05-19`	10 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
Frame ID: 9289DC30E5541AD31897803775527F94
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://s.mail-source.pl/k/106217/9mwo/6f6214fd26692/d HTTP 302
https://s.mail-source.pl/krt.php?url=https%3A%2F%2Frt.inistrack.net%2Fd%2Frt.php%3Ft%3Drc%26rra%3D106... Page URL
https://rt.inistrack.net/d/rt.php?t=rc&rra=106217&rrk=6f6214fd26692&md5=d5d66387875f9a23926b8f0cc1934... HTTP 302
http://srv.lamarsau5.eu/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=... HTTP 302
http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Page Statistics

35
Requests

60 %
HTTPS

65 %
IPv6

15
Domains

17
Subdomains

16
IPs

5
Countries

394 kB
Transfer

648 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/TwoimZdaniemcom-704608586312463/

Search URL Search Domain Scan URL

URL: https://twitter.com/AndYourOpinion

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s.mail-source.pl/k/106217/9mwo/6f6214fd26692/d HTTP 302
https://s.mail-source.pl/krt.php?url=https%3A%2F%2Frt.inistrack.net%2Fd%2Frt.php%3Ft%3Drc%26rra%3D106217%26rrk%3D6f6214fd26692%26md5%3Dd5d66387875f9a23926b8f0cc19346eb%26cat%3DKG1%26url%3Dhttp%253A%252F%252Fsrv.lamarsau5.eu%252Fsv_pl_transport_0120_july20%252F%253Forigin%253D7287%2526email%253Dkaroo.93%2540interia.eu%2526lastname%253DRusi%25C5%2582owska%2526firstname%253DKarolina&nc=1601398542 Page URL
https://rt.inistrack.net/d/rt.php?t=rc&rra=106217&rrk=6f6214fd26692&md5=d5d66387875f9a23926b8f0cc19346eb&cat=KG1&url=http%3A%2F%2Fsrv.lamarsau5.eu%2Fsv_pl_transport_0120_july20%2F%3Forigin%3D7287%26email%3Dkaroo.93%40interia.eu%26lastname%3DRusi%C5%82owska%26firstname%3DKarolina HTTP 302
http://srv.lamarsau5.eu/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina HTTP 302
http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://s.mail-source.pl/k/106217/9mwo/6f6214fd26692/d HTTP 302
https://s.mail-source.pl/krt.php?url=https%3A%2F%2Frt.inistrack.net%2Fd%2Frt.php%3Ft%3Drc%26rra%3D106217%26rrk%3D6f6214fd26692%26md5%3Dd5d66387875f9a23926b8f0cc19346eb%26cat%3DKG1%26url%3Dhttp%253A%252F%252Fsrv.lamarsau5.eu%252Fsv_pl_transport_0120_july20%252F%253Forigin%253D7287%2526email%253Dkaroo.93%2540interia.eu%2526lastname%253DRusi%25C5%2582owska%2526firstname%253DKarolina&nc=1601398542

Request Chain 1

https://app.revhunter.tech/match/5db72e8468083/106217_d5d66387875f9a23926b8f0cc19346eb HTTP 302
https://app.revhunter.tech/match/5db72e8468083/106217_d5d66387875f9a23926b8f0cc19346eb?loop=1

Request Chain 17

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

krt.php Show response
s.mail-source.pl/
Redirect Chain

https://s.mail-source.pl/k/106217/9mwo/6f6214fd26692/d
https://s.mail-source.pl/krt.php?url=https%3A%2F%2Frt.inistrack.net%2Fd%2Frt.php%3Ft%3Drc%26rra%3D106217%26rrk%3D6f6214fd26692%26md5%3Dd5d66387875f9a23926b8f0cc19346eb%26cat%3DKG1%26url%3Dhttp%253A...

1 KB
952 B

112ms
41ms

Document
text/html

89.25.206.18
TKPSA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.mail-source.pl/krt.php?url=https%3A%2F%2Frt.inistrack.net%2Fd%2Frt.php%3Ft%3Drc%26rra%3D106217%26rrk%3D6f6214fd26692%26md5%3Dd5d66387875f9a23926b8f0cc19346eb%26cat%3DKG1%26url%3Dhttp%253A%252F%252Fsrv.lamarsau5.eu%252Fsv_pl_transport_0120_july20%252F%253Forigin%253D7287%2526email%253Dkaroo.93%2540interia.eu%2526lastname%253DRusi%25C5%2582owska%2526firstname%253DKarolina&nc=1601398542
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.25.206.18 , Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS: system.inis.pl
Software: Apache/2.4.10 /
Resource Hash: ada618d05e7122891e144b7c9a4aeefa01e32351c1c0c7bce82157f275555b69

