urlscan.io logo urlscan.io
SecurityTrails logo

bilety.fm Open in urlscan Pro
89.161.251.72  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://akustyczen.pl/
Effective URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Submission: On June 21 via api from US — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 14 domains to perform 48 HTTP transactions. The main IP is 89.161.251.72, located in Poland and belongs to HOMEPL-AS, PL. The main domain is bilety.fm.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on August 28th 2023. Valid for: a year.
This is the only time bilety.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 85.128.134.238 15967 (NETARTGROUP)
14 89.161.251.72 12824 (HOMEPL-AS)
1 172.217.16.202 15169 (GOOGLE)
4 104.17.24.14 13335 (CLOUDFLAR...)
3 104.17.111.223 13335 (CLOUDFLAR...)
1 2 142.250.186.164 15169 (GOOGLE)
4 157.240.252.13 32934 (FACEBOOK)
3 216.58.206.40 15169 (GOOGLE)
1 2 216.58.206.72 15169 (GOOGLE)
4 142.250.185.227 15169 (GOOGLE)
1 142.250.184.195 15169 (GOOGLE)
2 157.240.252.35 32934 (FACEBOOK)
1 2 64.233.184.154 15169 (GOOGLE)
2 172.217.18.99 15169 (GOOGLE)
1 7 172.67.38.130 13335 (CLOUDFLAR...)
1 216.239.34.36 15169 (GOOGLE)
48 15
1    85.128.134.238 (Poland)

ASN15967 (NETARTGROUP, PL)
PTR: static-akc238.rev.nazwa.pl
akustyczen.pl
14    89.161.251.72 (Poland)

ASN12824 (HOMEPL-AS, PL)
PTR: cloudserver2081602.home.pl
bilety.fm
1    172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f202.1e100.net
fonts.googleapis.com
4    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    104.17.111.223 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
2    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
4    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
3    216.58.206.40 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f8.1e100.net
www.googletagmanager.com
2    216.58.206.72 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f8.1e100.net
ssl.google-analytics.com
4    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com
1    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
www.gstatic.com
2    157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com
www.facebook.com
2    64.233.184.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f154.1e100.net
stats.g.doubleclick.net
2    172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f99.1e100.net
www.google.pl
7    172.67.38.130 (United States)

ASN13335 (CLOUDFLARENET, US)
biletomat.user.com
widget.user.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
Apex Domain
Subdomains		 Transfer
14 bilety.fm
bilety.fm
115 KB
7 user.com
biletomat.user.com
widget.user.com — Cisco Umbrella Rank: 146849
78 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
324 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
160 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
175 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
273 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 5
region1.analytics.google.com — Cisco Umbrella Rank: 3125
968 B
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 5074
onesignal.com — Cisco Umbrella Rank: 1570
74 KB
2 google.pl
www.google.pl — Cisco Umbrella Rank: 18990
515 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
485 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
4 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 745
17 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
1 KB
1 akustyczen.pl
akustyczen.pl
177 B
48 14
Domain Requested by
14 bilety.fm bilety.fm
4 widget.user.com bilety.fm
biletomat.user.com
4 fonts.gstatic.com fonts.googleapis.com
4 connect.facebook.net bilety.fm
connect.facebook.net
4 cdnjs.cloudflare.com bilety.fm
cdnjs.cloudflare.com
3 biletomat.user.com 1 redirects biletomat.user.com
3 www.googletagmanager.com bilety.fm
www.googletagmanager.com
2 www.google.pl bilety.fm
2 stats.g.doubleclick.net 1 redirects www.googletagmanager.com
2 www.facebook.com bilety.fm
2 ssl.google-analytics.com 1 redirects bilety.fm
2 www.google.com 1 redirects bilety.fm
2 cdn.onesignal.com bilety.fm
cdn.onesignal.com
1 region1.analytics.google.com www.googletagmanager.com
1 onesignal.com cdn.onesignal.com
1 www.gstatic.com www.google.com
1 fonts.googleapis.com bilety.fm
1 akustyczen.pl 1 redirects
48 18
Subject Issuer Validity Valid
bilety.fm
RapidSSL TLS RSA CA G1		 2023-08-28 -
2024-09-16		 a year crt.sh
upload.video.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
onesignal.com
GTS CA 1P5		 2024-05-31 -
2024-08-29		 3 months crt.sh
*.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-31 -
2024-06-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.google.pl
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
user.com
WE1		 2024-06-10 -
2024-09-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Frame ID: DBF5239514B713A8E0E5FAF7575E6512
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Podparty Produkcja - bilety.fm

