Report - ales.nysa.pl/media/ppq/

Report Overview

Visited public
2025-04-25 08:22:58
Tags
phishing
URL
ales.nysa.pl/media/ppq/
Finishing URL
ales.nysa.pl/media/ppq/
IP / ASN
213.186.33.82
#16276 OVH SAS
Title
Messages | Made ln Chlna
Phishing - Generic phishing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2025-04-23	2.2 kB	1.7 kB	216.239.34.36
event.clientgear.com	3228	2013-07-03	2017-01-19	2025-04-22	3.9 kB	2.2 kB	47.252.78.131
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-04-23	1.6 kB	1.3 MB	142.250.74.136
bat.bing.net	unknown	1997-09-03	2023-11-04	2025-04-24	1.2 kB	1.1 kB	150.171.28.10
www.made-in-china.com	95945	1998-02-28	2012-05-30	2025-04-24	960 B	4.4 kB	104.18.15.186
www.google.com	7	1997-09-15	2015-05-10	2025-04-23	802 B	562 B	142.250.178.100
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2025-04-23	862 B	100 kB	104.18.11.207
sync.saideao.com	unknown	2024-11-13	2024-12-04	2025-04-19	473 B	246 B	94.74.83.119
event.bxtag.com	unknown	2024-10-10	2024-10-10	2025-04-24	2.7 kB	629 B	139.95.0.154
fa.micstatic.com	153248	2013-09-10	2020-03-25	2025-04-24	7.6 kB	3.1 kB	104.18.22.150
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-04-05	2025-04-23	434 B	52 kB	104.18.11.207
bat.bing.com	387	1996-01-29	2014-04-08	2025-04-23	796 B	56 kB	150.171.28.10
pylon.micstatic.com	156834	2013-09-10	2021-01-28	2025-04-24	358 B	39 kB	104.18.18.80
www.google.no	25607	2001-02-26	2012-06-26	2025-04-23	987 B	580 B	142.250.74.131
pixel.bxtag.com	unknown	2024-10-10	2024-10-10	2025-04-19	1.2 kB	41 kB	47.246.44.197
www.micstatic.com	120170	2013-09-10	2015-07-22	2025-04-23	3.2 kB	199 kB	104.18.19.80
ales.nysa.pl	unknown	2014-03-11	2017-04-20	2024-02-28	4.0 kB	462 kB	0.0.0.0
track.bxtag.com	unknown	2024-10-10	2024-12-04	2025-04-19	471 B	199 B	139.95.0.154
pixeltrack.clientgear.com	98240	2013-07-03	2016-01-25	2025-04-23	337 B	36 kB	47.246.49.219

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-04-25 08:22:36	medium	213.186.33.82	Client IP	ET PHISHING Generic Multibrand NewInjection Phishing Landing Template
2025-04-25 08:22:36	medium	213.186.33.82	Client IP	ET PHISHING Generic Multibrand NewInjection Phishing Landing Template

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (30)

	URL	From	Size	First Seen	Last Seen
	www.googletagmanager.com/gtm.js?id=GTM-T39J99&r=1634120031144	ScriptElement	490 kB	2025-04-25	2025-04-25
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-T39J99&r=1634120031144 IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-25 08:23 Last Seen2025-04-25 08:23 Times Seen1 Hash b65dce526e7d3949617b8f0d8c426acc 82d40ba3917c9a423e9514a85ca4d1db75b2126f 2e5197ea07ea2ccec9c6624efb17fe73e653b83c96e8dba73df1f88362db4877 Loading...

	www.googletagmanager.com/gtag/destination?id=AW-731984560&l=dataLayer&cx=c&gtm=45je54o0h2v876016506za200zb6376862&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001	ScriptElement	313 kB	2025-04-25	2025-04-25
Pretty URL www.googletagmanager.com/gtag/destination?id=AW-731984560&l=dataLayer&cx=c&gtm=45je54o0h2v876016506za200zb6376862&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001 IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-25 08:23 Last Seen2025-04-25 08:23 Times Seen1 Hash bd7b009c9e125d7cc5fdfde6f5046e22 c14e440d95cf2342ea76422914249fcf0ca18e5d daf74539d5d43bc645b1ef3d8940cc6c7a10b2d1630bd8075b4979925716fe50 Loading...

	bat.bing.com/p/action/13001299.js	ScriptElement	3.2 kB	2025-04-01	2025-05-10
Pretty URL bat.bing.com/p/action/13001299.js IP 150.171.28.10 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-01 21:36 Last Seen2025-05-10 02:31 Times Seen1160 Hash a398e3c6baee8af7166766716b7d995a 72a0078445404182de5860a02a2b1a3edcfa7d58 e9e475e5a9a7516f2f0dba6ce1fd054ee4a8791d4c8b6897c0d8a0b90e249e97 Loading...

	pixel.bxtag.com/tag/X-5WVR58JB1YFD_v1.js?	ScriptElement	9.3 kB	2025-04-24	2025-04-30
Pretty URL pixel.bxtag.com/tag/X-5WVR58JB1YFD_v1.js? IP 47.246.44.197 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-24 10:42 Last Seen2025-04-30 11:34 Times Seen12 Hash c90789d0c4702707b1224c995161cf4e 09f7b7817c8b3e1911f9d624f6636b009cb18cdb 62727c86f75c0233940b880c33f48349945284705c16d793f249ed171740c004 Loading...

	ales.nysa.pl/media/ppq/	ScriptElement	423 B	2023-03-07	2025-04-30
Pretty URL ales.nysa.pl/media/ppq/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02 Last Seen2025-04-30 14:37 Times Seen195 Hash 8a09c565a275efe2ce5842ab478db31e 99b6847a2eb4bbda95e8e012628c0d7c0f616124 906d76ac0dcec17f85e4b663f14d199e7ddd704bbf3c30cd01b7e766db0ef2e7 Loading...

	ales.nysa.pl/media/ppq/	ScriptElement	4.2 kB	2023-03-07	2025-04-30
Pretty URL ales.nysa.pl/media/ppq/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-04-30 11:34 Times Seen146 Hash 249cd4ac7d9f2218d937a6df51656f1c 10cca701fe98e14448b3fb0bfe1bd56b7c7860d4 4967494754818ef2e325bd555b126362ae96d6ee5f46fb502ce2f3c41aa1fcce Loading...

	www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=1634120031144	ScriptElement	12 kB	2025-04-24	2025-04-29
Pretty URL www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=1634120031144 IP 104.18.19.80 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-24 10:42 Last Seen2025-04-29 10:01 Times Seen7 Hash 9622686d668d75cc6b5175e8124663a3 ceb107b9d7106228fd79a2aa0da50781ec988c77 e36e7b591ae4ec7a0815ba068b066f1d852d5e51357930636fa64eafcb44b4a6 Loading...

	ales.nysa.pl/media/ppq/	ScriptElement	3.9 kB	2023-04-05	2025-04-30
Pretty URL ales.nysa.pl/media/ppq/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 16:39 Last Seen2025-04-30 11:34 Times Seen110 Hash 046dca0810e926e0a9c2f9aa1f12a9ed d41460310c377a735ff58a5233a452ca2ca6535b a6728e5fc99c1449d3f900e11fc7e183202a13750b1757fae5801178a7b82e54 Loading...

	www.made-in-china.com/faw-store.html	ScriptElement	1.3 kB	2025-03-18	2025-04-30
Pretty URL www.made-in-china.com/faw-store.html IP 104.18.15.186 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-18 00:28 Last Seen2025-04-30 14:37 Times Seen22 Hash 1ebaedf2be8ba92f9759e3960a6e5d1f 647b75a410732f1693005db0d6d7fb37806d44a2 a0f1ed157b82f077c58a895afe4344655b18cf83a03eff7ff0688116867fcdd5 Loading...

	ales.nysa.pl/media/ppq/	Eval	228 B	2024-08-20	2025-04-30
Pretty URL ales.nysa.pl/media/ppq/ IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2024-08-20 10:31 Last Seen2025-04-30 11:34 Times Seen21 Hash 009b8aff4551e22ae7ff1540d467e02c 26e3413440d8591d1ff3ac35a9a0c3fd048ef4f4 32f11f2eb2f7cef2c72d4d6acbfb12f1ab0e45e97e5e6910b9603817f703bd65 Loading...

	pixel.bxtag.com/tag/brainx.min.js	ScriptElement	15 kB	2025-04-24	2025-04-30
Pretty URL pixel.bxtag.com/tag/brainx.min.js IP 47.246.44.197 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-24 10:42 Last Seen2025-04-30 11:34 Times Seen11 Hash 5a4dd6c89876947365c820dac10f868d 9b54ea3661c2c8a6b9fd41f922813e46d9b9e6d6 d8ea9ebf5dd829e027d3808440808c9cd380f0a310a4f1f2c56ac896fa20829e Loading...

	ales.nysa.pl/media/ppq/js/jquery.min.js	ScriptElement	93 kB	2025-04-24	2025-04-29
Pretty URL ales.nysa.pl/media/ppq/js/jquery.min.js IP 213.186.33.82 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-24 10:42 Last Seen2025-04-29 10:01 Times Seen6 Hash 8cf5afe375b8e1ade090122400342e7d ab3af857a383c523c9ac0d5bc6eb40cc0dbc396f 9ade7c8095adb55764d1eba7e4e4afc6c23d3ba74d13ff57e1d9406cede0b8e3 Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	ScriptElement	51 kB	2023-03-07	2025-05-09
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 22:49 Times Seen98886 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	ales.nysa.pl/media/ppq/	ScriptElement	410 B	2025-03-18	2025-04-30
Pretty URL ales.nysa.pl/media/ppq/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-18 00:28 Last Seen2025-04-30 14:37 Times Seen22 Hash e093c209d2b71f282ce8240c1ff8eb53 294f731b780bcde2714c36fc1e626ac75ffb756d 6f3a66f45186c47e00ffe8c9c6ad7399d7167dc9993bdd99a4341cc32fe0fa55 Loading...

	ales.nysa.pl/media/ppq/sandbox%20eval%20code		147 B	2023-04-11	2025-05-10
Pretty URL ales.nysa.pl/media/ppq/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-10 03:04 Times Seen341564 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.micstatic.com/common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144	ScriptElement	28 kB	2023-09-04	2025-04-30
Pretty URL www.micstatic.com/common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144 IP 104.18.19.80 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-04 13:33 Last Seen2025-04-30 11:34 Times Seen113 Hash deb766cd50df9ddf11631a7e3f5fab97 466b73af1b18255e324b044383f48108d088d9e1 57415bf4afa705958507e5806d5dba934af49fcef6c64601e02bd5fe2c6a7780 Loading...

	pixeltrack.clientgear.com/mkc42487381192519.js	ScriptElement	35 kB	2025-04-12	2025-04-30
Pretty URL pixeltrack.clientgear.com/mkc42487381192519.js IP 47.246.49.219 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-12 16:40 Last Seen2025-04-30 14:37 Times Seen21 Hash 0ab75daa1802035cecbfad4372de57ed aeb0162e557d95aa612764c4d5560dfbed8527df 049bf38134c0a05982f1d0f24c1ee68f93aba93b8f526cb7b10fb56d98d3ca16 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	ScriptElement	49 kB	2023-03-07	2025-05-09
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 23:19 Times Seen74839 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	ales.nysa.pl/media/ppq/	Eval	228 B	2023-06-27	2025-04-30
Pretty URL ales.nysa.pl/media/ppq/ IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2023-06-27 14:06 Last Seen2025-04-30 11:34 Times Seen143 Hash 8b1dbb49cf7878d6b904b7b306c468eb 249b1ede337d135535fb9104e69f2219c82a00f9 b384bd0a9a19b66654a1ff373bac0e1fabe36ad17e5a67b200a36393b7fb344a Loading...

	www.googletagmanager.com/gtag/js?id=G-VEFCZRQMG4&l=dataLayer&cx=c&gtm=45He54o0h2v6376862za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001	ScriptElement	455 kB	2025-04-25	2025-04-25
Pretty URL www.googletagmanager.com/gtag/js?id=G-VEFCZRQMG4&l=dataLayer&cx=c&gtm=45He54o0h2v6376862za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001 IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-25 08:23 Last Seen2025-04-25 08:23 Times Seen1 Hash e9b8cc2951dd2afa1f666a4eae4a4f13 18bd51f7e492cf44056792cd1070c478ad847e99 507da7306d6430e7b865b68b202a922d964d5574103cf75956ea509ec9d7a1ae Loading...

	ales.nysa.pl/media/ppq/js/jquery-3.1.1.min.js	ScriptElement	94 kB	2025-04-24	2025-04-29
Pretty URL ales.nysa.pl/media/ppq/js/jquery-3.1.1.min.js IP 213.186.33.82 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-24 10:42 Last Seen2025-04-29 10:01 Times Seen6 Hash 55282b85b7241eae67b24987c5f20325 3906a2c8180c33fd698ddad461f4832eff71ca35 90daab21d9a851fce2e536077a34968ce4f19fd75b3ce2174d64bf373a0f88fa Loading...

	ales.nysa.pl/media/ppq/	ScriptElement	627 B	2023-03-07	2025-05-07
Pretty URL ales.nysa.pl/media/ppq/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-05-07 21:39 Times Seen575 Hash f8ecd4d7fd8da5baf55337d6790e0fac d6e502a27fe637b7f06df2d4ca39670e0a5c4bc0 5ab917714cb496bdba1ad47213a9aabd9147bba19c7eff0ddf7e46b4aa1ec1e7 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	ScriptElement	49 kB	2023-03-07	2025-05-09
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 23:19 Times Seen74839 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	pylon.micstatic.com/gb/js/assets/probe/probe.min.js?r=1634120031144	ScriptElement	38 kB	2025-04-24	2025-04-30
Pretty URL pylon.micstatic.com/gb/js/assets/probe/probe.min.js?r=1634120031144 IP 104.18.18.80 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-24 10:42 Last Seen2025-04-30 11:34 Times Seen12 Hash 0d82db0c6f75aee99147128e24172921 88bfd0f844a1f71e0d7e1bc71ba893de91d0a0fa ed9cf8d24295d820ec444f6b130594ca43269393ef441f084d4510e8bdfb8a6b Loading...

	www.micstatic.com/common/js/libs/sensors/sensorsdata.min-1.15.13_faw.js?r=1634120031144	ScriptElement	85 kB	2023-03-07	2025-04-30
Pretty URL www.micstatic.com/common/js/libs/sensors/sensorsdata.min-1.15.13_faw.js?r=1634120031144 IP 104.18.19.80 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02 Last Seen2025-04-30 11:34 Times Seen118 Hash c727cdcf1f851383293dfa1bff462722 ada0c63651e642891f4fd5905eefcf28d3ad4baf 40707e9d2cf9581ad9fcc531e1626245a63ae9d25e8e9df268b9bc2106683653 Loading...

	ales.nysa.pl/media/ppq/	Eval	228 B	2025-04-12	2025-04-30
Pretty URL ales.nysa.pl/media/ppq/ IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-04-12 16:40 Last Seen2025-04-30 11:34 Times Seen19 Hash d5ca3ada74e5e047dae816c308966f6c a08f821fdc155ac56b13398fe17ff5989d78558c cdb543b127c0946634493ad56603878fafc3d2601fd7c02f109831d7d2bf8092 Loading...

	ales.nysa.pl/media/ppq/	ScriptElement	412 B	2025-01-07	2025-04-30
Pretty URL ales.nysa.pl/media/ppq/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-07 17:28 Last Seen2025-04-30 14:37 Times Seen23 Hash e8c4f8a032d2e3de6cc9397c02bb7488 e074996b79756b4d6da657667ef2fba7aacaf5e9 69fc31afa7e36f23d3ef560fa30837f0562bc857725c660a7a178f127f53b110 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-10
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-10 03:04 Times Seen340764 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	bat.bing.com/bat.js	ScriptElement	52 kB	2025-04-12	2025-04-29
Pretty URL bat.bing.com/bat.js IP 150.171.28.10 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-12 16:40 Last Seen2025-04-29 14:49 Times Seen16 Hash 87ce8c39ffec46a49e8d69801e17a879 f8008833fcf817f9549a55cb602feecedfc91e48 16ccc53801ea6b7c27f0a49bb376c5227220e8867be3095e2ae32ed39a45045a Loading...

	ales.nysa.pl/media/ppq/	Eval	401 B	2023-03-07	2025-05-07
Pretty URL ales.nysa.pl/media/ppq/ IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 12:02 Last Seen2025-05-07 21:39 Times Seen737 Hash 4d12a11d93617efa27441f47869d156d 70dd822485874fe16f334468bfffe5dad153abbd 91c16639d04eaf68a0a87c022519be74068014b8ace744930ec7727afa2fa41d Loading...