Request headers

Host: s.mail-source.pl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: PHPSESSID=1sc07orvlngdv973bdipucf5m9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:55:42 GMT
Server: Apache/2.4.10
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 599
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 29 Sep 2020 16:55:42 GMT
Server: Apache/2.4.10
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Connection: close
Set-Cookie: PHPSESSID=1sc07orvlngdv973bdipucf5m9; path=/ px_5db72e8468083=1601398542; expires=Thu, 01-Oct-2020 16:55:42 GMT; Max-Age=172800
Location: https://s.mail-source.pl/krt.php?url=https%3A%2F%2Frt.inistrack.net%2Fd%2Frt.php%3Ft%3Drc%26rra%3D106217%26rrk%3D6f6214fd26692%26md5%3Dd5d66387875f9a23926b8f0cc19346eb%26cat%3DKG1%26url%3Dhttp%253A%252F%252Fsrv.lamarsau5.eu%252Fsv_pl_transport_0120_july20%252F%253Forigin%253D7287%2526email%253Dkaroo.93%2540interia.eu%2526lastname%253DRusi%25C5%2582owska%2526firstname%253DKarolina&nc=1601398542
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

106217_d5d66387875f9a23926b8f0cc19346eb
app.revhunter.tech/match/5db72e8468083/
Redirect Chain

https://app.revhunter.tech/match/5db72e8468083/106217_d5d66387875f9a23926b8f0cc19346eb
https://app.revhunter.tech/match/5db72e8468083/106217_d5d66387875f9a23926b8f0cc19346eb?loop=1

95 B
286 B

83ms
83ms

Image
image/png

78.46.165.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.revhunter.tech/match/5db72e8468083/106217_d5d66387875f9a23926b8f0cc19346eb?loop=1
Requested by: Host: s.mail-source.pl
URL: https://s.mail-source.pl/krt.php?url=https%3A%2F%2Frt.inistrack.net%2Fd%2Frt.php%3Ft%3Drc%26rra%3D106217%26rrk%3D6f6214fd26692%26md5%3Dd5d66387875f9a23926b8f0cc19346eb%26cat%3DKG1%26url%3Dhttp%253A%252F%252Fsrv.lamarsau5.eu%252Fsv_pl_transport_0120_july20%252F%253Forigin%253D7287%2526email%253Dkaroo.93%2540interia.eu%2526lastname%253DRusi%25C5%2582owska%2526firstname%253DKarolina&nc=1601398542
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.165.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.165.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://s.mail-source.pl/krt.php?url=https%3A%2F%2Frt.inistrack.net%2Fd%2Frt.php%3Ft%3Drc%26rra%3D106217%26rrk%3D6f6214fd26692%26md5%3Dd5d66387875f9a23926b8f0cc19346eb%26cat%3DKG1%26url%3Dhttp%253A%252F%252Fsrv.lamarsau5.eu%252Fsv_pl_transport_0120_july20%252F%253Forigin%253D7287%2526email%253Dkaroo.93%2540interia.eu%2526lastname%253DRusi%25C5%2582owska%2526firstname%253DKarolina&nc=1601398542
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 29 Sep 2020 16:55:42 GMT
cache-control: no-cache, private
server: nginx
content-type: image/png

Redirect headers

status: 302
date: Tue, 29 Sep 2020 16:55:42 GMT
cache-control: no-cache, private
server: nginx
location: /match/5db72e8468083/106217_d5d66387875f9a23926b8f0cc19346eb?loop=1
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
srv.twoimzdaniem.com/sv_pl_transport_0120_july20/
Redirect Chain

https://rt.inistrack.net/d/rt.php?t=rc&rra=106217&rrk=6f6214fd26692&md5=d5d66387875f9a23926b8f0cc19346eb&cat=KG1&url=http%3A%2F%2Fsrv.lamarsau5.eu%2Fsv_pl_transport_0120_july20%2F%3Forigin%3D7287%2...
http://srv.lamarsau5.eu/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina

5 KB
2 KB

233ms
191ms

Document
text/html

54.171.219.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina

Requested by

Host: s.mail-source.pl
URL: https://s.mail-source.pl/krt.php?url=https%3A%2F%2Frt.inistrack.net%2Fd%2Frt.php%3Ft%3Drc%26rra%3D106217%26rrk%3D6f6214fd26692%26md5%3Dd5d66387875f9a23926b8f0cc19346eb%26cat%3DKG1%26url%3Dhttp%253A%252F%252Fsrv.lamarsau5.eu%252Fsv_pl_transport_0120_july20%252F%253Forigin%253D7287%2526email%253Dkaroo.93%2540interia.eu%2526lastname%253DRusi%25C5%2582owska%2526firstname%253DKarolina&nc=1601398542