Page URL History Show full URLs

  1. https://akustyczen.pl/ HTTP 301
    https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

48
Requests

96 %
HTTPS

0 %
IPv6

14
Domains

18
Subdomains

15
IPs

4
Countries

1221 kB
Transfer

3139 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://akustyczen.pl/ HTTP 301
    https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1134036133&utmhn=bilety.fm&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=pl-pl&utmje=0&utmfl=-&utmdt=Podparty%20Produkcja%20-%20bilety.fm&utmhid=528613924&utmr=-&utmp=%2Fpl%2F9_podparty-produkcja%3Forderby%3Ddate_start%26orderway%3Dasc&utmht=1718998949684&utmac=UA-25851983-1&utmcc=__utma%3D63485244.1437816945.1718998950.1718998950.1718998950.1%3B%2B__utmz%3D63485244.1718998950.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=249942164&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25851983-1&cid=1437816945.1718998950&jid=249942164&_v=5.7.2&z=1134036133 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25851983-1&cid=1437816945.1718998950&jid=249942164&_v=5.7.2&z=1134036133 HTTP 302
  • https://www.google.pl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25851983-1&cid=1437816945.1718998950&jid=249942164&_v=5.7.2&z=1134036133&slf_rd=1&random=2983431551
Request Chain 35
  • https://biletomat.user.com/widget.js HTTP 301
  • https://widget.user.com/widget.js

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 9_podparty-produkcja
bilety.fm/pl/
Redirect Chain
  • https://akustyczen.pl/
  • https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
16 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash
0090accdb5dd577b0e3f3fe54460c6caee6097d977730b43c122d593276085d4

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 21 Jun 2024 19:42:28 GMT
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
server
IdeaWebServer/6.2.0

Redirect headers

content-length
169
content-type
text/html
date
Fri, 21 Jun 2024 19:42:28 GMT
location
https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
server
Apache/2
x-cdn-nazwa.pl-location
WAW
x-cdn-nazwa.pl-policyused
cdn=disabled
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,400,400i,700&subset=latin-ext
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f202.1e100.net
Software
ESF /
Resource Hash
8b6f5887368a30af2590020ef416513f98f629a8912cb7234294e457ac3fcc2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 21 Jun 2024 19:42:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 21 Jun 2024 19:42:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Jun 2024 19:42:29 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/ 		56 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Origin
https://bilety.fm
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
675497
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10134
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-dff5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rsXVs1zSM7splin1qNLyyRV0kR%2FCeo2wmr6hmB2YXKVibRFmwoxpUo07d%2BzSxOcG%2FXXRAeBTH4V279PSyu0SMQU8JAooLyjT%2BotF%2FPTR2FfyQ6U6dfI%2F0qNHi9f1kpwtnZ527wVu"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89767b65284b3492-WAW
expires
Wed, 11 Jun 2025 19:42:28 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:29 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
170
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
89767b683eb23bc5-WAW
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 24 Jun 2024 19:42:29 GMT
api.js
www.google.com/recaptcha/ 		1 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
68741985f67e485122e454bdd80595c80856413e4fe2d3367f9eb678495079d2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 21 Jun 2024 19:42:29 GMT
5c3abb2b0d56e0134fe7a52a10684817_all.css
bilety.fm/themes/biletyfm/cache/ 		63 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bilety.fm/themes/biletyfm/cache/5c3abb2b0d56e0134fe7a52a10684817_all.css?biletyfm=4
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash
5ebd8a4f796876f588db0ea42971183395984678e545a2db2a0a3e55fddd17ac

