zstgroup.pl Open in urlscan Pro
77.252.141.40 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://zstgroup.pl/
Submission Tags: falconsandbox
Submission: On January 03 via api (January 3rd 2024, 10:35:54 am UTC) from US — Scanned from PL

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 31 HTTP transactions. The main IP is 77.252.141.40, located in Strzelno, Poland and belongs to AS-NETIA Warszawa 02-822, PL. The main domain is zstgroup.pl.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on October 18th 2023. Valid for: a year.

This is the only time zstgroup.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	77.252.141.40 77.252.141.40	12741 (AS-NETIA ...) (AS-NETIA Warszawa 02-822)
1	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
6	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
31	4

24 77.252.141.40 (Strzelno, Poland)

ASN12741 (AS-NETIA Warszawa 02-822, PL)
PTR: wolny40.unity-t.pl

zstgroup.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	zstgroup.pl zstgroup.pl	1 MB
6	gstatic.com fonts.gstatic.com	82 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	1 KB
31	3

	Domain	Requested by
24	zstgroup.pl	zstgroup.pl
6	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	zstgroup.pl
31	3

This site contains no links.

Subject Issuer	Validity	Valid
*.zstgroup.pl Certum Domain Validation CA SHA2	`2023-10-18` - `2024-10-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://zstgroup.pl/
Frame ID: F1112D7880DCEE7BC1F1AE86E5BE9915
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Strona główna - ZST - Zintegrowany System Techniczny - Serwis Techniczny - ZSTGroup.pl

Page Statistics

31
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

1328 kB
Transfer

1574 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
zstgroup.pl/ 42 KB
18 KB 198ms
76ms Document
text/html 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

50381171ee0a5ed30aaa050fd2305cf7ac976507242797fffa1909db01964a04

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 16514
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
content-type: text/html
date: Wed, 03 Jan 2024 10:35:49 GMT
etag: "a7d3-60da3c35ee1da-gzip"
last-modified: Fri, 29 Dec 2023 10:47:48 GMT
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
referrer-policy: no-referrer
server: Apache
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 426ms
47ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jan 2024 10:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 09:46:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jan 2024 10:35:49 GMT

GET
H2 200 webpack-runtime-0fd6cffbd7bb3765f59b.js Show response
zstgroup.pl/ 5 KB
4 KB 55ms
55ms Script
application/javascript 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/webpack-runtime-0fd6cffbd7bb3765f59b.js

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

188f4174a2527339801ededffa2fc8089211b3d28dda27afd28329934614909e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
content-length: 2267
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 29 Dec 2023 10:47:50 GMT
server: Apache
etag: "1270-60da3c37a0f76-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes

GET
H2 200 framework-bed99c7712a4cd62f62c.js Show response
zstgroup.pl/ 137 KB
46 KB 61ms
61ms Script
application/javascript 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/framework-bed99c7712a4cd62f62c.js

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

1f5c960558dc201b7d7bc9b0cd91945fc1ef6bb089ead938482f633a770ea808

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
content-length: 45631
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 29 Dec 2023 10:47:50 GMT
server: Apache
etag: "225db-60da3c3797f79-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes

GET
H2 200 app-315b6639b50e365fa4f1.js Show response
zstgroup.pl/ 114 KB
41 KB 91ms
90ms Script
application/javascript 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/app-315b6639b50e365fa4f1.js

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

083e34cfaf6b10db28817bc96f4db36de599c5cec9083f3744eb8ae1e9fd1190

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
content-length: 39912
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 29 Dec 2023 10:47:51 GMT
server: Apache
etag: "1c9e3-60da3c38e813b-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b14fa75810c10f01a22bc5b2272c136c85d334aedb7128ff8a4a3dd820c8416

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 hero_background-66bd501405326639c9eaacbdc1a460ca.jpg
zstgroup.pl/static/ 443 KB
445 KB 47ms
47ms Image
image/jpeg 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zstgroup.pl/static/hero_background-66bd501405326639c9eaacbdc1a460ca.jpg

