urlscan.io logo urlscan.io
SecurityTrails logo

kuponejro.pl Open in urlscan Pro
104.21.54.134  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://news.send360.pl/appreg/panel/Redirect.aspx?link_id=A7BD7E6A-7C42-43F8-A374-30D6C05DC473&mail_id=048b08dd-b2d2-4f...
Effective URL: https://kuponejro.pl/?utm_source=wld
Submission: On November 30 via api from ES — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 15 domains to perform 44 HTTP transactions. The main IP is 104.21.54.134, located in and belongs to CLOUDFLARENET, US. The main domain is kuponejro.pl.
TLS certificate: Issued by E1 on October 5th 2023. Valid for: 3 months.
This is the only time kuponejro.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 91.230.36.10 29205 (VERCOM)
1 1 188.114.97.3 13335 (CLOUDFLAR...)
1 1 52.210.174.128 16509 (AMAZON-02)
4 104.21.54.134 13335 (CLOUDFLAR...)
2 142.250.186.42 15169 (GOOGLE)
1 142.250.185.104 15169 (GOOGLE)
5 91.185.188.129 57367 (ECO-ATMAN...)
3 104.16.57.101 13335 (CLOUDFLAR...)
6 142.250.185.227 15169 (GOOGLE)
2 2 172.217.18.6 15169 (GOOGLE)
1 1 142.250.184.194 15169 (GOOGLE)
1 172.217.18.98 15169 (GOOGLE)
1 216.239.34.36 15169 (GOOGLE)
4 142.250.185.164 15169 (GOOGLE)
2 18.210.244.201 14618 (AMAZON-AES)
4 142.250.184.195 15169 (GOOGLE)
9 18.165.183.11 16509 (AMAZON-02)
44 13
1    91.230.36.10 (Poland)

ASN29205 (VERCOM, PL)
PTR: p1.redlink.pl
news.send360.pl
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
34.eftrack.pl
1    52.210.174.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-174-128.eu-west-1.compute.amazonaws.com
welovedata.go2cloud.org
4    104.21.54.134 (None, )

ASN13335 (CLOUDFLARENET, US)
kuponejro.pl
2    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com
1    142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net
www.googletagmanager.com
5    91.185.188.129 (Poland)

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: ip-129.net-91-185-188-0.eco.atman.pl
trafficscanner.pl
3    104.16.57.101 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
cloudflareinsights.com
6    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com
2    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net
ad.doubleclick.net
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
adservice.google.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
adservice.google.pl
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net
www.google.com
2    18.210.244.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-244-201.compute-1.amazonaws.com
api.airtable.com
4    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
www.gstatic.com
9    18.165.183.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-11.zrh55.r.cloudfront.net
hst.tradedoubler.com
Apex Domain
Subdomains		 Transfer
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
504 KB
9 tradedoubler.com
hst.tradedoubler.com — Cisco Umbrella Rank: 197844
93 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 93
www.google.com — Cisco Umbrella Rank: 2
56 KB
5 trafficscanner.pl
trafficscanner.pl — Cisco Umbrella Rank: 257049
24 KB
4 kuponejro.pl
kuponejro.pl
84 KB
3 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 864
cloudflareinsights.com — Cisco Umbrella Rank: 842
7 KB
2 airtable.com
api.airtable.com — Cisco Umbrella Rank: 133695
7 KB
2 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 139
971 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
252 B
1 google.pl
adservice.google.pl — Cisco Umbrella Rank: 43275
476 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
91 KB
1 go2cloud.org
welovedata.go2cloud.org
2 KB
1 eftrack.pl
34.eftrack.pl
642 B
1 send360.pl
news.send360.pl
487 B
44 15
Domain Requested by
9 hst.tradedoubler.com kuponejro.pl
6 fonts.gstatic.com fonts.googleapis.com
www.google.com
5 trafficscanner.pl kuponejro.pl
trafficscanner.pl
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com trafficscanner.pl
www.gstatic.com
www.google.com
4 kuponejro.pl kuponejro.pl
2 cloudflareinsights.com static.cloudflareinsights.com
2 api.airtable.com kuponejro.pl
2 ad.doubleclick.net 2 redirects
2 fonts.googleapis.com kuponejro.pl
client
1 region1.google-analytics.com www.googletagmanager.com
1 adservice.google.pl kuponejro.pl
1 adservice.google.com 1 redirects
1 static.cloudflareinsights.com kuponejro.pl
1 www.googletagmanager.com kuponejro.pl
1 welovedata.go2cloud.org 1 redirects
1 34.eftrack.pl 1 redirects
1 news.send360.pl 1 redirects
44 18

This site contains links to these domains. Also see Links.

Domain
clk.tradedoubler.com
Subject Issuer Validity Valid
kuponejro.pl
E1		 2023-10-05 -
2024-01-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
trafficscanner.pl
R3		 2023-10-17 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
api.airtable.com
Amazon RSA 2048 M02		 2023-03-25 -
2024-04-22		 a year crt.sh
*.tradedoubler.com
Amazon RSA 2048 M02		 2023-11-14 -
2024-12-12		 a year crt.sh

This page contains 2 frames:

Primary Page: https://kuponejro.pl/?utm_source=wld
Frame ID: 906BF37B79E8596D115E47B086CB5512
Requests: 33 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-PAopAAAAACeYoRqVUWo_vvJ3ATlNS4OCdKe_&co=aHR0cHM6Ly9rdXBvbmVqcm8ucGw6NDQz&hl=pl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=9n0bl173isj8
Frame ID: 78AA8534B261E5F6DFB97B5398469369
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Twoje centrum kuponów online

