urlscan.io logo urlscan.io
SecurityTrails logo

timorek.pl Open in urlscan Pro
212.91.12.120  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://timorek.pl/
Effective URL: https://timorek.pl/
Submission: On January 11 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 27 HTTP transactions. The main IP is 212.91.12.120, located in Poland and belongs to ATMAN-ISP-AS ATM S.A., PL. The main domain is timorek.pl.
TLS certificate: Issued by R3 on November 23rd 2021. Valid for: 3 months.
This is the only time timorek.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    212.91.12.120 (Poland)

ASN15694 (ATMAN-ISP-AS ATM S.A., PL)
PTR: vs6.celerise.com
timorek.pl
3    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
10781192046.privacysandbox.googleadservices.com
2    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    143.204.102.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-102-109.fra50.r.cloudfront.net
api.mapbox.com
Apex Domain
Subdomains		 Transfer
9 timorek.pl
timorek.pl
615 KB
4 mapbox.com
api.mapbox.com — Cisco Umbrella Rank: 2113
219 KB
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 97
10781192046.privacysandbox.googleadservices.com
16 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
161 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6151
612 B
2 google.com
www.google.com — Cisco Umbrella Rank: 8
1 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
2 KB
2 gstatic.com
fonts.gstatic.com
75 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
343 B
27 10
Domain Requested by
9 timorek.pl 1 redirects timorek.pl
4 api.mapbox.com
3 www.googletagmanager.com timorek.pl
www.googletagmanager.com
2 www.google.de timorek.pl
2 www.google.com 1 redirects timorek.pl
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com timorek.pl
1 10781192046.privacysandbox.googleadservices.com timorek.pl
1 www.google-analytics.com www.googletagmanager.com
27 11

This site contains links to these domains. Also see Links.

Domain
leafletjs.com
Subject Issuer Validity Valid
timorek.pl
R3		 2021-11-23 -
2022-02-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.privacysandbox.googleadservices.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
api.mapbox.com
Amazon		 2022-01-06 -
2023-02-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://timorek.pl/
Frame ID: 2D3B491F22F40D3CC493ED2FCF5AC7ED
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Agnieszka Timorek Lemieszczuk

Page URL History Show full URLs

  1. http://timorek.pl/ HTTP 301
    https://timorek.pl/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

27
Requests

96 %
HTTPS

64 %
IPv6

10
Domains

11
Subdomains

11
IPs

3
Countries

1090 kB
Transfer

1412 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://timorek.pl/ HTTP 301
    https://timorek.pl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10781192046/?random=644129052&cv=9&fst=1641909651658&num=1&label=QJaoCO_-nfgCEO7e75Qo&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Ftimorek.pl%2F&tiba=Agnieszka%20Timorek%20Lemieszczuk&auid=992002368.1641909651&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=lI3dYeD3GOW-mLAPksCHuAc&sscte=1&crd=CNPgGw HTTP 302
  • https://www.google.com/pagead/1p-conversion/10781192046/?random=644129052&cv=9&fst=1641909651658&num=1&label=QJaoCO_-nfgCEO7e75Qo&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Ftimorek.pl%2F&tiba=Agnieszka%20Timorek%20Lemieszczuk&auid=992002368.1641909651&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=lI3dYeD3GOW-mLAPksCHuAc&random=1655511502&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/10781192046/?random=644129052&cv=9&fst=1641909651658&num=1&label=QJaoCO_-nfgCEO7e75Qo&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Ftimorek.pl%2F&tiba=Agnieszka%20Timorek%20Lemieszczuk&auid=992002368.1641909651&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=lI3dYeD3GOW-mLAPksCHuAc&random=1655511502&resp=GooglemKTybQhCsO&ipr=y&prhg=0

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
timorek.pl/
Redirect Chain
  • http://timorek.pl/
  • https://timorek.pl/
44 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://timorek.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.12.120 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vs6.celerise.com
Software
nginx/1.20.1 / PHP/7.4.21
Resource Hash
afa3432ec71e83234c36dffcb19d43a3c473693705dea3e334541c305f1dd6df