HTTP Transactions (53)

URL IP Response Size

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.11.207

200 OK

49 kB

URL GET
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint90:B1:98:4A:7E:D6:37:CF:9B:DC:7D:67:82:58:17:6C:F7:F6:11:DE
ValiditySun, 16 Mar 2025 01:14:49 GMT - Sat, 14 Jun 2025 02:14:23 GMT

File type
JavaScript source, ASCII text, with very long lines (48664)
Size
49 kB (48944 bytes)
Hash
14d449eb8876fa55e1ef3c2cc52b0c17
a9545831803b1359cfeed47e3b4d6bae68e40e99
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Apr 2025 08:22:36 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: "14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/20/2024 14:11:37
cdn-proxyver: 1.06
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1002
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 22ee951d058bdbb194846a7e3e968d83
cdn-cache: HIT
cf-cache-status: HIT
age: 1145776
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 935c6f012ec4b4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

pixel.bxtag.com/tag/X-5WVR58JB1YFD_v1.js?

47.246.44.197

200 OK

9.3 kB

URL GET
pixel.bxtag.com/tag/X-5WVR58JB1YFD_v1.js?
IP
47.246.44.197:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerDigiCert Inc
Subjectpixel.bxtag.com
Fingerprint20:2D:30:B9:B9:B3:7C:EF:07:4E:E8:3E:AB:DD:C0:0E:31:85:5B:33
ValidityThu, 10 Oct 2024 00:00:00 GMT - Thu, 09 Oct 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (9244)
Size
9.3 kB (9255 bytes)
Hash
60f96c4a607bbe254d775be0108d7081
8baa9b9ab75b6e8f38d45cec0a077c5763e4d4fa
18db8545bd1c28d5865f6c3ca372881d268af250ad476e6e11c98ef5d395a420

HTTP Headers

GET /tag/X-5WVR58JB1YFD_v1.js? HTTP/1.1
Host: pixel.bxtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Cookie: bx_id=bxfabc4a4c4e1c431ca2069fd709d01b19
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 3459
date: Thu, 24 Apr 2025 09:20:02 GMT
x-oss-request-id: 680A02429B3C7D343433DB0F
x-oss-cdn-auth: success
accept-ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
content-security-policy: sandbox,allow-scripts,allow-top-navigation-by-user-activation
content-md5: YPlsSmB7viVNd1vgEI1wgQ==
x-oss-server-time: 3
via: cache32.l2fr1[0,0,304-0,H], cache23.l2fr1[1,0], ens-cache11.se2[0,0,200-0,H], ens-cache13.se2[1,0]
vary: Accept-Encoding
last-modified: Tue, 22 Apr 2025 11:22:03 GMT
x-oss-hash-crc64ecma: 15536407779562996649
content-encoding: gzip
age: 82958
ali-swift-global-savetime: 1745486402
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 24 Apr 2025 09:20:34 GMT
x-swift-cachetime: 2591968
timing-allow-origin: *
eagleid: 2ff62ca117455693606741924e
X-Firefox-Spdy: h2

event.bxtag.com/collect?desc=Messages%20%7C%20Made%20ln%20Chlna&event=page_view&referrer=&domain=ales.nysa.pl&pageUrl=http%253A%252F%252Fales.nysa.pl%252Fmedia%252Fppq%252F&screen=1280x1024&timezone=UTC-0&utcTime=2025-4-25%208%3A22%3A40&pixelId=X-5WVR58JB1YFD&bxCookie=bxfef0697a-63f1-498e-8258-243652254fbf&uidCookie=bx59b1fb57-03d7-48c5-a088-640789a29365&deviceId=27db92be-63962121&eventClick=2&browserBrand=%7B%22browserEngineKind%22%3A%22gecko%22%2C%22browserKind%22%3A%22firefox%22%2C%22isIframe%22%3Afalse%2C%22android%22%3Afalse%2C%22browserAPI%22%3A%7B%22chrome%22%3Afalse%2C%22webkitResolveLocalFileSystemURL%22%3Afalse%2C%22BatteryManager%22%3Afalse%2C%22webkitMediaStream%22%3Afalse%2C%22webkitSpeechGrammar%22%3Afalse%2C%22RTCEncodedAudioFrame%22%3Afalse%2C%22safari%22%3Afalse%2C%22ApplePayError%22%3Afalse%2C%22CSSPrimitiveValue%22%3Afalse%2C%22Counter%22%3Afalse%2C%22WebKitMediaKeys%22%3Afalse%2C%22MediaSource%22%3Atrue%2C%22usb%22%3Afalse%2C%22connection%22%3Afalse%2C%22bluetooth%22%3Afalse%2C%22webkitPersistentStorage%22%3Afalse%2C%22webkitTemporaryStorage%22%3Afalse%7D%2C%22webGL%22%3A%7B%22vendor%22%3A%22Mozilla%22%2C%22renderer%22%3A%22llvmpipe%22%7D%2C%22connection%22%3Anull%2C%22windowSize%22%3A%7B%22outerWidth%22%3A1280%2C%22outerHeight%22%3A1024%2C%22innerWidth%22%3A1280%2C%22innerHeight%22%3A1024%7D%2C%22screen%22%3A%7B%22availHeight%22%3A1024%2C%22availWidth%22%3A1280%2C%22availLeft%22%3A0%2C%22availTop%22%3A0%2C%22height%22%3A1024%2C%22width%22%3A1280%2C%22colorDepth%22%3A24%7D%2C%22hardwareConcurrency%22%3A48%2C%22deviceMemory%22%3A0%2C%22maxTouchPoints%22%3A0%2C%22devicePixelRatio%22%3A1%2C%22userAgentData%22%3Afalse%2C%22detector%22%3A%5B%5D%7D&t=1745569360761

139.95.0.154

204 No Content

0 B

URL GET
event.bxtag.com/collect?desc=Messages%20%7C%20Made%20ln%20Chlna&event=page_view&referrer=&domain=ales.nysa.pl&pageUrl=http%253A%252F%252Fales.nysa.pl%252Fmedia%252Fppq%252F&screen=1280x1024&timezone=UTC-0&utcTime=2025-4-25%208%3A22%3A40&pixelId=X-5WVR58JB1YFD&bxCookie=bxfef0697a-63f1-498e-8258-243652254fbf&uidCookie=bx59b1fb57-03d7-48c5-a088-640789a29365&deviceId=27db92be-63962121&eventClick=2&browserBrand=%7B%22browserEngineKind%22%3A%22gecko%22%2C%22browserKind%22%3A%22firefox%22%2C%22isIframe%22%3Afalse%2C%22android%22%3Afalse%2C%22browserAPI%22%3A%7B%22chrome%22%3Afalse%2C%22webkitResolveLocalFileSystemURL%22%3Afalse%2C%22BatteryManager%22%3Afalse%2C%22webkitMediaStream%22%3Afalse%2C%22webkitSpeechGrammar%22%3Afalse%2C%22RTCEncodedAudioFrame%22%3Afalse%2C%22safari%22%3Afalse%2C%22ApplePayError%22%3Afalse%2C%22CSSPrimitiveValue%22%3Afalse%2C%22Counter%22%3Afalse%2C%22WebKitMediaKeys%22%3Afalse%2C%22MediaSource%22%3Atrue%2C%22usb%22%3Afalse%2C%22connection%22%3Afalse%2C%22bluetooth%22%3Afalse%2C%22webkitPersistentStorage%22%3Afalse%2C%22webkitTemporaryStorage%22%3Afalse%7D%2C%22webGL%22%3A%7B%22vendor%22%3A%22Mozilla%22%2C%22renderer%22%3A%22llvmpipe%22%7D%2C%22connection%22%3Anull%2C%22windowSize%22%3A%7B%22outerWidth%22%3A1280%2C%22outerHeight%22%3A1024%2C%22innerWidth%22%3A1280%2C%22innerHeight%22%3A1024%7D%2C%22screen%22%3A%7B%22availHeight%22%3A1024%2C%22availWidth%22%3A1280%2C%22availLeft%22%3A0%2C%22availTop%22%3A0%2C%22height%22%3A1024%2C%22width%22%3A1280%2C%22colorDepth%22%3A24%7D%2C%22hardwareConcurrency%22%3A48%2C%22deviceMemory%22%3A0%2C%22maxTouchPoints%22%3A0%2C%22devicePixelRatio%22%3A1%2C%22userAgentData%22%3Afalse%2C%22detector%22%3A%5B%5D%7D&t=1745569360761
IP
139.95.0.154:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerDigiCert Inc
Subjectevent.bxtag.com
FingerprintF3:8D:FB:F5:46:9E:85:AF:E7:ED:D5:BD:87:61:C6:17:4B:BF:4C:83
ValidityThu, 10 Oct 2024 00:00:00 GMT - Thu, 09 Oct 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?desc=Messages%20%7C%20Made%20ln%20Chlna&event=page_view&referrer=&domain=ales.nysa.pl&pageUrl=http%253A%252F%252Fales.nysa.pl%252Fmedia%252Fppq%252F&screen=1280x1024&timezone=UTC-0&utcTime=2025-4-25%208%3A22%3A40&pixelId=X-5WVR58JB1YFD&bxCookie=bxfef0697a-63f1-498e-8258-243652254fbf&uidCookie=bx59b1fb57-03d7-48c5-a088-640789a29365&deviceId=27db92be-63962121&eventClick=2&browserBrand=%7B%22browserEngineKind%22%3A%22gecko%22%2C%22browserKind%22%3A%22firefox%22%2C%22isIframe%22%3Afalse%2C%22android%22%3Afalse%2C%22browserAPI%22%3A%7B%22chrome%22%3Afalse%2C%22webkitResolveLocalFileSystemURL%22%3Afalse%2C%22BatteryManager%22%3Afalse%2C%22webkitMediaStream%22%3Afalse%2C%22webkitSpeechGrammar%22%3Afalse%2C%22RTCEncodedAudioFrame%22%3Afalse%2C%22safari%22%3Afalse%2C%22ApplePayError%22%3Afalse%2C%22CSSPrimitiveValue%22%3Afalse%2C%22Counter%22%3Afalse%2C%22WebKitMediaKeys%22%3Afalse%2C%22MediaSource%22%3Atrue%2C%22usb%22%3Afalse%2C%22connection%22%3Afalse%2C%22bluetooth%22%3Afalse%2C%22webkitPersistentStorage%22%3Afalse%2C%22webkitTemporaryStorage%22%3Afalse%7D%2C%22webGL%22%3A%7B%22vendor%22%3A%22Mozilla%22%2C%22renderer%22%3A%22llvmpipe%22%7D%2C%22connection%22%3Anull%2C%22windowSize%22%3A%7B%22outerWidth%22%3A1280%2C%22outerHeight%22%3A1024%2C%22innerWidth%22%3A1280%2C%22innerHeight%22%3A1024%7D%2C%22screen%22%3A%7B%22availHeight%22%3A1024%2C%22availWidth%22%3A1280%2C%22availLeft%22%3A0%2C%22availTop%22%3A0%2C%22height%22%3A1024%2C%22width%22%3A1280%2C%22colorDepth%22%3A24%7D%2C%22hardwareConcurrency%22%3A48%2C%22deviceMemory%22%3A0%2C%22maxTouchPoints%22%3A0%2C%22devicePixelRatio%22%3A1%2C%22userAgentData%22%3Afalse%2C%22detector%22%3A%5B%5D%7D&t=1745569360761 HTTP/1.1
Host: event.bxtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ales.nysa.pl/
Content-Type: application/x-www-form-urlencoded
Origin: http://ales.nysa.pl
DNT: 1
Connection: keep-alive
Cookie: bx_id=bxfabc4a4c4e1c431ca2069fd709d01b19
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Fri, 25 Apr 2025 08:22:40 GMT
vary: Accept-Encoding, Origin
access-control-allow-origin: http://ales.nysa.pl
access-control-allow-credentials: true
X-Firefox-Spdy: h2

www.micstatic.com/common/font/micon/micon-2/micon_3425a96d.woff2?v=20201103

104.18.19.80

200 OK

26 kB

URL GET
www.micstatic.com/common/font/micon/micon-2/micon_3425a96d.woff2?v=20201103
IP
104.18.19.80:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerDigiCert Inc
Subject*.micstatic.com
FingerprintEF:BA:97:06:EC:8D:A7:71:D9:71:E9:44:47:32:02:95:E3:FF:DE:14
ValidityWed, 27 Nov 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 25720, version 1.0
Size
26 kB (25720 bytes)
Hash
90c821175fe52b5e89497d4249dce3b6
0bbacc3050dcf88f37fd6042a6719f83ba6ad83a
18a097b5625eaee94db4a26223016d2f31b7b5f5529bc599ea183f551e5c13d3

HTTP Headers

GET /common/font/micon/micon-2/micon_3425a96d.woff2?v=20201103 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ales.nysa.pl
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 08:22:36 GMT
content-type: font/woff2
content-length: 25720
last-modified: Tue, 07 Jun 2022 11:17:37 GMT
etag: "629f33d1-6478"
origin-agent-cluster: ?0
timing-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 78016
expires: Mon, 23 Apr 2035 08:22:36 GMT
accept-ranges: bytes
set-cookie: __cf_bm=ASbH9TLMnBorR_NOqtrm2xPsSdxf4sK08GWjVxZgBa4-1745569356-1.0.1.1-yABCbKvA6KTjm9dmK7rEO1QPyzYDI14sscKV0FZKWSc7KhSC.WGur3KQSp8Qn_ncofJx5L.E5iAad00YE4JoZX9F1p2kYnHqc64eDSqPoPM; path=/; expires=Fri, 25-Apr-25 08:52:36 GMT; domain=.micstatic.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 935c6f0119e4569d-OSL
X-Firefox-Spdy: h2

fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE5NjZjMGE5ZjIyMTQ5LTAyNzg0OThkYWExNWFhLTMwNmQ0NjRhLTEzMTA3MjAtMTk2NmMwYTlmMjMxZmIiLCJsaWIiOnsiJGxpYiI6ImpzIiwiJGxpYl9tZXRob2QiOiJjb2RlIiwiJGxpYl92ZXJzaW9uIjoiMS4xNS4xMyJ9LCJwcm9wZXJ0aWVzIjp7IiR0aW1lem9uZV9vZmZzZXQiOjAsIiRzY3JlZW5faGVpZ2h0IjoxMDI0LCIkc2NyZWVuX3dpZHRoIjoxMjgwLCIkbGliIjoianMiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIiwiJGxhdGVzdF90cmFmZmljX3NvdXJjZV90eXBlIjoi6ZCp5a2Y5bi05ai05L6A5Zm6IiwiJGxhdGVzdF9zZWFyY2hfa2V5d29yZCI6IumPiO6BhOW9h%2BmNkuadv%2BKCrOezremQqeWtmOW4tOmOteaSs%2Be0kSIsIiRsYXRlc3RfcmVmZXJyZXIiOiIiLCJwdl9pZCI6IjFpcG0wbDdiajQwMyIsInBsYXRmb3JtX3R5cGUiOiIxIiwibGFuZ3VhZ2UiOiIxIiwibG9naW5faWQiOiIiLCIkcmVmZXJyZXIiOiIiLCIkdXJsIjoiaHR0cDovL2FsZXMubnlzYS5wbC9tZWRpYS9wcHEvIiwiJHVybF9wYXRoIjoiL21lZGlhL3BwcS8iLCIkdGl0bGUiOiJNZXNzYWdlcyB8IE1hZGUgbG4gQ2hsbmEiLCIkaXNfZmlyc3RfZGF5Ijp0cnVlLCIkaXNfZmlyc3RfdGltZSI6dHJ1ZSwiJHJlZmVycmVyX2hvc3QiOiIiLCIkbGF0ZXN0X3JlZmVycmVyX2hvc3QiOiIifSwiYW5vbnltb3VzX2lkIjoiMTk2NmMwYTlmMjIxNDktMDI3ODQ5OGRhYTE1YWEtMzA2ZDQ2NGEtMTMxMDcyMC0xOTY2YzBhOWYyMzFmYiIsInR5cGUiOiJ0cmFjayIsImV2ZW50IjoiJHBhZ2V2aWV3IiwiX3RyYWNrX2lkIjoxMjI0ODc2MTN9&ext=crc%3D1418619338