Page URL History Show full URLs

  1. https://news.send360.pl/appreg/panel/Redirect.aspx?link_id=A7BD7E6A-7C42-43F8-A374-30D6C05DC473&mail... HTTP 302
    https://34.eftrack.pl/aff_c?offer_id=9102&aff_id=1&aff_sub=rl&aff_sub4=fe0b85d60b345b3ce9ce118a0df... HTTP 302
    https://welovedata.go2cloud.org/aff_c?offer_id=9102&aff_id=1&aff_sub=rl&aff_sub4=fe0b85d60b345b3ce9ce118a0df... HTTP 302
    https://kuponejro.pl/?utm_source=wld Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

44
Requests

93 %
HTTPS

0 %
IPv6

15
Domains

18
Subdomains

13
IPs

5
Countries

868 kB
Transfer

2012 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://news.send360.pl/appreg/panel/Redirect.aspx?link_id=A7BD7E6A-7C42-43F8-A374-30D6C05DC473&mail_id=048b08dd-b2d2-4f37-9ccf-0c9df30c4c03&d=4A8BB913-F931-4FD5-B3EF-23120FF9A2A4&cntct_id=ADcVfhdwXVwMel5Ham5ARkJ4FG9Bd0poAA1AKAhHPSURSkZ%2f&p1=FRNFExsiD0M2WG1Va1ocUy56ZXYtclkNDmkSbWx1YAI%2bfllSHndXcS1BEh8aT3NDAVwNdRcHTRVtJXh0AnQeUhIYAE9jC0QPeXQEbWlJX1EQWCYoKQ5YOGQZVBFoCngPWgoHPn0xGUQ6Yn8fGSJRAAdseX9hEHENYHIGdAhgYBg9UHhQWH4bdG1dYkI%2feHtCV0xMBgg%3d&p2=HSxQfEZTD0FeXRsOckVuUgpifA4OfkxiUjsxJjdQM1wYcglQAWExBEJWdRByWR4MNh0gLEJGUEYzCiQ6OSc2IExNWw03SBheSC5GN14NAgdUQBABNWg3VnR%2fBxZgXSUVDQpbUnRbPkBPC3E5TAVRBydhLzRmE1QBLgMGHRgTaxBAUwpXVQ5h&p3ro=C31sHBU%3d&s=049ea5f273724c445ea4dc34b89865fb31cc6afb&site=aHR0cHMlM2ElMmYlMmYzNC5lZnRyYWNrLnBsJTJmYWZmX2MlM2ZvZmZlcl9pZCUzZDkxMDIlMjZhZmZfaWQlM2QxJTI2YWZmX3N1YiUzZHJsJTI2YWZmX3N1YjQlM2QlMjMlMjNzdHJpbmc1MSUyMyUyMw%3d%3d HTTP 302
    https://34.eftrack.pl/aff_c?offer_id=9102&aff_id=1&aff_sub=rl&aff_sub4=fe0b85d60b345b3ce9ce118a0df0b3fa&p3ro=C31sHBU%3d HTTP 302
    https://welovedata.go2cloud.org/aff_c?offer_id=9102&aff_id=1&aff_sub=rl&aff_sub4=fe0b85d60b345b3ce9ce118a0df0b3fa&p3ro=C31sHBU%3d HTTP 302
    https://kuponejro.pl/?utm_source=wld Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://ad.doubleclick.net/ddm/activity/src=13947022;type=invmedia;cat=wejci0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[SessionID] HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=13947022;dc_pre=CKzezump64IDFXcJogMd9fQG4A;type=invmedia;cat=wejci0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[SessionID] HTTP 302
  • https://adservice.google.com/ddm/fls/p/src=13947022;dc_pre=CKzezump64IDFXcJogMd9fQG4A;type=invmedia;cat=wejci0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[SessionID];~oref=https://kuponejro.pl/ HTTP 302
  • https://adservice.google.pl/ddm/fls/p/src=13947022;dc_pre=CKzezump64IDFXcJogMd9fQG4A;type=invmedia;cat=wejci0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[SessionID];~oref=https://kuponejro.pl/