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.20.1
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.21
cache-control
no-cache, private
date
Tue, 11 Jan 2022 14:00:51 GMT
content-encoding
gzip

Redirect headers

Server
nginx/1.20.1
Date
Tue, 11 Jan 2022 14:00:50 GMT
Content-Type
text/html
Content-Length
169
Connection
keep-alive
Location
https://timorek.pl/
main.min.css
timorek.pl/themes/depcore-theme/assets/css/ 		30 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timorek.pl/themes/depcore-theme/assets/css/main.min.css
Requested by
Host: timorek.pl
URL: https://timorek.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.12.120 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vs6.celerise.com
Software
nginx/1.20.1 /
Resource Hash
cfdaee948d93654f26c0b5b4198e32b9ac895bf9cfd2bf0bc761f1bcda68509b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 14:00:51 GMT
last-modified
Mon, 26 Jul 2021 13:34:57 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"60feba01-797f"
content-length
31103
content-type
text/css
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10781192046
Requested by
Host: timorek.pl
URL: https://timorek.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
44192d69a83c450997d7cdf554f5647a6a79a4ac281ee6f77ab2c2889d5e0678
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 14:00:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39607
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 11 Jan 2022 14:00:52 GMT
timorek.jpg
timorek.pl/themes/depcore-theme/assets/images/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timorek.pl/themes/depcore-theme/assets/images/timorek.jpg
Requested by
Host: timorek.pl
URL: https://timorek.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.12.120 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vs6.celerise.com
Software
nginx/1.20.1 /
Resource Hash
d39a62007dbc670fb5b8a98cb2e6bbc0992753f54b4958c0c283624ab50de365

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 14:00:52 GMT
last-modified
Mon, 26 Jul 2021 10:28:23 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"60fe8e47-cb96"
content-length
52118
content-type
image/jpeg
gabinet.jpg
timorek.pl/themes/depcore-theme/assets/images/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timorek.pl/themes/depcore-theme/assets/images/gabinet.jpg
Requested by
Host: timorek.pl
URL: https://timorek.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.12.120 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vs6.celerise.com
Software
nginx/1.20.1 /
Resource Hash
8a62289b063dfa1ae95379276e45fbd0962e4ad98de4e8c0904e7c234931b958

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 14:00:52 GMT
last-modified
Mon, 26 Jul 2021 10:28:22 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"60fe8e46-14426"
content-length
82982
content-type
image/jpeg
timorek-footer.svg
timorek.pl/themes/depcore-theme/assets/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timorek.pl/themes/depcore-theme/assets/images/timorek-footer.svg
Requested by
Host: timorek.pl
URL: https://timorek.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.12.120 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vs6.celerise.com
Software
nginx/1.20.1 /
Resource Hash
1afde952e8f921090c9d7d52a66fd91067fb7472edc7470f82fc7c01962fc497