Protocol

HTTP/1.1

Server

54.171.219.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-219-193.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

91cd5004a81907df0ffc4eff7400106fe2d70327c060349fa6579245e84d19be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Host: srv.twoimzdaniem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://s.mail-source.pl/krt.php?url=https%3A%2F%2Frt.inistrack.net%2Fd%2Frt.php%3Ft%3Drc%26rra%3D106217%26rrk%3D6f6214fd26692%26md5%3Dd5d66387875f9a23926b8f0cc19346eb%26cat%3DKG1%26url%3Dhttp%253A%252F%252Fsrv.lamarsau5.eu%252Fsv_pl_transport_0120_july20%252F%253Forigin%253D7287%2526email%253Dkaroo.93%2540interia.eu%2526lastname%253DRusi%25C5%2582owska%2526firstname%253DKarolina&nc=1601398542

Response headers

Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 29 Sep 2020 16:55:43 GMT
Server: Apache
Set-Cookie: PHPSESSID=7ei6vgsubjv2g1j6td54j32391; path=/; HttpOnly srvNxoTrackip=194.99.105.99; expires=Sat, 30-Oct-2021 03:25:43 GMT; Max-Age=34165800; path=/; httponly
Strict-Transport-Security: max-age=15768000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
transfer-encoding: chunked
Connection: keep-alive

Redirect headers

Cache-Control: no-cache
Content-Type: text/html; charset=UTF-8
Date: Tue, 29 Sep 2020 16:55:43 GMT
Location: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
Server: Apache
Set-Cookie: PHPSESSID=sgsfhc1c0jk6nl8lpg6asnq8f2; path=/; HttpOnly srvNxoTrackip=194.99.105.99; expires=Sat, 30-Oct-2021 03:25:43 GMT; Max-Age=34165800; path=/; httponly
Strict-Transport-Security: max-age=15768000
X-Content-Type-Options: nosniff
Content-Length: 844
Connection: keep-alive

GET
H/1.1 200
OK css
fonts.googleapis.com/ 870 B
881 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Droid+Sans:400,700

Requested by

Host: srv.twoimzdaniem.com
URL: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

18fdd32005b166b31d4db049571e612d6f22e9e9d1edea4b8c10fca2de411e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:55:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Sep 2020 16:55:44 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Tue, 29 Sep 2020 16:55:44 GMT

GET
H/1.1 200
OK 5a15c34.css
srv.twoimzdaniem.com/css/ 27 KB
7 KB 76ms
75ms Stylesheet
text/css 54.171.219.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://srv.twoimzdaniem.com/css/5a15c34.css

Requested by

Host: srv.twoimzdaniem.com
URL: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina

Protocol

HTTP/1.1

Server

54.171.219.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-219-193.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

c5f5f2c4eee3b093164760034210af2dc7ebc3184e2e834326de1f9ce66215d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:55:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Sep 2020 11:09:32 GMT
Server: Apache
ETag: "6b45-5b071d148e19c-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Content-Length: 6362

GET
H/1.1 200
OK ef3a12d.css
srv.twoimzdaniem.com/css/ 5 KB
1 KB 145ms
116ms Stylesheet
text/css 54.171.219.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://srv.twoimzdaniem.com/css/ef3a12d.css

Requested by

Host: srv.twoimzdaniem.com
URL: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina

Protocol

HTTP/1.1

Server

54.171.219.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-219-193.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

f4ff29485271cca760e7e762fa66b46ec317695b9bbc434c036091f17c969ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:55:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Sep 2020 11:09:38 GMT
Server: Apache
ETag: "1334-5b071d1a915ad-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Content-Length: 1158

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-944206798

Requested by

Host: srv.twoimzdaniem.com
URL: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ddacf859719147780429b772099071bafcbf8644f3481fb6606cb23e7b4a0df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 16:55:44 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36413
x-xss-protection: 0
last-modified: Tue, 29 Sep 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Sep 2020 16:55:44 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: srv.twoimzdaniem.com
URL: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 12:41:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Age: 15278
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33576
X-XSS-Protection: 0
Expires: Wed, 29 Sep 2021 12:41:06 GMT

GET
H/1.1 200
OK 8fedad0.js Show response
srv.twoimzdaniem.com/js/ 11 KB
4 KB 148ms
119ms Script
application/javascript 54.171.219.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://srv.twoimzdaniem.com/js/8fedad0.js

Requested by

Host: srv.twoimzdaniem.com
URL: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina

Protocol

HTTP/1.1

Server

54.171.219.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-219-193.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

8bcec3253eec4f4e0faeef2443e628e1466a710ceaa11173b4ac30c777412aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:55:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Sep 2020 11:09:32 GMT
Server: Apache
ETag: "2aef-5b071d148f13c-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Content-Length: 3883

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 64 KB
26 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M94VJMV

Requested by

Host: srv.twoimzdaniem.com
URL: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc619bbeec4f65d4b94d8991f02db39ee0b46031ec600b5cc994079ff3e3a743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 16:55:44 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26079
x-xss-protection: 0
last-modified: Tue, 29 Sep 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Sep 2020 16:55:44 GMT

GET
H/1.1 200
OK LaJs.js Show response
d.natexo-programmatic.com/compiled/ 15 KB
5 KB 320ms
75ms Script
application/javascript 54.171.219.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d.natexo-programmatic.com/compiled/LaJs.js

Requested by

Host: srv.twoimzdaniem.com
URL: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.219.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-219-193.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

61d10559de742d6dcfda857ee121ab1c2353a3306d4152940f683d83c903feae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:55:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Sep 2020 15:47:13 GMT
Server: Apache
ETag: "3d28-5b075b2611ab6-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Content-Length: 4500

GET
H/1.1 200
OK fond-body.jpg
srv.twoimzdaniem.com/bundles/websurveyus/images/common/ 2 KB
2 KB 74ms
73ms Image
image/jpeg 54.171.219.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://srv.twoimzdaniem.com/bundles/websurveyus/images/common/fond-body.jpg

Requested by

Host: srv.twoimzdaniem.com
URL: http://srv.twoimzdaniem.com/css/5a15c34.css

Protocol

HTTP/1.1

Server

54.171.219.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-219-193.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

efaf0a5eda0f475132ae96f46fc9b2e8de2d64b2522398102d414a3d98ff42e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.twoimzdaniem.com/css/5a15c34.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:55:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Sep 2020 11:09:11 GMT
Server: Apache
ETag: "8ac-5b071d004befa"
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2220

GET
H/1.1 200
OK logo_pl_PL.png
srv.twoimzdaniem.com/bundles/websurveyus/images/common/logo/ 4 KB
5 KB 75ms
73ms Image
image/png 54.171.219.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://srv.twoimzdaniem.com/bundles/websurveyus/images/common/logo/logo_pl_PL.png

Requested by

Host: srv.twoimzdaniem.com
URL: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina

Protocol

HTTP/1.1

Server

54.171.219.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-219-193.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

9900a36b46d9dee1be98dc2e55fcdfe84748c21122ce09298bb1e16942ce6b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:55:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Sep 2020 11:09:06 GMT
Server: Apache
ETag: "1163-5b071cfc2a372"
Strict-Transport-Security: max-age=15768000
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4451

GET
H/1.1 200
OK picto-facebook.png
srv.twoimzdaniem.com/bundles/websurveyus/images/common/ 1 KB
1 KB 75ms
73ms Image
image/png 54.171.219.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://srv.twoimzdaniem.com/bundles/websurveyus/images/common/picto-facebook.png

Requested by

Host: srv.twoimzdaniem.com
URL: http://srv.twoimzdaniem.com/css/ef3a12d.css

Protocol

HTTP/1.1

Server

54.171.219.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-219-193.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

c1511f866c82e116dde666eceb08e9e101abf4d27c5d5d514ac8f55ef18c4383

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.twoimzdaniem.com/css/ef3a12d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:55:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Sep 2020 11:09:11 GMT
Server: Apache
ETag: "40a-5b071d004af5a"
Strict-Transport-Security: max-age=15768000
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1034

GET
H/1.1 200
OK picto-twitter.png
srv.twoimzdaniem.com/bundles/websurveyus/images/common/ 1 KB
1 KB 146ms
116ms Image
image/png 54.171.219.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://srv.twoimzdaniem.com/bundles/websurveyus/images/common/picto-twitter.png

Requested by

Host: srv.twoimzdaniem.com
URL: http://srv.twoimzdaniem.com/css/ef3a12d.css

Protocol

HTTP/1.1

Server

54.171.219.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-219-193.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ed2b596808ec6926968060105f20698ca70ded94078fe2255c296f70648aaa8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.twoimzdaniem.com/css/ef3a12d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:55:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Sep 2020 11:09:11 GMT
Server: Apache
ETag: "494-5b071d004befa"
Strict-Transport-Security: max-age=15768000
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1172