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kuponejro.pl/
Redirect Chain
  • https://news.send360.pl/appreg/panel/Redirect.aspx?link_id=A7BD7E6A-7C42-43F8-A374-30D6C05DC473&mail_id=048b08dd-b2d2-4f37-9ccf-0c9df30c4c03&d=4A8BB913-F931-4FD5-B3EF-23120FF9A2A4&cntct_id=ADcVfhdw...
  • https://34.eftrack.pl/aff_c?offer_id=9102&aff_id=1&aff_sub=rl&aff_sub4=fe0b85d60b345b3ce9ce118a0df0b3fa&p3ro=C31sHBU%3d
  • https://welovedata.go2cloud.org/aff_c?offer_id=9102&aff_id=1&aff_sub=rl&aff_sub4=fe0b85d60b345b3ce9ce118a0df0b3fa&p3ro=C31sHBU%3d
  • https://kuponejro.pl/?utm_source=wld
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kuponejro.pl/?utm_source=wld
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d54d052eda15f9399c7d31dfaaa15b5ed612cc5a5bb0408eb20b5460215bf496
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
82e1ca39f9d1360f-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 30 Nov 2023 08:41:12 GMT
link
<https://fonts.googleapis.com>; rel="preconnect", <https://fonts.googleapis.com>; rel="preconnect"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JMItiR1idBGmC9wz%2BT6ODybrODhf064J4765L4mZw%2FIV6eKcykK5mP%2FdJYYwxerZoBYEu0sz3ECffiqEyy6iHro8QkLXco76XrqBOAexxl0y6SZZbNpGCE%2FFuYm0GA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
219
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 30 Nov 2023 08:41:11 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://kuponejro.pl?utm_source=wld
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Tracking_id
10267dbe165e9beb266f4dd0385a7a
X-Request-Id
9329591d1758adf917ea48d146b5908e
css2
fonts.googleapis.com/ 		3 KB
951 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Kanit:wght@400;600&display=swap
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/?utm_source=wld
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
2109ee2b3cfcd3c8f9834655a8863949318813ed4dfa4c9713f11f7b2bff7388
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Nov 2023 08:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 08:32:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Nov 2023 08:41:12 GMT
js
www.googletagmanager.com/gtag/ 		273 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QXS5R7F4R5
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/?utm_source=wld
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
db7aec8e7e1542e283e8a2ec59694c04db4c98bbb3f182f89fa50ca52d81eaa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:41:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92784
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 Nov 2023 08:41:12 GMT
main.ff619d6e034cb2868b96.js
kuponejro.pl/ 		303 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kuponejro.pl/main.ff619d6e034cb2868b96.js
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/?utm_source=wld
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7c13988d3f4683bcb6ed472f4b74f88685b60eee16e37f5a90cafc363603c57
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/?utm_source=wld
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1202
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"b50b71847adc2f78525b1510146175d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2xjmy5ULNABvXzKKuqve8JSL6ZNS8W52SyrH5BiaeE30t4Rb%2FD%2BrNIIGh2ZnxWccYIUhdFxRCCeWfaNEWXIXIXpWCVBticHe5nuP34uVtvecS3BYTt0guByqzlhHzk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
82e1ca3d0d79360f-FRA
styles.css
kuponejro.pl/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kuponejro.pl/styles.css
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/?utm_source=wld
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17d87486768dad42dfb919460f6e56dd07c643aa517daee3e70ce742e894c8a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/?utm_source=wld
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1202
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"de0c8589adae3a54b87f53c676a17953"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPwPSlMnYpjGDE8XHs4o8pZjiqeg699JomJXm8jYX%2FOYq0DMFXNNL8EiOENBvTlt7iN1DPrOdT1qHbUNEF9KArV%2FbFDDl0W9QMgCoYt3pI0tgk%2F%2B5gf200HVa442sSk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
82e1ca3aaa82360f-FRA
coupon-logo.svg
kuponejro.pl/images/ 		1 KB
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kuponejro.pl/images/coupon-logo.svg
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/?utm_source=wld
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02def0427bbe9968b814d7847ec3b8f0a030912521cfea64348929558dbd258b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/?utm_source=wld
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1202
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7efc85da4a5680752197523b940428e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AG89iXVARkauHTCPAu6jpRN6nNQP4d39r31tREgN0JkqLVuBJgvSA915iDKwSYGesYvE5%2BPWFnafQjFHmMPUYIA05FIMpWvZQbry%2Fa3XQ3iyERdNwnxmZvFD2c86Izc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
82e1ca3aaa85360f-FRA
koniec.js
trafficscanner.pl/ws2/script/3305/ 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trafficscanner.pl/ws2/script/3305/koniec.js
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/?utm_source=wld
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.185.188.129 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
ip-129.net-91-185-188-0.eco.atman.pl
Software
LiteSpeed /
Resource Hash
293f50345cd82753a8e0595fe21119be4b36f36ee1e730b5b1e72407bd863781

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:41:12 GMT
content-encoding
br
last-modified
Sat, 25 Nov 2023 01:04:53 GMT
server
LiteSpeed
etag
"13095-65614835-236e65578630f4b;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
23127
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
expires
Thu, 07 Dec 2023 08:41:12 GMT
beacon.min.js
static.cloudflareinsights.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/?utm_source=wld
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:41:12 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
82e1ca3f7a64bbfd-FRA
/
trafficscanner.pl/ws2/noscript/ 		43 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trafficscanner.pl/ws2/noscript/?dt=8&cid=3305&vid=17013336724683008&ts=1701333672468
Requested by
Host: trafficscanner.pl
URL: https://trafficscanner.pl/ws2/script/3305/koniec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.185.188.129 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
ip-129.net-91-185-188-0.eco.atman.pl
Software
LiteSpeed / PHP/7.4.28
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 08:41:12 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.4.28
vary
Accept-Encoding
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin
https://kuponejro.pl
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
46
expires
Thu, 19 Nov 1981 08:52:00 GMT
index.php
trafficscanner.pl/ws2/ 		43 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trafficscanner.pl/ws2/index.php?action=noscript&dt=6&cid=3305&vid=17013336724683008&ts=1701333672472
Requested by
Host: trafficscanner.pl
URL: https://trafficscanner.pl/ws2/script/3305/koniec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.185.188.129 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
ip-129.net-91-185-188-0.eco.atman.pl
Software
LiteSpeed / PHP/7.4.28
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 08:41:12 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.4.28
vary
Accept-Encoding
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin
https://kuponejro.pl
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
46
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
expires
Thu, 19 Nov 1981 08:52:00 GMT
nKKZ-Go6G5tXcraVGwA.woff2
fonts.gstatic.com/s/kanit/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kuponejro.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 08:42:41 GMT
x-content-type-options
nosniff
age
431911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19388
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:53:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 08:42:41 GMT
nKKU-Go6G5tXcr5KPxWnVaE.woff2
fonts.gstatic.com/s/kanit/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr5KPxWnVaE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
7196c3002f08704f9f99de95b6357969a512eaa9a766eee693921dce72927cea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kuponejro.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:27:04 GMT
x-content-type-options
nosniff
age
551648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19572
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:50:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 23:27:04 GMT
nKKZ-Go6G5tXcrabGwCYdA.woff2
fonts.gstatic.com/s/kanit/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcrabGwCYdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
27dc380caf238d7c417fac471ec5902c8cf73e9dccfddcd489e8cd5df0d8a948
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kuponejro.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 20:09:54 GMT
x-content-type-options
nosniff
age
477078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19756
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:53:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 20:09:54 GMT
css
fonts.googleapis.com/ 		2 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Asap:400,700&display=swap&subset=latin-ext
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
5ec14c6b9b760dcf217dc7a5902a5eb2a7ba3b656a3a1ee57ae588f117615266
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Nov 2023 08:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 08:02:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Nov 2023 08:41:12 GMT
a5f99a47-e00d-44f2-8a61-11b0e6e75cd8
https://kuponejro.pl/ 		298 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://kuponejro.pl/a5f99a47-e00d-44f2-8a61-11b0e6e75cd8
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/?utm_source=wld
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bc55a18260ed72a6d41ca978e5d5e5599a83d1bca3639359ad78b6c79ee976f