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:28 GMT
content-encoding
gzip
last-modified
Fri, 06 Oct 2023 07:43:06 GMT
server
IdeaWebServer/6.2.0
content-type
text/css
0412da50558cc0c5b23818d6d76077d5.js
bilety.fm/themes/biletyfm/cache/ 		147 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bilety.fm/themes/biletyfm/cache/0412da50558cc0c5b23818d6d76077d5.js?biletyfm=4
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash
6c458ecc42424ad31dac9d499726aca46d6c5f570d37a5cb2d1098901c4ef47a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:28 GMT
content-encoding
gzip
last-modified
Fri, 06 Oct 2023 07:35:04 GMT
server
IdeaWebServer/6.2.0
content-type
application/javascript
all.js
connect.facebook.net/pl_PL/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pl_PL/all.js
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
ef9df3d1d79f82406df33cd265d0ff36c43ac0a253f046bada8ae5c2eb488a3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 21 Jun 2024 19:42:29 GMT
content-md5
2UwC1r8fvX0DCF2w8S43MA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=49, rtx=0, c=12, mss=1317, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
6JAY+bUezOgkry18XHAdbNz/bTZ8JSSzByTBeJgz8eHBtYi4InIuifHbu9xAFjv6hSRvf0lO6C0rlLex/8jSSQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
e6f9a06ad74064efca53ca885b1b20bb
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"f536150142fc0e9583da8daba2aafd7d"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 21 Jun 2024 19:44:15 GMT
js
www.googletagmanager.com/gtag/ 		307 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E878NRXPV3
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
58b2c5ccae7a4541694e4a803bd28f35f66508b9a2232d3914c2914772bc64c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105195
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 21 Jun 2024 19:42:29 GMT
logo.svg
bilety.fm/img/ 		13 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bilety.fm/img/logo.svg
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash
0f09132e3b75c5b582c1d47ac21872e0c207f5eeb2a4e4be8ed0b373eb35e46f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:28 GMT
content-encoding
gzip
last-modified
Wed, 07 Jun 2023 17:29:51 GMT
server
IdeaWebServer/6.2.0
content-type
image/svg+xml
filharmonia.png
bilety.fm/themes/biletyfm/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bilety.fm/themes/biletyfm/img/filharmonia.png
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash
dcd642b7e177ff0508a2e5130b6bd7e7297a951ebf434e50fefa6e0aa86eba17

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:28 GMT
last-modified
Mon, 15 Nov 2021 12:28:24 GMT
server
IdeaWebServer/6.2.0
content-length
14069
content-type
image/png
echo.jpg
bilety.fm/themes/biletyfm/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bilety.fm/themes/biletyfm/img/echo.jpg
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash
6c17dfeb35ed982b25856582151ec0176ffe42fac3539926494393a2910ddb25

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:28 GMT
last-modified
Tue, 18 May 2021 10:55:05 GMT
server
IdeaWebServer/6.2.0
content-length
5972
content-type
image/jpeg
winylefm.jpg
bilety.fm/themes/biletyfm/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bilety.fm/themes/biletyfm/img/winylefm.jpg
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash
b8d38f97f8f1b152fdbc9f6195d509409c263607adccdba8b20668979ab06da7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:28 GMT
last-modified
Thu, 29 Jul 2021 07:09:19 GMT
server
IdeaWebServer/6.2.0
content-length
5803
content-type
image/jpeg
koncertycom.png
bilety.fm/themes/biletyfm/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bilety.fm/themes/biletyfm/img/koncertycom.png
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash
fd875b4769d11a3bc33a566e01d3faa5085c656636cc8badb1c78278ad8899c8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:28 GMT
last-modified
Wed, 06 Jun 2012 12:07:51 GMT
server
IdeaWebServer/6.2.0
content-length
2799
content-type
image/png
zamek.png
bilety.fm/themes/biletyfm/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bilety.fm/themes/biletyfm/img/zamek.png
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash
5390257d217819f86f34f271a660eaf00edca5f06d833adae943097245a357c9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:29 GMT
last-modified
Wed, 23 Mar 2016 14:28:27 GMT
server
IdeaWebServer/6.2.0
content-length
11614
content-type
image/png
all.js
connect.facebook.net/pl_PL/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pl_PL/all.js?hash=f9f090d0ea527f0059d032de6c15e6e0
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
a2c0df507fc19b43c9ec642cfc5b1b80515b1fec8c7aa301e710ad741dc9dac8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Origin
https://bilety.fm
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 21 Jun 2024 19:42:29 GMT
content-md5
FccwvbvdqGlz/dBDKse0xg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87216
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=23, mss=1232, tbw=4297, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
P/qZUb8OcKp8lDT36oQBrlq+y17SyDPxCSR7FnqQX3yfCfqp1A791wMj/7p6Nk5t5HbSWZMYPF/hARba4b0cuA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
11aa864bb1a73f82e87b5a29cee51315
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"aa5b2ad4e7c3996b6b38a9bd1fb9edea"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 21 Jun 2025 18:21:18 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 21 Jun 2024 19:19:52 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1357
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Fri, 21 Jun 2024 21:19:52 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 21 Jun 2024 19:42:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58024
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=46, rtx=0, c=20, mss=1317, tbw=6630, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
xdS1Xh1obL/mRhNnOjmPO5F5RTws+ABrgVxg14vw5sWfx8vHQ3nKUR/IaL6slNhqj/JdpPnZd9e+6tBuvbe45g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		184 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N2MF968
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
341ca270eace2885366604f8197a6edadfdeefc5d944e2d4a0ba38fb65d53fe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68373
x-xss-protection
0
last-modified
Fri, 21 Jun 2024 19:15:13 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Jun 2024 19:42:29 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,400i,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://bilety.fm
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:51:28 GMT
x-content-type-options
nosniff
age
276661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48336
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:31:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:51:28 GMT
sort_asc_white.png
bilety.fm/themes/biletyfm/img/icon/ 		118 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bilety.fm/themes/biletyfm/img/icon/sort_asc_white.png
Requested by
Host: bilety.fm
URL: https://bilety.fm/themes/biletyfm/cache/5c3abb2b0d56e0134fe7a52a10684817_all.css?biletyfm=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash
536eb518be97cecbf15bca39157a168f4405deddb689a6314bf41130f4b52b68

