stavka5.ketoestenens.xyz Open in urlscan Pro
185.5.54.194  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response stavka5.ketoestenens.xyz/	80 KB 10 KB	366ms 225ms	Document text/html	185.5.54.194 INTERNETO-VIZIJA
General Check archive.org Show headers Download Go to Full URL http://stavka5.ketoestenens.xyz/ Protocol HTTP/1.1 Server 185.5.54.194 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT), Reverse DNS prx9.b36cname.site Software openresty / Resource Hash d3a51dd41fe93ec6f6d0b1f4f9d5a9b59de74169c294865882beaf0451556e5b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 accept-language pl-PL,pl;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Wed, 08 Feb 2023 14:46:20 GMT Server openresty Transfer-Encoding chunked Vary Accept-Encoding Accept-Encoding Accept-Encoding
GET H/1.1	200 OK	main.css stavka5.ketoestenens.xyz/css/	21 KB 5 KB	190ms 189ms	Stylesheet text/css	185.5.54.194 INTERNETO-VIZIJA
General Check archive.org Show headers Download Go to Full URL http://stavka5.ketoestenens.xyz/css/main.css Requested by Host: stavka5.ketoestenens.xyz URL: http://stavka5.ketoestenens.xyz/ Protocol HTTP/1.1 Server 185.5.54.194 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT), Reverse DNS prx9.b36cname.site Software openresty / Resource Hash fb401f2986ba8dc090c0afd95ddf4ba5efdfc871e20ca33eb4b65ad01e8a7dbb Request headers accept-language pl-PL,pl;q=0.9 Referer http://stavka5.ketoestenens.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Wed, 08 Feb 2023 14:46:20 GMT Content-Encoding gzip Server openresty Connection keep-alive Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding, Accept-Encoding Content-Type text/css
GET H/1.1	200 OK	form.css stavka5.ketoestenens.xyz/css/	2 KB 994 B	185ms 148ms	Stylesheet text/css	185.5.54.194 INTERNETO-VIZIJA
General Check archive.org Show headers Download Go to Full URL http://stavka5.ketoestenens.xyz/css/form.css Requested by Host: stavka5.ketoestenens.xyz URL: http://stavka5.ketoestenens.xyz/ Protocol HTTP/1.1 Server 185.5.54.194 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT), Reverse DNS prx9.b36cname.site Software openresty / Resource Hash ed503815608347e85cdac78715b8f3754a9bcdaf0850816a2fd74f64e65e80a7 Request headers accept-language pl-PL,pl;q=0.9 Referer http://stavka5.ketoestenens.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Wed, 08 Feb 2023 14:46:20 GMT Content-Encoding gzip Server openresty Connection keep-alive Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding, Accept-Encoding Content-Type text/css
GET H2	200	css2 fonts.googleapis.com/	7 KB 1 KB	151ms 55ms	Stylesheet text/css	216.58.212.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap Requested by Host: stavka5.ketoestenens.xyz URL: http://stavka5.ketoestenens.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f10.1e100.net Software ESF / Resource Hash 7f57ccc34d929b334baf038f430cd77e2ed9dcdb86174046defd287ee2ec1b0c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer http://stavka5.ketoestenens.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 08 Feb 2023 14:46:20 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 08 Feb 2023 14:11:23 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 08 Feb 2023 14:46:20 GMT
GET H/1.1	200 OK	logo.png stavka5.ketoestenens.xyz/images/	3 KB 3 KB	136ms 135ms	Image image/png	185.5.54.194 INTERNETO-VIZIJA
General Check archive.org Show headers Download Go to Show image Full URL http://stavka5.ketoestenens.xyz/images/logo.png Requested by Host: stavka5.ketoestenens.xyz URL: http://stavka5.ketoestenens.xyz/ Protocol HTTP/1.1 Server 185.5.54.194 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT), Reverse DNS prx9.b36cname.site Software openresty / Resource Hash 903c783b868c50bea695d7b5009644453bf42838cd843f48be7cc729fc42dd2f Request headers accept-language pl-PL,pl;q=0.9 Referer http://stavka5.ketoestenens.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Wed, 08 Feb 2023 14:46:20 GMT Server openresty Connection keep-alive Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/png
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/	87 KB 28 KB	105ms 44ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: stavka5.ketoestenens.xyz URL: http://stavka5.ketoestenens.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin http://stavka5.ketoestenens.xyz accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Wed, 08 Feb 2023 14:46:20 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1125013 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27938 last-modified Tue, 02 Mar 2021 18:58:36 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "603e8adc-15d9d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UG4hy%2BG65HkFZVdg5A4xURqtBP4uXGpzVP%2BIcB7PZWGStpVXI2If2s8ksZvrcpOzZ17CF6I5rkZWOSdc1ZZIR05K7PowTUlbLE8Z6RxC65wlvcagTT1XXCgMi77D3eaJN0vhqdVq"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 796527795e533500-WAW expires Mon, 29 Jan 2024 14:46:20 GMT