104.18.22.150

200 OK

0 B

URL GET
fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE5NjZjMGE5ZjIyMTQ5LTAyNzg0OThkYWExNWFhLTMwNmQ0NjRhLTEzMTA3MjAtMTk2NmMwYTlmMjMxZmIiLCJsaWIiOnsiJGxpYiI6ImpzIiwiJGxpYl9tZXRob2QiOiJjb2RlIiwiJGxpYl92ZXJzaW9uIjoiMS4xNS4xMyJ9LCJwcm9wZXJ0aWVzIjp7IiR0aW1lem9uZV9vZmZzZXQiOjAsIiRzY3JlZW5faGVpZ2h0IjoxMDI0LCIkc2NyZWVuX3dpZHRoIjoxMjgwLCIkbGliIjoianMiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIiwiJGxhdGVzdF90cmFmZmljX3NvdXJjZV90eXBlIjoi6ZCp5a2Y5bi05ai05L6A5Zm6IiwiJGxhdGVzdF9zZWFyY2hfa2V5d29yZCI6IumPiO6BhOW9h%2BmNkuadv%2BKCrOezremQqeWtmOW4tOmOteaSs%2Be0kSIsIiRsYXRlc3RfcmVmZXJyZXIiOiIiLCJwdl9pZCI6IjFpcG0wbDdiajQwMyIsInBsYXRmb3JtX3R5cGUiOiIxIiwibGFuZ3VhZ2UiOiIxIiwibG9naW5faWQiOiIiLCIkcmVmZXJyZXIiOiIiLCIkdXJsIjoiaHR0cDovL2FsZXMubnlzYS5wbC9tZWRpYS9wcHEvIiwiJHVybF9wYXRoIjoiL21lZGlhL3BwcS8iLCIkdGl0bGUiOiJNZXNzYWdlcyB8IE1hZGUgbG4gQ2hsbmEiLCIkaXNfZmlyc3RfZGF5Ijp0cnVlLCIkaXNfZmlyc3RfdGltZSI6dHJ1ZSwiJHJlZmVycmVyX2hvc3QiOiIiLCIkbGF0ZXN0X3JlZmVycmVyX2hvc3QiOiIifSwiYW5vbnltb3VzX2lkIjoiMTk2NmMwYTlmMjIxNDktMDI3ODQ5OGRhYTE1YWEtMzA2ZDQ2NGEtMTMxMDcyMC0xOTY2YzBhOWYyMzFmYiIsInR5cGUiOiJ0cmFjayIsImV2ZW50IjoiJHBhZ2V2aWV3IiwiX3RyYWNrX2lkIjoxMjI0ODc2MTN9&ext=crc%3D1418619338
IP
104.18.22.150:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerDigiCert Inc
Subject*.micstatic.com
FingerprintEF:BA:97:06:EC:8D:A7:71:D9:71:E9:44:47:32:02:95:E3:FF:DE:14
ValidityWed, 27 Nov 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE5NjZjMGE5ZjIyMTQ5LTAyNzg0OThkYWExNWFhLTMwNmQ0NjRhLTEzMTA3MjAtMTk2NmMwYTlmMjMxZmIiLCJsaWIiOnsiJGxpYiI6ImpzIiwiJGxpYl9tZXRob2QiOiJjb2RlIiwiJGxpYl92ZXJzaW9uIjoiMS4xNS4xMyJ9LCJwcm9wZXJ0aWVzIjp7IiR0aW1lem9uZV9vZmZzZXQiOjAsIiRzY3JlZW5faGVpZ2h0IjoxMDI0LCIkc2NyZWVuX3dpZHRoIjoxMjgwLCIkbGliIjoianMiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIiwiJGxhdGVzdF90cmFmZmljX3NvdXJjZV90eXBlIjoi6ZCp5a2Y5bi05ai05L6A5Zm6IiwiJGxhdGVzdF9zZWFyY2hfa2V5d29yZCI6IumPiO6BhOW9h%2BmNkuadv%2BKCrOezremQqeWtmOW4tOmOteaSs%2Be0kSIsIiRsYXRlc3RfcmVmZXJyZXIiOiIiLCJwdl9pZCI6IjFpcG0wbDdiajQwMyIsInBsYXRmb3JtX3R5cGUiOiIxIiwibGFuZ3VhZ2UiOiIxIiwibG9naW5faWQiOiIiLCIkcmVmZXJyZXIiOiIiLCIkdXJsIjoiaHR0cDovL2FsZXMubnlzYS5wbC9tZWRpYS9wcHEvIiwiJHVybF9wYXRoIjoiL21lZGlhL3BwcS8iLCIkdGl0bGUiOiJNZXNzYWdlcyB8IE1hZGUgbG4gQ2hsbmEiLCIkaXNfZmlyc3RfZGF5Ijp0cnVlLCIkaXNfZmlyc3RfdGltZSI6dHJ1ZSwiJHJlZmVycmVyX2hvc3QiOiIiLCIkbGF0ZXN0X3JlZmVycmVyX2hvc3QiOiIifSwiYW5vbnltb3VzX2lkIjoiMTk2NmMwYTlmMjIxNDktMDI3ODQ5OGRhYTE1YWEtMzA2ZDQ2NGEtMTMxMDcyMC0xOTY2YzBhOWYyMzFmYiIsInR5cGUiOiJ0cmFjayIsImV2ZW50IjoiJHBhZ2V2aWV3IiwiX3RyYWNrX2lkIjoxMjI0ODc2MTN9&ext=crc%3D1418619338 HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Cookie: __cf_bm=igB1tBpFpqPV6_IFZvbbcq_Cj2Byp11Gl5XqHcUddWU-1745569356-1.0.1.1-tbOHE6fz9yFaXw6ZKktmxYNqVSD923hbnCmFwZIPNTaf1iwyhYzdQseanRC1b1gYpmUVx1PoTK5x8OkAj.Y3Uog8DaTvbEXqJbOwN5dImuk; __cf_bm=oVNVeWIi2n6BzKTmZoi8f6nX0C7pA4R86S9xcP2hH9k-1745569357-1.0.1.1-Pv.uD2gUILZMzcPZSH8Ewq61cnRFfU7_mUimCoZJwFsbZ1_zjYwgjhWF.iHBL0osYYb0Z1LinJLwzGz7eRf9FzWn81sqlYJhIadkiUnvOu0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 08:22:37 GMT
content-type: image/gif
content-length: 0
origin-agent-cluster: ?0
timing-allow-origin: *
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=H3y_o0vHqFnozhlx.cooxwL.YiKm5od8OKCrxrAWYao-1745569357-1.0.1.1-qLAI9lxBx4oSn7Y.8qLI9h6N5VY9dEXDhxKsmFPW2YF439Hrjvm2rz4fbfrVcM8XFdP2yC1uNFjlQPnJkIWNblWqm8OLykbVWDc9lxZqH50; path=/; expires=Fri, 25-Apr-25 08:52:37 GMT; domain=.fa.micstatic.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 935c6f0669a10b61-OSL
X-Firefox-Spdy: h2

www.micstatic.com/common/img/logo-2019/logo_d0822075.png?v=2

104.18.19.80

200 OK

4.6 kB

URL GET
www.micstatic.com/common/img/logo-2019/logo_d0822075.png?v=2
IP
104.18.19.80:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerDigiCert Inc
Subject*.micstatic.com
FingerprintEF:BA:97:06:EC:8D:A7:71:D9:71:E9:44:47:32:02:95:E3:FF:DE:14
ValidityWed, 27 Nov 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
PNG image data, 257 x 47, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4621 bytes)
Hash
b173e18fb61eb3d489bfad3b2ea570fe
71703d796c502703619ec696e447c937f700b605
488ea251bdaf29ab45c94699fef89ad3368bfef0c0f24b671dcbefd4e474679d

HTTP Headers

GET /common/img/logo-2019/logo_d0822075.png?v=2 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 08:22:36 GMT
content-type: image/png
content-length: 4621
last-modified: Wed, 16 Jun 2021 11:14:07 GMT
etag: "60c9dcff-120d"
origin-agent-cluster: ?0
timing-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 78016
expires: Mon, 23 Apr 2035 08:22:36 GMT
accept-ranges: bytes
set-cookie: __cf_bm=igB1tBpFpqPV6_IFZvbbcq_Cj2Byp11Gl5XqHcUddWU-1745569356-1.0.1.1-tbOHE6fz9yFaXw6ZKktmxYNqVSD923hbnCmFwZIPNTaf1iwyhYzdQseanRC1b1gYpmUVx1PoTK5x8OkAj.Y3Uog8DaTvbEXqJbOwN5dImuk; path=/; expires=Fri, 25-Apr-25 08:52:36 GMT; domain=.micstatic.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 935c6f011a505691-OSL
X-Firefox-Spdy: h2

www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=1634120031144

104.18.19.80

200 OK

12 kB

URL GET
www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=1634120031144
IP
104.18.19.80:80
ASN
#13335 CLOUDFLARENET

Requested by
http://ales.nysa.pl/media/ppq/

File type
JavaScript source, ASCII text, with very long lines (12255)
Size
12 kB (12346 bytes)
Hash
9622686d668d75cc6b5175e8124663a3
ceb107b9d7106228fd79a2aa0da50781ec988c77
e36e7b591ae4ec7a0815ba068b066f1d852d5e51357930636fa64eafcb44b4a6

HTTP Headers

GET /common/js/libs/faw/faw.1.0.0.js?r=1634120031144 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Apr 2025 08:22:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Jan 2025 10:41:55 GMT
ETag: W/"6788e273-303a"
Content-Encoding: gzip
Origin-Agent-Cluster: ?0
Timing-Allow-Origin: *
Cache-Control: public, max-age=315360000
Access-Control-Allow-Origin: *
CF-Cache-Status: HIT
Age: 78017
Expires: Mon, 23 Apr 2035 08:22:37 GMT
Set-Cookie: __cf_bm=EIqzGKyFN3jQPTS5R8MIJ6KaPbx4CRWEDc0vF5eUHRI-1745569357-1.0.1.1-iuSXU_xv0MYY6jB0lijrrQYBrSN0vfNP3QuIY6AAgvhhQEPVST6CnXhgHduIgrT2s9YSCqPf9XSHgbJfJbMUa3S8KmFhZqKEvl3cKDIXoe4; path=/; expires=Fri, 25-Apr-25 08:52:37 GMT; domain=.micstatic.com; HttpOnly
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 935c6f012d41b500-OSL

104.18.22.150

200 OK

0 B

URL GET
fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE5NjZjMGE5ZjIyMTQ5LTAyNzg0OThkYWExNWFhLTMwNmQ0NjRhLTEzMTA3MjAtMTk2NmMwYTlmMjMxZmIiLCJsaWIiOnsiJGxpYiI6ImpzIiwiJGxpYl9tZXRob2QiOiJjb2RlIiwiJGxpYl92ZXJzaW9uIjoiMS4xNS4xMyJ9LCJwcm9wZXJ0aWVzIjp7IiRmaXJzdF92aXNpdF90aW1lIjoiMjAyNS0wNC0yNSAwODoyMjozNy42MDkiLCIkZmlyc3RfcmVmZXJyZXIiOiIiLCIkZmlyc3RfYnJvd3Nlcl9sYW5ndWFnZSI6ImVuLVVTIiwiJGZpcnN0X2Jyb3dzZXJfY2hhcnNldCI6IkdCSyIsIiRmaXJzdF90cmFmZmljX3NvdXJjZV90eXBlIjoi6ZCp5a2Y5bi05ai05L6A5Zm6IiwiJGZpcnN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIn0sImFub255bW91c19pZCI6IjE5NjZjMGE5ZjIyMTQ5LTAyNzg0OThkYWExNWFhLTMwNmQ0NjRhLTEzMTA3MjAtMTk2NmMwYTlmMjMxZmIiLCJ0eXBlIjoicHJvZmlsZV9zZXRfb25jZSIsIl90cmFja19pZCI6MzEwMzQ3NjExfQ%3D%3D&ext=crc%3D1722391348
IP
104.18.22.150:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerDigiCert Inc
Subject*.micstatic.com
FingerprintEF:BA:97:06:EC:8D:A7:71:D9:71:E9:44:47:32:02:95:E3:FF:DE:14
ValidityWed, 27 Nov 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE5NjZjMGE5ZjIyMTQ5LTAyNzg0OThkYWExNWFhLTMwNmQ0NjRhLTEzMTA3MjAtMTk2NmMwYTlmMjMxZmIiLCJsaWIiOnsiJGxpYiI6ImpzIiwiJGxpYl9tZXRob2QiOiJjb2RlIiwiJGxpYl92ZXJzaW9uIjoiMS4xNS4xMyJ9LCJwcm9wZXJ0aWVzIjp7IiRmaXJzdF92aXNpdF90aW1lIjoiMjAyNS0wNC0yNSAwODoyMjozNy42MDkiLCIkZmlyc3RfcmVmZXJyZXIiOiIiLCIkZmlyc3RfYnJvd3Nlcl9sYW5ndWFnZSI6ImVuLVVTIiwiJGZpcnN0X2Jyb3dzZXJfY2hhcnNldCI6IkdCSyIsIiRmaXJzdF90cmFmZmljX3NvdXJjZV90eXBlIjoi6ZCp5a2Y5bi05ai05L6A5Zm6IiwiJGZpcnN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIn0sImFub255bW91c19pZCI6IjE5NjZjMGE5ZjIyMTQ5LTAyNzg0OThkYWExNWFhLTMwNmQ0NjRhLTEzMTA3MjAtMTk2NmMwYTlmMjMxZmIiLCJ0eXBlIjoicHJvZmlsZV9zZXRfb25jZSIsIl90cmFja19pZCI6MzEwMzQ3NjExfQ%3D%3D&ext=crc%3D1722391348 HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Cookie: __cf_bm=igB1tBpFpqPV6_IFZvbbcq_Cj2Byp11Gl5XqHcUddWU-1745569356-1.0.1.1-tbOHE6fz9yFaXw6ZKktmxYNqVSD923hbnCmFwZIPNTaf1iwyhYzdQseanRC1b1gYpmUVx1PoTK5x8OkAj.Y3Uog8DaTvbEXqJbOwN5dImuk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 08:22:37 GMT
content-type: image/gif
content-length: 0
origin-agent-cluster: ?0
timing-allow-origin: *
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=oVNVeWIi2n6BzKTmZoi8f6nX0C7pA4R86S9xcP2hH9k-1745569357-1.0.1.1-Pv.uD2gUILZMzcPZSH8Ewq61cnRFfU7_mUimCoZJwFsbZ1_zjYwgjhWF.iHBL0osYYb0Z1LinJLwzGz7eRf9FzWn81sqlYJhIadkiUnvOu0; path=/; expires=Fri, 25-Apr-25 08:52:37 GMT; domain=.fa.micstatic.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 935c6f05985a0b61-OSL
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-VEFCZRQMG4&gtm=45je54o0h2v876016506za200zb6376862&_p=1745569357516&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=sypham&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&cid=53067066.1745569358&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=BA&_s=1&sid=1745569358&sct=1&seg=0&dl=http%3A%2F%2Fales.nysa.pl%2Fmedia%2Fppq%2F&dt=Messages%20%7C%20Made%20ln%20Chlna&en=page_view&_fv=1&_ss=1&ep.Page_Hostname=ales.nysa.pl&ep.page_URL=http%3A%2F%2Fales.nysa.pl%2Fmedia%2Fppq%2F&tfd=2204