GET
H/1.1 200
OK picto-footer.png
srv.twoimzdaniem.com/bundles/websurveyus/images/common/ 2 KB
2 KB 148ms
118ms Image
image/png 54.171.219.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://srv.twoimzdaniem.com/bundles/websurveyus/images/common/picto-footer.png

Requested by

Host: srv.twoimzdaniem.com
URL: http://srv.twoimzdaniem.com/css/5a15c34.css

Protocol

HTTP/1.1

Server

54.171.219.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-219-193.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

35e14f92d44e383930a2a31d8ff3d464ea0dbea9d1e1e0256ba07658b809345a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.twoimzdaniem.com/css/5a15c34.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:55:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Sep 2020 11:09:11 GMT
Server: Apache
ETag: "773-5b071d004befa"
Strict-Transport-Security: max-age=15768000
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1907

GET
H/1.1 200
OK SlGWmQWMvZQIdix7AFxXmMh3eDs1ZyHKpWg.woff2
fonts.gstatic.com/s/droidsans/v12/ 11 KB
12 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1ZyHKpWg.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Droid+Sans:400,700

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd33ffebb82d0e70371aedd27d79a993c98b29fb0d5e3d8c99c376cc9d57414d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://srv.twoimzdaniem.com
Referer: http://fonts.googleapis.com/css?family=Droid+Sans:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 28 Sep 2020 11:18:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Feb 2020 02:52:18 GMT
Server: sffe
Age: 106651
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 11396
X-XSS-Protection: 0
Expires: Tue, 28 Sep 2021 11:18:13 GMT

GET
H/1.1 200
OK SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2
fonts.gstatic.com/s/droidsans/v12/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Droid+Sans:400,700

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://srv.twoimzdaniem.com
Referer: http://fonts.googleapis.com/css?family=Droid+Sans:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 28 Sep 2020 11:16:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Feb 2020 02:00:07 GMT
Server: sffe
Age: 106770
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 11236
X-XSS-Protection: 0
Expires: Tue, 28 Sep 2021 11:16:14 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

45 KB
18 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: srv.twoimzdaniem.com
URL: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 6005
date: Tue, 29 Sep 2020 15:15:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Tue, 29 Sep 2020 17:15:39 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK ico-cross-cookie.png
srv.twoimzdaniem.com/bundles/natexotool/images/ 1 KB
1 KB 145ms
116ms Image
image/png 54.171.219.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://srv.twoimzdaniem.com/bundles/natexotool/images/ico-cross-cookie.png

Requested by

Host: srv.twoimzdaniem.com
URL: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina

Protocol

HTTP/1.1

Server

54.171.219.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-219-193.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

b2cece1c9751fca2d54d1486f6137eaefe17d8c589c165980d17a1aa3fde046e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:55:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Sep 2020 11:09:11 GMT
Server: Apache
ETag: "453-5b071d00422bb"
Strict-Transport-Security: max-age=15768000
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1107

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 168ms
60ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-944206798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 16:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11311
x-xss-protection: 0
server: cafe
etag: 12833363978352728442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Sep 2020 16:55:44 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
70 B 13ms
13ms XHR
text/plain 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1906609934&t=pageview&_s=1&dl=http%3A%2F%2Fsrv.twoimzdaniem.com%2Fsv_pl_transport_0120_july20%2F%3Forigin%3D7287%26email%3Dkaroo.93%40interia.eu%26lastname%3DRusi%25C5%2582owska%26firstname%3DKarolina&ul=en-us&de=UTF-8&dt=%26TwoimZdaniem.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=488498233&gjid=494606051&cid=36981168.1601398544&tid=UA-91752432-1&_gid=1957391499.1601398544&_r=1&_slc=1&cd1=&cd3=PL&z=475859272

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 16:55:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: http://srv.twoimzdaniem.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
87 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-91752432-1&cid=36981168.1601398544&jid=488498233&gjid=494606051&_gid=1957391499.1601398544&_u=YEBAAEAAAAAAAC~&z=698187092