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/themes/biletyfm/cache/5c3abb2b0d56e0134fe7a52a10684817_all.css?biletyfm=4
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:29 GMT
last-modified
Tue, 18 Oct 2011 21:30:04 GMT
server
IdeaWebServer/6.2.0
content-length
118
content-type
image/png
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Origin
https://bilety.fm
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:29 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1512244
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
76120
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-12958"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CRnMxwCC2ixn289BMIAOUeUL6tJ5mf4B9LSVfs%2B%2BeNtUZCitbCYKAhtjKcOekJNULQi1wW9WQZwEPzp%2FrteuIigngprnbbMaCaVDT1xHenUMsOVBGhymCSxHJUapM%2B4f%2B2Hva1yi"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89767b68cd243492-WAW
expires
Wed, 11 Jun 2025 19:42:29 GMT
1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2
fonts.gstatic.com/s/raleway/v34/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,400i,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
29de03aaf7a0844578daef59eabdbd1cfe9257873765938cc51a3c9a3af843b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://bilety.fm
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:53:45 GMT
x-content-type-options
nosniff
age
276524
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22800
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:31:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:53:45 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
093f782260d70f914e7e591eba1502d3e992e9f7a69a17d1df6c32bcddd6f06a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Origin
https://bilety.fm
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:29 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
557
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13600
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-3520"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6celiMaUAJ2uKy1gxLNmHp7E3H%2B8i2JDKTtxmmR2DBh4pnMc15O6S2pLbpqZxK2X525M4rRP3FB3DiNtufPjzNuDvGHxaeUiTU9TVSqL4NjoZHSzlcHrIcSXrP7vviaZAsEjxWvC"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89767b68cd263492-WAW
expires
Wed, 11 Jun 2025 19:42:29 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Origin
https://bilety.fm
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:29 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
16074
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
76548
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-12b04"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kMYxnKI1M3e%2BOyqlK0YM%2BmKq1UdzTnwbl6Mrhb05YcU5gEZv3RfaQxMt2Z0cZ2wx9P33a4BIMB0ZYQOAHpYOK4Roc4aGqUnp99c4I5UyfTlWxTYhLj6FRzOKpifnP5cAtYso0hUT"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89767b68cd273492-WAW
expires
Wed, 11 Jun 2025 19:42:29 GMT
1Ptug8zYS_SKggPNyCMIT5lu.woff2
fonts.gstatic.com/s/raleway/v34/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyCMIT5lu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,400i,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
2f0dc96a0b24cc9af003b43bc4f477639fced863f4f967dd2b5e451f621cd09d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://bilety.fm
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:44:18 GMT
x-content-type-options
nosniff
age
277091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30860
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:31:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:44:18 GMT
1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDr0fIA9c.woff2
fonts.gstatic.com/s/raleway/v34/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDr0fIA9c.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,400i,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
204bfb776a13628a0f4591b08cce06b1e8d597dddc309520cf18c19726f97a2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://bilety.fm
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:49:02 GMT
x-content-type-options
nosniff
age
276807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17292
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:32:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:49:02 GMT
cart.php
bilety.fm/ 		182 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bilety.fm/cart.php?ajax=true&token=3a2016cf552c804a9618494036678886&_=1718998949217
Requested by
Host: bilety.fm
URL: https://bilety.fm/themes/biletyfm/cache/0412da50558cc0c5b23818d6d76077d5.js?biletyfm=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash
ed770b378b311eb6a97e7cdca8d6a00c976cd5fb3d49f0045962f676e58fcf3f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:29 GMT
content-encoding
gzip
server
IdeaWebServer/6.2.0
content-type
text/html; charset=utf-8
jcalendar
bilety.fm/panel/ 		2 KB
785 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bilety.fm/panel/jcalendar
Requested by
Host: bilety.fm
URL: https://bilety.fm/themes/biletyfm/cache/0412da50558cc0c5b23818d6d76077d5.js?biletyfm=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash
855c191703caf3a065cd6d0ce4586495c2cb998666e76547da4fd452953d5d77