216.239.34.36

204 No Content

0 B

URL POST
region1.analytics.google.com/g/collect?v=2&tid=G-VEFCZRQMG4&gtm=45je54o0h2v876016506za200zb6376862&_p=1745569357516&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=sypham&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&cid=53067066.1745569358&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=BA&_s=1&sid=1745569358&sct=1&seg=0&dl=http%3A%2F%2Fales.nysa.pl%2Fmedia%2Fppq%2F&dt=Messages%20%7C%20Made%20ln%20Chlna&en=page_view&_fv=1&_ss=1&ep.Page_Hostname=ales.nysa.pl&ep.page_URL=http%3A%2F%2Fales.nysa.pl%2Fmedia%2Fppq%2F&tfd=2204
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE4:97:12:2A:2B:30:84:66:33:9D:D6:09:14:D3:8F:CE:3E:20:73:24
ValidityMon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-VEFCZRQMG4&gtm=45je54o0h2v876016506za200zb6376862&_p=1745569357516&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=sypham&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&cid=53067066.1745569358&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=BA&_s=1&sid=1745569358&sct=1&seg=0&dl=http%3A%2F%2Fales.nysa.pl%2Fmedia%2Fppq%2F&dt=Messages%20%7C%20Made%20ln%20Chlna&en=page_view&_fv=1&_ss=1&ep.Page_Hostname=ales.nysa.pl&ep.page_URL=http%3A%2F%2Fales.nysa.pl%2Fmedia%2Fppq%2F&tfd=2204 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ales.nysa.pl/
Origin: http://ales.nysa.pl
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://ales.nysa.pl
date: Fri, 25 Apr 2025 08:22:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:153:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:153:0
report-to: {"group":"ascnsrsggc:153:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:153:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

event.clientgear.com/track?event=PageView&params=%7B%22title%22%3A%22Messages%20%7C%20Made%20ln%20Chlna%22%2C%22event%22%3A%22PageView%22%2C%22referrer%22%3A%22%22%2C%22domain%22%3A%22ales.nysa.pl%22%2C%22pagurl%22%3A%22http%253A%252F%252Fales.nysa.pl%252Fmedia%252Fppq%252F%22%2C%22winwidh%22%3A1280%2C%22winheight%22%3A1024%2C%22timezone%22%3A%22UTC-0%22%2C%22time%22%3A%222025-4-25%208%3A22%3A38%22%2C%22upc%22%3A%225bc9f1f4-a50f-4c8f-8004-b9ce9cf5e495%22%2C%22clientExtend%22%3A%7B%7D%2C%22uidCookie%22%3Anull%2C%22uidLocalStore%22%3A%22mk6af89a9b-1d23-43c6-abab-1cfa89efcdba%22%2C%22uidCanvas%22%3A%226f3b7267%22%2C%22thirdCookie%22%3Atrue%7D

47.252.78.131

200 OK

0 B

URL GET
event.clientgear.com/track?event=PageView&params=%7B%22title%22%3A%22Messages%20%7C%20Made%20ln%20Chlna%22%2C%22event%22%3A%22PageView%22%2C%22referrer%22%3A%22%22%2C%22domain%22%3A%22ales.nysa.pl%22%2C%22pagurl%22%3A%22http%253A%252F%252Fales.nysa.pl%252Fmedia%252Fppq%252F%22%2C%22winwidh%22%3A1280%2C%22winheight%22%3A1024%2C%22timezone%22%3A%22UTC-0%22%2C%22time%22%3A%222025-4-25%208%3A22%3A38%22%2C%22upc%22%3A%225bc9f1f4-a50f-4c8f-8004-b9ce9cf5e495%22%2C%22clientExtend%22%3A%7B%7D%2C%22uidCookie%22%3Anull%2C%22uidLocalStore%22%3A%22mk6af89a9b-1d23-43c6-abab-1cfa89efcdba%22%2C%22uidCanvas%22%3A%226f3b7267%22%2C%22thirdCookie%22%3Atrue%7D
IP
47.252.78.131:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerDigiCert Inc
Subject*.clientgear.com
FingerprintE0:65:66:22:6D:DC:85:3C:9D:16:01:7B:E5:10:5C:36:CB:20:68:37
ValidityThu, 16 Jan 2025 00:00:00 GMT - Sat, 24 Jan 2026 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /track?event=PageView&params=%7B%22title%22%3A%22Messages%20%7C%20Made%20ln%20Chlna%22%2C%22event%22%3A%22PageView%22%2C%22referrer%22%3A%22%22%2C%22domain%22%3A%22ales.nysa.pl%22%2C%22pagurl%22%3A%22http%253A%252F%252Fales.nysa.pl%252Fmedia%252Fppq%252F%22%2C%22winwidh%22%3A1280%2C%22winheight%22%3A1024%2C%22timezone%22%3A%22UTC-0%22%2C%22time%22%3A%222025-4-25%208%3A22%3A38%22%2C%22upc%22%3A%225bc9f1f4-a50f-4c8f-8004-b9ce9cf5e495%22%2C%22clientExtend%22%3A%7B%7D%2C%22uidCookie%22%3Anull%2C%22uidLocalStore%22%3A%22mk6af89a9b-1d23-43c6-abab-1cfa89efcdba%22%2C%22uidCanvas%22%3A%226f3b7267%22%2C%22thirdCookie%22%3Atrue%7D HTTP/1.1
Host: event.clientgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ales.nysa.pl
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 08:22:39 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: http://ales.nysa.pl
access-control-allow-credentials: true
set-cookie: updatetime=1745569359079; Domain=.clientgear.com; Expires=Wed, 22-Oct-2025 08:22:39 GMT; Path=/; Secure; SameSite=None
mksession=mks5567d44e-034a-4417-a9f0-b7800d76784f; Domain=.clientgear.com; Expires=Fri, 25-Apr-2025 08:52:39 GMT; Path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

ales.nysa.pl/media/ppq/

0.0.0.0

0 B

URL User Request GET
ales.nysa.pl/media/ppq/
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic phishing

NIDS	Severity	Alert
suricata	medium	ET PHISHING Generic Multibrand NewInjection Phishing Landing Template
suricata	medium	ET PHISHING Generic Multibrand NewInjection Phishing Landing Template

HTTP Headers

GET /media/ppq/ HTTP/1.1
Host: ales.nysa.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

www.googletagmanager.com/gtm.js?id=GTM-T39J99&r=1634120031144

142.250.74.136

200 OK

490 kB

URL GET
www.googletagmanager.com/gtm.js?id=GTM-T39J99&r=1634120031144
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE4:97:12:2A:2B:30:84:66:33:9D:D6:09:14:D3:8F:CE:3E:20:73:24
ValidityMon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (45871)
Size
490 kB (490235 bytes)
Hash
b65dce526e7d3949617b8f0d8c426acc
82d40ba3917c9a423e9514a85ca4d1db75b2126f
2e5197ea07ea2ccec9c6624efb17fe73e653b83c96e8dba73df1f88362db4877

HTTP Headers

GET /gtm.js?id=GTM-T39J99&r=1634120031144 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Apr 2025 08:22:37 GMT
expires: Fri, 25 Apr 2025 08:22:37 GMT
cache-control: private, max-age=900
last-modified: Fri, 25 Apr 2025 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1310:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1310:0
report-to: {"group":"ascgcycc:1310:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1310:0"}],}
server: Google Tag Manager
content-length: 144634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fa.micstatic.com/probe/mine.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221ipm0l7gl267%22%2Clinkid%3A%221ipm0l7gl267%22%2Curl%3A%22ales.nysa.pl%252Fmedia%252Fppq%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%5B%7Ba%3A%221870%22%2Cb%3A%221%22%2Cc%3A%2227%22%2Cd%3A%220%22%2Ce%3A%229%22%2Cf%3A%220%22%2Cst%3A%22-1%22%2Ck%3A%221632%22%2Cn%3A%22pixel.bxtag.com%252Ftag%252Fbrainx.min.js%22%2Cp%3A%2215%22%7D%5D%7D

104.18.22.150

204 No Content

0 B

URL GET
fa.micstatic.com/probe/mine.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221ipm0l7gl267%22%2Clinkid%3A%221ipm0l7gl267%22%2Curl%3A%22ales.nysa.pl%252Fmedia%252Fppq%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%5B%7Ba%3A%221870%22%2Cb%3A%221%22%2Cc%3A%2227%22%2Cd%3A%220%22%2Ce%3A%229%22%2Cf%3A%220%22%2Cst%3A%22-1%22%2Ck%3A%221632%22%2Cn%3A%22pixel.bxtag.com%252Ftag%252Fbrainx.min.js%22%2Cp%3A%2215%22%7D%5D%7D
IP
104.18.22.150:80
ASN
#13335 CLOUDFLARENET

Requested by
http://ales.nysa.pl/media/ppq/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /probe/mine.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221ipm0l7gl267%22%2Clinkid%3A%221ipm0l7gl267%22%2Curl%3A%22ales.nysa.pl%252Fmedia%252Fppq%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%5B%7Ba%3A%221870%22%2Cb%3A%221%22%2Cc%3A%2227%22%2Cd%3A%220%22%2Ce%3A%229%22%2Cf%3A%220%22%2Cst%3A%22-1%22%2Ck%3A%221632%22%2Cn%3A%22pixel.bxtag.com%252Ftag%252Fbrainx.min.js%22%2Cp%3A%2215%22%7D%5D%7D HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Date: Fri, 25 Apr 2025 08:22:41 GMT
Connection: keep-alive
Origin-Agent-Cluster: ?0
Timing-Allow-Origin: *
cf-cache-status: DYNAMIC
Set-Cookie: __cf_bm=Ps7KKQtLSRPNXxOu0VjXypQbED5e2yr8pnDEG7PdAgc-1745569361-1.0.1.1-ycCQZiki0e0sWgXTq6IzlgAQoHEFpP3o1G9TZYanEWE0tYlBtQx99qZPer2yGSEjiw86n_hxakuNSvfSKf_OJhfMEeNMVe.26.arU.vx8PM; path=/; expires=Fri, 25-Apr-25 08:52:41 GMT; domain=.fa.micstatic.com; HttpOnly
Server: cloudflare
CF-RAY: 935c6f1aca5cb50f-OSL

event.clientgear.com/track?event=ViewContent3&params=%7B%22event%22%3A%22ViewContent3%22%2C%22upc%22%3A%225bc9f1f4-a50f-4c8f-8004-b9ce9cf5e495%22%2C%22referrer%22%3A%22%22%2C%22domain%22%3A%22ales.nysa.pl%22%2C%22pagurl%22%3A%22http%253A%252F%252Fales.nysa.pl%252Fmedia%252Fppq%252F%22%2C%22winwidh%22%3A1280%2C%22winheight%22%3A1024%2C%22uid%22%3A%22guest%22%2C%22timezone%22%3A%22UTC-0%22%2C%22time%22%3A%222025-4-25%208%3A22%3A42%22%2C%22mkPixelId%22%3A%2242487381192519%22%2C%22uidCookie%22%3A%22mk978dc270-a54d-4f4e-9d19-ede4154eda04%22%2C%22uidLocalStore%22%3A%22mk6af89a9b-1d23-43c6-abab-1cfa89efcdba%22%2C%22uidCanvas%22%3A%226f3b7267%22%2C%22thirdCookie%22%3Atrue%7D

47.252.78.131

200 OK

0 B

URL GET
event.clientgear.com/track?event=ViewContent3&params=%7B%22event%22%3A%22ViewContent3%22%2C%22upc%22%3A%225bc9f1f4-a50f-4c8f-8004-b9ce9cf5e495%22%2C%22referrer%22%3A%22%22%2C%22domain%22%3A%22ales.nysa.pl%22%2C%22pagurl%22%3A%22http%253A%252F%252Fales.nysa.pl%252Fmedia%252Fppq%252F%22%2C%22winwidh%22%3A1280%2C%22winheight%22%3A1024%2C%22uid%22%3A%22guest%22%2C%22timezone%22%3A%22UTC-0%22%2C%22time%22%3A%222025-4-25%208%3A22%3A42%22%2C%22mkPixelId%22%3A%2242487381192519%22%2C%22uidCookie%22%3A%22mk978dc270-a54d-4f4e-9d19-ede4154eda04%22%2C%22uidLocalStore%22%3A%22mk6af89a9b-1d23-43c6-abab-1cfa89efcdba%22%2C%22uidCanvas%22%3A%226f3b7267%22%2C%22thirdCookie%22%3Atrue%7D
IP
47.252.78.131:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerDigiCert Inc
Subject*.clientgear.com
FingerprintE0:65:66:22:6D:DC:85:3C:9D:16:01:7B:E5:10:5C:36:CB:20:68:37
ValidityThu, 16 Jan 2025 00:00:00 GMT - Sat, 24 Jan 2026 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /track?event=ViewContent3&params=%7B%22event%22%3A%22ViewContent3%22%2C%22upc%22%3A%225bc9f1f4-a50f-4c8f-8004-b9ce9cf5e495%22%2C%22referrer%22%3A%22%22%2C%22domain%22%3A%22ales.nysa.pl%22%2C%22pagurl%22%3A%22http%253A%252F%252Fales.nysa.pl%252Fmedia%252Fppq%252F%22%2C%22winwidh%22%3A1280%2C%22winheight%22%3A1024%2C%22uid%22%3A%22guest%22%2C%22timezone%22%3A%22UTC-0%22%2C%22time%22%3A%222025-4-25%208%3A22%3A42%22%2C%22mkPixelId%22%3A%2242487381192519%22%2C%22uidCookie%22%3A%22mk978dc270-a54d-4f4e-9d19-ede4154eda04%22%2C%22uidLocalStore%22%3A%22mk6af89a9b-1d23-43c6-abab-1cfa89efcdba%22%2C%22uidCanvas%22%3A%226f3b7267%22%2C%22thirdCookie%22%3Atrue%7D HTTP/1.1
Host: event.clientgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ales.nysa.pl
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Cookie: mkuuid=mk9294e05008944db1b84811bfb2640884; updatetime=1745569359079; mksession=mks5567d44e-034a-4417-a9f0-b7800d76784f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 08:22:42 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: http://ales.nysa.pl
access-control-allow-credentials: true
set-cookie: updatetime=1745569362157; Domain=.clientgear.com; Expires=Wed, 22-Oct-2025 08:22:42 GMT; Path=/; Secure; SameSite=None
mksession=mks5567d44e-034a-4417-a9f0-b7800d76784f; Domain=.clientgear.com; Expires=Fri, 25-Apr-2025 08:52:42 GMT; Path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.11.207

200 OK

51 kB

URL GET
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint90:B1:98:4A:7E:D6:37:CF:9B:DC:7D:67:82:58:17:6C:F7:F6:11:DE
ValiditySun, 16 Mar 2025 01:14:49 GMT - Sat, 14 Jun 2025 02:14:23 GMT

File type
JavaScript source, ASCII text, with very long lines (50758)
Size
51 kB (51039 bytes)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 08:22:36 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: "67176c242e1bdc20603c878dee836df3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2024 02:53:43
cdn-edgestorageid: 1029
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 1
cdn-requestid: c6c8a086d090f1d2baac8a7b0c894894
cdn-cache: HIT
cf-cache-status: HIT
age: 1150769
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 935c6efe1d6f1c06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/destination?id=AW-731984560&l=dataLayer&cx=c&gtm=45je54o0h2v876016506za200zb6376862&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001

142.250.74.136

200 OK

313 kB

URL GET
www.googletagmanager.com/gtag/destination?id=AW-731984560&l=dataLayer&cx=c&gtm=45je54o0h2v876016506za200zb6376862&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE4:97:12:2A:2B:30:84:66:33:9D:D6:09:14:D3:8F:CE:3E:20:73:24
ValidityMon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT

File type
JavaScript source, ASCII text, with very long lines (5436)
Size
313 kB (312774 bytes)
Hash
bd7b009c9e125d7cc5fdfde6f5046e22
c14e440d95cf2342ea76422914249fcf0ca18e5d
daf74539d5d43bc645b1ef3d8940cc6c7a10b2d1630bd8075b4979925716fe50