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 29 Sep 2020 16:55:44 GMT
status: 200
content-type: text/plain
access-control-allow-origin: http://srv.twoimzdaniem.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/944206798/ 2 KB
2 KB 37ms
18ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944206798/?random=1601398544418&cv=9&fst=1601398544418&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9g1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fsrv.twoimzdaniem.com%2Fsv_pl_transport_0120_july20%2F%3Forigin%3D7287%26email%3Dkaroo.93%40interia.eu%26lastname%3DRusi%25C5%2582owska%26firstname%3DKarolina&tiba=%26TwoimZdaniem.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e63f0b7944feaa11e498c12ca36f28d7b1704349aa4ea5a988ebed0b98e224a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 16:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1112
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/944206798/ 42 B
137 B 21ms
21ms Image
image/gif 2a00:1450:4001:825::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/944206798/?random=1601398544418&cv=9&fst=1601395200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9g1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fsrv.twoimzdaniem.com%2Fsv_pl_transport_0120_july20%2F%3Forigin%3D7287%26email%3Dkaroo.93%40interia.eu%26lastname%3DRusi%25C5%2582owska%26firstname%3DKarolina&tiba=%26TwoimZdaniem.com&async=1&fmt=3&is_vtc=1&random=1832308495&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: srv.twoimzdaniem.com
URL: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 16:55:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/944206798/ 42 B
153 B 21ms
20ms Image
image/gif 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/944206798/?random=1601398544418&cv=9&fst=1601395200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9g1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fsrv.twoimzdaniem.com%2Fsv_pl_transport_0120_july20%2F%3Forigin%3D7287%26email%3Dkaroo.93%40interia.eu%26lastname%3DRusi%25C5%2582owska%26firstname%3DKarolina&tiba=%26TwoimZdaniem.com&async=1&fmt=3&is_vtc=1&random=1832308495&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: srv.twoimzdaniem.com
URL: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 16:55:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK a Show response
d.natexo-programmatic.com/lad/show/167/1/ 145 KB
146 KB 192ms
192ms Fetch
application/json 54.171.219.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d.natexo-programmatic.com/lad/show/167/1/a?email=

Requested by

Host: d.natexo-programmatic.com
URL: https://d.natexo-programmatic.com/compiled/LaJs.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.219.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-219-193.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

a4a71fcaf679b1a0b188c996ec4d34d9f4f9e5f3d8c4ee04555fcd00350c3c90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:55:44 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=15768000
Content-Type: application/json
Access-Control-Allow-Origin: http://srv.twoimzdaniem.com
Cache-Control: max-age=0, must-revalidate, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
transfer-encoding: chunked

GET
H2 200 css
fonts.googleapis.com/ 8 KB
853 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&display=swap

Requested by

Host: srv.twoimzdaniem.com
URL: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46734e79a75ecb31d7ca802b4165c5b0ccada75a58b130e4cb58c59185ae80c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Sep 2020 16:50:02 GMT
server: ESF
date: Tue, 29 Sep 2020 16:55:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Sep 2020 16:55:44 GMT

GET
H/1.1 200
OK LaJsFormV2d.js Show response
d.natexo-programmatic.com/compiled/ 15 KB
4 KB 79ms
75ms Script
application/javascript 54.171.219.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d.natexo-programmatic.com/compiled/LaJsFormV2d.js

Requested by

Host: d.natexo-programmatic.com
URL: https://d.natexo-programmatic.com/compiled/LaJs.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.219.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-219-193.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

5eb6497cf550adef65ca8969d8227160eead88179f250f2191c2d49061092ad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:55:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Sep 2020 15:47:14 GMT
Server: Apache
ETag: "3a62-5b075b264472d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Content-Length: 3771

GET
H/1.1 200
OK image_native.jpeg
s3-eu-west-1.amazonaws.com/natexo-p-static/NATEXO/LEADGEN/MECHANICAL/MAIN-IMAGES/5667/ 13 KB
13 KB 332ms
111ms Image
image/jpeg 52.218.30.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/natexo-p-static/NATEXO/LEADGEN/MECHANICAL/MAIN-IMAGES/5667/image_native.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.30.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5b3b9490234df1d0ed3bc53a23ab7cb3fa782ae81518ecd850d076a228cfffce

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:55:46 GMT
Last-Modified: Tue, 04 Aug 2020 12:59:45 GMT
Server: AmazonS3
x-amz-request-id: 0V9X8N6V3R2J4K8J
ETag: "e028795cd7d365cdbe141a32bbb9dbea"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 13306
x-amz-id-2: 6XJvsS673+5uNQow0tv+SkVe33SJn1wScUtqxBUfTqDPpafssrRCI3LuOfCqg+EVL9D91vlzzMs=

GET
H/1.1 200
OK image_native.jpeg
s3-eu-west-1.amazonaws.com/natexo-p-static/NATEXO/LEADGEN/MECHANICAL/MAIN-IMAGES/5899/ 8 KB
8 KB 403ms
181ms Image
image/jpeg 52.218.30.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/natexo-p-static/NATEXO/LEADGEN/MECHANICAL/MAIN-IMAGES/5899/image_native.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.30.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b9cdc8c95ba092572d0b53ad42f6ad78618902bce1728ce978259dc2e46dc8d1