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 14:00:52 GMT
last-modified
Mon, 26 Jul 2021 10:28:23 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"60fe8e47-7866"
content-length
30822
content-type
image/svg+xml
main.min.js
timorek.pl/themes/depcore-theme/assets/js/ 		177 KB
177 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timorek.pl/themes/depcore-theme/assets/js/main.min.js
Requested by
Host: timorek.pl
URL: https://timorek.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.12.120 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vs6.celerise.com
Software
nginx/1.20.1 /
Resource Hash
2ad637afbf82f120a6c2a9a1fcf1db4dc657cf811037c7cffb9c0d52b249bb2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 14:00:51 GMT
last-modified
Tue, 05 Oct 2021 07:17:01 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"615bfbed-2c23e"
content-length
180798
content-type
application/javascript
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CEVFZ2VGSC
Requested by
Host: timorek.pl
URL: https://timorek.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
96f3545c95d1f83f5647a010fa6f5a10c0dc3c08b08c5ba9fe4cda0acabd8ccf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 14:00:52 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62259
x-xss-protection
0
expires
Tue, 11 Jan 2022 14:00:52 GMT
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700;800&display=swap
Requested by
Host: timorek.pl
URL: https://timorek.pl/themes/depcore-theme/assets/css/main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd3f93f729909fd4b39390fbd69f6505503d7f9a0fab820907bd88c22f0853ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 13:23:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 11 Jan 2022 14:00:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jan 2022 14:00:52 GMT
css2
fonts.googleapis.com/ 		2 KB
558 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;700&display=swap
Requested by
Host: timorek.pl
URL: https://timorek.pl/themes/depcore-theme/assets/css/main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06bc5664c15a0d10351c361f26ea031196b0541c6082dce29ba43cb7547336ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 12:06:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 11 Jan 2022 14:00:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jan 2022 14:00:52 GMT
hero.jpg
timorek.pl/themes/depcore-theme/assets/images/ 		227 KB
227 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timorek.pl/themes/depcore-theme/assets/images/hero.jpg
Requested by
Host: timorek.pl
URL: https://timorek.pl/themes/depcore-theme/assets/css/main.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.12.120 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vs6.celerise.com
Software
nginx/1.20.1 /
Resource Hash
cc245d0ffe7933a8a12134b9a1687001a3bc84b346e7008de77caf7c2d93a4e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/themes/depcore-theme/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 14:00:52 GMT
last-modified
Mon, 26 Jul 2021 10:28:22 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"60fe8e46-38bc7"
content-length
232391
content-type
image/jpeg
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://timorek.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 00:14:34 GMT
x-content-type-options
nosniff
age
567978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 00:14:34 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v27/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://timorek.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 23:24:32 GMT
x-content-type-options
nosniff
age
570980
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31272
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:45 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 04 Jan 2023 23:24:32 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10781192046
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
944b1c9355595d2ed225c0acc74fee48395ab78fca04def0cf7f9f263da4ea52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 14:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14790
x-xss-protection
0
server
cafe
etag
8033026891549550757
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 11 Jan 2022 14:00:52 GMT
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CEVFZ2VGSC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10781192046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c8cc6af9454a2137af8feb40f4002bc280e1fd9b8c46150de89012a53b5df5e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 14:00:52 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62371
x-xss-protection
0
expires
Tue, 11 Jan 2022 14:00:52 GMT
collect
www.google-analytics.com/g/ 		0