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
298
Content-Type
f1c9086d-b024-483a-b363-ec0b52ffc7f9
https://kuponejro.pl/ 		225 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://kuponejro.pl/f1c9086d-b024-483a-b363-ec0b52ffc7f9
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/?utm_source=wld
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff8b17871388b8fffa6c1b5a5d486e50a418f44ca618585b6d7f9d075da58ed5

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
225
Content-Type
/
adservice.google.pl/ddm/fls/p/src=13947022;dc_pre=CKzezump64IDFXcJogMd9fQG4A;type=invmedia;cat=wejci0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7...
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=13947022;type=invmedia;cat=wejci0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord...
  • https://ad.doubleclick.net/ddm/activity/src=13947022;dc_pre=CKzezump64IDFXcJogMd9fQG4A;type=invmedia;cat=wejci0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_c...
  • https://adservice.google.com/ddm/fls/p/src=13947022;dc_pre=CKzezump64IDFXcJogMd9fQG4A;type=invmedia;cat=wejci0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_co...
  • https://adservice.google.pl/ddm/fls/p/src=13947022;dc_pre=CKzezump64IDFXcJogMd9fQG4A;type=invmedia;cat=wejci0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_con...
42 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.pl/ddm/fls/p/src=13947022;dc_pre=CKzezump64IDFXcJogMd9fQG4A;type=invmedia;cat=wejci0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[SessionID];~oref=https://kuponejro.pl/
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/?utm_source=wld
Protocol
H2
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 08:41:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Nov 2023 08:41:13 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://adservice.google.pl/ddm/fls/p/src=13947022;dc_pre=CKzezump64IDFXcJogMd9fQG4A;type=invmedia;cat=wejci0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[SessionID];~oref=https://kuponejro.pl/
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.php
trafficscanner.pl/ws2/ 		0
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trafficscanner.pl/ws2/index.php?action=store_lfp&cid=3305&vid=17013336724683008&hash=e593310719d8f20930504a8e7e83b2ebf34155fc
Requested by
Host: trafficscanner.pl
URL: https://trafficscanner.pl/ws2/script/3305/koniec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.185.188.129 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
ip-129.net-91-185-188-0.eco.atman.pl
Software
LiteSpeed / PHP/7.4.28
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 08:41:12 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.28
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin
https://kuponejro.pl
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
0
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
expires
Thu, 19 Nov 1981 08:52:00 GMT
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QXS5R7F4R5&gtm=45je3b60v9130013625&_p=1701333672467&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2107862453.1701333673&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701333672&sct=1&seg=0&dl=https%3A%2F%2Fkuponejro.pl%2F%3Futm_source%3Dwld&dt=Twoje%20centrum%20kupon%C3%B3w%20online&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2762
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QXS5R7F4R5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 08:41:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kuponejro.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=twdOnloadCallbackRC&render=6Ld-PAopAAAAACeYoRqVUWo_vvJ3ATlNS4OCdKe_
Requested by
Host: trafficscanner.pl
URL: https://trafficscanner.pl/ws2/script/3305/koniec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
f8a0f5a75e12a30e114188b43d40d184255de2d78c4063f57e495f6ea3893a1a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 30 Nov 2023 08:41:13 GMT
Table%201
api.airtable.com/v0/appJxPN9QNsCYmWeR/ 		33 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.airtable.com/v0/appJxPN9QNsCYmWeR/Table%201
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/main.ff619d6e034cb2868b96.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.244.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-244-201.compute-1.amazonaws.com
Software
Tengine /
Resource Hash
e8abb0f6c04c52a65caa47f04dee4fa90e7fe4d68c8f27f7433b6d282b44e3bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://kuponejro.pl/
accept-language
pl-PL,pl;q=0.9
authorization
Bearer patXUo9P2GIhudugE.5ed6a8dd1601fc7b0c036747a1f051ec9238f7d5e39002a80cd3143033612539
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:41:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
Tengine
airtable-datacenter-regions
us-east-1
x-frame-options
DENY
access-control-allow-methods
DELETE,GET,OPTIONS,PATCH,POST,PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
airtable-uncompressed-content-length
33994
access-control-allow-headers
authorization,content-length,content-type,user-agent,x-airtable-application-id,x-airtable-user-agent,x-api-version,x-requested-with
content-length
6552
Table%201
api.airtable.com/v0/appJxPN9QNsCYmWeR/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.airtable.com/v0/appJxPN9QNsCYmWeR/Table%201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.244.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-244-201.compute-1.amazonaws.com
Software
Tengine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://kuponejro.pl
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-length,content-type,user-agent,x-airtable-application-id,x-airtable-user-agent,x-api-version,x-requested-with
access-control-allow-methods
DELETE,GET,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
date
Thu, 30 Nov 2023 08:41:13 GMT
server
Tengine
strict-transport-security
max-age=31536000; includeSubDomains; preload
recaptcha__pl.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 		469 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__pl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=twdOnloadCallbackRC&render=6Ld-PAopAAAAACeYoRqVUWo_vvJ3ATlNS4OCdKe_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
36f4c116756db1f52c8dd899171aeddfd176016a61195ab5ee7b3d5954e9ee10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kuponejro.pl/
Origin
https://kuponejro.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 09:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
516299
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192580
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Nov 2024 09:16:14 GMT
100x75.png
hst.tradedoubler.com/file/249106/nowe_logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hst.tradedoubler.com/file/249106/nowe_logo/100x75.png
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/?utm_source=wld
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-11.zrh55.r.cloudfront.net
Software
Apache /
Resource Hash
8442c7014d6c112f743fb33c0a9c785c3945b138f1672efd1c64cdaa6af20d92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 08:10:33 GMT
Strict-Transport-Security
max-age=31536000
Via
1.1 6678c1810851ff197cbe3fe4c41e86a6.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
ZRH55-P1
Age
1840
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1675
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 07 Nov 2019 09:13:19 GMT
Server
Apache
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
ewZ_GKUc55DZU0uw82wSztrrgkQpHTQ-dMQOaXFrfewDcbTLTJTJAQ==
JamesHawk_logo_blackkk.png
hst.tradedoubler.com/file/336164/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hst.tradedoubler.com/file/336164/JamesHawk_logo_blackkk.png
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/?utm_source=wld
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-11.zrh55.r.cloudfront.net
Software
Apache /
Resource Hash
124de712d8f9c0053001f86e210175f31b6e910d3e587dc3f7a646f4aae30439
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 08:10:33 GMT
Strict-Transport-Security
max-age=31536000
Via
1.1 c7311454ce938e04f3523616a5b033da.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
ZRH55-P1
Age
1840
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2742
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 15 Feb 2023 09:26:14 GMT
Server
Apache
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
SThDZVrGsANG5UvFxJjzmR5NJs9fN9F8VVZ3z9lgu2oJs7CG9-GbeQ==
logo_100x40.jpg
hst.tradedoubler.com/file/237638/logo/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hst.tradedoubler.com/file/237638/logo/logo_100x40.jpg
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/?utm_source=wld
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-11.zrh55.r.cloudfront.net
Software
Apache /
Resource Hash
e5dea6277ffde716161637c1dfe0a77e8df8f7bc0856a4b21c84f494fb20bfde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 12:21:34 GMT
Strict-Transport-Security
max-age=31536000
Via
1.1 a9717fb92179a05f5da85fabc586e750.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
ZRH55-P1
Age
73179
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
3147
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 23 Jul 2013 09:39:24 GMT
Server
Apache
Content-Type
image/jpeg
Accept-Ranges
bytes
X-Amz-Cf-Id
v3t_KFfAZ2QGdcr11XD9LZG5stw8DlXKAR_PjZwR55jQ5n_hO25Qrg==
10075.png
hst.tradedoubler.com/file/284068/logo/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hst.tradedoubler.com/file/284068/logo/10075.png
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/?utm_source=wld