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:55:46 GMT
Last-Modified: Mon, 31 Aug 2020 11:24:42 GMT
Server: AmazonS3
x-amz-request-id: 6SAX1Q2M8Z9H2Y7J
ETag: "ae55e0592d298c7ad63b6eb312f53b38"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 8185
x-amz-id-2: sYSZS6JBxydbp0QDPGfnpTxUzfae9hPoUB0tfonC0nI9o7Mnn8SfZkPsJufKALDX4LpMqDLZlYQ=

GET
H/1.1 200
OK image_native.jpeg
s3-eu-west-1.amazonaws.com/natexo-p-static/NATEXO/LEADGEN/MECHANICAL/MAIN-IMAGES/6224/ 7 KB
8 KB 330ms
107ms Image
image/jpeg 52.218.30.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/natexo-p-static/NATEXO/LEADGEN/MECHANICAL/MAIN-IMAGES/6224/image_native.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.30.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9f5f497ed155fab0812bb7ca8cc633ae978ff11d7857ef6f2a56d82e6b0014dc

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:55:46 GMT
Last-Modified: Thu, 17 Sep 2020 11:28:13 GMT
Server: AmazonS3
x-amz-request-id: 3B4CEAF393EDAA0F
ETag: "62c5d8276cc21ae12a4cf421741f7793"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 7525
x-amz-id-2: dmuxcgBLDwtY7uUSx02dbUsgvx/bzJ4jwqpIYF0G8KWDkImAWWo4S8WkYHnBL/uUSXGzsN3LWho=

GET
H/1.1 200
OK image_native.jpeg
s3-eu-west-1.amazonaws.com/natexo-p-static/NATEXO/LEADGEN/MECHANICAL/MAIN-IMAGES/6187/ 8 KB
8 KB 322ms
97ms Image
image/jpeg 52.218.30.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/natexo-p-static/NATEXO/LEADGEN/MECHANICAL/MAIN-IMAGES/6187/image_native.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.30.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9df5863d0e2a1dcb6ebe5580999ca0d38bfa8f484d7ef55558aaaf036e0cb99b

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:55:46 GMT
Last-Modified: Tue, 15 Sep 2020 12:46:48 GMT
Server: AmazonS3
x-amz-request-id: FBA5DE649FFE08A7
ETag: "0472bc7c9c95dba0f22a8b49a4a174ce"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 7903
x-amz-id-2: aPD0K/KRdAHhoPtbIoos3mTMUK4t0WPue1mYA1Ro7hUwBYWkdgwxDrnrASKueajvtJtUzKORjbo=

GET
H/1.1 200
OK image_native.jpeg
s3-eu-west-1.amazonaws.com/natexo-p-static/NATEXO/LEADGEN/MECHANICAL/MAIN-IMAGES/5968/ 12 KB
12 KB 343ms
111ms Image
image/jpeg 52.218.30.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/natexo-p-static/NATEXO/LEADGEN/MECHANICAL/MAIN-IMAGES/5968/image_native.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.30.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 05404941d76c3226da5d30c6ecc9e2ed0eaa3ed5556db60b2d3f2091a0bf70c5

Request headers

Referer: http://srv.twoimzdaniem.com/sv_pl_transport_0120_july20/?origin=7287&email=karoo.93@interia.eu&lastname=Rusi%C5%82owska&firstname=Karolina
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:55:46 GMT
Last-Modified: Thu, 03 Sep 2020 12:36:28 GMT
Server: AmazonS3
x-amz-request-id: 6A2534F0E68241DB
ETag: "05d0b323a87bf34034205c915f80dc01"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 12142
x-amz-id-2: 6TyIud+V5a50eO+B1lNcBLdx5bFmTcROVhL1keoO4nUaztH7jmQ/pCNx3IdBfKZZQV2WWFWv5Os=

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://srv.twoimzdaniem.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 18:23:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 599548
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 22 Sep 2021 18:23:16 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.twoimzdaniem.com/	1970-01-19 12:49:58	Name: _gat Value: 1
.twoimzdaniem.com/	1970-01-19 12:51:24	Name: _gid Value: GA1.2.1957391499.1601398544
.twoimzdaniem.com/	1970-01-20 06:21:10	Name: _ga Value: GA1.2.36981168.1601398544
srv.twoimzdaniem.com/	1970-01-19 22:19:24	Name: srvNxoTrackip Value: 194.99.105.99
srv.twoimzdaniem.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7ei6vgsubjv2g1j6td54j32391