HTTP Headers

GET /gtag/destination?id=AW-731984560&l=dataLayer&cx=c&gtm=45je54o0h2v876016506za200zb6376862&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Apr 2025 08:22:38 GMT
expires: Fri, 25 Apr 2025 08:22:38 GMT
cache-control: private, max-age=900
last-modified: Fri, 25 Apr 2025 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcysghrgc:42:0
report-to: {"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
server: Google Tag Manager
content-length: 109614
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

bat.bing.net/actionp/0?ti=13001299&tm=gtm002&Ver=2&mid=ead111e9-3153-4a95-9461-f108e6f34135&bo=1&evt=consent&src=enforced&cdb=AQAY&asc=D

150.171.28.10

204 No Content

0 B

URL POST
bat.bing.net/actionp/0?ti=13001299&tm=gtm002&Ver=2&mid=ead111e9-3153-4a95-9461-f108e6f34135&bo=1&evt=consent&src=enforced&cdb=AQAY&asc=D
IP
150.171.28.10:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerMicrosoft Corporation
Subjectbat.bing.net
Fingerprint36:B0:89:87:47:4A:B0:8A:1F:A8:EB:71:A6:13:8A:FF:CD:94:46:23
ValidityThu, 24 Apr 2025 22:29:23 GMT - Tue, 21 Oct 2025 22:29:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /actionp/0?ti=13001299&tm=gtm002&Ver=2&mid=ead111e9-3153-4a95-9461-f108e6f34135&bo=1&evt=consent&src=enforced&cdb=AQAY&asc=D HTTP/1.1
Host: bat.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ales.nysa.pl
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 78096BC88C8747DB8027F6BCA3AFF4F7 Ref B: OSL30EDGE0319 Ref C: 2025-04-25T08:22:39Z
date: Fri, 25 Apr 2025 08:22:38 GMT
X-Firefox-Spdy: h2

www.made-in-china.com/faw-store.html

104.18.15.186

301 Moved Permanently

1.5 kB

URL GET
www.made-in-china.com/faw-store.html
IP
104.18.15.186:80
ASN
#13335 CLOUDFLARENET

Requested by
http://ales.nysa.pl/media/ppq/

File type

Size
1.5 kB (1504 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /faw-store.html HTTP/1.1
Host: www.made-in-china.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Apr 2025 08:22:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.made-in-china.com/faw-store.html
Timing-Allow-Origin: *
Origin-Agent-Cluster: ?0
CF-Cache-Status: HIT
Expires: Fri, 25 Apr 2025 12:22:37 GMT
Cache-Control: public, max-age=14400
Set-Cookie: __cf_bm=X5ZcS_N7Eh1voaDppC2zjVxaoUu5TfWUBXApR2Ztcv8-1745569357-1.0.1.1-tsDEv1GACcjAA3yEtlEavQP9j6KnyS5mA4XkkEd9HgnM.GxrP9bbwrOiReccxvgfvsQWpj6iOaXmsm_RG9JtJCfaMOY0fg6Xvj52qZMuGBs; path=/; expires=Fri, 25-Apr-25 08:52:37 GMT; domain=.made-in-china.com; HttpOnly
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 935c6f02cacbb521-OSL

www.googletagmanager.com/gtag/js?id=G-VEFCZRQMG4&l=dataLayer&cx=c&gtm=45He54o0h2v6376862za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001

142.250.74.136

200 OK

455 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-VEFCZRQMG4&l=dataLayer&cx=c&gtm=45He54o0h2v6376862za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE4:97:12:2A:2B:30:84:66:33:9D:D6:09:14:D3:8F:CE:3E:20:73:24
ValidityMon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (13322)
Size
455 kB (455302 bytes)
Hash
e9b8cc2951dd2afa1f666a4eae4a4f13
18bd51f7e492cf44056792cd1070c478ad847e99
507da7306d6430e7b865b68b202a922d964d5574103cf75956ea509ec9d7a1ae

HTTP Headers

GET /gtag/js?id=G-VEFCZRQMG4&l=dataLayer&cx=c&gtm=45He54o0h2v6376862za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Apr 2025 08:22:38 GMT
expires: Fri, 25 Apr 2025 08:22:38 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1068:0
report-to: {"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
server: Google Tag Manager
content-length: 145609
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

event.clientgear.com/track?event=ViewContent10&params=%7B%22event%22%3A%22ViewContent10%22%2C%22upc%22%3A%225bc9f1f4-a50f-4c8f-8004-b9ce9cf5e495%22%2C%22referrer%22%3A%22%22%2C%22domain%22%3A%22ales.nysa.pl%22%2C%22pagurl%22%3A%22http%253A%252F%252Fales.nysa.pl%252Fmedia%252Fppq%252F%22%2C%22winwidh%22%3A1280%2C%22winheight%22%3A1024%2C%22uid%22%3A%22guest%22%2C%22timezone%22%3A%22UTC-0%22%2C%22time%22%3A%222025-4-25%208%3A22%3A49%22%2C%22mkPixelId%22%3A%2242487381192519%22%2C%22uidCookie%22%3A%22mk978dc270-a54d-4f4e-9d19-ede4154eda04%22%2C%22uidLocalStore%22%3A%22mk6af89a9b-1d23-43c6-abab-1cfa89efcdba%22%2C%22uidCanvas%22%3A%226f3b7267%22%2C%22thirdCookie%22%3Atrue%7D

47.252.78.131

200 OK

0 B

URL GET
event.clientgear.com/track?event=ViewContent10&params=%7B%22event%22%3A%22ViewContent10%22%2C%22upc%22%3A%225bc9f1f4-a50f-4c8f-8004-b9ce9cf5e495%22%2C%22referrer%22%3A%22%22%2C%22domain%22%3A%22ales.nysa.pl%22%2C%22pagurl%22%3A%22http%253A%252F%252Fales.nysa.pl%252Fmedia%252Fppq%252F%22%2C%22winwidh%22%3A1280%2C%22winheight%22%3A1024%2C%22uid%22%3A%22guest%22%2C%22timezone%22%3A%22UTC-0%22%2C%22time%22%3A%222025-4-25%208%3A22%3A49%22%2C%22mkPixelId%22%3A%2242487381192519%22%2C%22uidCookie%22%3A%22mk978dc270-a54d-4f4e-9d19-ede4154eda04%22%2C%22uidLocalStore%22%3A%22mk6af89a9b-1d23-43c6-abab-1cfa89efcdba%22%2C%22uidCanvas%22%3A%226f3b7267%22%2C%22thirdCookie%22%3Atrue%7D
IP
47.252.78.131:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerDigiCert Inc
Subject*.clientgear.com
FingerprintE0:65:66:22:6D:DC:85:3C:9D:16:01:7B:E5:10:5C:36:CB:20:68:37
ValidityThu, 16 Jan 2025 00:00:00 GMT - Sat, 24 Jan 2026 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /track?event=ViewContent10&params=%7B%22event%22%3A%22ViewContent10%22%2C%22upc%22%3A%225bc9f1f4-a50f-4c8f-8004-b9ce9cf5e495%22%2C%22referrer%22%3A%22%22%2C%22domain%22%3A%22ales.nysa.pl%22%2C%22pagurl%22%3A%22http%253A%252F%252Fales.nysa.pl%252Fmedia%252Fppq%252F%22%2C%22winwidh%22%3A1280%2C%22winheight%22%3A1024%2C%22uid%22%3A%22guest%22%2C%22timezone%22%3A%22UTC-0%22%2C%22time%22%3A%222025-4-25%208%3A22%3A49%22%2C%22mkPixelId%22%3A%2242487381192519%22%2C%22uidCookie%22%3A%22mk978dc270-a54d-4f4e-9d19-ede4154eda04%22%2C%22uidLocalStore%22%3A%22mk6af89a9b-1d23-43c6-abab-1cfa89efcdba%22%2C%22uidCanvas%22%3A%226f3b7267%22%2C%22thirdCookie%22%3Atrue%7D HTTP/1.1
Host: event.clientgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ales.nysa.pl
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Cookie: mkuuid=mk9294e05008944db1b84811bfb2640884; updatetime=1745569362157; mksession=mks5567d44e-034a-4417-a9f0-b7800d76784f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 08:22:49 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: http://ales.nysa.pl
access-control-allow-credentials: true
set-cookie: updatetime=1745569369158; Domain=.clientgear.com; Expires=Wed, 22-Oct-2025 08:22:49 GMT; Path=/; Secure; SameSite=None
mksession=mks5567d44e-034a-4417-a9f0-b7800d76784f; Domain=.clientgear.com; Expires=Fri, 25-Apr-2025 08:52:49 GMT; Path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

www.google.com/ccm/collect?en=page_view&dl=http%3A%2F%2Fales.nysa.pl%2Fmedia%2Fppq%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=795685857.1745569358&dt=Messages%20%7C%20Made%20ln%20Chlna&auid=1562316813.1745569358&navt=n&npa=1&gtm=45He54o0h2v6376862za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&tft=1745569358009&tfd=1811&apve=1

142.250.178.100

200 OK

0 B

URL POST
www.google.com/ccm/collect?en=page_view&dl=http%3A%2F%2Fales.nysa.pl%2Fmedia%2Fppq%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=795685857.1745569358&dt=Messages%20%7C%20Made%20ln%20Chlna&auid=1562316813.1745569358&navt=n&npa=1&gtm=45He54o0h2v6376862za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&tft=1745569358009&tfd=1811&apve=1
IP
142.250.178.100:443
ASN
#15169 GOOGLE

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
FingerprintD0:D7:4C:27:9F:7B:15:26:DB:1E:8C:54:8C:59:28:47:E4:A8:63:68
ValidityMon, 31 Mar 2025 08:56:27 GMT - Mon, 23 Jun 2025 08:56:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ccm/collect?en=page_view&dl=http%3A%2F%2Fales.nysa.pl%2Fmedia%2Fppq%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=795685857.1745569358&dt=Messages%20%7C%20Made%20ln%20Chlna&auid=1562316813.1745569358&navt=n&npa=1&gtm=45He54o0h2v6376862za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&tft=1745569358009&tfd=1811&apve=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ales.nysa.pl
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
date: Fri, 25 Apr 2025 08:22:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/plain
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: http://ales.nysa.pl
access-control-expose-headers: date,vary,vary,vary,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bat.bing.com/p/action/13001299.js

150.171.28.10

200 OK

3.2 kB

URL GET
bat.bing.com/p/action/13001299.js
IP
150.171.28.10:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
Fingerprint8F:FE:D3:58:48:93:DF:0E:26:DA:5E:55:30:00:F2:14:BF:4B:AB:8E
ValidityFri, 14 Mar 2025 18:35:35 GMT - Wed, 10 Sep 2025 18:35:35 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
3.2 kB (3154 bytes)
Hash
a398e3c6baee8af7166766716b7d995a
72a0078445404182de5860a02a2b1a3edcfa7d58
e9e475e5a9a7516f2f0dba6ce1fd054ee4a8791d4c8b6897c0d8a0b90e249e97

HTTP Headers

GET /p/action/13001299.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: private,max-age=1800
content-type: application/javascript; charset=utf-8
content-encoding: br
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 49EECE765C754218BD1981F053C1E187 Ref B: OSL30EDGE0321 Ref C: 2025-04-25T08:22:39Z
date: Fri, 25 Apr 2025 08:22:39 GMT
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.11.207

200 OK

49 kB

URL GET
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint90:B1:98:4A:7E:D6:37:CF:9B:DC:7D:67:82:58:17:6C:F7:F6:11:DE
ValiditySun, 16 Mar 2025 01:14:49 GMT - Sat, 14 Jun 2025 02:14:23 GMT

File type
JavaScript source, ASCII text, with very long lines (48664)
Size
49 kB (48944 bytes)
Hash
14d449eb8876fa55e1ef3c2cc52b0c17
a9545831803b1359cfeed47e3b4d6bae68e40e99
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 08:22:36 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: "14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/20/2024 14:11:37
cdn-proxyver: 1.06
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1002
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 22ee951d058bdbb194846a7e3e968d83
cdn-cache: HIT
cf-cache-status: HIT
age: 1145776
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 935c6efe1d821c06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.micstatic.com/common/font/Roboto/400-regular/Roboto-Regular_c0bdb222.woff2

104.18.19.80

200 OK

20 kB

URL GET
www.micstatic.com/common/font/Roboto/400-regular/Roboto-Regular_c0bdb222.woff2
IP
104.18.19.80:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerDigiCert Inc
Subject*.micstatic.com
FingerprintEF:BA:97:06:EC:8D:A7:71:D9:71:E9:44:47:32:02:95:E3:FF:DE:14
ValidityWed, 27 Nov 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19832, version 2.8978
Size
20 kB (19832 bytes)
Hash
ed2022705048507e5995ee72717e7fd4
570864c3bccc3e0e203fdd67be3cf850387faefb
e7f4f778ddb41b7be2d20810bb560acee79da55ed5d3eeac12f2bb8948f4453a

HTTP Headers

GET /common/font/Roboto/400-regular/Roboto-Regular_c0bdb222.woff2 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ales.nysa.pl
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 08:22:36 GMT
content-type: font/woff2
content-length: 19832
last-modified: Wed, 16 Jun 2021 11:14:08 GMT
etag: "60c9dd00-4d78"
origin-agent-cluster: ?0
timing-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 78016
expires: Mon, 23 Apr 2035 08:22:36 GMT
accept-ranges: bytes
set-cookie: __cf_bm=J7mTEZyG517PdZPuCAY9WOWZtVMIdjV4mIhAvnV1Clk-1745569356-1.0.1.1-ueSjQDbjQsNokcioC8s6NVERv6zCt.8etbpBzVVdzjkENNcY6baJdGJFf5Z3K0.iMq.YDPEjle80aw1yqrHhsNP_uKMgsj1QQvaSC6nBPpk; path=/; expires=Fri, 25-Apr-25 08:52:36 GMT; domain=.micstatic.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 935c6f0109d1569d-OSL
X-Firefox-Spdy: h2

fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE5NjZjMGE5ZjIyMTQ5LTAyNzg0OThkYWExNWFhLTMwNmQ0NjRhLTEzMTA3MjAtMTk2NmMwYTlmMjMxZmIiLCJsaWIiOnsiJGxpYiI6ImpzIiwiJGxpYl9tZXRob2QiOiJjb2RlIiwiJGxpYl92ZXJzaW9uIjoiMS4xNS4xMyJ9LCJwcm9wZXJ0aWVzIjp7IiR0aW1lem9uZV9vZmZzZXQiOjAsIiRzY3JlZW5faGVpZ2h0IjoxMDI0LCIkc2NyZWVuX3dpZHRoIjoxMjgwLCIkbGliIjoianMiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIiwiJGxhdGVzdF90cmFmZmljX3NvdXJjZV90eXBlIjoi6ZCp5a2Y5bi05ai05L6A5Zm6IiwiJGxhdGVzdF9zZWFyY2hfa2V5d29yZCI6IumPiO6BhOW9h%2BmNkuadv%2BKCrOezremQqeWtmOW4tOmOteaSs%2Be0kSIsIiRsYXRlc3RfcmVmZXJyZXIiOiIiLCJwdl9pZCI6IjFpcG0wbDdiajQwMyIsInBsYXRmb3JtX3R5cGUiOiIxIiwibGFuZ3VhZ2UiOiIxIiwibG9naW5faWQiOiIiLCIkaXNfZmlyc3RfZGF5Ijp0cnVlLCIkbGF0ZXN0X3JlZmVycmVyX2hvc3QiOiIiLCIkdXJsIjoiaHR0cDovL2FsZXMubnlzYS5wbC9tZWRpYS9wcHEvIn0sImFub255bW91c19pZCI6IjE5NjZjMGE5ZjIyMTQ5LTAyNzg0OThkYWExNWFhLTMwNmQ0NjRhLTEzMTA3MjAtMTk2NmMwYTlmMjMxZmIiLCJ0eXBlIjoidHJhY2siLCJldmVudCI6ImZvcm1BY3Rpb24iLCJfdHJhY2tfaWQiOjE5MDIyNzYyMn0%3D&ext=crc%3D-1655023270