343 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-CEVFZ2VGSC&gtm=2oe150&_p=1069244656&sr=1600x1200&ul=en-us&cid=78695478.1641909652&_s=1&dl=https%3A%2F%2Ftimorek.pl%2F&dt=Agnieszka%20Timorek%20Lemieszczuk&sid=1641909651&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CEVFZ2VGSC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://timorek.pl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 14:00:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://timorek.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10781192046/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10781192046/?random=1641909651655&cv=9&fst=1641909651655&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftimorek.pl%2F&tiba=Agnieszka%20Timorek%20Lemieszczuk&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8e44d72507ff495dfa5c3277eadb92056d5388f5a3177e3c1cfd5ab8020a94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 14:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1030
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/10781192046/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/10781192046/?random=1641909651658&cv=9&fst=1641909651658&num=1&label=QJaoCO_-nfgCEO7e75Qo&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Ftimorek.pl%2F&tiba=Agnieszka%20Timorek%20Lemieszczuk&auid=992002368.1641909651&capi=1&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
7877017856b006b9c137da52eb55678d6562cbe23e6f4a3b37cb101c74f3a5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 14:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1159
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
10781192046.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/10781192046/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://10781192046.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/10781192046/?random=1641909651658&cv=9&fst=1641909651658&num=1&fmt=3&label=QJaoCO_-nfgCEO7e75Qo&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Ftimorek.pl%2F&tiba=Agnieszka%20Timorek%20Lemieszczuk&auid=992002368.1641909651&capi=1&hn=www.googleadservices.com&async=1
Requested by
Host: timorek.pl
URL: https://timorek.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
/
www.google.de/pagead/1p-conversion/10781192046/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10781192046/?random=644129052&cv=9&fst=1641909651658&num=1&label=QJaoCO_-nfgCEO7e75Qo&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=12...
  • https://www.google.com/pagead/1p-conversion/10781192046/?random=644129052&cv=9&fst=1641909651658&num=1&label=QJaoCO_-nfgCEO7e75Qo&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200...
  • https://www.google.de/pagead/1p-conversion/10781192046/?random=644129052&cv=9&fst=1641909651658&num=1&label=QJaoCO_-nfgCEO7e75Qo&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/10781192046/?random=644129052&cv=9&fst=1641909651658&num=1&label=QJaoCO_-nfgCEO7e75Qo&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Ftimorek.pl%2F&tiba=Agnieszka%20Timorek%20Lemieszczuk&auid=992002368.1641909651&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=lI3dYeD3GOW-mLAPksCHuAc&random=1655511502&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: timorek.pl
URL: https://timorek.pl/
Protocol
H3
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 14:00:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jan 2022 14:00:52 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/10781192046/?random=644129052&cv=9&fst=1641909651658&num=1&label=QJaoCO_-nfgCEO7e75Qo&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Ftimorek.pl%2F&tiba=Agnieszka%20Timorek%20Lemieszczuk&auid=992002368.1641909651&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=lI3dYeD3GOW-mLAPksCHuAc&random=1655511502&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10781192046/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10781192046/?random=1641909651655&cv=9&fst=1641909600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftimorek.pl%2F&tiba=Agnieszka%20Timorek%20Lemieszczuk&async=1&fmt=3&is_vtc=1&random=2485389406&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: timorek.pl
URL: https://timorek.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 14:00:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10781192046/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10781192046/?random=1641909651655&cv=9&fst=1641909600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftimorek.pl%2F&tiba=Agnieszka%20Timorek%20Lemieszczuk&async=1&fmt=3&is_vtc=1&random=2485389406&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: timorek.pl
URL: https://timorek.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jan 2022 14:00:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1349@2x
api.mapbox.com/styles/v1/depcore/ckatvqy9g27511iqheosfipz6/tiles/256/12/2286/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.mapbox.com/styles/v1/depcore/ckatvqy9g27511iqheosfipz6/tiles/256/12/2286/1349@2x?access_token=pk.eyJ1IjoiZGVwY29yZSIsImEiOiJjanVqdTFwejMwa2Z5NDNsbGIzdThsZmZ2In0.DPSqM_npGWP11OqKENNUOw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.102.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-102-109.fra50.r.cloudfront.net