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Referer
https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:29 GMT
content-encoding
gzip
server
IdeaWebServer/6.2.0
content-type
text/html; charset=utf-8
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:29 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
170
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
89767b68df883bc5-WAW
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 24 Jun 2024 19:42:29 GMT
963486854040759
connect.facebook.net/signals/config/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/963486854040759?v=2.9.158&r=stable&domain=bilety.fm&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
ea67935cd2217ea73222445a288ca014d9abaafa08de285bbf8bac692c8b2be0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 21 Jun 2024 19:42:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=51, rtx=0, c=23, mss=1232, tbw=4332, tp=9, tpl=0, uplat=58, ullat=0
pragma
public
x-fb-debug
rMBOY5HNC3Xm2dMzbwFoxauHF+Y5N9U6n4ZNM880cANXdmXP06NFy5T5nRYJMkgd1QjwUgPPX388GpVJ9QDw7g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
recaptcha__pl.js
www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/ 		520 KB
207 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__pl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
ac4af1e947b3dfea2b85de7734d5ef2e1e99bab7b3740e0110fb422737999ddd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Origin
https://bilety.fm
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:44:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
277053
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
210937
x-xss-protection
0
last-modified
Sat, 15 Jun 2024 04:02:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jun 2025 14:44:56 GMT
web
onesignal.com/api/v1/sync/d56642f7-fff2-4781-9af1-81129059b1ab/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/d56642f7-fff2-4781-9af1-81129059b1ab/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e19d96954d2e24254fdc2461f7f76e3a93252574ea64cc8396bdea7c8dd3c1be
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:29 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
af310a5b-7cfd-4a70-8d04-073890322e2c
x-runtime
0.030969
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"e19d96954d2e24254fdc2461f7f76e3a"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
89767b69a8b13bc5-WAW
access-control-allow-headers
SDK-Version
expires
Fri, 21 Jun 2024 20:42:29 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=963486854040759&ev=PageView&dl=https%3A%2F%2Fbilety.fm%2Fpl%2F9_podparty-produkcja%3Forderby%3Ddate_start%26orderway%3Dasc&rl=&if=false&ts=1718998949486&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718998949485.446667410299819898&cs_est=true&ler=empty&cdl=API_unavailable&it=1718998949326&coo=false&rqm=GET
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=46, rtx=0, c=10, mss=1317, tbw=2809, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 21 Jun 2024 19:42:29 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=963486854040759&ev=PageView&dl=https%3A%2F%2Fbilety.fm%2Fpl%2F9_podparty-produkcja%3Forderby%3Ddate_start%26orderway%3Dasc&rl=&if=false&ts=1718998949486&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718998949485.446667410299819898&cs_est=true&ler=empty&cdl=API_unavailable&it=1718998949326&coo=false&rqm=FGET
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9bdef85e153a749d","source_keys":["1","2"]},{"key_piece":"0x30a82dd80977bad0","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Fri, 21 Jun 2024 19:42:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383044268753049774", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=45, rtx=0, c=12, mss=1317, tbw=3127, tp=-1, tpl=-1, uplat=171, ullat=0
pragma
no-cache
x-fb-debug
ZtysNHOvVQnwijtiXUas5PqbWKI33PBlJgdTbhlP7Y3dKdHadJNKLhWZvXGRCfsRFpGitciNW6Iji5ubdynk3w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383044268753049774"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.pl/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1134036133&utmhn=bilety.fm&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=pl-pl&utmje=0&utmfl=-&utmdt=Podparty%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25851983-1&cid=1437816945.1718998950&jid=249942164&_v=5.7.2&z=1134036133
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25851983-1&cid=1437816945.1718998950&jid=249942164&_v=5.7.2&z=1134036133
  • https://www.google.pl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25851983-1&cid=1437816945.1718998950&jid=249942164&_v=5.7.2&z=1134036133&slf_rd=1&random=2983431551
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.pl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25851983-1&cid=1437816945.1718998950&jid=249942164&_v=5.7.2&z=1134036133&slf_rd=1&random=2983431551
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H2
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f99.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
https://bilety.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jun 2024 19:42:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Jun 2024 19:42:30 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.pl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25851983-1&cid=1437816945.1718998950&jid=249942164&_v=5.7.2&z=1134036133&slf_rd=1&random=2983431551
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget.js
widget.user.com/
Redirect Chain
  • https://biletomat.user.com/widget.js
  • https://widget.user.com/widget.js
149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget.js
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H3
Server
172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77704139ceaad478f61a8822e965617aa7bcb286251d0b5baa0ad9007736282f