104.18.22.150

200 OK

0 B

URL GET
fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE5NjZjMGE5ZjIyMTQ5LTAyNzg0OThkYWExNWFhLTMwNmQ0NjRhLTEzMTA3MjAtMTk2NmMwYTlmMjMxZmIiLCJsaWIiOnsiJGxpYiI6ImpzIiwiJGxpYl9tZXRob2QiOiJjb2RlIiwiJGxpYl92ZXJzaW9uIjoiMS4xNS4xMyJ9LCJwcm9wZXJ0aWVzIjp7IiR0aW1lem9uZV9vZmZzZXQiOjAsIiRzY3JlZW5faGVpZ2h0IjoxMDI0LCIkc2NyZWVuX3dpZHRoIjoxMjgwLCIkbGliIjoianMiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIiwiJGxhdGVzdF90cmFmZmljX3NvdXJjZV90eXBlIjoi6ZCp5a2Y5bi05ai05L6A5Zm6IiwiJGxhdGVzdF9zZWFyY2hfa2V5d29yZCI6IumPiO6BhOW9h%2BmNkuadv%2BKCrOezremQqeWtmOW4tOmOteaSs%2Be0kSIsIiRsYXRlc3RfcmVmZXJyZXIiOiIiLCJwdl9pZCI6IjFpcG0wbDdiajQwMyIsInBsYXRmb3JtX3R5cGUiOiIxIiwibGFuZ3VhZ2UiOiIxIiwibG9naW5faWQiOiIiLCIkaXNfZmlyc3RfZGF5Ijp0cnVlLCIkbGF0ZXN0X3JlZmVycmVyX2hvc3QiOiIiLCIkdXJsIjoiaHR0cDovL2FsZXMubnlzYS5wbC9tZWRpYS9wcHEvIn0sImFub255bW91c19pZCI6IjE5NjZjMGE5ZjIyMTQ5LTAyNzg0OThkYWExNWFhLTMwNmQ0NjRhLTEzMTA3MjAtMTk2NmMwYTlmMjMxZmIiLCJ0eXBlIjoidHJhY2siLCJldmVudCI6ImZvcm1BY3Rpb24iLCJfdHJhY2tfaWQiOjE5MDIyNzYyMn0%3D&ext=crc%3D-1655023270
IP
104.18.22.150:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerDigiCert Inc
Subject*.micstatic.com
FingerprintEF:BA:97:06:EC:8D:A7:71:D9:71:E9:44:47:32:02:95:E3:FF:DE:14
ValidityWed, 27 Nov 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE5NjZjMGE5ZjIyMTQ5LTAyNzg0OThkYWExNWFhLTMwNmQ0NjRhLTEzMTA3MjAtMTk2NmMwYTlmMjMxZmIiLCJsaWIiOnsiJGxpYiI6ImpzIiwiJGxpYl9tZXRob2QiOiJjb2RlIiwiJGxpYl92ZXJzaW9uIjoiMS4xNS4xMyJ9LCJwcm9wZXJ0aWVzIjp7IiR0aW1lem9uZV9vZmZzZXQiOjAsIiRzY3JlZW5faGVpZ2h0IjoxMDI0LCIkc2NyZWVuX3dpZHRoIjoxMjgwLCIkbGliIjoianMiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIiwiJGxhdGVzdF90cmFmZmljX3NvdXJjZV90eXBlIjoi6ZCp5a2Y5bi05ai05L6A5Zm6IiwiJGxhdGVzdF9zZWFyY2hfa2V5d29yZCI6IumPiO6BhOW9h%2BmNkuadv%2BKCrOezremQqeWtmOW4tOmOteaSs%2Be0kSIsIiRsYXRlc3RfcmVmZXJyZXIiOiIiLCJwdl9pZCI6IjFpcG0wbDdiajQwMyIsInBsYXRmb3JtX3R5cGUiOiIxIiwibGFuZ3VhZ2UiOiIxIiwibG9naW5faWQiOiIiLCIkaXNfZmlyc3RfZGF5Ijp0cnVlLCIkbGF0ZXN0X3JlZmVycmVyX2hvc3QiOiIiLCIkdXJsIjoiaHR0cDovL2FsZXMubnlzYS5wbC9tZWRpYS9wcHEvIn0sImFub255bW91c19pZCI6IjE5NjZjMGE5ZjIyMTQ5LTAyNzg0OThkYWExNWFhLTMwNmQ0NjRhLTEzMTA3MjAtMTk2NmMwYTlmMjMxZmIiLCJ0eXBlIjoidHJhY2siLCJldmVudCI6ImZvcm1BY3Rpb24iLCJfdHJhY2tfaWQiOjE5MDIyNzYyMn0%3D&ext=crc%3D-1655023270 HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Cookie: __cf_bm=igB1tBpFpqPV6_IFZvbbcq_Cj2Byp11Gl5XqHcUddWU-1745569356-1.0.1.1-tbOHE6fz9yFaXw6ZKktmxYNqVSD923hbnCmFwZIPNTaf1iwyhYzdQseanRC1b1gYpmUVx1PoTK5x8OkAj.Y3Uog8DaTvbEXqJbOwN5dImuk; __cf_bm=H3y_o0vHqFnozhlx.cooxwL.YiKm5od8OKCrxrAWYao-1745569357-1.0.1.1-qLAI9lxBx4oSn7Y.8qLI9h6N5VY9dEXDhxKsmFPW2YF439Hrjvm2rz4fbfrVcM8XFdP2yC1uNFjlQPnJkIWNblWqm8OLykbVWDc9lxZqH50
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 08:22:37 GMT
content-type: image/gif
content-length: 0
origin-agent-cluster: ?0
timing-allow-origin: *
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=mqz.Mt5sY_HRucutnhdMT3xdKehBBlXVnti8T3CX8Tk-1745569357-1.0.1.1-0m0BmnttuvedAMaD2LmWmzSL5vXDYaHLJ5f.zv9bNO7YNlfsssIorRujgkQVQ.2EIyW_NUZUS6KrDzEvQYcOP2V4RbjQE8GApGvfWh1lGKs; path=/; expires=Fri, 25-Apr-25 08:52:37 GMT; domain=.fa.micstatic.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 935c6f06eaa50b61-OSL
X-Firefox-Spdy: h2

bat.bing.com/bat.js

150.171.28.10

200 OK

52 kB

URL GET
bat.bing.com/bat.js
IP
150.171.28.10:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
Fingerprint8F:FE:D3:58:48:93:DF:0E:26:DA:5E:55:30:00:F2:14:BF:4B:AB:8E
ValidityFri, 14 Mar 2025 18:35:35 GMT - Wed, 10 Sep 2025 18:35:35 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (51758), with no line terminators
Size
52 kB (51759 bytes)
Hash
a27f391f831d4265f599152bff478cc4
c1a679f371c78a345c322e4585c8faf555c151cb
759043dafa55d63c0788faf5611e14607e598d740d5bc64ecc772d841014d04c

HTTP Headers

GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 14711
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 31 Mar 2025 16:18:20 GMT
accept-ranges: bytes
etag: "02e6b8458a2db1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C652CBB0F5DE42E98C52FA176FE6B824 Ref B: OSL30EDGE0321 Ref C: 2025-04-25T08:22:38Z
date: Fri, 25 Apr 2025 08:22:38 GMT
X-Firefox-Spdy: h2

fa.micstatic.com/probe/mine.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221ipm0l7gl267%22%2Clinkid%3A%221ipm0l7gl267%22%2Curl%3A%22ales.nysa.pl%252Fmedia%252Fppq%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%5B%7Ba%3A%224566%22%2Cb%3A%220%22%2Cc%3A%220%22%2Cd%3A%220%22%2Ce%3A%22-1%22%2Cf%3A%226336%22%2Cst%3A%22-1%22%2Ck%3A%221770%22%2Cn%3A%22track.bxtag.com%252Ftecdo%252Fcm%252Fadx%22%2Cp%3A%220%22%7D%5D%7D

104.18.22.150

204 No Content

0 B

URL GET
fa.micstatic.com/probe/mine.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221ipm0l7gl267%22%2Clinkid%3A%221ipm0l7gl267%22%2Curl%3A%22ales.nysa.pl%252Fmedia%252Fppq%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%5B%7Ba%3A%224566%22%2Cb%3A%220%22%2Cc%3A%220%22%2Cd%3A%220%22%2Ce%3A%22-1%22%2Cf%3A%226336%22%2Cst%3A%22-1%22%2Ck%3A%221770%22%2Cn%3A%22track.bxtag.com%252Ftecdo%252Fcm%252Fadx%22%2Cp%3A%220%22%7D%5D%7D
IP
104.18.22.150:80
ASN
#13335 CLOUDFLARENET

Requested by
http://ales.nysa.pl/media/ppq/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /probe/mine.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221ipm0l7gl267%22%2Clinkid%3A%221ipm0l7gl267%22%2Curl%3A%22ales.nysa.pl%252Fmedia%252Fppq%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%5B%7Ba%3A%224566%22%2Cb%3A%220%22%2Cc%3A%220%22%2Cd%3A%220%22%2Ce%3A%22-1%22%2Cf%3A%226336%22%2Cst%3A%22-1%22%2Ck%3A%221770%22%2Cn%3A%22track.bxtag.com%252Ftecdo%252Fcm%252Fadx%22%2Cp%3A%220%22%7D%5D%7D HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Date: Fri, 25 Apr 2025 08:22:44 GMT
Connection: keep-alive
Origin-Agent-Cluster: ?0
Timing-Allow-Origin: *
cf-cache-status: DYNAMIC
Set-Cookie: __cf_bm=wR7Vv1jIxHjVsa3CRsifa8Bpvfud4jpjK4E3RoB8cK0-1745569364-1.0.1.1-MP65_RLsZ4WAkkS205Yz4331jm__24M6JY_QpCxidMBdfIfZzBhuD6upXrKxTMofpS50SF0Hi0q5YyuHUOd3sixKHBVHALCQv2QGUJ6zEZY; path=/; expires=Fri, 25-Apr-25 08:52:44 GMT; domain=.fa.micstatic.com; HttpOnly
Server: cloudflare
CF-RAY: 935c6f30adf2b50f-OSL

ales.nysa.pl/media/ppq/js/jquery.min.js

213.186.33.82

200 OK

93 kB

URL GET
ales.nysa.pl/media/ppq/js/jquery.min.js
IP
213.186.33.82:80
ASN
#16276 OVH SAS

Requested by
http://ales.nysa.pl/media/ppq/

File type
JavaScript source, ASCII text, with very long lines (32065), with CRLF line terminators
Size
93 kB (92866 bytes)
Hash
8cf5afe375b8e1ade090122400342e7d
ab3af857a383c523c9ac0d5bc6eb40cc0dbc396f
9ade7c8095adb55764d1eba7e4e4afc6c23d3ba74d13ff57e1d9406cede0b8e3

HTTP Headers

GET /media/ppq/js/jquery.min.js HTTP/1.1
Host: ales.nysa.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/media/ppq/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Fri, 25 Apr 2025 08:22:36 GMT
content-type: application/javascript
content-length: 33005
server: OVHcloud
last-modified: Tue, 17 Aug 2021 23:13:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Fri, 25 Apr 2025 08:37:36 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:90B8_D5BA2152:0050_680B464C_1EF80:63BC
x-iplb-instance: 51724

ales.nysa.pl/media/ppq/js/jquery-3.2.1.slim.min.js

213.186.33.82

200 OK

4.2 kB

URL GET
ales.nysa.pl/media/ppq/js/jquery-3.2.1.slim.min.js
IP
213.186.33.82:80
ASN
#16276 OVH SAS

Requested by
http://ales.nysa.pl/media/ppq/

File type
HTML document, ASCII text, with very long lines (2044)
Size
4.2 kB (4225 bytes)
Hash
ab7069006ac369f20614d7c093d2f1ca
cee35738cc717f5f667022a2e7a3986cfebd857e
d6e88d3374ce11e4aee5339778b7e18f5af408ab576faabc900a79b71ac3ca59

HTTP Headers

GET /media/ppq/js/jquery-3.2.1.slim.min.js HTTP/1.1
Host: ales.nysa.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/media/ppq/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Fri, 25 Apr 2025 08:22:36 GMT
content-type: text/html
content-length: 2158
server: OVHcloud
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:5982_D5BA2152:0050_680B464C_1EF8B:63BC
x-iplb-instance: 51724

www.micstatic.com/common/js/libs/sensors/sensorsdata.min-1.15.13_faw.js?r=1634120031144

104.18.19.80

200 OK

84 kB

URL GET
www.micstatic.com/common/js/libs/sensors/sensorsdata.min-1.15.13_faw.js?r=1634120031144
IP
104.18.19.80:80
ASN
#13335 CLOUDFLARENET

Requested by
http://ales.nysa.pl/media/ppq/

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (63558), with no line terminators
Size
84 kB (83487 bytes)
Hash
6accc5ddc33a30b81a57ca9e61a58610
975d1e60883cf189df3992aed76e989c67926f31
c02549e8424a26fd4fb42c32c0706886e56a973c0d4b4af992452869b02f6d59

HTTP Headers

GET /common/js/libs/sensors/sensorsdata.min-1.15.13_faw.js?r=1634120031144 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Apr 2025 08:22:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 01 Sep 2021 09:19:47 GMT
ETag: W/"612f45b3-1461f"
Content-Encoding: gzip
Origin-Agent-Cluster: ?0
Timing-Allow-Origin: *
Cache-Control: public, max-age=315360000
Access-Control-Allow-Origin: *
CF-Cache-Status: HIT
Age: 78017
Expires: Mon, 23 Apr 2035 08:22:37 GMT
Set-Cookie: __cf_bm=xdJGTFnTka9bP1gsq.Vcs1RFKXg58Wlu1bzreUm2AkU-1745569357-1.0.1.1-nmYP3LWvxZ5lhxprTl8SKLAiQ5Y_LCUrjjptYO6rGWe_NcJB4B23vLzvx_jv6PeW1GESq9FV1GqitabotTZZVaOkSNyYz8b4VWryQDRoY5M; path=/; expires=Fri, 25-Apr-25 08:52:37 GMT; domain=.micstatic.com; HttpOnly
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 935c6f049ad3b500-OSL

pixel.bxtag.com/tag/brainx.min.js

47.246.44.197

301 Moved Permanently

15 kB

URL GET
pixel.bxtag.com/tag/brainx.min.js
IP
47.246.44.197:80
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
http://ales.nysa.pl/media/ppq/

File type

Size
15 kB (14726 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tag/brainx.min.js HTTP/1.1
Host: pixel.bxtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Fri, 25 Apr 2025 08:22:39 GMT
Content-Type: text/html
Content-Length: 262
Connection: keep-alive
Location: https://pixel.bxtag.com/tag/brainx.min.js
Via: ens-cache3.se2[,0]
Timing-Allow-Origin: *
EagleId: 2ff62c9717455693596217203e

event.clientgear.com/vs?t=0.8361936264566011

47.252.78.131

200 OK

14 B

URL GET
event.clientgear.com/vs?t=0.8361936264566011
IP
47.252.78.131:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerDigiCert Inc
Subject*.clientgear.com
FingerprintE0:65:66:22:6D:DC:85:3C:9D:16:01:7B:E5:10:5C:36:CB:20:68:37
ValidityThu, 16 Jan 2025 00:00:00 GMT - Sat, 24 Jan 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
14 B (14 bytes)
Hash
1e942a204e7cca54040ea666cff516b3
568c56677d01caa56bb15a69ab2b744135050555
f4eb4572e2e42ff0f3c16743246103d058f36eeae9e81f9489b52253fe935be7

HTTP Headers

GET /vs?t=0.8361936264566011 HTTP/1.1
Host: event.clientgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ales.nysa.pl
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 08:22:39 GMT
content-type: text/plain;charset=UTF-8
content-length: 14
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: http://ales.nysa.pl
access-control-allow-credentials: true
set-cookie: mkuuid=mk9294e05008944db1b84811bfb2640884; Domain=.clientgear.com; Expires=Wed, 22-Oct-2025 08:22:39 GMT; Path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

ales.nysa.pl/media/ppq/

213.186.33.82

200 OK

17 kB

URL User Request GET
ales.nysa.pl/media/ppq/
IP
213.186.33.82:80
ASN
#16276 OVH SAS