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

4dccba5b2e47a112c38a4636f6742ba942fb8f2cb479bf6aca1c108384ce60ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://zstgroup.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
last-modified: Fri, 29 Dec 2023 10:48:04 GMT
server: Apache
referrer-policy: no-referrer
etag: "6ecc0-60da3c449b6c4"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
content-length: 453824
x-xss-protection: 1; mode=block

GET
H2 200 background_1-d2d2614d810f3a6c00eb913a01db4761.jpg
zstgroup.pl/static/ 418 KB
420 KB 115ms
115ms Image
image/jpeg 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zstgroup.pl/static/background_1-d2d2614d810f3a6c00eb913a01db4761.jpg

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

69fb818a2afa364468eb47d8595319ba4e0bdda1b664480271fa336e98f872b2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://zstgroup.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
last-modified: Fri, 29 Dec 2023 10:48:03 GMT
server: Apache
referrer-policy: no-referrer
etag: "68814-60da3c44050df"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
content-length: 428052
x-xss-protection: 1; mode=block

GET
H2 200 background_2-f7011598543f7d004c52e37805a014e8.jpg
zstgroup.pl/static/ 198 KB
200 KB 43ms
43ms Image
image/jpeg 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zstgroup.pl/static/background_2-f7011598543f7d004c52e37805a014e8.jpg

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

e08ee8aa06e4e80e6327da38a1197b9fb82203568fc179f218f823a7a3d25510

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://zstgroup.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
last-modified: Fri, 29 Dec 2023 10:47:58 GMT
server: Apache
referrer-policy: no-referrer
etag: "3193c-60da3c3f73f26"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
content-length: 203068
x-xss-protection: 1; mode=block

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 436ms
49ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zstgroup.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:53:59 GMT
x-content-type-options: nosniff
age: 92510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 08:53:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 469ms
82ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zstgroup.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 00:08:38 GMT
x-content-type-options: nosniff
age: 124031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 00:08:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 426ms
40ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zstgroup.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 17:28:03 GMT
x-content-type-options: nosniff
age: 148066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 17:28:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 486ms
104ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

b076e86301cbee8c5c9aef51863a9c0a88e6f6d2aabdffca93e031113c6caa74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zstgroup.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:43:38 GMT
x-content-type-options: nosniff
age: 467531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11796
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Dec 2024 00:43:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 497ms
116ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zstgroup.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 00:14:38 GMT
x-content-type-options: nosniff
age: 123671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 00:14:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 475ms
94ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zstgroup.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:54:46 GMT
x-content-type-options: nosniff
age: 92463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 08:54:46 GMT

GET
H2 200 app-data.json Show response
zstgroup.pl/page-data/ 50 B
2 KB 94ms
94ms XHR
application/json 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/page-data/app-data.json

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/app-315b6639b50e365fa4f1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

1758e4892de723758bb092006be410e18e2242f3cc4ddee271fb173b19adaa66

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
last-modified: Fri, 29 Dec 2023 10:48:02 GMT
server: Apache
referrer-policy: no-referrer
etag: "32-60da3c42825e9"
x-frame-options: SAMEORIGIN
content-type: application/json
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
content-length: 50
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
zstgroup.pl/page-data/index/ 168 B
2 KB 93ms
93ms XHR
application/json 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/page-data/index/page-data.json

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/app-315b6639b50e365fa4f1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

a82d750fcee4eff0b6d1bc71fcae8c03264b9a0aa68ade8967d917cb8aaa067a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
last-modified: Fri, 29 Dec 2023 10:48:09 GMT
server: Apache
referrer-policy: no-referrer
etag: "a8-60da3c4959920"
x-frame-options: SAMEORIGIN
content-type: application/json
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
content-length: 168
x-xss-protection: 1; mode=block

GET
H2 200 c16184b3-fbf4f73dd15e94c7425c.js Show response
zstgroup.pl/ 3 KB
3 KB 93ms
92ms Script
application/javascript 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/c16184b3-fbf4f73dd15e94c7425c.js