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
https://bilety.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 21 Jun 2024 19:42:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Jun 2024 07:54:09 GMT
server
cloudflare
x-amz-request-id
PQERXRDK4KNXMCCB
age
3776
etag
W/"b630c9c08aaaa3caad689be2d91c7472"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cf-ray
89767b6d1867b1d3-WAW
alt-svc
h3=":443"; ma=86400
x-amz-id-2
9QIyt+fyI/ntNbMThslBuRV0OolPt5mBHmOucQq/aFYy+hxge3HiSsevb0oAmKF6tZD10cFXo6RXTh6+4Y6O+w==

Redirect headers

date
Fri, 21 Jun 2024 19:42:29 GMT
cf-cache-status
HIT
server
cloudflare
age
41546
vary
Accept-Encoding
location
https://widget.user.com/widget.js
cache-control
max-age=3600
cf-ray
89767b6cc81ab1d3-WAW
alt-svc
h3=":443"; ma=86400
content-length
0
js
www.googletagmanager.com/gtag/ 		307 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E878NRXPV3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2MF968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
287091a3a954af656d198faea2a794d590f1a50d6016a4d47014bac345f87b01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105266
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 21 Jun 2024 19:42:29 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-E878NRXPV3&_ng=1&gtm=45je46j0v870030958za200zb865214871&_p=1718998949179&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1584136119.1718998950&ul=pl-pl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718998949&sct=1&seg=0&dl=https%3A%2F%2Fbilety.fm%2Fpl%2F9_podparty-produkcja%3Forderby%3Ddate_start%26orderway%3Dasc&dt=Podparty%20Produkcja%20-%20bilety.fm&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&epn.google_ng=1&tfd=1644&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E878NRXPV3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 21 Jun 2024 19:42:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bilety.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-E878NRXPV3&cid=1584136119.1718998950&gtm=45je46j0v870030958za200zb865214871&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E878NRXPV3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 21 Jun 2024 19:42:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bilety.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.pl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.pl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-E878NRXPV3&cid=1584136119.1718998950&gtm=45je46j0v870030958za200zb865214871&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1280991102
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f99.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 21 Jun 2024 19:42:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget-app.14f9f1d4672eb06559c5.js
widget.user.com/ 		92 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget-app.14f9f1d4672eb06559c5.js
Requested by
Host: biletomat.user.com
URL: https://biletomat.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
030f7fa22bba9e4834ce68ce502f78520d0c5eaee401d7ff5654de7dc6494086

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Jun 2024 07:54:09 GMT
server
cloudflare
x-amz-request-id
5S3HT9YT8FXJ5MSG
age
3777
etag
W/"f294a3ea881ab4414e2e49f086355597"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cf-ray
89767b6de924b1d3-WAW
alt-svc
h3=":443"; ma=86400
x-amz-id-2
FxbUgkRFQ3HJTsWOGgaB3eR/kWK2iyQjJFqV+DtoudK6GUJCElHQg691v6OkFXg9pQ9sJml5x2HD7hSaqEV0Yg==
/
biletomat.user.com/api/v2/user-chatping/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://biletomat.user.com/api/v2/user-chatping/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://bilety.fm
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, set-cookie, clientuser-key, convo-id
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://bilety.fm
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89767b6e89b4c059-WAW
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 21 Jun 2024 19:42:30 GMT
server
cloudflare
ue-backend
tenants
ue-node
apinode36
vary
Origin
widget-actionsStore.14f9f1d4672eb06559c5.js
widget.user.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget-actionsStore.14f9f1d4672eb06559c5.js
Requested by
Host: biletomat.user.com
URL: https://biletomat.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Jun 2024 07:54:09 GMT
server
cloudflare
x-amz-request-id
1CD7R5HAWV5WBVNQ
age
3777
etag
W/"0d051876f932526893b9cf6305e9ce28"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cf-ray
89767b6e4971b1d3-WAW
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Dd0I2QnQip6QCB8nRfEG8AADINBCVXkkm67qzmoSwknmu0sfxDmbRLZK44+qkJMJheNnv3ZMMYf8ruN8Z3GwOITaebl5tCO1XD58Dh+EgsQ=
/
biletomat.user.com/api/v2/user-chatping/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://biletomat.user.com/api/v2/user-chatping/
Requested by
Host: biletomat.user.com
URL: https://biletomat.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e4d44d0d72c5a776a917797ca136f19d3f9d277fab3607e5bcf7696d09b1ee2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://bilety.fm/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
ue-backend
tenants
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
vary
Cookie, Origin
allow
POST, OPTIONS
content-type
application/json
x-frame-options
DENY
access-control-allow-origin
https://bilety.fm
access-control-allow-credentials
true
ue-node
apinode26
cf-ray
89767b6f1a5db1d3-WAW
widget-chatStore.14f9f1d4672eb06559c5.js
widget.user.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget-chatStore.14f9f1d4672eb06559c5.js
Requested by
Host: biletomat.user.com
URL: https://biletomat.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45bccabe5b26fddab7f57ea4ba645fdad4dcf14ca7737f13f6c6d064fbb865ed