File type
HTML document, Unicode text, UTF-8 text, with very long lines (4278), with CRLF line terminators
Size
17 kB (16700 bytes)
Hash
8c355304c7335f3dc34b6cb989bcf758
a090638f360e216db5a050315a47b7a12a5c4533
e584ff7d42ff1f93bc73adb4fbb7a23586eebf43254cd1a3f120c23c0d2368a9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic phishing

NIDS	Severity	Alert
suricata	medium	ET PHISHING Generic Multibrand NewInjection Phishing Landing Template
suricata	medium	ET PHISHING Generic Multibrand NewInjection Phishing Landing Template

HTTP Headers

GET /media/ppq/ HTTP/1.1
Host: ales.nysa.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Fri, 25 Apr 2025 08:22:36 GMT
content-type: text/html
content-length: 5201
server: OVHcloud
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:90B8_D5BA2152:0050_680B464C_1EF5A:63BC
x-iplb-instance: 51724

sync.saideao.com/sync/dsp?dsp_id=1054&dsp_uid=bxfabc4a4c4e1c431ca2069fd709d01b19

94.74.83.119

200 OK

3 B

URL GET
sync.saideao.com/sync/dsp?dsp_id=1054&dsp_uid=bxfabc4a4c4e1c431ca2069fd709d01b19
IP
94.74.83.119:443
ASN
#136907 HUAWEI CLOUDS

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerLet's Encrypt
Subjectsync.saideao.com
FingerprintD9:DC:65:C8:83:DF:8A:9B:D5:6B:C0:15:AD:5D:A6:5C:9D:4B:44:04
ValidityMon, 10 Feb 2025 07:36:42 GMT - Sun, 11 May 2025 07:36:41 GMT

File type
ASCII text
Size
3 B (3 bytes)
Hash
eff5bc1ef8ec9d03e640fc4370f5eacd
92a949fd41844e1bb8c6812cdea102708fde23a4
dc51b8c96c2d745df3bd5590d990230a482fd247123599548e0632fdbf97fc22

HTTP Headers

GET /sync/dsp?dsp_id=1054&dsp_uid=bxfabc4a4c4e1c431ca2069fd709d01b19 HTTP/1.1
Host: sync.saideao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ales.nysa.pl/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 08:22:42 GMT
content-type: text/plain; charset=utf-8
content-length: 3
x-app-name: http-echo
x-app-version: 1.0.0
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

pixel.bxtag.com/tag/brainx.min.js

47.246.44.197

200 OK

15 kB

URL GET
pixel.bxtag.com/tag/brainx.min.js
IP
47.246.44.197:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerDigiCert Inc
Subjectpixel.bxtag.com
Fingerprint20:2D:30:B9:B9:B3:7C:EF:07:4E:E8:3E:AB:DD:C0:0E:31:85:5B:33
ValidityThu, 10 Oct 2024 00:00:00 GMT - Thu, 09 Oct 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (14715)
Size
15 kB (14726 bytes)
Hash
02d4ec6f334c0ad35f88137e5996e699
625dd50b04c77b69f71147e62c615078de9de952
4070cc344d142183c5c60ef07bb29713ef314ddd81e87a7048d0ca04b28e090f

HTTP Headers

GET /tag/brainx.min.js HTTP/1.1
Host: pixel.bxtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ales.nysa.pl/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 5416
date: Thu, 24 Apr 2025 09:20:02 GMT
vary: Accept-Encoding
x-oss-request-id: 680A02429DA80D33311D4493
x-oss-cdn-auth: success
last-modified: Thu, 24 Apr 2025 09:18:38 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8184659528088518466
x-oss-storage-class: Standard
content-md5: AtTsbzNMCtNfiBN+WZbmmQ==
x-oss-server-time: 6
content-encoding: gzip
content-security-policy: sandbox,allow-scripts,allow-top-navigation-by-user-activation
via: cache1.l2fr1[0,0,200-0,H], cache12.l2fr1[1,0], ens-cache12.se2[0,0,200-0,H], ens-cache13.se2[1,0]
age: 82957
ali-swift-global-savetime: 1745486402
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 24 Apr 2025 09:20:06 GMT
x-swift-cachetime: 2591996
timing-allow-origin: *
eagleid: 2ff62ca117455693596628774e
X-Firefox-Spdy: h2

event.bxtag.com/v?t=1745569359725&pixelId=X-5WVR58JB1YFD

139.95.0.154

200 OK

1 B

URL GET
event.bxtag.com/v?t=1745569359725&pixelId=X-5WVR58JB1YFD
IP
139.95.0.154:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerDigiCert Inc
Subjectevent.bxtag.com
FingerprintF3:8D:FB:F5:46:9E:85:AF:E7:ED:D5:BD:87:61:C6:17:4B:BF:4C:83
ValidityThu, 10 Oct 2024 00:00:00 GMT - Thu, 09 Oct 2025 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

GET /v?t=1745569359725&pixelId=X-5WVR58JB1YFD HTTP/1.1
Host: event.bxtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ales.nysa.pl/
Content-Type: application/x-www-form-urlencoded
Origin: http://ales.nysa.pl
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 08:22:40 GMT
content-type: text/plain;charset=UTF-8
content-length: 1
vary: Accept-Encoding, Origin
access-control-allow-origin: http://ales.nysa.pl
access-control-allow-credentials: true
set-cookie: bx_id=bxfabc4a4c4e1c431ca2069fd709d01b19; Path=/; Domain=.bxtag.com; Max-Age=15552000; Expires=Wed, 22 Oct 2025 08:22:40 GMT; Secure; HttpOnly; SameSite=None
X-Firefox-Spdy: h2

track.bxtag.com/tecdo/cm/adx

139.95.0.154

302 Found

3 B

URL GET
track.bxtag.com/tecdo/cm/adx
IP
139.95.0.154:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerDigiCert Inc
Subjecttrack.bxtag.com
Fingerprint19:0D:1E:98:91:18:3A:B2:F8:32:5B:1C:63:54:AD:94:00:6D:13:56
ValidityThu, 28 Nov 2024 00:00:00 GMT - Thu, 27 Nov 2025 23:59:59 GMT

File type

Size
3 B (3 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tecdo/cm/adx HTTP/1.1
Host: track.bxtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Cookie: bx_id=bxfabc4a4c4e1c431ca2069fd709d01b19
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 25 Apr 2025 08:22:41 GMT
content-length: 0
location: https://sync.saideao.com/sync/dsp?dsp_id=1054&dsp_uid=bxfabc4a4c4e1c431ca2069fd709d01b19
X-Firefox-Spdy: h2

ales.nysa.pl/media/ppq/js/jquery-3.3.1.js

213.186.33.82

200 OK

27 kB

URL GET
ales.nysa.pl/media/ppq/js/jquery-3.3.1.js
IP
213.186.33.82:80
ASN
#16276 OVH SAS

Requested by
http://ales.nysa.pl/media/ppq/

File type
HTML document, Unicode text, UTF-8 text, with very long lines (11315), with CRLF, LF line terminators
Size
27 kB (26747 bytes)
Hash
bc01a68358be83d1d0d31edaacd588ff
cee297fbc3aded1096ab99a2821c53b9a9688bee
fa7834a1d9fe75665e5aabf42883f2ac58f9ddd78e3df45d44eb9823c2727b63

HTTP Headers

GET /media/ppq/js/jquery-3.3.1.js HTTP/1.1
Host: ales.nysa.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/media/ppq/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Fri, 25 Apr 2025 08:22:36 GMT
content-type: application/javascript
content-length: 11183
server: OVHcloud
last-modified: Tue, 17 Aug 2021 23:13:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Fri, 25 Apr 2025 08:37:36 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:F1A5_D5BA2152:0050_680B464C_1E6D2:1884
x-iplb-instance: 51702

ales.nysa.pl/media/ppq/js/popper.min.js

213.186.33.82

200 OK

4.2 kB

URL GET
ales.nysa.pl/media/ppq/js/popper.min.js
IP
213.186.33.82:80
ASN
#16276 OVH SAS

Requested by
http://ales.nysa.pl/media/ppq/

File type
HTML document, ASCII text, with very long lines (2044)
Size
4.2 kB (4225 bytes)
Hash
ab7069006ac369f20614d7c093d2f1ca
cee35738cc717f5f667022a2e7a3986cfebd857e
d6e88d3374ce11e4aee5339778b7e18f5af408ab576faabc900a79b71ac3ca59

HTTP Headers

GET /media/ppq/js/popper.min.js HTTP/1.1
Host: ales.nysa.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/media/ppq/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Fri, 25 Apr 2025 08:22:36 GMT
content-type: text/html
content-length: 2158
server: OVHcloud
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:5A7C_D5BA2152:0050_680B464C_21655:0579
x-iplb-instance: 51744

pylon.micstatic.com/gb/js/assets/probe/probe.min.js?r=1634120031144

104.18.18.80

200 OK

38 kB

URL GET
pylon.micstatic.com/gb/js/assets/probe/probe.min.js?r=1634120031144
IP
104.18.18.80:80
ASN
#13335 CLOUDFLARENET

Requested by
http://ales.nysa.pl/media/ppq/

File type
JavaScript source, ASCII text, with very long lines (37914)
Size
38 kB (37945 bytes)
Hash
0d82db0c6f75aee99147128e24172921
88bfd0f844a1f71e0d7e1bc71ba893de91d0a0fa
ed9cf8d24295d820ec444f6b130594ca43269393ef441f084d4510e8bdfb8a6b

HTTP Headers

GET /gb/js/assets/probe/probe.min.js?r=1634120031144 HTTP/1.1
Host: pylon.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Apr 2025 08:22:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 11 Apr 2025 13:15:04 GMT
ETag: W/"67f915d8-9439"
Content-Encoding: gzip
Origin-Agent-Cluster: ?0
Timing-Allow-Origin: *
test: mic_test
CF-Cache-Status: HIT
Age: 78017
Expires: Fri, 25 Apr 2025 12:22:37 GMT
Cache-Control: public, max-age=14400
Set-Cookie: __cf_bm=xWOs.9PC8TEUhYJZZ7CktSGTY9D4Njf4jD8ojw6yRDk-1745569357-1.0.1.1-c5I16xMnU._4cfA.fQ4J3s60e9GKxaB9L_GOzf6JKLgR.gEZtjusaMMGQcVkCybr6RW2SCKsiBeM_spLHAAW9qTV0lvUjM5xoDnM_pVHj3Y; path=/; expires=Fri, 25-Apr-25 08:52:37 GMT; domain=.micstatic.com; HttpOnly
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 935c6f02ee9b0b3d-OSL

ales.nysa.pl/media/ppq/images/favicon.ico

213.186.33.82

200 OK

4.3 kB

URL GET
ales.nysa.pl/media/ppq/images/favicon.ico
IP
213.186.33.82:80
ASN
#16276 OVH SAS

Requested by
http://ales.nysa.pl/media/ppq/

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Size
4.3 kB (4286 bytes)
Hash
db52c84bd7417fdc629f75300e5ce80c
ce8036fbd7714ce312034d7702fd2904a39bf6c1
85c7cda25b4a324b82f4e0efd6ae2eee4d606b9552c24a47eab44155f4d620c7

HTTP Headers

GET /media/ppq/images/favicon.ico HTTP/1.1
Host: ales.nysa.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/media/ppq/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Fri, 25 Apr 2025 08:22:37 GMT
content-type: image/x-icon
content-length: 4286
server: OVHcloud
last-modified: Wed, 13 Oct 2021 20:07:44 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Fri, 25 Apr 2025 08:37:37 GMT
x-iplb-request-id: 5B5A2A9A:EF7E_D5BA2152:0050_680B464D_1F04A:63BC
x-iplb-instance: 51724

bat.bing.net/action/0?ti=13001299&tm=gtm002&Ver=2&mid=ead111e9-3153-4a95-9461-f108e6f34135&bo=2&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Messages%20%7C%20Made%20ln%20Chlna&p=http%3A%2F%2Fales.nysa.pl%2Fmedia%2Fppq%2F&r=&lt=1318&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=811663

150.171.28.10

204 No Content

0 B

URL GET
bat.bing.net/action/0?ti=13001299&tm=gtm002&Ver=2&mid=ead111e9-3153-4a95-9461-f108e6f34135&bo=2&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Messages%20%7C%20Made%20ln%20Chlna&p=http%3A%2F%2Fales.nysa.pl%2Fmedia%2Fppq%2F&r=&lt=1318&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=811663
IP
150.171.28.10:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerMicrosoft Corporation
Subjectbat.bing.net
Fingerprint36:B0:89:87:47:4A:B0:8A:1F:A8:EB:71:A6:13:8A:FF:CD:94:46:23
ValidityThu, 24 Apr 2025 22:29:23 GMT - Tue, 21 Oct 2025 22:29:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=13001299&tm=gtm002&Ver=2&mid=ead111e9-3153-4a95-9461-f108e6f34135&bo=2&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Messages%20%7C%20Made%20ln%20Chlna&p=http%3A%2F%2Fales.nysa.pl%2Fmedia%2Fppq%2F&r=&lt=1318&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=811663 HTTP/1.1
Host: bat.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 552EA0AE062B4419A4D4FE5E4BAA3D21 Ref B: OSL30EDGE0319 Ref C: 2025-04-25T08:22:39Z
date: Fri, 25 Apr 2025 08:22:38 GMT
X-Firefox-Spdy: h2

ales.nysa.pl/media/ppq/js/jquery-3.3.1.js

213.186.33.82

200 OK

27 kB

URL GET
ales.nysa.pl/media/ppq/js/jquery-3.3.1.js
IP
213.186.33.82:80
ASN
#16276 OVH SAS

Requested by
http://ales.nysa.pl/media/ppq/

File type
HTML document, Unicode text, UTF-8 text, with very long lines (11315), with CRLF, LF line terminators
Size
27 kB (26747 bytes)
Hash
bc01a68358be83d1d0d31edaacd588ff
cee297fbc3aded1096ab99a2821c53b9a9688bee
fa7834a1d9fe75665e5aabf42883f2ac58f9ddd78e3df45d44eb9823c2727b63

HTTP Headers

GET /media/ppq/js/jquery-3.3.1.js HTTP/1.1
Host: ales.nysa.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/media/ppq/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Fri, 25 Apr 2025 08:22:36 GMT
content-type: application/javascript
content-length: 11183
server: OVHcloud
last-modified: Tue, 17 Aug 2021 23:13:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Fri, 25 Apr 2025 08:37:36 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:EF7E_D5BA2152:0050_680B464C_1EFDC:63BC
x-iplb-instance: 51724

fa.micstatic.com/probe/map.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221ipm0l7gl267%22%2Clinkid%3A%221ipm0l7gl267%22%2Curl%3A%22ales.nysa.pl%252Fmedia%252Fppq%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%2Cbn%3A%22Firefox%22%2Cnv%3A%2296.0%22%2Con%3A%22Linux%22%2Cov%3A%22x86_64%22%7D%2Ccookies%3A%7B%7D%2Ccore%3A%7Ba%3A%22-1%22%2Cb%3A%220%22%2Cc%3A%2231%22%2Cd%3A%221%22%2Ce%3A%2279%22%2Cf%3A%220%22%2Cst%3A%22-1%22%2Cg%3A%22835%22%2Ch%3A%221188%22%2Ci%3A%22990%22%2Cj%3A%22-1%22%2Cl%3A%2218%22%2Co%3A%220%22%2Clcp%3A%22-1%22%2Cfcp%3A%22673%22%2Cm%3A%220%22%2Ck%3A%221315%22%2Cp%3A%220%22%2Cx%3A%7B%7D%2Cs%3A%221280*1024%7C1280*1024%22%7D%7D