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-11.zrh55.r.cloudfront.net
Software
Apache /
Resource Hash
fa7d544e6cc8c096af3d884a856acdb8282a44902059d02fb144037ba0517a69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 13:23:46 GMT
Strict-Transport-Security
max-age=31536000
Via
1.1 478446fb4d72a1fd99b9a7a5157265f4.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
ZRH55-P1
Age
155847
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
4373
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 17 Oct 2017 09:24:12 GMT
Server
Apache
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
F-p3wNz1cEKYS3KlbIqR1ZfTn4mw93LokjG4IscQnLb6VfAGDono3g==
crf_logo_200.jpg
hst.tradedoubler.com/file/321318/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hst.tradedoubler.com/file/321318/crf_logo_200.jpg
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/?utm_source=wld
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-11.zrh55.r.cloudfront.net
Software
Apache /
Resource Hash
72ce8182e8214115eb902010eddd5c0c77793ced6e7a9b6f88b747a3669660d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 08:10:33 GMT
Strict-Transport-Security
max-age=31536000
Via
1.1 20e88007b6f5218ef5942bc3581c73b8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
ZRH55-P1
Age
1840
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
5371
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 07 Sep 2021 06:54:55 GMT
Server
Apache
Content-Type
image/jpeg
Accept-Ranges
bytes
X-Amz-Cf-Id
sMVJhg7LzIVDNVH-pYHQff7Nx1vpHx2bdQjZAeQmMiHkfRAQUpPAAw==
logo.jpg
hst.tradedoubler.com/file/330299/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hst.tradedoubler.com/file/330299/logo.jpg
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/?utm_source=wld
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-11.zrh55.r.cloudfront.net
Software
Apache /
Resource Hash
f82ef3159f2f75cfb5a00ce6b1d8c178156ed9e27f21791aab24343be683d93d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 13:23:46 GMT
Strict-Transport-Security
max-age=31536000
Via
1.1 d75d7156b5e1833582c3070298720664.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
ZRH55-P1
Age
155847
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
27467
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 10 Jun 2022 11:38:09 GMT
Server
Apache
Content-Type
image/jpeg
Accept-Ranges
bytes
X-Amz-Cf-Id
5L4Rp5lp5LaX78D3NR7H9nePDhf0uXM0MClE6YUlDKklEyu3J4mMTA==
100-40logoMedia.jpg
hst.tradedoubler.com/file/229227/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hst.tradedoubler.com/file/229227/100-40logoMedia.jpg
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/?utm_source=wld
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-11.zrh55.r.cloudfront.net
Software
Apache /
Resource Hash
2fe263bde7598fd80f9e464439100b36c32299acf01e6788a334c0a824c1edce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 08:10:33 GMT
Strict-Transport-Security
max-age=31536000
Via
1.1 a9717fb92179a05f5da85fabc586e750.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
ZRH55-P1
Age
1840
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
5199
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 10 Dec 2012 16:03:39 GMT
Server
Apache
Content-Type
image/jpeg
Accept-Ranges
bytes
X-Amz-Cf-Id
fJ9zLJLzrbaADoToBqTVwKeEF4xdUanLr78wMt_84vJc8lP5ryyYNw==
LogoAffiliate_200x70.jpg
hst.tradedoubler.com/file/324573/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hst.tradedoubler.com/file/324573/LogoAffiliate_200x70.jpg
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/?utm_source=wld
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-11.zrh55.r.cloudfront.net
Software
Apache /
Resource Hash
752473d37f57ed7064907cd114396a26a6d06adcfcd43705aad8719d8967b9f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 08:10:33 GMT
Strict-Transport-Security
max-age=31536000
Via
1.1 6678c1810851ff197cbe3fe4c41e86a6.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
ZRH55-P1
Age
1840
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
35640
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 22 Jun 2022 08:17:05 GMT
Server
Apache
Content-Type
image/jpeg
Accept-Ranges
bytes
X-Amz-Cf-Id
f8-9f2X7JtX_avbCjpon3u8_stySOcvv3GJ1GejT66--LrdMCEOWog==
logo_empikfoto_200x70_ztlem.png
hst.tradedoubler.com/file/281881/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hst.tradedoubler.com/file/281881/logo_empikfoto_200x70_ztlem.png
Requested by
Host: kuponejro.pl
URL: https://kuponejro.pl/?utm_source=wld
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-11.zrh55.r.cloudfront.net
Software
Apache /
Resource Hash
027347fa3c2b53bf5a32c6170d8a7bc8f9952b02ad36b1e3b651d0b3e0bc1554
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://kuponejro.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 09:35:32 GMT
Strict-Transport-Security
max-age=31536000
Via
1.1 478446fb4d72a1fd99b9a7a5157265f4.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
ZRH55-P1
Age
83141
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
4798
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 21 Feb 2019 14:42:23 GMT
Server
Apache
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
pZdSOpUdBeDspATecaav2n_Mhq919_4wuSqRvrFTmBVYIWOWDPDreA==
anchor
www.google.com/recaptcha/api2/ Frame 78AA 		60 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-PAopAAAAACeYoRqVUWo_vvJ3ATlNS4OCdKe_&co=aHR0cHM6Ly9rdXBvbmVqcm8ucGw6NDQz&hl=pl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=9n0bl173isj8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__pl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
6188a54750dd3117ee35c2a2ee8dae595c59f7ecc2f8a0bb381235ead9b05486
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BPOi__xnlh-VhXm8EOKVBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kuponejro.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-BPOi__xnlh-VhXm8EOKVBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 08:41:13 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 78AA 		55 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-PAopAAAAACeYoRqVUWo_vvJ3ATlNS4OCdKe_&co=aHR0cHM6Ly9rdXBvbmVqcm8ucGw6NDQz&hl=pl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=9n0bl173isj8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 04:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Nov 2024 04:28:46 GMT
recaptcha__pl.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 78AA 		469 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__pl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-PAopAAAAACeYoRqVUWo_vvJ3ATlNS4OCdKe_&co=aHR0cHM6Ly9rdXBvbmVqcm8ucGw6NDQz&hl=pl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=9n0bl173isj8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
36f4c116756db1f52c8dd899171aeddfd176016a61195ab5ee7b3d5954e9ee10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 09:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
516300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192580
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Nov 2024 09:16:14 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 78AA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 20:04:28 GMT
x-content-type-options
nosniff
age
218206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 04 Dec 2023 20:04:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 78AA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-PAopAAAAACeYoRqVUWo_vvJ3ATlNS4OCdKe_&co=aHR0cHM6Ly9rdXBvbmVqcm8ucGw6NDQz&hl=pl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=9n0bl173isj8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:26:56 GMT
x-content-type-options
nosniff
age
551658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 78AA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-PAopAAAAACeYoRqVUWo_vvJ3ATlNS4OCdKe_&co=aHR0cHM6Ly9rdXBvbmVqcm8ucGw6NDQz&hl=pl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=9n0bl173isj8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:01:27 GMT
x-content-type-options
nosniff
age
41987
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 21:01:27 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 78AA 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-PAopAAAAACeYoRqVUWo_vvJ3ATlNS4OCdKe_&co=aHR0cHM6Ly9rdXBvbmVqcm8ucGw6NDQz&hl=pl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=9n0bl173isj8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 19:35:34 GMT
x-content-type-options
nosniff
age
392740
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11936
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 19:35:34 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 78AA 		102 B
209 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=pl&v=-QbJqHfGOUB8nuVRLvzFLVed
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-PAopAAAAACeYoRqVUWo_vvJ3ATlNS4OCdKe_&co=aHR0cHM6Ly9rdXBvbmVqcm8ucGw6NDQz&hl=pl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=9n0bl173isj8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
93c1b3fda29a59a136f14951252dff943508353e76ba3bc32cca1f8eb7e389d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-PAopAAAAACeYoRqVUWo_vvJ3ATlNS4OCdKe_&co=aHR0cHM6Ly9rdXBvbmVqcm8ucGw6NDQz&hl=pl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=9n0bl173isj8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:41:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 30 Nov 2023 08:41:14 GMT
rum
cloudflareinsights.com/cdn-cgi/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://kuponejro.pl/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
application/json