GET H/1.1	200 OK	main.js Show response stavka5.ketoestenens.xyz/js/	23 KB 4 KB	142ms 141ms	Script application/javascript	185.5.54.194 INTERNETO-VIZIJA
General Check archive.org Show headers Download Go to Full URL http://stavka5.ketoestenens.xyz/js/main.js Requested by Host: stavka5.ketoestenens.xyz URL: http://stavka5.ketoestenens.xyz/ Protocol HTTP/1.1 Server 185.5.54.194 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT), Reverse DNS prx9.b36cname.site Software openresty / Resource Hash 1e74a9338407004fd5cf4ef88c2057017c3d70c20cf37791faed69c2ac9e792d Request headers accept-language pl-PL,pl;q=0.9 Referer http://stavka5.ketoestenens.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Wed, 08 Feb 2023 14:46:20 GMT Content-Encoding gzip Server openresty Connection keep-alive Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding, Accept-Encoding Content-Type application/javascript
GET H2	200	intlTelInput.min.css cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/	19 KB 2 KB	92ms 38ms	Stylesheet text/css	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/intlTelInput.min.css Requested by Host: stavka5.ketoestenens.xyz URL: http://stavka5.ketoestenens.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin http://stavka5.ketoestenens.xyz accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Wed, 08 Feb 2023 14:46:20 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 398792 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1820 last-modified Sat, 13 Feb 2021 20:29:46 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "602836ba-4ad5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nr5td01qxiG%2FF2ury8G7UHaTuXKcn3ZkQTYKMw7qLopXn1QVP0JlhZgj5N12cwciMgf2uFS9M6NOgEskmPuT4HLY2sY%2FvIzfTa5SYz7%2FWaDvFldd2JhitDFSz27CLVwmeDG504J9"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 796527795e583500-WAW expires Mon, 29 Jan 2024 14:46:20 GMT
GET H2	200	intlTelInput.min.js Show response cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/	29 KB 9 KB	106ms 51ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/intlTelInput.min.js Requested by Host: stavka5.ketoestenens.xyz URL: http://stavka5.ketoestenens.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b024339fe00039664fe9d06d5b49f9c7790fd3c0a49fe69b44f77360e71483ef Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin http://stavka5.ketoestenens.xyz accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Wed, 08 Feb 2023 14:46:20 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 434239 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8967 last-modified Sat, 13 Feb 2021 20:29:46 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "602836ba-7351" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MmzPGCtDusFY0DxZH7blyJ2vyiAVJpKLRVvIqokuD%2F1yumyLN61IZL%2FXnYyAd0xwaNGcr84btAf3bVUsAP0PEBCjPntG%2FRXOKVh1GktTPokEArVLQLEsrCIel0hzcvSz14XRG%2BjW"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 796527795e5a3500-WAW expires Mon, 29 Jan 2024 14:46:20 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	106 KB 28 KB	140ms 47ms	Script application/x-javascript	185.60.216.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: stavka5.ketoestenens.xyz URL: http://stavka5.ketoestenens.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-frx5.fbcdn.net Software / Resource Hash c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer http://stavka5.ketoestenens.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 08 Feb 2023 14:46:20 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27843 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug c6ie0vObzwM9M0WS1v6RRpB/7z4uOj92ssOBb+jlqgrEMzEp/MroGgu2Y40VT/u3GWvQHLGbY7OZj+grXJj+oQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 917726464 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	bg-e0e.arb.jpg stavka5.ketoestenens.xyz/images/	506 KB 507 KB	184ms 147ms	Image image/jpeg	185.5.54.194 INTERNETO-VIZIJA