104.18.22.150

204 No Content

0 B

URL GET
fa.micstatic.com/probe/map.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221ipm0l7gl267%22%2Clinkid%3A%221ipm0l7gl267%22%2Curl%3A%22ales.nysa.pl%252Fmedia%252Fppq%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%2Cbn%3A%22Firefox%22%2Cnv%3A%2296.0%22%2Con%3A%22Linux%22%2Cov%3A%22x86_64%22%7D%2Ccookies%3A%7B%7D%2Ccore%3A%7Ba%3A%22-1%22%2Cb%3A%220%22%2Cc%3A%2231%22%2Cd%3A%221%22%2Ce%3A%2279%22%2Cf%3A%220%22%2Cst%3A%22-1%22%2Cg%3A%22835%22%2Ch%3A%221188%22%2Ci%3A%22990%22%2Cj%3A%22-1%22%2Cl%3A%2218%22%2Co%3A%220%22%2Clcp%3A%22-1%22%2Cfcp%3A%22673%22%2Cm%3A%220%22%2Ck%3A%221315%22%2Cp%3A%220%22%2Cx%3A%7B%7D%2Cs%3A%221280*1024%7C1280*1024%22%7D%7D
IP
104.18.22.150:80
ASN
#13335 CLOUDFLARENET

Requested by
http://ales.nysa.pl/media/ppq/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /probe/map.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221ipm0l7gl267%22%2Clinkid%3A%221ipm0l7gl267%22%2Curl%3A%22ales.nysa.pl%252Fmedia%252Fppq%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%2Cbn%3A%22Firefox%22%2Cnv%3A%2296.0%22%2Con%3A%22Linux%22%2Cov%3A%22x86_64%22%7D%2Ccookies%3A%7B%7D%2Ccore%3A%7Ba%3A%22-1%22%2Cb%3A%220%22%2Cc%3A%2231%22%2Cd%3A%221%22%2Ce%3A%2279%22%2Cf%3A%220%22%2Cst%3A%22-1%22%2Cg%3A%22835%22%2Ch%3A%221188%22%2Ci%3A%22990%22%2Cj%3A%22-1%22%2Cl%3A%2218%22%2Co%3A%220%22%2Clcp%3A%22-1%22%2Cfcp%3A%22673%22%2Cm%3A%220%22%2Ck%3A%221315%22%2Cp%3A%220%22%2Cx%3A%7B%7D%2Cs%3A%221280*1024%7C1280*1024%22%7D%7D HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Date: Fri, 25 Apr 2025 08:22:37 GMT
Connection: keep-alive
Origin-Agent-Cluster: ?0
Timing-Allow-Origin: *
cf-cache-status: DYNAMIC
Set-Cookie: __cf_bm=IzSjTL2qhMtddq4gv7AXxttorPC.BqpYZ0qRyuVISWk-1745569357-1.0.1.1-.EFPAl2Nh9PO7MQBB6Ad2vvtDcq4XjCHV_B.PhfLbC1_WKYy_2Re8hduBvOropE9GJ4H2f.2n9Q4F6_dxgDvhaoMZrGJn2njma9ggTvWcY8; path=/; expires=Fri, 25-Apr-25 08:52:37 GMT; domain=.fa.micstatic.com; HttpOnly
Server: cloudflare
CF-RAY: 935c6f058bbab50f-OSL

www.micstatic.com/common/font/Roboto/400-regular/Roboto-Regular_c0bdb222.woff2

104.18.19.80

200 OK

20 kB

URL GET
www.micstatic.com/common/font/Roboto/400-regular/Roboto-Regular_c0bdb222.woff2
IP
104.18.19.80:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerDigiCert Inc
Subject*.micstatic.com
FingerprintEF:BA:97:06:EC:8D:A7:71:D9:71:E9:44:47:32:02:95:E3:FF:DE:14
ValidityWed, 27 Nov 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19832, version 2.8978
Size
20 kB (19832 bytes)
Hash
ed2022705048507e5995ee72717e7fd4
570864c3bccc3e0e203fdd67be3cf850387faefb
e7f4f778ddb41b7be2d20810bb560acee79da55ed5d3eeac12f2bb8948f4453a

HTTP Headers

GET /common/font/Roboto/400-regular/Roboto-Regular_c0bdb222.woff2 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ales.nysa.pl
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 08:22:37 GMT
content-type: font/woff2
content-length: 19832
last-modified: Wed, 16 Jun 2021 11:14:08 GMT
etag: "60c9dd00-4d78"
origin-agent-cluster: ?0
timing-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 78017
expires: Mon, 23 Apr 2035 08:22:37 GMT
accept-ranges: bytes
set-cookie: __cf_bm=3F2nAn.GOdvJDB2i_uZNsvg8X3vEet8MRHV0tBQRpEM-1745569357-1.0.1.1-oLOb6_yIpoc0AdovShwIIW4HzYxAj3LT299jpJfVtjAV1QqK8lF5znsWgw4VEm0M3Sxd2SDv0MU4LXEKrRZnsk0tSFkNzz4bDee7P_n.68c; path=/; expires=Fri, 25-Apr-25 08:52:37 GMT; domain=.micstatic.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 935c6f054f66569d-OSL
X-Firefox-Spdy: h2

www.micstatic.com/common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144

104.18.19.80

200 OK

28 kB

URL GET
www.micstatic.com/common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144
IP
104.18.19.80:80
ASN
#13335 CLOUDFLARENET

Requested by
http://ales.nysa.pl/media/ppq/

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (27791)
Size
28 kB (27995 bytes)
Hash
8275956b76ec443799a06d193ee224ce
ddec4901dbbc63679a0e13fa868ecf676ff3b2ee
cd449d1ad6c55f6cebe4d4cd25d681b703062086962d994966401c68f66c7805

HTTP Headers

GET /common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Apr 2025 08:22:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 11 Aug 2023 06:48:25 GMT
ETag: W/"64d5d9b9-6d5b"
Content-Encoding: gzip
Origin-Agent-Cluster: ?0
Timing-Allow-Origin: *
Cache-Control: public, max-age=315360000
Access-Control-Allow-Origin: *
CF-Cache-Status: HIT
Age: 78016
Expires: Mon, 23 Apr 2035 08:22:37 GMT
Set-Cookie: __cf_bm=KoVU5OsIyvdfThYkoIbjgTXJaiKHonFAzdmjB9Df0Q8-1745569357-1.0.1.1-Lfor1RHOtTNHunHagV2RLRyYwjTUZQIVnjAHfpjwIt3vRD5nhRgHdS88rusJrujWr_su6bUskZRYgDS6QTkVzx6cVA2tKMDpJkFlpkPbRIo; path=/; expires=Fri, 25-Apr-25 08:52:37 GMT; domain=.micstatic.com; HttpOnly
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 935c6f072ebdb500-OSL

pixeltrack.clientgear.com/mkc42487381192519.js

47.246.49.219

200 OK

35 kB

URL GET
pixeltrack.clientgear.com/mkc42487381192519.js
IP
47.246.49.219:80
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
http://ales.nysa.pl/media/ppq/

File type
JavaScript source, ASCII text
Size
35 kB (35225 bytes)
Hash
0ab75daa1802035cecbfad4372de57ed
aeb0162e557d95aa612764c4d5560dfbed8527df
049bf38134c0a05982f1d0f24c1ee68f93aba93b8f526cb7b10fb56d98d3ca16

HTTP Headers

GET /mkc42487381192519.js HTTP/1.1
Host: pixeltrack.clientgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 8519
Connection: keep-alive
Date: Thu, 24 Apr 2025 09:53:01 GMT
Via: ens-cache17.l2de3[543,159,304-0,C], ens-cache9.l2de3[163,0], ens-cache9.l2de3[172,0], ens-cache2.fr5[0,0,200-0,H], ens-cache3.fr5[1,0]
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Thu, 27 Mar 2025 09:31:55 GMT
Content-Encoding: gzip
Age: 80977
Ali-Swift-Global-Savetime: 1745488381
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Thu, 24 Apr 2025 09:53:01 GMT
X-Swift-CacheTime: 86400
Timing-Allow-Origin: *
EagleId: 2ff6319717455693582298624e

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VEFCZRQMG4&cid=53067066.1745569358&gtm=45je54o0h2v876016506za200zb6376862&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&z=32611501

142.250.74.131

200 OK

42 B

URL GET
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VEFCZRQMG4&cid=53067066.1745569358&gtm=45je54o0h2v876016506za200zb6376862&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&z=32611501
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerGoogle Trust Services
Subject*.google.no
Fingerprint5C:74:10:81:DF:C8:1D:7B:16:B3:CA:71:3E:22:4F:22:CD:5D:62:75
ValidityMon, 31 Mar 2025 08:57:30 GMT - Mon, 23 Jun 2025 08:57:29 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VEFCZRQMG4&cid=53067066.1745569358&gtm=45je54o0h2v876016506za200zb6376862&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&z=32611501 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 08:22:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ales.nysa.pl/media/ppq/js/jquery-3.1.1.min.js

213.186.33.82

200 OK

94 kB

URL GET
ales.nysa.pl/media/ppq/js/jquery-3.1.1.min.js
IP
213.186.33.82:80
ASN
#16276 OVH SAS

Requested by
http://ales.nysa.pl/media/ppq/

File type
JavaScript source, ASCII text, with very long lines (32030), with CRLF line terminators
Size
94 kB (93997 bytes)
Hash
55282b85b7241eae67b24987c5f20325
3906a2c8180c33fd698ddad461f4832eff71ca35
90daab21d9a851fce2e536077a34968ce4f19fd75b3ce2174d64bf373a0f88fa

HTTP Headers

GET /media/ppq/js/jquery-3.1.1.min.js HTTP/1.1
Host: ales.nysa.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/media/ppq/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Fri, 25 Apr 2025 08:22:36 GMT
content-type: application/javascript
content-length: 33266
server: OVHcloud
last-modified: Tue, 17 Aug 2021 23:13:34 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Fri, 25 Apr 2025 08:37:36 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:EF7E_D5BA2152:0050_680B464C_1EF89:63BC
x-iplb-instance: 51724

ales.nysa.pl/media/ppq/css/logon_40922b23.css

213.186.33.82

200 OK

129 kB

URL GET
ales.nysa.pl/media/ppq/css/logon_40922b23.css
IP
213.186.33.82:80
ASN
#16276 OVH SAS

Requested by
http://ales.nysa.pl/media/ppq/

File type
ASCII text, with very long lines (65536), with no line terminators
Size
129 kB (128804 bytes)
Hash
171ff0ae1eed11075ec5e4b7c92a453b
bd84838d8e1d21897e097a12ce894ff3ce168a79
fc866e700468e2bd3c224d7020dff638261bae728e95b1fc6baf9ebaff904087

HTTP Headers

GET /media/ppq/css/logon_40922b23.css HTTP/1.1
Host: ales.nysa.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/media/ppq/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Fri, 25 Apr 2025 08:22:36 GMT
content-type: text/css
content-length: 19952
server: OVHcloud
last-modified: Wed, 13 Oct 2021 20:12:08 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Fri, 25 Apr 2025 08:37:36 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:1A93_D5BA2152:0050_680B464C_1E6D3:1884
x-iplb-instance: 51702

ales.nysa.pl/media/ppq/images/sign-default-buyer.jpg

213.186.33.82

200 OK

59 kB

URL GET
ales.nysa.pl/media/ppq/images/sign-default-buyer.jpg
IP
213.186.33.82:80
ASN
#16276 OVH SAS

Requested by
http://ales.nysa.pl/media/ppq/

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x400, components 3
Size
59 kB (59332 bytes)
Hash
aad747a416ac43e97070741668013b7d
545d66347ffafc166225f72072fb915ae52b970e
844419cc2fe07888ab11bb6dd264a3d66225851ad62645dfc3044657e9963af3

HTTP Headers

GET /media/ppq/images/sign-default-buyer.jpg HTTP/1.1
Host: ales.nysa.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ales.nysa.pl/media/ppq/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Fri, 25 Apr 2025 08:22:36 GMT
content-type: image/jpeg
content-length: 59332
server: OVHcloud
last-modified: Wed, 13 Oct 2021 20:08:20 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Fri, 25 Apr 2025 08:37:36 GMT
x-iplb-request-id: 5B5A2A9A:EF7E_D5BA2152:0050_680B464C_1EF99:63BC
x-iplb-instance: 51724

www.made-in-china.com/faw-store.html

104.18.15.186

200 OK

1.5 kB

URL GET
www.made-in-china.com/faw-store.html
IP
104.18.15.186:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerDigiCert Inc
Subject*.made-in-china.com
Fingerprint20:99:D4:2F:18:0E:B8:E9:22:A0:D0:D6:4C:06:20:3B:27:56:3F:6D
ValidityWed, 21 Aug 2024 00:00:00 GMT - Wed, 20 Aug 2025 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.5 kB (1504 bytes)
Hash
b4111d662e5b1dd4757ba2ada7f7d156
4a15558db7e1d1136b7153deaaedc0d705f71cf2
1673c45189ffee5b08a6ae316e965cc63634c113e2f8c8c8451b0c7d97abf0ca

HTTP Headers

GET /faw-store.html HTTP/1.1
Host: www.made-in-china.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ales.nysa.pl/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 08:22:37 GMT
content-type: text/html
last-modified: Thu, 28 Oct 2021 09:16:24 GMT
origin-agent-cluster: ?0
timing-allow-origin: *
cf-cache-status: HIT
age: 7728
expires: Fri, 25 Apr 2025 12:22:37 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=l._s89mUGy7PkC3_AdiJr8Ej4U9JLQYW5rr4IZv2rG8-1745569357-1.0.1.1-E7P.y41UdhBHSbLXpJ_.SDnrQqcFxFms.sMvT79qm93Fv_2Mz.LxjSb3OxWbTIrz1QKaclT.ZME1r25C8.KhpT4jARuar_S.D7GCY.0sxPU; path=/; expires=Fri, 25-Apr-25 08:52:37 GMT; domain=.made-in-china.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 935c6f038a0856bb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-VEFCZRQMG4&gtm=45je54o0h2v876016506za200zb6376862&_p=1745569357516&gcd=13l3lPl2l1l1&npa=1&dma_cps=sypham&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&cid=53067066.1745569358&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=BEAAAAI&_s=2&sid=1745569358&sct=1&seg=0&dl=http%3A%2F%2Fales.nysa.pl%2Fmedia%2Fppq%2F&dt=Messages%20%7C%20Made%20ln%20Chlna&en=scroll&ep.Page_Hostname=ales.nysa.pl&epn.percent_scrolled=90&ep.level_scrolled=Scroll_90%25%20&epn.count_scrolled=1&tfd=7283

216.239.34.36

204 No Content

0 B

URL POST
region1.analytics.google.com/g/collect?v=2&tid=G-VEFCZRQMG4&gtm=45je54o0h2v876016506za200zb6376862&_p=1745569357516&gcd=13l3lPl2l1l1&npa=1&dma_cps=sypham&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&cid=53067066.1745569358&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=BEAAAAI&_s=2&sid=1745569358&sct=1&seg=0&dl=http%3A%2F%2Fales.nysa.pl%2Fmedia%2Fppq%2F&dt=Messages%20%7C%20Made%20ln%20Chlna&en=scroll&ep.Page_Hostname=ales.nysa.pl&epn.percent_scrolled=90&ep.level_scrolled=Scroll_90%25%20&epn.count_scrolled=1&tfd=7283
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
http://ales.nysa.pl/media/ppq/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE4:97:12:2A:2B:30:84:66:33:9D:D6:09:14:D3:8F:CE:3E:20:73:24
ValidityMon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-VEFCZRQMG4&gtm=45je54o0h2v876016506za200zb6376862&_p=1745569357516&gcd=13l3lPl2l1l1&npa=1&dma_cps=sypham&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&cid=53067066.1745569358&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=BEAAAAI&_s=2&sid=1745569358&sct=1&seg=0&dl=http%3A%2F%2Fales.nysa.pl%2Fmedia%2Fppq%2F&dt=Messages%20%7C%20Made%20ln%20Chlna&en=scroll&ep.Page_Hostname=ales.nysa.pl&epn.percent_scrolled=90&ep.level_scrolled=Scroll_90%25%20&epn.count_scrolled=1&tfd=7283 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ales.nysa.pl/
Origin: http://ales.nysa.pl
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/3 204 No Content
access-control-allow-origin: http://ales.nysa.pl
date: Fri, 25 Apr 2025 08:22:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:153:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:153:0
report-to: {"group":"ascnsrsggc:153:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:153:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML