urlscan.io logo urlscan.io
SecurityTrails logo

bilety.fm Open in urlscan Pro
89.161.251.72  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bilety.fm/
Effective URL: https://bilety.fm/pl/
Submission: On May 30 via api from CA — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 48 HTTP transactions. The main IP is 89.161.251.72, located in Poland and belongs to HOMEPL-AS, PL. The main domain is bilety.fm.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on August 28th 2023. Valid for: a year.
This is the only time bilety.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 89.161.251.72 12824 (HOMEPL-AS)
1 216.58.212.138 15169 (GOOGLE)
4 104.17.24.14 13335 (CLOUDFLAR...)
3 104.16.160.145 13335 (CLOUDFLAR...)
1 2 142.250.186.164 15169 (GOOGLE)
4 157.240.0.6 32934 (FACEBOOK)
3 142.250.185.200 15169 (GOOGLE)
1 2 142.250.186.104 15169 (GOOGLE)
1 172.67.29.228 13335 (CLOUDFLAR...)
2 142.250.186.163 15169 (GOOGLE)
1 142.250.181.227 15169 (GOOGLE)
2 157.240.252.35 32934 (FACEBOOK)
1 2 64.233.184.154 15169 (GOOGLE)
2 142.250.184.195 15169 (GOOGLE)
1 7 172.67.38.130 13335 (CLOUDFLAR...)
1 216.239.34.36 15169 (GOOGLE)
48 16
16    89.161.251.72 (Poland)

ASN12824 (HOMEPL-AS, PL)
PTR: cloudserver2081602.home.pl
bilety.fm
1    216.58.212.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f10.1e100.net
fonts.googleapis.com
4    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    104.16.160.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
2    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
4    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
3    142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net
www.googletagmanager.com
2    142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
ssl.google-analytics.com
1    172.67.29.228 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.biletomat.pl
2    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
www.gstatic.com
2    157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com
www.facebook.com
2    64.233.184.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f154.1e100.net
stats.g.doubleclick.net
2    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
www.google.pl
7    172.67.38.130 (United States)

ASN13335 (CLOUDFLARENET, US)
biletomat.user.com
widget.user.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
Apex Domain
Subdomains		 Transfer
16 bilety.fm
bilety.fm
121 KB
7 user.com
biletomat.user.com
widget.user.com — Cisco Umbrella Rank: 134550
78 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
160 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
175 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
288 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
268 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 3095
1 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4680
onesignal.com — Cisco Umbrella Rank: 1554
74 KB
2 google.pl
www.google.pl — Cisco Umbrella Rank: 23477
517 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
487 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
4 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 654
17 KB
1 biletomat.pl
embed.biletomat.pl
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
48 14
Domain Requested by
16 bilety.fm 1 redirects bilety.fm
4 widget.user.com bilety.fm
biletomat.user.com
4 connect.facebook.net bilety.fm
connect.facebook.net
4 cdnjs.cloudflare.com bilety.fm
cdnjs.cloudflare.com
3 biletomat.user.com 1 redirects biletomat.user.com
3 www.googletagmanager.com bilety.fm
www.googletagmanager.com
2 www.google.pl bilety.fm
2 stats.g.doubleclick.net 1 redirects www.googletagmanager.com
2 www.facebook.com bilety.fm
2 fonts.gstatic.com fonts.googleapis.com
2 ssl.google-analytics.com 1 redirects bilety.fm
2 www.google.com 1 redirects bilety.fm
2 cdn.onesignal.com bilety.fm
cdn.onesignal.com
1 region1.analytics.google.com www.googletagmanager.com
1 onesignal.com cdn.onesignal.com
1 www.gstatic.com www.google.com
1 embed.biletomat.pl bilety.fm
1 fonts.googleapis.com bilety.fm
48 18
Subject Issuer Validity Valid
bilety.fm
RapidSSL TLS RSA CA G1		 2023-08-28 -
2024-09-16		 a year crt.sh
upload.video.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
onesignal.com
GTS CA 1P5		 2024-04-01 -
2024-06-30		 3 months crt.sh
*.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-09 -
2024-06-07		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
biletomat.pl
E1		 2024-04-10 -
2024-07-09		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.google.pl
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
user.com
GTS CA 1P5		 2024-04-12 -
2024-07-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://bilety.fm/pl/
Frame ID: 8E1BB7BF6D9731AF248625B40A7636D6
Requests: 46 HTTP requests in this frame

Frame: https://embed.biletomat.pl/?my=1&ck=fmq&btc=%23fdfdfd&bbc=%2300aeef&bl=Kup+Bilet&is=150&ir=10&bc=%23f5f5f5&fc=%23181818&newTab&events&aggregators&productPage&soldOut&footerHtml=false&header=false&c=264&c=10&c=21&c=139&c=196&searchBar
Frame ID: 0FE2C09408B621ECC9A38B577901D4A9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

bilety na koncerty, spektakle i wydarzenia sportowe - bilety.fm

Page URL History Show full URLs

  1. http://bilety.fm/ HTTP 307
    https://bilety.fm/ HTTP 301
    http://bilety.fm/pl/ HTTP 307
    https://bilety.fm/pl/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