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/webpack-runtime-0fd6cffbd7bb3765f59b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

c6603fc977a3f798393a8f65b2c4f322cb8e58a78c4e44329c897dfafbd6eb10

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
content-length: 1631
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 29 Dec 2023 10:47:51 GMT
server: Apache
etag: "dbf-60da3c3846841-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes

GET
H2 200 7f2b0b723b26fd2973118406cd481f1b8b945a8d-86218d9ddee008ba6351.js Show response
zstgroup.pl/ 39 KB
18 KB 92ms
91ms Script
application/javascript 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/7f2b0b723b26fd2973118406cd481f1b8b945a8d-86218d9ddee008ba6351.js

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/webpack-runtime-0fd6cffbd7bb3765f59b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

92a20f63f0f0e37f27d45b3689ae2d9aa75b67fc06f43f5e087802b38ca8cad1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
content-length: 17079
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 29 Dec 2023 10:47:52 GMT
server: Apache
etag: "9a93-60da3c393d9f5-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes

GET
H2 200 a771d834c5933af8d6a702c10031d258511580d8-c765e509ae30bc43afab.js Show response
zstgroup.pl/ 69 KB
21 KB 117ms
116ms Script
application/javascript 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/a771d834c5933af8d6a702c10031d258511580d8-c765e509ae30bc43afab.js

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/webpack-runtime-0fd6cffbd7bb3765f59b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

bccc1b0a77ecbdb37f0294920c904958732d9612c812ae8486311e52a22ac498

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
content-length: 19857
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 29 Dec 2023 10:47:52 GMT
server: Apache
etag: "115ad-60da3c393e0ce-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes

GET
H2 200 component---src-pages-index-js-6a67b5c9d297f6fb7b07.js Show response
zstgroup.pl/ 8 KB
5 KB 90ms
89ms Script
application/javascript 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/component---src-pages-index-js-6a67b5c9d297f6fb7b07.js

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/webpack-runtime-0fd6cffbd7bb3765f59b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

350dbfd6680ceb6c02bc6fe6c7fb449b4a59ef9d67473c564014efed147dcf02

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
content-length: 3367
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 29 Dec 2023 10:47:51 GMT
server: Apache
etag: "21f9-60da3c381787d-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes

GET
H2 200 1735298212.json Show response
zstgroup.pl/page-data/sq/d/ 1 KB
3 KB 118ms
117ms XHR
application/json 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/page-data/sq/d/1735298212.json

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/app-315b6639b50e365fa4f1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

6065235253a199e99a7aedcb2db7e3cea6b1d963bb5e8203214054e90ab2eced

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
last-modified: Fri, 29 Dec 2023 10:48:11 GMT
server: Apache
referrer-policy: no-referrer
etag: "471-60da3c4b987a3"
x-frame-options: SAMEORIGIN
content-type: application/json
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
content-length: 1137
x-xss-protection: 1; mode=block

GET
H2 200 3649515864.json Show response
zstgroup.pl/page-data/sq/d/ 120 B
2 KB 116ms
115ms XHR
application/json 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/page-data/sq/d/3649515864.json

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/app-315b6639b50e365fa4f1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

8ececcb9d5c06b99fb59829b5b16d58977d337225d9ffa632eb71f6d36237123

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
last-modified: Fri, 29 Dec 2023 10:48:11 GMT
server: Apache
referrer-policy: no-referrer
etag: "78-60da3c4b545bd"
x-frame-options: SAMEORIGIN
content-type: application/json
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
content-length: 120
x-xss-protection: 1; mode=block

GET
H2 200 63159454.json Show response
zstgroup.pl/page-data/sq/d/ 158 B
2 KB 119ms
118ms XHR
application/json 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/page-data/sq/d/63159454.json

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/app-315b6639b50e365fa4f1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

