www.lp-pl.esrlive.com Open in urlscan Pro
85.159.210.210 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&pl...
Effective URL:
https://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-968...
Submission: On May 19 via manual (May 19th 2024, 9:57:21 am UTC) from PL — Scanned from PL

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 37 HTTP transactions. The main IP is 85.159.210.210, located in London, United Kingdom and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is www.lp-pl.esrlive.com.
TLS certificate: Issued by R3 on April 19th 2024. Valid for: 3 months.

This is the only time www.lp-pl.esrlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 10	85.159.210.210 85.159.210.210	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	3.161.75.229 3.161.75.229	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.200 142.250.185.200	15169 (GOOGLE) (GOOGLE)
6	52.50.207.62 52.50.207.62	16509 (AMAZON-02) (AMAZON-02)
2	13.107.213.65 13.107.213.65	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	176.58.108.239 176.58.108.239	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 11	195.8.220.236 195.8.220.236	41790 (ASN-TELEA...) (ASN-TELEAUDIO)
1	34.253.248.174 34.253.248.174	16509 (AMAZON-02) (AMAZON-02)
1	216.58.212.138 216.58.212.138	15169 (GOOGLE) (GOOGLE)
2	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
37	11

10 85.159.210.210 (London, United Kingdom) 2 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li714-210.members.linode.com

www.lp-pl.esrlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lp-pl.esrlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.75.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-75-229.fra56.r.cloudfront.net

d1vibqt9pdnk2f.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.50.207.62 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-207-62.eu-west-1.compute.amazonaws.com

notify.eyewitness.evina.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.213.65 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.58.108.239 (London, United Kingdom) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li473-239.members.linode.com

wires.orsedd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 195.8.220.236 (Poland) 1 redirects

ASN41790 (ASN-TELEAUDIO, PL)

epayment.teleaudio.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aoc2-cfm.teleaudio.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
socialsharing.teleaudio.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dcb.teleaudio.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.248.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-248-174.eu-west-1.compute.amazonaws.com

notify.dcbprotect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.138 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f138.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	teleaudio.pl 1 redirects epayment.teleaudio.pl aoc2-cfm.teleaudio.pl socialsharing.teleaudio.pl dcb.teleaudio.pl	1 MB
10	esrlive.com 2 redirects www.lp-pl.esrlive.com lp-pl.esrlive.com	124 KB
6	evina.com notify.eyewitness.evina.com	2 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 743 t.clarity.ms Failed	27 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	137 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	781 B
1	dcbprotect.com notify.dcbprotect.com — Cisco Umbrella Rank: 506920	161 B
1	orsedd.com 1 redirects wires.orsedd.com	501 B
1	cloudfront.net d1vibqt9pdnk2f.cloudfront.net	14 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	75 KB
0	bing.com Failed c.bing.com Failed
37	12

	Domain	Requested by
9	www.lp-pl.esrlive.com	1 redirects www.lp-pl.esrlive.com
6	notify.eyewitness.evina.com	www.lp-pl.esrlive.com
4	aoc2-cfm.teleaudio.pl	www.lp-pl.esrlive.com
3	socialsharing.teleaudio.pl	www.lp-pl.esrlive.com
3	epayment.teleaudio.pl	1 redirects aoc2-cfm.teleaudio.pl
2	fonts.gstatic.com	fonts.googleapis.com
2	www.clarity.ms	www.lp-pl.esrlive.com www.clarity.ms
2	www.googletagmanager.com	www.lp-pl.esrlive.com
1	dcb.teleaudio.pl	www.lp-pl.esrlive.com
1	fonts.googleapis.com	aoc2-cfm.teleaudio.pl
1	notify.dcbprotect.com	www.lp-pl.esrlive.com
1	wires.orsedd.com	1 redirects
1	lp-pl.esrlive.com	1 redirects
1	d1vibqt9pdnk2f.cloudfront.net	www.lp-pl.esrlive.com
1	code.jquery.com	www.lp-pl.esrlive.com
0	t.clarity.ms Failed	www.clarity.ms
0	c.bing.com Failed
37	17

This site contains no links.

Subject Issuer	Validity	Valid
www.lp-pl.esrlive.com R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.eyewitness.evina.com Amazon RSA 2048 M02	`2023-10-17` - `2024-11-13`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.eu-west-1.prd.dcbprotect.com Amazon RSA 2048 M03	`2024-04-02` - `2025-05-01`	a year	crt.sh
*.teleaudio.pl Certum Domain Validation CA SHA2	`2024-02-09` - `2025-02-08`	a year	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25?op=4
Frame ID: 158FE66634575E8286FB9FDEEBCB82F7
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Your website title