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://d.natexo-programmatic.com/compiled/LaJs.js(Line 1) Message: %cLeadAds%c init padding: 2px; border-top-left-radius: 4px; border-bottom-left-radius: 4px; background-color: #0030ff; color: white; font-weight: bold; border:1px solid #0030ff; padding: 2px; color: black; font-weight: normal; background-color:white; border-top-right-radius: 4px; border-bottom-right-radius: 4px; border:1px solid #0030ff;
console-api	log	URL: https://d.natexo-programmatic.com/compiled/LaJs.js(Line 1) Message: %cLeadAds%c show [popup-popup] i_167 padding: 2px; border-top-left-radius: 4px; border-bottom-left-radius: 4px; background-color: #0030ff; color: white; font-weight: bold; border:1px solid #0030ff; padding: 2px; color: black; font-weight: normal; background-color:white; border-top-right-radius: 4px; border-bottom-right-radius: 4px; border:1px solid #0030ff;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.revhunter.tech
d.natexo-programmatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
rt.inistrack.net
s.mail-source.pl
s3-eu-west-1.amazonaws.com
srv.lamarsau5.eu
srv.twoimzdaniem.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
172.217.16.130
2a00:1450:4001:802::200a
2a00:1450:4001:809::2008
2a00:1450:4001:815::200a
2a00:1450:4001:818::2003
2a00:1450:4001:818::200a
2a00:1450:4001:819::2002
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::2003
2a00:1450:4001:821::200e
2a00:1450:4001:825::2004
2a00:1450:400c:c0c::9c
52.218.30.59
54.171.219.193
78.46.165.145
79.137.71.12
89.25.206.18
05404941d76c3226da5d30c6ecc9e2ed0eaa3ed5556db60b2d3f2091a0bf70c5
0e63f0b7944feaa11e498c12ca36f28d7b1704349aa4ea5a988ebed0b98e224a
18fdd32005b166b31d4db049571e612d6f22e9e9d1edea4b8c10fca2de411e90
35e14f92d44e383930a2a31d8ff3d464ea0dbea9d1e1e0256ba07658b809345a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
46734e79a75ecb31d7ca802b4165c5b0ccada75a58b130e4cb58c59185ae80c5
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5b3b9490234df1d0ed3bc53a23ab7cb3fa782ae81518ecd850d076a228cfffce
5eb6497cf550adef65ca8969d8227160eead88179f250f2191c2d49061092ad1
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
61d10559de742d6dcfda857ee121ab1c2353a3306d4152940f683d83c903feae
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
8bcec3253eec4f4e0faeef2443e628e1466a710ceaa11173b4ac30c777412aaa
91cd5004a81907df0ffc4eff7400106fe2d70327c060349fa6579245e84d19be
9900a36b46d9dee1be98dc2e55fcdfe84748c21122ce09298bb1e16942ce6b05
9df5863d0e2a1dcb6ebe5580999ca0d38bfa8f484d7ef55558aaaf036e0cb99b
9f5f497ed155fab0812bb7ca8cc633ae978ff11d7857ef6f2a56d82e6b0014dc
a4a71fcaf679b1a0b188c996ec4d34d9f4f9e5f3d8c4ee04555fcd00350c3c90
ada618d05e7122891e144b7c9a4aeefa01e32351c1c0c7bce82157f275555b69
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b2cece1c9751fca2d54d1486f6137eaefe17d8c589c165980d17a1aa3fde046e
b9cdc8c95ba092572d0b53ad42f6ad78618902bce1728ce978259dc2e46dc8d1
bd33ffebb82d0e70371aedd27d79a993c98b29fb0d5e3d8c99c376cc9d57414d
c1511f866c82e116dde666eceb08e9e101abf4d27c5d5d514ac8f55ef18c4383
c5f5f2c4eee3b093164760034210af2dc7ebc3184e2e834326de1f9ce66215d0
c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed
dc619bbeec4f65d4b94d8991f02db39ee0b46031ec600b5cc994079ff3e3a743
ddacf859719147780429b772099071bafcbf8644f3481fb6606cb23e7b4a0df8
ed2b596808ec6926968060105f20698ca70ded94078fe2255c296f70648aaa8b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efaf0a5eda0f475132ae96f46fc9b2e8de2d64b2522398102d414a3d98ff42e9
f4ff29485271cca760e7e762fa66b46ec317695b9bbc434c036091f17c969ec0

srv.twoimzdaniem.com Open in urlscan Pro 54.171.219.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

60 %HTTPS

65 %IPv6

15 Domains

17 Subdomains

16 IPs

5 Countries

394 kBTransfer

648 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

srv.twoimzdaniem.com Open in urlscan Pro
54.171.219.193 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

60 %
HTTPS

65 %
IPv6

15
Domains

17
Subdomains

16
IPs

5
Countries

394 kB
Transfer

648 kB
Size

5
Cookies

35 HTTP transactions
0 data transactions