7484b71b60e3879b61b41e35a7db84b314354e22a557fd835e7732a87f28e5a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
last-modified: Fri, 29 Dec 2023 10:48:11 GMT
server: Apache
referrer-policy: no-referrer
etag: "9e-60da3c4b6852a"
x-frame-options: SAMEORIGIN
content-type: application/json
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
content-length: 158
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
zstgroup.pl/page-data/onas/ 0
2 KB 352ms
352ms Other
application/json 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/page-data/onas/page-data.json

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/app-315b6639b50e365fa4f1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://zstgroup.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
last-modified: Fri, 29 Dec 2023 10:48:07 GMT
server: Apache
referrer-policy: no-referrer
etag: "ac-60da3c48019e0"
x-frame-options: SAMEORIGIN
content-type: application/json
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
content-length: 172
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
zstgroup.pl/page-data/rodo/ 0
2 KB 350ms
349ms Other
application/json 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/page-data/rodo/page-data.json

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/app-315b6639b50e365fa4f1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://zstgroup.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
last-modified: Fri, 29 Dec 2023 10:48:08 GMT
server: Apache
referrer-policy: no-referrer
etag: "ac-60da3c4843b4f"
x-frame-options: SAMEORIGIN
content-type: application/json
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
content-length: 172
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
zstgroup.pl/page-data/kariera-w-zst/ 0
2 KB 351ms
351ms Other
application/json 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/page-data/kariera-w-zst/page-data.json

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/app-315b6639b50e365fa4f1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://zstgroup.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
last-modified: Fri, 29 Dec 2023 10:48:09 GMT
server: Apache
referrer-policy: no-referrer
etag: "be-60da3c493a2ee"
x-frame-options: SAMEORIGIN
content-type: application/json
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
content-length: 190
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
zstgroup.pl/page-data/uslugi/ 0
2 KB 348ms
348ms Other
application/json 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/page-data/uslugi/page-data.json

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/app-315b6639b50e365fa4f1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://zstgroup.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
last-modified: Fri, 29 Dec 2023 10:48:08 GMT
server: Apache
referrer-policy: no-referrer
etag: "b0-60da3c4911a22"
x-frame-options: SAMEORIGIN
content-type: application/json
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
content-length: 176
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
zstgroup.pl/page-data/uslugi/ 176 B
2 KB 32ms
31ms XHR
application/json 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/page-data/uslugi/page-data.json

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/app-315b6639b50e365fa4f1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

f941c91d135b6b379e069892a023adb627630b1a56774600d6e74d2606fae322

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
last-modified: Fri, 29 Dec 2023 10:48:08 GMT
server: Apache
referrer-policy: no-referrer
etag: "b0-60da3c4911a22"
x-frame-options: SAMEORIGIN
content-type: application/json
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
content-length: 176
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
zstgroup.pl/page-data/rodo/ 172 B
2 KB 30ms
30ms XHR
application/json 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/page-data/rodo/page-data.json

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/app-315b6639b50e365fa4f1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

96038c80d219f0be24d494a28fdaa7ce0ca84923765d83575f154a822fce4222

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
last-modified: Fri, 29 Dec 2023 10:48:08 GMT
server: Apache
referrer-policy: no-referrer
etag: "ac-60da3c4843b4f"
x-frame-options: SAMEORIGIN
content-type: application/json
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
content-length: 172
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
zstgroup.pl/page-data/kariera-w-zst/ 190 B
2 KB 50ms
50ms XHR
application/json 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/page-data/kariera-w-zst/page-data.json

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/app-315b6639b50e365fa4f1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

eb0117bf68cb9aa64567796a596144caca650416898c7f5a4face662a5c0e2bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
last-modified: Fri, 29 Dec 2023 10:48:09 GMT
server: Apache
referrer-policy: no-referrer
etag: "be-60da3c493a2ee"
x-frame-options: SAMEORIGIN
content-type: application/json
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
content-length: 190
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
zstgroup.pl/page-data/onas/ 172 B
2 KB 55ms
55ms XHR
application/json 77.252.141.40
AS-NETIA Warszawa...