General Check archive.org Show headers Download Go to Show image Full URL http://stavka5.ketoestenens.xyz/images/bg-e0e.arb.jpg Requested by Host: stavka5.ketoestenens.xyz URL: http://stavka5.ketoestenens.xyz/css/main.css Protocol HTTP/1.1 Server 185.5.54.194 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT), Reverse DNS prx9.b36cname.site Software openresty / Resource Hash 2d8bd720fdcb4ee61aae2b1916f982b636cf17b48e98dc115897bd55b74fd86b Request headers accept-language pl-PL,pl;q=0.9 Referer http://stavka5.ketoestenens.xyz/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Wed, 08 Feb 2023 14:46:20 GMT Server openresty Connection keep-alive Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/jpeg
GET H2	200	UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 fonts.gstatic.com/s/inter/v12/	37 KB 37 KB	189ms 93ms	Font font/woff2	142.250.184.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f3.1e100.net Software sffe / Resource Hash 450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://stavka5.ketoestenens.xyz accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Tue, 07 Feb 2023 11:39:34 GMT x-content-type-options nosniff age 97606 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37924 x-xss-protection 0 last-modified Mon, 11 Jul 2022 20:54:46 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 07 Feb 2024 11:39:34 GMT
GET H2	200	UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2 fonts.gstatic.com/s/inter/v12/	56 KB 56 KB	137ms 46ms	Font font/woff2	142.250.184.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f3.1e100.net Software sffe / Resource Hash 45606f837ab8530c01f3602592ed7a118450be4ef3f629ca644d0543099e5c6b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://stavka5.ketoestenens.xyz accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 03 Feb 2023 11:46:07 GMT x-content-type-options nosniff age 442813 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56968 x-xss-protection 0 last-modified Mon, 11 Jul 2022 21:29:14 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 03 Feb 2024 11:46:07 GMT
GET H2	200	geolocation Show response getyourapi.site/api/	77 B 487 B	175ms 74ms	XHR application/json	3.122.218.248 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://getyourapi.site/api/geolocation Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.122.218.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-218-248.eu-central-1.compute.amazonaws.com Software openresty / Express Resource Hash 36b2a9114ee7130a60bce577743e2e7b9d9c921776c18c8016d5c80bdcc1e009 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer http://stavka5.ketoestenens.xyz/ accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Wed, 08 Feb 2023 14:46:20 GMT server openresty x-powered-by Express etag W/"4d-Moe6DFQmWlKPkgR9R7VmjA6zV4Q" access-control-max-age 600 access-control-allow-methods GET, POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin http://stavka5.ketoestenens.xyz access-control-expose-headers content-type, authorization, x-request-id access-control-allow-credentials true access-control-allow-headers origin, content-type, accept, authorization content-length 77 x-request-id d70b0f11-0a8c-467a-ada0-7f1c08eafd33
GET H2	200	333739147753844 Show response connect.facebook.net/signals/config/	377 KB 108 KB	49ms 48ms	Script application/x-javascript	185.60.216.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/333739147753844?v=2.9.95&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-frx5.fbcdn.net Software / Resource Hash 30e050d7c0133232be1d54a58517ccb297768f967c83d842c2bafb6e10624479 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer http://stavka5.ketoestenens.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 08 Feb 2023 14:46:20 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 110200 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug BJIV9alixC8lA708uCPUEUzFlxTS+TxKuQBH5h6XMZRC3m4bqxgJct4pQbtAL7PDIFjx9tTUXpjZgZyDJUSgPw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 917726464 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	139ms 46ms	Image text/plain	185.60.216.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=333739147753844&ev=PageView&dl=http%3A%2F%2Fstavka5.ketoestenens.xyz%2F&rl=&if=false&ts=1675867580619&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1675867580618.1320079030&it=1675867580475&coo=false&rqm=GET Requested by Host: stavka5.ketoestenens.xyz URL: http://stavka5.ketoestenens.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-frx5.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language pl-PL,pl;q=0.9 Referer http://stavka5.ketoestenens.