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Jun 2024 07:54:09 GMT
server
cloudflare
x-amz-request-id
1CD810SH759ES6SR
age
3776
etag
W/"bcffd715d3c9f7d67499c2550c07c36d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cf-ray
89767b6ffb5fb1d3-WAW
alt-svc
h3=":443"; ma=86400
x-amz-id-2
szSbflJIXLiI3zHZ9TC+/i9f2hc3QwuoVQKSsUxEcpPwRchJG4Mg+UQX8L1iXTgZcZ7LQBq5EJOHuIadf+wslw==
favicon.ico
bilety.fm/img/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bilety.fm/img/favicon.ico?1688487187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash
d0c980f5578f63939b1eb935147b0774a466b5a7112e2605a1c890a52acd5afc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:30 GMT
last-modified
Fri, 07 Oct 2011 10:02:03 GMT
server
IdeaWebServer/6.2.0
content-length
1150
content-type
application/octet-stream
favicon.ico
bilety.fm/img/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://bilety.fm/img/favicon.ico?1688487187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash
d0c980f5578f63939b1eb935147b0774a466b5a7112e2605a1c890a52acd5afc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bilety.fm/pl/9_podparty-produkcja?orderby=date_start&orderway=asc
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:42:30 GMT
last-modified
Fri, 07 Oct 2011 10:02:03 GMT
server
IdeaWebServer/6.2.0
content-length
1150
content-type
application/octet-stream

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| OneSignal string| baseDir string| static_token string| token number| priceDisplayPrecision number| priceDisplayMethod number| roundMode function| ps_round function| autoUrl function| autoUrlNoList function| toggle function| toggleMultiple function| showElemFromSelect function| openCloseAllDiv function| toggleElemValue function| addBookmark function| writeBookmarkLink function| writeBookmarkLinkObject function| checkCustomizations function| emptyCustomizations function| ceilf function| floorf function| setCurrency function| isArrowKey object| jsonCartGlobal object| ajaxCart function| openBranch function| closeBranch function| toggleBranch function| pc_serialScrollFixLock function| $ function| jQuery boolean| has_canvas object| FB object| _gaq function| fbq function| _fbq function| gtag object| dataLayer number| CUSTOMIZE_TEXTFIELD string| customizationIdMessage string| removingLinkText object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client number| __oneSignalSdkLoadCount function| __jp0 object| __buffer object| _gat object| gaGlobal object| google_tag_manager object| google_tag_data object| civchat function| onYouTubeIframeAPIReady object| recaptcha object| webpackChunkusercom_widget object| regeneratorRuntime function| parcelRequire object| UE function| userengage object| UsercomInstance

13 Cookies

Domain/Path Name / Value
.bilety.fm/ Name: 8812c36aa5ae336c2a77bf63211d899a
Value: EA6%2BIgICYj81xMeM6AGbm6a%2B3ZPqWw%2FboOH4%2BOfN%2FICAsuPXz48F827A3Mjrp9WelFUJINbfiVALhIUNgZJHhHkDZAeq5nJ6jgkvccOmlZm97ZNGtDcX2bA5rqORq1tmL6cee3cyU9oVdXQlsyq1uFn%2Fe0HlaIs7T%2FVn0RkLRmE%3D000118
.onesignal.com/ Name: __cf_bm
Value: GziB4pLUJ.gV_op6uUuIMHP3nB1oIDJjmq6BOVJMuHI-1718998949-1.0.1.1-KXMnTFL7ZufnSgMDB2GklHNx94m_vyNLkmG5nrLb2z98.P206EQpu1tAZ2DzEMgtSXGE9_tpnr2H6yOfhZ9erA
bilety.fm/ Name: dembowska
Value: a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22c69369c43559d413cb32673ec898b796%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22146.70.85.169%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1718998949%3B%7D99e640600212f1da8862710f5928ee93
.bilety.fm/ Name: _fbp
Value: fb.1.1718998949485.446667410299819898
.bilety.fm/ Name: __utma
Value: 63485244.1437816945.1718998950.1718998950.1718998950.1
.bilety.fm/ Name: __utmc
Value: 63485244
.bilety.fm/ Name: __utmz
Value: 63485244.1718998950.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.bilety.fm/ Name: __utmt
Value: 1
.bilety.fm/ Name: __utmb
Value: 63485244.1.10.1718998950
.bilety.fm/ Name: _ga
Value: GA1.1.1584136119.1718998950
.bilety.fm/ Name: _ga_E878NRXPV3
Value: GS1.1.1718998949.1.0.1718998949.60.0.0
.user.com/ Name: _ueuuid
Value: QMcYRToNg7tDa6-4
.bilety.fm/ Name: __ca__chat
Value: ovj1tfhxphrz