Software
/ Express
Resource Hash
a89a8aa99f894c71f91f20ad17331f585f11b20c89f336cd104698d30b6d248c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 11 Jan 2022 14:00:53 GMT
Via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
X-Rate-Limit-Limit
6000
X-Amz-Cf-Pop
FRA50-C1
X-Powered-By
Express
X-Rate-Limit-Interval
60
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=43200,s-maxage=43200
X-Cache
RefreshHit from cloudfront
Access-Control-Allow-Methods
GET
Content-Length
59812
ETag
"5994cf1377f1e788d9cd19593b9d9eb96e7626453129ce3a18f861787258d23c"
X-Amz-Cf-Id
UCkc6GIIrwz6_2zw-GykYdb-zIPM4IhYrVJrHnbc3uEUyWvG-sc9Mw==
Connection
keep-alive
1349@2x
api.mapbox.com/styles/v1/depcore/ckatvqy9g27511iqheosfipz6/tiles/256/12/2287/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.mapbox.com/styles/v1/depcore/ckatvqy9g27511iqheosfipz6/tiles/256/12/2287/1349@2x?access_token=pk.eyJ1IjoiZGVwY29yZSIsImEiOiJjanVqdTFwejMwa2Z5NDNsbGIzdThsZmZ2In0.DPSqM_npGWP11OqKENNUOw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.102.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-102-109.fra50.r.cloudfront.net
Software
/ Express
Resource Hash
5b8eaefe68509bda9608311c988cdb2408f4ca1d6eb90f9fdb87f89a75d49fa8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 11 Jan 2022 14:00:53 GMT
Via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
X-Rate-Limit-Limit
6000
X-Amz-Cf-Pop
FRA50-C1
X-Powered-By
Express
X-Rate-Limit-Interval
60
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=43200,s-maxage=43200
X-Cache
RefreshHit from cloudfront
Access-Control-Allow-Methods
GET
Content-Length
66174
ETag
"c7e03acffa5215c08925e98bb4983cff222f7c88a9a1eaa6cc8eef8a2b9e9057"
X-Amz-Cf-Id
wVWuaTuCe5lrn-Bo-o6NCOdB4LF2Nwh97ayBRUFsdifRCAwqmF1Nyg==
Connection
keep-alive
1350@2x
api.mapbox.com/styles/v1/depcore/ckatvqy9g27511iqheosfipz6/tiles/256/12/2286/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.mapbox.com/styles/v1/depcore/ckatvqy9g27511iqheosfipz6/tiles/256/12/2286/1350@2x?access_token=pk.eyJ1IjoiZGVwY29yZSIsImEiOiJjanVqdTFwejMwa2Z5NDNsbGIzdThsZmZ2In0.DPSqM_npGWP11OqKENNUOw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.102.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-102-109.fra50.r.cloudfront.net
Software
/ Express
Resource Hash
9769db33164d23dcee7f32014a401e35a81224b79d3a998d221e46480f1f2b59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 11 Jan 2022 14:00:53 GMT
Via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
X-Rate-Limit-Limit
6000
X-Amz-Cf-Pop
FRA50-C1
X-Powered-By
Express
X-Rate-Limit-Interval
60
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=43200,s-maxage=43200
X-Cache
RefreshHit from cloudfront
Access-Control-Allow-Methods
GET
Content-Length
45221
ETag
"fe66750beb2faf68c0f074d3949e00f32dbb8e09374b7e7b9003634af51accdb"
X-Amz-Cf-Id
7oNXrx94u_3AbtgmaruuircscRdD9Pwfi292D_bkT-M9MEvbEUWJNA==
Connection
keep-alive
1350@2x
api.mapbox.com/styles/v1/depcore/ckatvqy9g27511iqheosfipz6/tiles/256/12/2287/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.mapbox.com/styles/v1/depcore/ckatvqy9g27511iqheosfipz6/tiles/256/12/2287/1350@2x?access_token=pk.eyJ1IjoiZGVwY29yZSIsImEiOiJjanVqdTFwejMwa2Z5NDNsbGIzdThsZmZ2In0.DPSqM_npGWP11OqKENNUOw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.102.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-102-109.fra50.r.cloudfront.net
Software
/ Express
Resource Hash
be1be1fbfec4fd1d23d10827e2c897b4e2a58440447eef8a3bdd089fc3f00df7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 11 Jan 2022 14:00:53 GMT
Via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
X-Rate-Limit-Limit
6000
X-Amz-Cf-Pop
FRA50-C1
X-Powered-By
Express
X-Rate-Limit-Interval
60
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=43200,s-maxage=43200
X-Cache
RefreshHit from cloudfront
Access-Control-Allow-Methods
GET
Content-Length
50294
ETag
"30d463a4b4e427ad8185bb475a0f498745c56c805f2e2ad79177470e7152065f"
X-Amz-Cf-Id
TxB48GRJt8XELeRLoXyZUKbEE5FZ2BTo_X3MQXkhIG3vmjFmHM6n5Q==
Connection
keep-alive
marker.png
timorek.pl/themes/depcore-theme/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timorek.pl/themes/depcore-theme/assets/images/marker.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.12.120 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vs6.celerise.com
Software
nginx/1.20.1 /
Resource Hash
9dcef88e6865ea4280502a2cc268c39d02fe1c6641ac2d027d426da3a15c50e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://timorek.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 14:00:53 GMT
last-modified
Mon, 26 Jul 2021 10:28:22 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"60fe8e46-6bb"
content-length
1723
content-type
image/png