Response headers

date
Thu, 30 Nov 2023 08:41:15 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://kuponejro.pl
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
82e1ca4eab858fe0-FRA
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://kuponejro.pl
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://kuponejro.pl
access-control-max-age
86400
cf-ray
82e1ca4e5b188fe0-FRA
content-encoding
gzip
content-type
text/plain
date
Thu, 30 Nov 2023 08:41:15 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
reload
www.google.com/recaptcha/api2/ Frame 78AA 		34 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Ld-PAopAAAAACeYoRqVUWo_vvJ3ATlNS4OCdKe_
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__pl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
65b6e5cf442d49644a74f9bf797be1bedc54011c1511637163b789a69ace4edb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-PAopAAAAACeYoRqVUWo_vvJ3ATlNS4OCdKe_&co=aHR0cHM6Ly9rdXBvbmVqcm8ucGw6NDQz&hl=pl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=9n0bl173isj8
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 30 Nov 2023 08:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 30 Nov 2023 08:41:15 GMT
/
trafficscanner.pl/ws2/index.php/ 		3 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trafficscanner.pl/ws2/index.php/?action=captcha
Requested by
Host: trafficscanner.pl
URL: https://trafficscanner.pl/ws2/script/3305/koniec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.185.188.129 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
ip-129.net-91-185-188-0.eco.atman.pl
Software
LiteSpeed / PHP/7.4.28
Resource Hash
8139b33952401b3ee0e2ca84651cb9a1d7f66d442bf908f9cf1f53ea746e5801