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

akustyczen.pl
biletomat.user.com
bilety.fm
cdn.onesignal.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
onesignal.com
region1.analytics.google.com
ssl.google-analytics.com
stats.g.doubleclick.net
widget.user.com
www.facebook.com
www.google.com
www.google.pl
www.googletagmanager.com
www.gstatic.com
104.17.111.223
104.17.24.14
142.250.184.195
142.250.185.227
142.250.186.164
157.240.252.13
157.240.252.35
172.217.16.202
172.217.18.99
172.67.38.130
216.239.34.36
216.58.206.40
216.58.206.72
64.233.184.154
85.128.134.238
89.161.251.72
0090accdb5dd577b0e3f3fe54460c6caee6097d977730b43c122d593276085d4
030f7fa22bba9e4834ce68ce502f78520d0c5eaee401d7ff5654de7dc6494086
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf
093f782260d70f914e7e591eba1502d3e992e9f7a69a17d1df6c32bcddd6f06a
0f09132e3b75c5b582c1d47ac21872e0c207f5eeb2a4e4be8ed0b373eb35e46f
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
204bfb776a13628a0f4591b08cce06b1e8d597dddc309520cf18c19726f97a2c
287091a3a954af656d198faea2a794d590f1a50d6016a4d47014bac345f87b01
29de03aaf7a0844578daef59eabdbd1cfe9257873765938cc51a3c9a3af843b4
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
2f0dc96a0b24cc9af003b43bc4f477639fced863f4f967dd2b5e451f621cd09d
341ca270eace2885366604f8197a6edadfdeefc5d944e2d4a0ba38fb65d53fe6
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
45bccabe5b26fddab7f57ea4ba645fdad4dcf14ca7737f13f6c6d064fbb865ed
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
536eb518be97cecbf15bca39157a168f4405deddb689a6314bf41130f4b52b68
5390257d217819f86f34f271a660eaf00edca5f06d833adae943097245a357c9
58b2c5ccae7a4541694e4a803bd28f35f66508b9a2232d3914c2914772bc64c6
5ebd8a4f796876f588db0ea42971183395984678e545a2db2a0a3e55fddd17ac
68741985f67e485122e454bdd80595c80856413e4fe2d3367f9eb678495079d2
6c17dfeb35ed982b25856582151ec0176ffe42fac3539926494393a2910ddb25
6c458ecc42424ad31dac9d499726aca46d6c5f570d37a5cb2d1098901c4ef47a
77704139ceaad478f61a8822e965617aa7bcb286251d0b5baa0ad9007736282f
855c191703caf3a065cd6d0ce4586495c2cb998666e76547da4fd452953d5d77
8b6f5887368a30af2590020ef416513f98f629a8912cb7234294e457ac3fcc2a
8e4d44d0d72c5a776a917797ca136f19d3f9d277fab3607e5bcf7696d09b1ee2
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d
a2c0df507fc19b43c9ec642cfc5b1b80515b1fec8c7aa301e710ad741dc9dac8
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac4af1e947b3dfea2b85de7734d5ef2e1e99bab7b3740e0110fb422737999ddd
b8d38f97f8f1b152fdbc9f6195d509409c263607adccdba8b20668979ab06da7
d0c980f5578f63939b1eb935147b0774a466b5a7112e2605a1c890a52acd5afc
dcd642b7e177ff0508a2e5130b6bd7e7297a951ebf434e50fefa6e0aa86eba17
e19d96954d2e24254fdc2461f7f76e3a93252574ea64cc8396bdea7c8dd3c1be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea67935cd2217ea73222445a288ca014d9abaafa08de285bbf8bac692c8b2be0
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ed770b378b311eb6a97e7cdca8d6a00c976cd5fb3d49f0045962f676e58fcf3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9df3d1d79f82406df33cd265d0ff36c43ac0a253f046bada8ae5c2eb488a3b
fd875b4769d11a3bc33a566e01d3faa5085c656636cc8badb1c78278ad8899c8