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange function| gtag object| dataLayer object| L object| google_tag_manager object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| _leaflet_events number| tnsId

5 Cookies

Domain/Path Name / Value
timorek.pl/ Name: october_session
Value: eyJpdiI6InRrT1M0U1R0eTFWeWVucHBXclZTeXc9PSIsInZhbHVlIjoiM1Vmc0k3cjlTWE90YlRBQXNEQWNaWlEraHZRSjlWXC9OYWFHMzZBMVRMaGNET3dhaTc0M1JZd1VtVlNZcFByRlYzQWlNeko5VlU2ZjkxWWVjd2UrRTh3SGlGWURlWVNCd0UxUWVEQ3VZWkwyXC9DdDF0a3dnc3l3dHVCV3FEOHl4cSIsIm1hYyI6ImIxNWM0Y2MzOGJmYThkYzBlODg3ZWE1ZDE0ZDRkN2ZiOGNlMDVkNWVjYjQ2Y2FmYjdkZTE4MDY5ZTY5ZjBiNTgifQ%3D%3D
.timorek.pl/ Name: _gcl_au
Value: 1.1.992002368.1641909651
.timorek.pl/ Name: _ga_CEVFZ2VGSC
Value: GS1.1.1641909651.1.0.1641909651.0
.timorek.pl/ Name: _ga
Value: GA1.1.78695478.1641909652
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10781192046.privacysandbox.googleadservices.com
api.mapbox.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
timorek.pl
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.185.130
142.250.185.98
143.204.102.109
212.91.12.120
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:812::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2008
06bc5664c15a0d10351c361f26ea031196b0541c6082dce29ba43cb7547336ab
1afde952e8f921090c9d7d52a66fd91067fb7472edc7470f82fc7c01962fc497
2ad637afbf82f120a6c2a9a1fcf1db4dc657cf811037c7cffb9c0d52b249bb2f
44192d69a83c450997d7cdf554f5647a6a79a4ac281ee6f77ab2c2889d5e0678
5b8eaefe68509bda9608311c988cdb2408f4ca1d6eb90f9fdb87f89a75d49fa8
7877017856b006b9c137da52eb55678d6562cbe23e6f4a3b37cb101c74f3a5d4
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a62289b063dfa1ae95379276e45fbd0962e4ad98de4e8c0904e7c234931b958
944b1c9355595d2ed225c0acc74fee48395ab78fca04def0cf7f9f263da4ea52
96f3545c95d1f83f5647a010fa6f5a10c0dc3c08b08c5ba9fe4cda0acabd8ccf
9769db33164d23dcee7f32014a401e35a81224b79d3a998d221e46480f1f2b59
9dcef88e6865ea4280502a2cc268c39d02fe1c6641ac2d027d426da3a15c50e3
a89a8aa99f894c71f91f20ad17331f585f11b20c89f336cd104698d30b6d248c
afa3432ec71e83234c36dffcb19d43a3c473693705dea3e334541c305f1dd6df
be1be1fbfec4fd1d23d10827e2c897b4e2a58440447eef8a3bdd089fc3f00df7
c8cc6af9454a2137af8feb40f4002bc280e1fd9b8c46150de89012a53b5df5e3
cc245d0ffe7933a8a12134b9a1687001a3bc84b346e7008de77caf7c2d93a4e0
cfdaee948d93654f26c0b5b4198e32b9ac895bf9cfd2bf0bc761f1bcda68509b
d39a62007dbc670fb5b8a98cb2e6bbc0992753f54b4958c0c283624ab50de365
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8e44d72507ff495dfa5c3277eadb92056d5388f5a3177e3c1cfd5ab8020a94a
fd3f93f729909fd4b39390fbd69f6505503d7f9a0fab820907bd88c22f0853ca