Request headers

Referer
https://kuponejro.pl/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 08:41:15 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.4.28
vary
Accept-Encoding
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin
https://kuponejro.pl
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
7
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| gtag object| dataLayer object| $jscomp string| twdUrlVar string| styles object| styleSheet object| wf_trafficscanner_obj function| xhrHasCredentialsProp function| Alerter object| ifvisible function| lsProtect function| twdOnloadCallbackRC string| axel number| a object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| urlSearchParams object| __cfBeacon function| requestAnimFrame object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_210181 boolean| twdCaptchaFlag

16 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AGYuNuTzQh0MqXPYnZB-pUimD5myAm43f8ta8YlV1G8yOnU50pRS0IU883QNyXFOMNyWeaKcAnf3W9-tSXIoKYg
news.send360.pl/ Name: ASP.NET_SessionId
Value: tkip4klfapwprxjfbjdvzyxu
welovedata.go2cloud.org/ Name: enc_aff_session_9102
Value: ENC0347ac0fded36d87e27baf1e6ff0ff818304566c8e361328d9ec1c1906ed52acb7cf55f6b0082ec1b3fea05a60fb2bec5cdab45fa472918c6e7ff0de9ee7ec47fcfee59c2ad357bebe240aade3312e616ea4c0d64d3e8c5410c01023ad2f068a64f80240008147d72258a674c741bba2167d41eaf11f3deda189314dccad15ff30929a332fbf009ed0604d1682b3094cc2a06a4f88ad98a2de8271671ef3107abe20dffce8
welovedata.go2cloud.org/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTkiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzExOS4wLjYwNDUuMTk5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJwbC1QTCxwbDtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
.kuponejro.pl/ Name: lsp_vid
Value: 17013336724683008
.kuponejro.pl/ Name: twd_u
Value: 17013336724683008
.kuponejro.pl/ Name: twd_du
Value: 1
.kuponejro.pl/ Name: twd_v
Value: 17013336724683008
.kuponejro.pl/ Name: twd_vc
Value: 17013336724683008
.kuponejro.pl/ Name: twd_dc
Value: 1
.kuponejro.pl/ Name: twd_s
Value: 17013336724683008
.kuponejro.pl/ Name: twd_cs
Value: 1
.kuponejro.pl/ Name: twd_ds
Value: 1
.kuponejro.pl/ Name: _ga_QXS5R7F4R5
Value: GS1.1.1701333672.1.0.1701333672.0.0.0
.kuponejro.pl/ Name: _ga
Value: GA1.1.2107862453.1701333673
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

21 Console Messages

Source Level URL
Text
other warning URL: https://trafficscanner.pl/ws2/script/3305/koniec.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
deprecation warning URL: https://trafficscanner.pl/ws2/script/3305/koniec.js
Message:
The ScriptProcessorNode is deprecated. Use AudioWorkletNode instead. (https://bit.ly/audio-worklet)
security warning URL: https://kuponejro.pl/?utm_source=wld
Message:
Mixed Content: The page at 'https://kuponejro.pl/?utm_source=wld' was loaded over HTTPS, but requested an insecure element 'http://hst.tradedoubler.com/file/284068/logo/10075.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kuponejro.pl/?utm_source=wld
Message:
Mixed Content: The page at 'https://kuponejro.pl/?utm_source=wld' was loaded over HTTPS, but requested an insecure element 'http://hst.tradedoubler.com/file/321318/crf_logo_200.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kuponejro.pl/?utm_source=wld
Message:
Mixed Content: The page at 'https://kuponejro.pl/?utm_source=wld' was loaded over HTTPS, but requested an insecure element 'http://hst.tradedoubler.com/file/330299/logo.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kuponejro.pl/?utm_source=wld
Message:
Mixed Content: The page at 'https://kuponejro.pl/?utm_source=wld' was loaded over HTTPS, but requested an insecure element 'http://hst.tradedoubler.com/file/324573/LogoAffiliate_200x70.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kuponejro.pl/?utm_source=wld
Message:
Mixed Content: The page at 'https://kuponejro.pl/?utm_source=wld' was loaded over HTTPS, but requested an insecure element 'http://hst.tradedoubler.com/file/284068/logo/10075.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kuponejro.pl/?utm_source=wld
Message:
Mixed Content: The page at 'https://kuponejro.pl/?utm_source=wld' was loaded over HTTPS, but requested an insecure element 'http://hst.tradedoubler.com/file/321318/crf_logo_200.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kuponejro.pl/?utm_source=wld
Message:
Mixed Content: The page at 'https://kuponejro.pl/?utm_source=wld' was loaded over HTTPS, but requested an insecure element 'http://hst.tradedoubler.com/file/284068/logo/10075.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kuponejro.pl/?utm_source=wld
Message:
Mixed Content: The page at 'https://kuponejro.pl/?utm_source=wld' was loaded over HTTPS, but requested an insecure element 'http://hst.tradedoubler.com/file/284068/logo/10075.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kuponejro.pl/?utm_source=wld
Message:
Mixed Content: The page at 'https://kuponejro.pl/?utm_source=wld' was loaded over HTTPS, but requested an insecure element 'http://hst.tradedoubler.com/file/284068/logo/10075.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kuponejro.pl/?utm_source=wld
Message:
Mixed Content: The page at 'https://kuponejro.pl/?utm_source=wld' was loaded over HTTPS, but requested an insecure element 'http://hst.tradedoubler.com/file/307803/logo2022/sss-logo-100x35.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kuponejro.pl/?utm_source=wld
Message:
Mixed Content: The page at 'https://kuponejro.pl/?utm_source=wld' was loaded over HTTPS, but requested an insecure element 'http://hst.tradedoubler.com/file/284068/logo/10075.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kuponejro.pl/?utm_source=wld
Message:
Mixed Content: The page at 'https://kuponejro.pl/?utm_source=wld' was loaded over HTTPS, but requested an insecure element 'http://hst.tradedoubler.com/file/268189/logo/electro_100x60.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kuponejro.pl/?utm_source=wld
Message:
Mixed Content: The page at 'https://kuponejro.pl/?utm_source=wld' was loaded over HTTPS, but requested an insecure element 'http://hst.tradedoubler.com/file/324573/LogoAffiliate_200x70.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kuponejro.pl/?utm_source=wld
Message:
Mixed Content: The page at 'https://kuponejro.pl/?utm_source=wld' was loaded over HTTPS, but requested an insecure element 'http://hst.tradedoubler.com/file/284068/logo/10075.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kuponejro.pl/?utm_source=wld
Message:
Mixed Content: The page at 'https://kuponejro.pl/?utm_source=wld' was loaded over HTTPS, but requested an insecure element 'http://hst.tradedoubler.com/file/321318/crf_logo_200.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kuponejro.pl/?utm_source=wld
Message:
Mixed Content: The page at 'https://kuponejro.pl/?utm_source=wld' was loaded over HTTPS, but requested an insecure element 'http://hst.tradedoubler.com/file/330299/logo.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kuponejro.pl/?utm_source=wld
Message:
Mixed Content: The page at 'https://kuponejro.pl/?utm_source=wld' was loaded over HTTPS, but requested an insecure element 'http://hst.tradedoubler.com/file/324573/LogoAffiliate_200x70.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kuponejro.pl/?utm_source=wld
Message:
Mixed Content: The page at 'https://kuponejro.pl/?utm_source=wld' was loaded over HTTPS, but requested an insecure element 'http://hst.tradedoubler.com/file/284068/logo/10075.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kuponejro.pl/?utm_source=wld
Message:
Mixed Content: The page at 'https://kuponejro.pl/?utm_source=wld' was loaded over HTTPS, but requested an insecure element 'http://hst.tradedoubler.com/file/321318/crf_logo_200.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