Page URL History Show full URLs

https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699... Page URL
https://lp-pl.esrlive.com/pl-pl/order/222843-esr-live?trigger=invite_secondary&clicked=landing_page&so... HTTP 301
https://www.lp-pl.esrlive.com/pl-pl/order/222843-esr-live?trigger=invite_secondary&clicked=landing_page&so... HTTP 302
https://wires.orsedd.com/wires/PlEsrliveWire/invite_secondary?button_text_color=FFFFFF&campaign_id=20... HTTP 302
https://epayment.teleaudio.pl/api2/cfm/direct/start/D7A34B5D-1488-47D7-9683-9826BE69AC25?product=amongus&i... HTTP 302
http://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7... HTTP 307
https://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7... Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

92 %
HTTPS

0 %
IPv6

12
Domains

17
Subdomains

11
IPs

4
Countries

1517 kB
Transfer

2290 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE Page URL
https://lp-pl.esrlive.com/pl-pl/order/222843-esr-live?trigger=invite_secondary&clicked=landing_page&source=www.lp-pl.esrlive.com%2Fpl-pl%2Flanding_pages%2F6000 HTTP 301
https://www.lp-pl.esrlive.com/pl-pl/order/222843-esr-live?trigger=invite_secondary&clicked=landing_page&source=www.lp-pl.esrlive.com%2Fpl-pl%2Flanding_pages%2F6000 HTTP 302
https://wires.orsedd.com/wires/PlEsrliveWire/invite_secondary?button_text_color=FFFFFF&campaign_id=20858814855&consent_at=2024-05-19T09%3A57%3A12Z&content_id=222843&content_type=Orsedd&creative_id=699715031939&locale=pl-PL&publisher_id=fs22.com&referrer=adwords&s2s_tracker=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE&source=www.lp-pl.esrlive.com%2Fpl-pl%2Flanding_pages%2F6000 HTTP 302
https://epayment.teleaudio.pl/api2/cfm/direct/start/D7A34B5D-1488-47D7-9683-9826BE69AC25?product=amongus&id=246669813&redirectUrl=https://wires.orsedd.com/wires/377/resume/282508126?id=@id%26tid=@tid%26msisdn=@msisdn%26dcb_status=@status%26payment_status=@code%26price=@price HTTP 302
http://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25?op=4 HTTP 307
https://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25?op=4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=83F6653626E046F593B8AEC59D47BCDE&RedC=c.clarity.ms&MXFR=08014DECEAAA640D31625968EEAA6A80

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 6000 Show response
www.lp-pl.esrlive.com/pl-pl/landing_pages/ 144 KB
58 KB 321ms
207ms Document
text/html 85.159.210.210
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.159.210.210 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li714-210.members.linode.com

Software

nginx + Phusion Passenger / Phusion Passenger Enterprise

Resource Hash

f35ea8cc24d2808dd37cc3f459635bda4a01368fdbc2bec1af9d076298089424

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	GOFORIT
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: pl-PL,pl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 19 May 2024 09:57:11 GMT
etag: W/"5303daaf698d8b40e7146af195c462d4"
server: nginx + Phusion Passenger
status: 200 OK
strict-transport-security: max-age=0
vary: Accept-Encoding Origin
x-content-type-options: nosniff
x-frame-options: GOFORIT
x-powered-by: Phusion Passenger Enterprise
x-request-id: 3ac769a0-dde8-4948-94a5-6201b41a5caf
x-request-start: t=1716112631.350
x-runtime: 0.152407
x-xss-protection: 1; mode=block

GET
H2 200 stripped-2f4ae1ef4dfaf49fee70b448660605f9.js Show response
www.lp-pl.esrlive.com/assets/ 41 KB
14 KB 52ms
52ms Script
application/javascript 85.159.210.210
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lp-pl.esrlive.com/assets/stripped-2f4ae1ef4dfaf49fee70b448660605f9.js
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.159.210.210 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li714-210.members.linode.com
Software: nginx /
Resource Hash: b2a98e8078f14fa8f02a1acd8eda011cd66c59d8886f909b46cc86ce88bef886

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 09:57:11 GMT
content-encoding: gzip
last-modified: Thu, 06 Dec 2018 00:06:38 GMT
server: nginx
content-type: application/javascript
cache-control: max-age=31536000, public
content-length: 13665
expires: Mon, 19 May 2025 09:57:11 GMT

GET
H2 200 auto_fill-346b0c0042dd449287655ee622727d07.js Show response
www.lp-pl.esrlive.com/assets/ 702 B
1023 B 117ms
116ms Script
application/javascript 85.159.210.210
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lp-pl.esrlive.com/assets/auto_fill-346b0c0042dd449287655ee622727d07.js
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.159.210.210 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li714-210.members.linode.com
Software: nginx + Phusion Passenger / Phusion Passenger Enterprise
Resource Hash: 7357537798a70b98f678bbc66c0708383b188bcd5008405091f5434ff919addb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-runtime: 0.001505
date: Sun, 19 May 2024 09:57:11 GMT
last-modified: Mon, 27 Apr 2020 07:46:00 GMT
server: nginx + Phusion Passenger
x-powered-by: Phusion Passenger Enterprise
vary: Origin
content-type: application/javascript
status: 200 OK
cache-control: max-age=31536000, public
content-length: 702
x-request-id: 60cb97eb-2194-46eb-b31a-9cb4a8e27527
expires: Mon, 19 May 2025 09:57:11 GMT