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 08 Feb 2023 14:46:20 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	flags.png cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/img/	66 KB 67 KB	71ms 40ms	Image image/png	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/img/flags.png Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/intlTelInput.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language pl-PL,pl;q=0.9 Referer https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/intlTelInput.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Wed, 08 Feb 2023 14:46:20 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 687311 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 67650 last-modified Sat, 13 Feb 2021 20:30:08 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "602836d0-1083d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJMFSzmlgPWbJmKnAsc16jHiiH7S9JT204kE4UvA4teWD%2FAbiGDO2qd5UxmwP5p79XwtXwkXblTHbasy%2FZ%2FzRlA%2Bu32Mzy0ux%2BBcTlK1tC3rRkjXMGRybQMX0uIAGnyUOftnb%2FLN"}],"group":"cf-nel","max_age":604800} content-type image/png; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7965277b3f5435d8-WAW expires Mon, 29 Jan 2024 14:46:20 GMT
GET H3	200	utils.min.js Show response cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/	240 KB 45 KB	36ms 35ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/utils.min.js Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/intlTelInput.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40be34b828e28a6e711efb10cb00aab537ef9de74abb3864acd2fa59665f6fbf Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language pl-PL,pl;q=0.9 Referer http://stavka5.ketoestenens.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Wed, 08 Feb 2023 14:46:20 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 429822 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44956 last-modified Sat, 13 Feb 2021 20:31:42 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "6028372e-3bf7a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYUQtkgAz6FXoTczX%2FhHBUrmzSrh6jrbiMlz5Hmo3ORPluUJ2FAZ35UbrMX3809XEQXd1Iy65d2YQaNMnQiv18XTcyRW0LNHsZUwm9NuJfh5tjczi3DcZSSIYArmt%2B8Smmvte3jb"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7965277c083435d8-WAW expires Mon, 29 Jan 2024 14:46:20 GMT
GET H2	200	/ www.facebook.com/tr/	0 54 B	46ms 45ms	Image text/plain	185.60.216.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=333739147753844&ev=Microdata&dl=http%3A%2F%2Fstavka5.ketoestenens.xyz%2F&rl=&if=false&ts=1675867582122&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20%20%20%20%20WhatsApp%20Bot%5Cn%20%20%20%20%20%20%20%20%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.95&r=stable&ec=1&o=30&fbp=fb.1.1675867580618.1320079030&it=1675867580475&coo=false&es=automatic&tm=3&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-frx5.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language pl-PL,pl;q=0.9 Referer http://stavka5.ketoestenens.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 08 Feb 2023 14:46:22 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| fbq function| _fbq function| $ function| jQuery object| intlTelInputGlobals function| intlTelInput function| parseURLParams object| intlTelInputUtils

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ketoestenens.xyz/	1970-01-20 11:40:43	Name: _fbp Value: fb.1.1675867580618.1320079030

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
getyourapi.site
stavka5.ketoestenens.xyz
www.facebook.com
104.17.25.14
142.250.184.195
185.5.54.194
185.60.216.19
185.60.216.35
216.58.212.138
3.122.218.248
1e74a9338407004fd5cf4ef88c2057017c3d70c20cf37791faed69c2ac9e792d
2d8bd720fdcb4ee61aae2b1916f982b636cf17b48e98dc115897bd55b74fd86b
30e050d7c0133232be1d54a58517ccb297768f967c83d842c2bafb6e10624479
36b2a9114ee7130a60bce577743e2e7b9d9c921776c18c8016d5c80bdcc1e009
40be34b828e28a6e711efb10cb00aab537ef9de74abb3864acd2fa59665f6fbf
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
45606f837ab8530c01f3602592ed7a118450be4ef3f629ca644d0543099e5c6b
7f57ccc34d929b334baf038f430cd77e2ed9dcdb86174046defd287ee2ec1b0c
903c783b868c50bea695d7b5009644453bf42838cd843f48be7cc729fc42dd2f
b024339fe00039664fe9d06d5b49f9c7790fd3c0a49fe69b44f77360e71483ef
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845
d3a51dd41fe93ec6f6d0b1f4f9d5a9b59de74169c294865882beaf0451556e5b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7
ed503815608347e85cdac78715b8f3754a9bcdaf0850816a2fd74f64e65e80a7
fb401f2986ba8dc090c0afd95ddf4ba5efdfc871e20ca33eb4b65ad01e8a7dbb
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e