General

Check archive.org

Show headers Download Go to

Full URL

https://zstgroup.pl/page-data/onas/page-data.json

Requested by

Host: zstgroup.pl
URL: https://zstgroup.pl/app-315b6639b50e365fa4f1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.252.141.40 Strzelno, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),

Reverse DNS

wolny40.unity-t.pl

Software

Apache /

Resource Hash

c9a4111f3f0a664e0415f32c58841776d85cd1fcd8e27c756c1e8e28ae74ac52

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:35:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
last-modified: Fri, 29 Dec 2023 10:48:07 GMT
server: Apache
referrer-policy: no-referrer
etag: "ac-60da3c48019e0"
x-frame-options: SAMEORIGIN
content-type: application/json
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
content-length: 172
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker-selection'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'conversion-measurement'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'focus-without-user-activation'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'sync-script'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'trust-token-redemption'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'vertical-scroll'.
security	error	URL: https://zstgroup.pl/ Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' data: 'unsafe-inline' maps.googleapis.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.gstatic.com googleapis.com www.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'self'; frame-src 'self' www.google.com; worker-src 'self'; frame-ancestors fonts.gstatic.com; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
zstgroup.pl
142.250.184.195
142.250.184.234
77.252.141.40
083e34cfaf6b10db28817bc96f4db36de599c5cec9083f3744eb8ae1e9fd1190
1758e4892de723758bb092006be410e18e2242f3cc4ddee271fb173b19adaa66
188f4174a2527339801ededffa2fc8089211b3d28dda27afd28329934614909e
1f5c960558dc201b7d7bc9b0cd91945fc1ef6bb089ead938482f633a770ea808
350dbfd6680ceb6c02bc6fe6c7fb449b4a59ef9d67473c564014efed147dcf02
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
4b14fa75810c10f01a22bc5b2272c136c85d334aedb7128ff8a4a3dd820c8416
4dccba5b2e47a112c38a4636f6742ba942fb8f2cb479bf6aca1c108384ce60ba
50381171ee0a5ed30aaa050fd2305cf7ac976507242797fffa1909db01964a04
6065235253a199e99a7aedcb2db7e3cea6b1d963bb5e8203214054e90ab2eced
69fb818a2afa364468eb47d8595319ba4e0bdda1b664480271fa336e98f872b2
7484b71b60e3879b61b41e35a7db84b314354e22a557fd835e7732a87f28e5a5
8ececcb9d5c06b99fb59829b5b16d58977d337225d9ffa632eb71f6d36237123
92a20f63f0f0e37f27d45b3689ae2d9aa75b67fc06f43f5e087802b38ca8cad1
96038c80d219f0be24d494a28fdaa7ce0ca84923765d83575f154a822fce4222
a82d750fcee4eff0b6d1bc71fcae8c03264b9a0aa68ade8967d917cb8aaa067a
b076e86301cbee8c5c9aef51863a9c0a88e6f6d2aabdffca93e031113c6caa74
bccc1b0a77ecbdb37f0294920c904958732d9612c812ae8486311e52a22ac498
c6603fc977a3f798393a8f65b2c4f322cb8e58a78c4e44329c897dfafbd6eb10
c9a4111f3f0a664e0415f32c58841776d85cd1fcd8e27c756c1e8e28ae74ac52
e08ee8aa06e4e80e6327da38a1197b9fb82203568fc179f218f823a7a3d25510
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
eb0117bf68cb9aa64567796a596144caca650416898c7f5a4face662a5c0e2bc
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f941c91d135b6b379e069892a023adb627630b1a56774600d6e74d2606fae322
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

zstgroup.pl Open in urlscan Pro 77.252.141.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

31 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

1328 kBTransfer

1574 kBSize

0 Cookies

0 Outgoing links

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

zstgroup.pl Open in urlscan Pro
77.252.141.40 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

1328 kB
Transfer

1574 kB
Size

0
Cookies

31 HTTP transactions
1 data transactions