GET
H2 200 theme_270_1-47fdf2324fde9dc2845d0ad2bc68e6a0.css
www.lp-pl.esrlive.com/assets/themes/ 264 KB
47 KB 54ms
52ms Stylesheet
text/css 85.159.210.210
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lp-pl.esrlive.com/assets/themes/theme_270_1-47fdf2324fde9dc2845d0ad2bc68e6a0.css
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.159.210.210 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li714-210.members.linode.com
Software: nginx /
Resource Hash: 6e04ec8f419ce9ac0709ab44e45e405bd12c796437ad9ae9afd834efc7d50c9e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 09:57:11 GMT
content-encoding: gzip
last-modified: Mon, 25 Dec 2023 07:58:31 GMT
server: nginx
content-type: text/css
cache-control: max-age=31536000, public
content-length: 47650
expires: Mon, 19 May 2025 09:57:11 GMT

GET
H2 200 mraid.js Show response
www.lp-pl.esrlive.com/pl-pl/landing_pages/ 2 B
1 KB 115ms
114ms Script
text/javascript 85.159.210.210
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/mraid.js
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.159.210.210 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li714-210.members.linode.com
Software: nginx + Phusion Passenger / Phusion Passenger Enterprise
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-runtime: 0.001982
date: Sun, 19 May 2024 09:57:11 GMT
content-encoding: gzip
server: nginx + Phusion Passenger
etag: W/"99914b932bd37a50b983c5e7c90ae93b"
x-powered-by: Phusion Passenger Enterprise
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-request-start: t=1716112631.553
x-request-id: db83916d-12b8-4fb2-8a4d-eed9792ca7e3

GET
H2 200 jquery-2.2.4.js Show response
code.jquery.com/ 252 KB
75 KB 422ms
35ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.js
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 09:57:11 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 6321072
x-cache: HIT, HIT
content-length: 76245
x-served-by: cache-lga21969-LGA, cache-fra-eddf8230084-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1716112632.926394,VS0,VE0
etag: W/"28feccc0-3ee0f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 6556, 17421

GET
H/1.1 200
OK t02nm4rscc3dprz7xvrg.png
d1vibqt9pdnk2f.cloudfront.net/image/upload/v1693379961/ 13 KB
14 KB 163ms
50ms Image
image/png 3.161.75.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vibqt9pdnk2f.cloudfront.net/image/upload/v1693379961/t02nm4rscc3dprz7xvrg.png
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.75.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-75-229.fra56.r.cloudfront.net
Software: cloudinary /
Resource Hash: 27602f509ba88e538a6736c269a535fe12afcc2b3a75cc4a67cd57692e52a434

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 02 Feb 2024 10:26:17 GMT
Via: 1.1 ecc31e9f7b98bdd8a55967baa6e36ad8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P10
Age: 9243054
Edge-Cache-Tag: 274707378230141882425770429834785482238,af8f5960630bc0d3075c218f2bd59187
Cache-Tag: 274707378230141882425770429834785482238,af8f5960630bc0d3075c218f2bd59187
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 13364
Surrogate-Key: 274707378230141882425770429834785482238 af8f5960630bc0d3075c218f2bd59187
Last-Modified: Wed, 30 Aug 2023 07:19:23 GMT
Server: cloudinary
Surrogate-Reporting: width=609,height=112,owidth=609,oheight=112,obytes=13364
ETag: "4a460a9aff7aa85354504336fc16293a"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Amz-Cf-Id: EfUiUj4cTj4f6ehodew7dJFyXwPiIv4kwHoztMd46N4p1J1FCSeT4A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
73 KB 494ms
113ms Script
application/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-

Requested by

Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fd3d137d65996ceb72cf3ea8fb2a481c05ce3e487de9f3f52b612680bb3d8496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 09:57:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74347
x-xss-protection: 0
last-modified: Sun, 19 May 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 May 2024 09:57:12 GMT

GET
H2 200 theme_270_1-47fdf2324fde9dc2845d0ad2bc68e6a0.css
www.lp-pl.esrlive.com/assets/themes/ 0
0 0ms
0ms Other
text/css 85.159.210.210
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lp-pl.esrlive.com/assets/themes/theme_270_1-47fdf2324fde9dc2845d0ad2bc68e6a0.css
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.159.210.210 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li714-210.members.linode.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 09:57:11 GMT
content-encoding: gzip
last-modified: Mon, 25 Dec 2023 07:58:31 GMT
server: nginx
content-type: text/css
cache-control: max-age=31536000, public
content-length: 47650
expires: Mon, 19 May 2025 09:57:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 176 KB
64 KB 76ms
65ms Script
application/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MXB2M8K

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

09b2a6cee560da03f8b72f88a1b022a81c87db0dcfb6c2ffd7910a2411a00b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 09:57:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65462
x-xss-protection: 0
last-modified: Sun, 19 May 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 May 2024 09:57:12 GMT

POST
H/1.1 200
OK notify_cjv.php
notify.eyewitness.evina.com/ 0
364 B 328ms
75ms XHR
text/html 52.50.207.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.eyewitness.evina.com/notify_cjv.php?token=A207553534227198324448866808008026668088622462246
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.207.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-207-62.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Sun, 19 May 2024 09:57:12 GMT
Content-Encoding: gzip
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 20

POST
H/1.1 200
OK notify_cjv.php
notify.eyewitness.evina.com/ 0
364 B 382ms
141ms XHR
text/html 52.50.207.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.eyewitness.evina.com/notify_cjv.php?token=A207553534227198324448866808008026668088622462246
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.207.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-207-62.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Sun, 19 May 2024 09:57:12 GMT
Content-Encoding: gzip
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 20

POST
H/1.1 200
OK notify_cjv.php
notify.eyewitness.evina.com/ 0
364 B 312ms
79ms XHR
text/html 52.50.207.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.eyewitness.evina.com/notify_cjv.php?token=A207553534227198324448866808008026668088622462246
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.207.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-207-62.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Sun, 19 May 2024 09:57:12 GMT
Content-Encoding: gzip
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 20

POST
H/1.1 200
OK notify_cjv.php
notify.eyewitness.evina.com/ 0
364 B 292ms
72ms XHR
text/html 52.50.207.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.eyewitness.evina.com/notify_cjv.php?token=A207553534227198324448866808008026668088622462246
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.207.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-207-62.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Sun, 19 May 2024 09:57:12 GMT
Content-Encoding: gzip
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 20

GET
H2 200 gjq70djkm6
www.clarity.ms/tag/ 637 B
1003 B 554ms
131ms Script
application/x-javascript 13.107.213.65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/gjq70djkm6?ref=gtm2
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.213.65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Sun, 19 May 2024 09:57:12 GMT
x-azure-ref: 20240519T095712Z-15584bbf459z2rpw2w35gg37ww00000006xg00000000hyg5
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 637
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2

200

Primary Request d7a34b5d-1488-47d7-9683-9826be69ac25 Show response
www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/
Redirect Chain

https://lp-pl.esrlive.com/pl-pl/order/222843-esr-live?trigger=invite_secondary&clicked=landing_page&source=www.lp-pl.esrlive.com%2Fpl-pl%2Flanding_pages%2F6000
https://www.lp-pl.esrlive.com/pl-pl/order/222843-esr-live?trigger=invite_secondary&clicked=landing_page&source=www.lp-pl.esrlive.com%2Fpl-pl%2Flanding_pages%2F6000
https://wires.orsedd.com/wires/PlEsrliveWire/invite_secondary?button_text_color=FFFFFF&campaign_id=20858814855&consent_at=2024-05-19T09%3A57%3A12Z&content_id=222843&content_type=Orsedd&creative_id=...
https://epayment.teleaudio.pl/api2/cfm/direct/start/D7A34B5D-1488-47D7-9683-9826BE69AC25?product=amongus&id=246669813&redirectUrl=https://wires.orsedd.com/wires/377/resume/282508126?id=@id%26tid=@t...
http://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25?op=4
https://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25?op=4

764 B
968 B

234ms
233ms

Document
text/html

85.159.210.210
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25?op=4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.159.210.210 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li714-210.members.linode.com

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger Enterprise

Resource Hash

2a7c9cc7f80fbe2bfe14ad7001f4f09a79ec9369840c34c98572b98052bd8768

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: pl-PL,pl;q=0.9;q=0.9
Referer: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 764
content-type: text/html; charset=utf-8
date: Sun, 19 May 2024 09:57:13 GMT
server: nginx/1.18.0 (Ubuntu)
status: 200 OK
strict-transport-security: max-age=0
x-powered-by: Phusion Passenger Enterprise
x-request-start: t=1716112633.168

Redirect headers

Location: https://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25?op=4#/cfm/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25
Non-Authoritative-Reason: HttpsUpgrades

POST
H/1.1 200
OK notify_cjv.php
notify.eyewitness.evina.com/ 0
364 B 72ms
72ms XHR
text/html 52.50.207.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.eyewitness.evina.com/notify_cjv.php?token=A207553534227198324448866808008026668088622462246
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.207.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-207-62.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Sun, 19 May 2024 09:57:12 GMT
Content-Encoding: gzip
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 20

POST
H2 200 A207553534227198324448866808008026668088622462246
notify.dcbprotect.com/ 0
161 B 293ms
151ms XHR
text/html 34.253.248.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.dcbprotect.com/A207553534227198324448866808008026668088622462246
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.248.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-248-174.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 19 May 2024 09:57:12 GMT
content-encoding: gzip
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-type: text/html; charset=UTF-8

GET
H2 200 clarity.js
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 82ms
80ms Script
application/javascript 13.107.213.65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gjq70djkm6?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.213.65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 09:57:12 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240519T095712Z-15584bbf459z2rpw2w35gg37ww00000006xg00000000hygt
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 93e6b596-501e-0064-63c2-a6df43000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET

c.gif
c.bing.com/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=83F6653626E046F593B8AEC59D47BCDE&RedC=c.clarity.ms&MXFR=08014DECEAAA640D31625968EEAA6A80

0
0

POST
H/1.1 200
OK notify_cjv.php
notify.eyewitness.evina.com/ 0
364 B 75ms
74ms XHR
text/html 52.50.207.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.eyewitness.evina.com/notify_cjv.php?token=A207553534227198324448866808008026668088622462246
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.207.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-207-62.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Sun, 19 May 2024 09:57:12 GMT
Content-Encoding: gzip
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 20

POST collect
t.clarity.ms/ 0
0

GET
H/1.1 200
OK xlirmxanes
aoc2-cfm.teleaudio.pl/d7a34b5d-1488-47d7-9683-9826be69ac25/ 169 KB
169 KB 159ms
45ms Stylesheet
text/css 195.8.220.236
ASN-TELEAUDIO

General

Check archive.org

Show headers Download Go to

Full URL: https://aoc2-cfm.teleaudio.pl/d7a34b5d-1488-47d7-9683-9826be69ac25/xlirmxanes
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25?op=4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.8.220.236 , Poland, ASN41790 (ASN-TELEAUDIO, PL),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 260214d861fa98cd6038e7c84c717e1df37aeb90541a6551eeffaac8be8d5abe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 09:57:13 GMT
last-modified: Fri, 12 Jan 2024 10:20:40 GMT
Server: nginx/1.18.0 (Ubuntu)
etag: "65a11278-2a3b3"
Content-Type: text/css
Connection: keep-alive
accept-ranges: bytes
Content-Length: 172979

GET
H/1.1 200
OK ipqbezimwb Show response
aoc2-cfm.teleaudio.pl/d7a34b5d-1488-47d7-9683-9826be69ac25/ 1 KB
1 KB 149ms
30ms Script
text/plain 195.8.220.236
ASN-TELEAUDIO

General

Check archive.org

Show headers Download Go to

Full URL: https://aoc2-cfm.teleaudio.pl/d7a34b5d-1488-47d7-9683-9826be69ac25/ipqbezimwb
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25?op=4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.8.220.236 , Poland, ASN41790 (ASN-TELEAUDIO, PL),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3b7856c7c65f6b743f0e4742e7e047e34d000450384ebb2f966fe5796e58bd41

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 09:57:13 GMT
last-modified: Fri, 12 Jan 2024 10:20:40 GMT
Server: nginx/1.18.0 (Ubuntu)
etag: "65a11278-41d"
Content-Type: text/plain
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1053

GET
H/1.1 200
OK elbqtynbce Show response
aoc2-cfm.teleaudio.pl/d7a34b5d-1488-47d7-9683-9826be69ac25/ 125 KB
125 KB 164ms
44ms Script
text/plain 195.8.220.236
ASN-TELEAUDIO

General

Check archive.org

Show headers Download Go to

Full URL: https://aoc2-cfm.teleaudio.pl/d7a34b5d-1488-47d7-9683-9826be69ac25/elbqtynbce
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25?op=4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.8.220.236 , Poland, ASN41790 (ASN-TELEAUDIO, PL),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b1ecd288903242d31d10601892b94e62a705adf3cedb051785886f9940976d29

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 09:57:13 GMT
last-modified: Fri, 12 Jan 2024 10:20:40 GMT
Server: nginx/1.18.0 (Ubuntu)
etag: "65a11278-1f3cb"
Content-Type: text/plain
Connection: keep-alive
accept-ranges: bytes
Content-Length: 127947

GET
H/1.1 200
OK doohzupztr Show response
aoc2-cfm.teleaudio.pl/d7a34b5d-1488-47d7-9683-9826be69ac25/ 543 KB
543 KB 174ms
44ms Script
text/plain 195.8.220.236
ASN-TELEAUDIO

General

Check archive.org

Show headers Download Go to

Full URL: https://aoc2-cfm.teleaudio.pl/d7a34b5d-1488-47d7-9683-9826be69ac25/doohzupztr
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25?op=4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.8.220.236 , Poland, ASN41790 (ASN-TELEAUDIO, PL),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e85990f4373c6d58375198096189d686bcd9ab1daacdd3240461619de1172339

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 09:57:13 GMT
last-modified: Fri, 12 Jan 2024 10:20:40 GMT
Server: nginx/1.18.0 (Ubuntu)
etag: "65a11278-87b56"
Content-Type: text/plain
Connection: keep-alive
accept-ranges: bytes
Content-Length: 555862

GET
H2 200 css
fonts.googleapis.com/ 717 B
781 B 448ms
55ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: aoc2-cfm.teleaudio.pl
URL: https://aoc2-cfm.teleaudio.pl/d7a34b5d-1488-47d7-9683-9826be69ac25/xlirmxanes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f138.1e100.net