34.eftrack.pl
ad.doubleclick.net
adservice.google.com
adservice.google.pl
api.airtable.com
cloudflareinsights.com
fonts.googleapis.com
fonts.gstatic.com
hst.tradedoubler.com
kuponejro.pl
news.send360.pl
region1.google-analytics.com
static.cloudflareinsights.com
trafficscanner.pl
welovedata.go2cloud.org
www.google.com
www.googletagmanager.com
www.gstatic.com
104.16.57.101
104.21.54.134
142.250.184.194
142.250.184.195
142.250.185.104
142.250.185.164
142.250.185.227
142.250.186.42
172.217.18.6
172.217.18.98
18.165.183.11
18.210.244.201
188.114.97.3
216.239.34.36
52.210.174.128
91.185.188.129
91.230.36.10
027347fa3c2b53bf5a32c6170d8a7bc8f9952b02ad36b1e3b651d0b3e0bc1554
02def0427bbe9968b814d7847ec3b8f0a030912521cfea64348929558dbd258b
0bc55a18260ed72a6d41ca978e5d5e5599a83d1bca3639359ad78b6c79ee976f
124de712d8f9c0053001f86e210175f31b6e910d3e587dc3f7a646f4aae30439
17d87486768dad42dfb919460f6e56dd07c643aa517daee3e70ce742e894c8a1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2109ee2b3cfcd3c8f9834655a8863949318813ed4dfa4c9713f11f7b2bff7388
27dc380caf238d7c417fac471ec5902c8cf73e9dccfddcd489e8cd5df0d8a948
293f50345cd82753a8e0595fe21119be4b36f36ee1e730b5b1e72407bd863781
2fe263bde7598fd80f9e464439100b36c32299acf01e6788a334c0a824c1edce
36f4c116756db1f52c8dd899171aeddfd176016a61195ab5ee7b3d5954e9ee10
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ec14c6b9b760dcf217dc7a5902a5eb2a7ba3b656a3a1ee57ae588f117615266
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6188a54750dd3117ee35c2a2ee8dae595c59f7ecc2f8a0bb381235ead9b05486
65b6e5cf442d49644a74f9bf797be1bedc54011c1511637163b789a69ace4edb
7196c3002f08704f9f99de95b6357969a512eaa9a766eee693921dce72927cea
72ce8182e8214115eb902010eddd5c0c77793ced6e7a9b6f88b747a3669660d7
752473d37f57ed7064907cd114396a26a6d06adcfcd43705aad8719d8967b9f9
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
8139b33952401b3ee0e2ca84651cb9a1d7f66d442bf908f9cf1f53ea746e5801
8442c7014d6c112f743fb33c0a9c785c3945b138f1672efd1c64cdaa6af20d92
93c1b3fda29a59a136f14951252dff943508353e76ba3bc32cca1f8eb7e389d0
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
b7c13988d3f4683bcb6ed472f4b74f88685b60eee16e37f5a90cafc363603c57
d54d052eda15f9399c7d31dfaaa15b5ed612cc5a5bb0408eb20b5460215bf496
db7aec8e7e1542e283e8a2ec59694c04db4c98bbb3f182f89fa50ca52d81eaa4
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5dea6277ffde716161637c1dfe0a77e8df8f7bc0856a4b21c84f494fb20bfde
e8abb0f6c04c52a65caa47f04dee4fa90e7fe4d68c8f27f7433b6d282b44e3bd
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f82ef3159f2f75cfb5a00ce6b1d8c178156ed9e27f21791aab24343be683d93d
f8a0f5a75e12a30e114188b43d40d184255de2d78c4063f57e495f6ea3893a1a
fa7d544e6cc8c096af3d884a856acdb8282a44902059d02fb144037ba0517a69
ff8b17871388b8fffa6c1b5a5d486e50a418f44ca618585b6d7f9d075da58ed5