Software

ESF /

Resource Hash

77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aoc2-cfm.teleaudio.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 May 2024 09:57:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 May 2024 08:25:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 May 2024 09:57:13 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 434ms
39ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.lp-pl.esrlive.com
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 14:30:01 GMT
x-content-type-options: nosniff
age: 70033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 May 2025 14:30:01 GMT

OPTIONS
H/1.1 204
No Content 2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee
epayment.teleaudio.pl/api2/typeundef_cfm/direct/transaction2/typeundef/ 0
0 85ms
31ms Preflight 195.8.220.236
ASN-TELEAUDIO

General

Check archive.org

Show headers Download Go to

Full URL

https://epayment.teleaudio.pl/api2/typeundef_cfm/direct/transaction2/typeundef/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.8.220.236 , Poland, ASN41790 (ASN-TELEAUDIO, PL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: aoc-net-type,authorization,content-type,tmob-code-ta
Access-Control-Request-Method: GET
Origin: https://www.lp-pl.esrlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 19 May 2024 09:57:14 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Content-Type-Options: nosniff
access-control-allow-headers: aoc-net-type,authorization,content-type,tmob-code-ta
access-control-allow-methods: GET,PUT,OPTIONS,POST,HEAD,DELETE
access-control-allow-origin: *
x-powered-by: ASP.NET

GET
H/1.1 200
OK 2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee Show response
epayment.teleaudio.pl/api2/typeundef_cfm/direct/transaction2/typeundef/ 828 B
1 KB 61ms
61ms XHR
application/json 195.8.220.236
ASN-TELEAUDIO

General

Check archive.org

Show headers Download Go to

Full URL

https://epayment.teleaudio.pl/api2/typeundef_cfm/direct/transaction2/typeundef/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee

Requested by

Host: aoc2-cfm.teleaudio.pl
URL: https://aoc2-cfm.teleaudio.pl/d7a34b5d-1488-47d7-9683-9826be69ac25/elbqtynbce

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.8.220.236 , Poland, ASN41790 (ASN-TELEAUDIO, PL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / ASP.NET

Resource Hash

65b2d9eece34ecd737d1d2223f0f9c3566e3d18dfbe717b56b29385f9c6ad1a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

tmob-code-ta: c1b1e1d1747fe42f7b0cf41d95363deae1d9438691d11c16100ab730dca395cd26cee8eac33d5ef084f16212a5531490e2570e2bc57426fd243b73126628bc22
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
aoc-net-type: typeundef
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: bearer d7a34b5d-1488-47d7-9683-9826be69ac25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://www.lp-pl.esrlive.com/
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 09:57:14 GMT
strict-transport-security: max-age=0
X-Content-Type-Options: nosniff
Server: nginx/1.18.0 (Ubuntu)
x-powered-by: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
access-control-allow-origin: *
Connection: keep-alive

GET
H/1.1 200
OK /
socialsharing.teleaudio.pl/images/dcb2/d7a34b5d-1488-47d7-9683-9826be69ac25/background/ 54 KB
54 KB 149ms
62ms Image
images/jpg 195.8.220.236
ASN-TELEAUDIO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://socialsharing.teleaudio.pl/images/dcb2/d7a34b5d-1488-47d7-9683-9826be69ac25/background/

Requested by

Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25?op=4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.8.220.236 , Poland, ASN41790 (ASN-TELEAUDIO, PL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / ASP.NET

Resource Hash

80ceab7506c6a0b724b346da69fb004db46a324f2033bb6969df069e35167303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 09:57:14 GMT
X-Content-Type-Options: nosniff
X-AspNetMvc-Version: 5.2
Server: nginx/1.18.0 (Ubuntu)
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: images/jpg
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Disposition: attachment; filename=d7a34b5d-1488-47d7-9683-9826be69ac25_background.jpg
Connection: keep-alive
Content-Length: 54954

GET
H/1.1 200
OK ta_logo_mini.png
dcb.teleaudio.pl/assets/ 107 KB
107 KB 192ms
51ms Image
image/png 195.8.220.236
ASN-TELEAUDIO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcb.teleaudio.pl/assets/ta_logo_mini.png
Requested by: Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25?op=4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.8.220.236 , Poland, ASN41790 (ASN-TELEAUDIO, PL),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 899d86431c4271c95c5969cbe3522a68c07a374a7aa4862d5e397f9d6029bfeb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 09:57:14 GMT
Last-Modified: Thu, 28 Mar 2024 18:54:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6605bce0-1abee"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109550

GET
H/1.1 200
OK amongus
socialsharing.teleaudio.pl/images/dcb2/d7a34b5d-1488-47d7-9683-9826be69ac25/background/ 54 KB
54 KB 73ms
59ms Image
images/jpg 195.8.220.236
ASN-TELEAUDIO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://socialsharing.teleaudio.pl/images/dcb2/d7a34b5d-1488-47d7-9683-9826be69ac25/background/amongus

Requested by

Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25?op=4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.8.220.236 , Poland, ASN41790 (ASN-TELEAUDIO, PL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / ASP.NET

Resource Hash

80ceab7506c6a0b724b346da69fb004db46a324f2033bb6969df069e35167303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 09:57:14 GMT
X-Content-Type-Options: nosniff
X-AspNetMvc-Version: 5.2
Server: nginx/1.18.0 (Ubuntu)
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: images/jpg
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Disposition: attachment; filename=d7a34b5d-1488-47d7-9683-9826be69ac25_background_amongus.jpg
Connection: keep-alive
Content-Length: 54954

GET
H/1.1 200
OK amongus
socialsharing.teleaudio.pl/images/dcb2/d7a34b5d-1488-47d7-9683-9826be69ac25/backgroundmain/ 55 KB
55 KB 118ms
72ms Image
images/png 195.8.220.236
ASN-TELEAUDIO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://socialsharing.teleaudio.pl/images/dcb2/d7a34b5d-1488-47d7-9683-9826be69ac25/backgroundmain/amongus

Requested by

Host: www.lp-pl.esrlive.com
URL: https://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25?op=4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.8.220.236 , Poland, ASN41790 (ASN-TELEAUDIO, PL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / ASP.NET

Resource Hash

52ede6a0e0d05bee9dc8f45d46f5253198efac82e3f8f49d171a979ddbccdb92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 09:57:14 GMT
X-Content-Type-Options: nosniff
X-AspNetMvc-Version: 5.2
Server: nginx/1.18.0 (Ubuntu)
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: images/png
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Disposition: attachment; filename=default_backgroundmain.png
Connection: keep-alive
Content-Length: 56210

GET
H2 200 S6uyw4BMUTPHjxAwXjeu.woff2
fonts.gstatic.com/s/lato/v24/ 5 KB
5 KB 310ms
77ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.lp-pl.esrlive.com
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:18:09 GMT
x-content-type-options: nosniff
age: 437945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5472
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:18:09 GMT

GET
H2 200 favicon.ico
www.lp-pl.esrlive.com/ 0
146 B 51ms
51ms Other
image/x-icon 85.159.210.210
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lp-pl.esrlive.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.159.210.210 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li714-210.members.linode.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25?op=4
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 09:57:14 GMT
last-modified: Fri, 17 May 2024 09:16:29 GMT
server: nginx
etag: "6647206d-0"
content-type: image/x-icon
x-request-start: t=1716112634.488
accept-ranges: bytes
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.bing.com
URL: https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=83F6653626E046F593B8AEC59D47BCDE&RedC=c.clarity.ms&MXFR=08014DECEAAA640D31625968EEAA6A80

Domain: t.clarity.ms
URL: https://t.clarity.ms/collect

Domain: t.clarity.ms
URL: https://t.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonp function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__fetch function| __zone_symbol__legacyPatch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched function| IMask object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.lp-pl.esrlive.com/	1970-01-20 21:26:31	Name: _sites_session Value: ZXF5TUJSSzlhVFgxZ3puSzNIOE40aU4vRk8rcE5DbEtMc2p2Q3RrT202WGUxdHpzSmt6RFIzc01Yek9DUWx5VDVObmZNSkRhait3QTd3dmJCQlY4NzVtaWxVbnlYK3puZk9ENUJPVnhZNzhaQlpLMFFFL2FjcWpjbXlaeVNScUwzZDRxNmdjRXV3SzFqcnFWY2xKbmtEV295TktwRzdETTlTaUxPb25CTjlmUTVsOEZxcWYrcklSemxtK1lXRXFic1BQekRkaUVNcnk1eDBVQU9CRmhVVHN6L2NjU0VwMkhIY1RtbmdDUUZSME00MWE0cjZZdEhNNUtkcmNnZnhXUVhaVGNpRFJadTAyZlV3TlF4dE9UNVlrTjdBT3paeXB5Zk1pd1Y2cDYxQWlnZ1NDWHNNSmRzeCtLTkF5N1AwTUsvdjB0cEJmemlmdEhVYVhkS2FkRG1oZ2Z1SWJhSjdOS3loT3Z2eGhEWCs5Sk9UTTMydis1dGtTVWhTVzg1L1V3RWswVXlDZ0l3RlB3cXRDa0h2Y3NmWnB4RWJQcFpYNXcyVGFwb2FPbVVLMkFpUERlNk83U1MvbFdFZlEveVowK3BCVmJMSy9yaVZqOERCTVVIdGVuakJXcE15Mm9FUTl1NGV3TE1LUDBUUlhLOE1MSGdCdHo3UkhLOGNzVGpzdTE4WUtSeTNMU0dIOE5hQXFCWC9kd1F4MEZvZ1I3WmJpWUFwUFZBdkNmR0hBLzFUcTNjU0M0MkpqMDdjRjNtalZWN0JJSFowZVA1TjNUQ05tTUFPRmJxNFBJRy93OVhkY1hQb2xtWkxndUVFWlB6OGFjWXNRWTI4bkRBQWxKUTM5QTZsYjRZWFdSR2JzTjgweTl5eTA2WTJqeU1SOXJ5ODhyUGJBcTZtSVk4LzhZMVFaclNoV2FwZy9YanpvaFZqd05aZFp5T0FlbElhWVBIaVlhclRGV1NsMnZJWGFLeXloQ2xyNm9EcitZM09BYXhDK2VHVjBGTmxuTy9IaCtjdElPSFFhMXZhblJ4NWRWeDRjVFIwN2NnejF2clY2eVlKek5Lbk9BZC85OC9URXAzRHZEaUROMng0cndpZE1OQ3pURy0teDZJZ05kUXJ3by9aZys2WDFoYnBCdz09--b97e08b43068f8de8f3b79382e97c2ef03e0c00c
www.clarity.ms/	1970-01-21 05:27:28	Name: CLID Value: d337b629a59045a287d8dde9f406d17e.20240519.20250519
.esrlive.com/	1970-01-21 05:27:28	Name: _clck Value: djyv4j%7C2%7Cflw%7C0%7C1600
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: T
.clarity.ms/	1970-01-21 06:03:28	Name: MUID Value: 08014DECEAAA640D31625968EEAA6A80

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lp-pl.esrlive.com/pl-pl/landing_pages/6000?ref=adwords&campaign_id=20858814855&creative_id=699715031939&target=&placement=fs22.com&gbraid=0AAAAAqdrgE5AnWLbu42GP2pIdBSOSkXyJ&gclid=EAIaIQobChMIu-bexLmZhgMVIcq7CB3OHw83EAEYASAAEgKlIvD_BwE Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25?op=4#/cfm/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25?op=4#/cfm/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lp-pl.esrlive.com/pl-pl/teleaudio/payment/1716113232/1/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25?op=4#/cfm/2b28a05c-69bd-4f60-8dac-c3eb2ecf67ee/d7a34b5d-1488-47d7-9683-9826be69ac25 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	GOFORIT
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aoc2-cfm.teleaudio.pl
c.bing.com
code.jquery.com
d1vibqt9pdnk2f.cloudfront.net
dcb.teleaudio.pl
epayment.teleaudio.pl
fonts.googleapis.com
fonts.gstatic.com
lp-pl.esrlive.com
notify.dcbprotect.com
notify.eyewitness.evina.com
socialsharing.teleaudio.pl
t.clarity.ms
wires.orsedd.com
www.clarity.ms
www.googletagmanager.com
www.lp-pl.esrlive.com
c.bing.com
t.clarity.ms
13.107.213.65
142.250.185.200
142.250.186.163
151.101.2.137
176.58.108.239
195.8.220.236
216.58.212.138
3.161.75.229
34.253.248.174
52.50.207.62
85.159.210.210
09b2a6cee560da03f8b72f88a1b022a81c87db0dcfb6c2ffd7910a2411a00b5b
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
260214d861fa98cd6038e7c84c717e1df37aeb90541a6551eeffaac8be8d5abe
27602f509ba88e538a6736c269a535fe12afcc2b3a75cc4a67cd57692e52a434
2a7c9cc7f80fbe2bfe14ad7001f4f09a79ec9369840c34c98572b98052bd8768
3b7856c7c65f6b743f0e4742e7e047e34d000450384ebb2f966fe5796e58bd41
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
52ede6a0e0d05bee9dc8f45d46f5253198efac82e3f8f49d171a979ddbccdb92
65b2d9eece34ecd737d1d2223f0f9c3566e3d18dfbe717b56b29385f9c6ad1a7
6e04ec8f419ce9ac0709ab44e45e405bd12c796437ad9ae9afd834efc7d50c9e
7357537798a70b98f678bbc66c0708383b188bcd5008405091f5434ff919addb
77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37
80ceab7506c6a0b724b346da69fb004db46a324f2033bb6969df069e35167303
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2
899d86431c4271c95c5969cbe3522a68c07a374a7aa4862d5e397f9d6029bfeb
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
b1ecd288903242d31d10601892b94e62a705adf3cedb051785886f9940976d29
b2a98e8078f14fa8f02a1acd8eda011cd66c59d8886f909b46cc86ce88bef886
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85990f4373c6d58375198096189d686bcd9ab1daacdd3240461619de1172339
f35ea8cc24d2808dd37cc3f459635bda4a01368fdbc2bec1af9d076298089424
fd3d137d65996ceb72cf3ea8fb2a481c05ce3e487de9f3f52b612680bb3d8496

www.lp-pl.esrlive.com Open in urlscan Pro 85.159.210.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

92 %HTTPS

0 %IPv6

12 Domains

17 Subdomains

11 IPs

4 Countries

1517 kBTransfer

2290 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.lp-pl.esrlive.com Open in urlscan Pro
85.159.210.210 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

92 %
HTTPS

0 %
IPv6

12
Domains

17
Subdomains

11
IPs

4
Countries

1517 kB
Transfer

2290 kB
Size

5
Cookies

37 HTTP transactions
0 data transactions