48
Requests

96 %
HTTPS

0 %
IPv6

14
Domains

18
Subdomains

16
IPs

4
Countries

1186 kB
Transfer

3100 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bilety.fm/ HTTP 307
    https://bilety.fm/ HTTP 301
    http://bilety.fm/pl/ HTTP 307
    https://bilety.fm/pl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=128908984&utmhn=bilety.fm&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=pl-pl&utmje=0&utmfl=-&utmdt=bilety%20na%20koncerty%2C%20spektakle%20i%20wydarzenia%20sportowe%20-%20bilety.fm&utmhid=788647887&utmr=-&utmp=%2Fpl%2F&utmht=1717090764997&utmac=UA-25851983-1&utmcc=__utma%3D63485244.1664354814.1717090765.1717090765.1717090765.1%3B%2B__utmz%3D63485244.1717090765.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1956263519&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25851983-1&cid=1664354814.1717090765&jid=1956263519&_v=5.7.2&z=128908984 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25851983-1&cid=1664354814.1717090765&jid=1956263519&_v=5.7.2&z=128908984 HTTP 302
  • https://www.google.pl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25851983-1&cid=1664354814.1717090765&jid=1956263519&_v=5.7.2&z=128908984&slf_rd=1&random=1287940293
Request Chain 35
  • https://biletomat.user.com/widget.js HTTP 301
  • https://widget.user.com/widget.js

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bilety.fm/pl/
Redirect Chain
  • http://bilety.fm/
  • https://bilety.fm/
  • http://bilety.fm/pl/
  • https://bilety.fm/pl/
17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.1.0 /
Resource Hash
ba92acdb9fc547c5113d1551561d4e4a3a6dd0e0a3a17b1e943800c663fa60a1

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 17:39:23 GMT
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
server
IdeaWebServer/6.1.0

Redirect headers

Location
https://bilety.fm/pl/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,400,400i,700&subset=latin-ext
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f10.1e100.net
Software
ESF /
Resource Hash
8b6f5887368a30af2590020ef416513f98f629a8912cb7234294e457ac3fcc2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 May 2024 17:39:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 May 2024 17:39:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 May 2024 17:39:23 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/ 		56 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Origin
https://bilety.fm
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
773919
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10134
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-dff5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qRsGrXIgMHUoHx3lF%2BDSvP9pLtYdaeNErr3ceeTW8z1bI%2BVyFWOZXFBRvPEHetB7Kmd%2BKhb9mS%2B394elz%2F8TMrzKM1tTGn1Rc0P93A6D9uuPHoRzfsDUMEK%2F%2Bu2H4KSPGV2VR2Bw"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88c080d648aebf4c-WAW
expires
Tue, 20 May 2025 17:39:23 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:23 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2353
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
88c080da7bf6bfbc-WAW
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sun, 02 Jun 2024 17:39:23 GMT
api.js
www.google.com/recaptcha/ 		1 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
770481b2dea729fe340ab1dc08648bcb042aee892bb2779d9021e6c410e18d01
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 30 May 2024 17:39:24 GMT
0371eec2eb0e7647a1dd63ca1a76f6b0_all.css
bilety.fm/themes/biletyfm/cache/ 		63 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bilety.fm/themes/biletyfm/cache/0371eec2eb0e7647a1dd63ca1a76f6b0_all.css?biletyfm=4
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.1.0 /
Resource Hash
4ab6f5ce7e9d1964f30ac43e8e184c2c3860b0d3d53b3bcb6b4003c616c05adb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:23 GMT
content-encoding
gzip
last-modified
Wed, 03 Jan 2024 10:44:37 GMT
server
IdeaWebServer/6.1.0
content-type
text/css
0412da50558cc0c5b23818d6d76077d5.js
bilety.fm/themes/biletyfm/cache/ 		147 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bilety.fm/themes/biletyfm/cache/0412da50558cc0c5b23818d6d76077d5.js?biletyfm=4
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.1.0 /
Resource Hash
6c458ecc42424ad31dac9d499726aca46d6c5f570d37a5cb2d1098901c4ef47a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:23 GMT
content-encoding
gzip
last-modified
Fri, 06 Oct 2023 07:35:04 GMT
server
IdeaWebServer/6.1.0
content-type
application/javascript
all.js
connect.facebook.net/pl_PL/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pl_PL/all.js
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
0582d75baa422d14aa5d2b22ff70aeb1b02fb02cf9853d20804718af7b51162d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 30 May 2024 17:39:23 GMT
content-md5
W7pWqpX7YSWBFgQTMypOaw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=12, mss=1314, tbw=2790, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
tIVQjYxLMz2VP3mrDRpUQQrzVRxWffkrlc5LaE2LLloc/0ZpSk4l/0N8XLrGXcF4+VNaTN2lsOtWIJIb4KxseA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
7b27cb669f9106f59610194f86602068
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"e0c74a378a2ec2bb3c2dfe97a6dce7f3"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 30 May 2024 17:49:07 GMT
js
www.googletagmanager.com/gtag/ 		303 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E878NRXPV3
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
35ecfae21e123032b142d5345fbee542048feb1ff1a62fb025828020261447ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103710
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 May 2024 17:39:24 GMT
logo.svg
bilety.fm/img/ 		13 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bilety.fm/img/logo.svg
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.1.0 /
Resource Hash
0f09132e3b75c5b582c1d47ac21872e0c207f5eeb2a4e4be8ed0b373eb35e46f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:23 GMT
content-encoding
gzip
last-modified
Wed, 07 Jun 2023 17:29:51 GMT
server
IdeaWebServer/6.1.0
content-type
image/svg+xml
filharmonia.png
bilety.fm/themes/biletyfm/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bilety.fm/themes/biletyfm/img/filharmonia.png
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.1.0 /
Resource Hash
dcd642b7e177ff0508a2e5130b6bd7e7297a951ebf434e50fefa6e0aa86eba17

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:23 GMT
last-modified
Mon, 15 Nov 2021 12:28:24 GMT
server
IdeaWebServer/6.1.0
content-length
14069
content-type
image/png
echo.jpg
bilety.fm/themes/biletyfm/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bilety.fm/themes/biletyfm/img/echo.jpg
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.1.0 /
Resource Hash
6c17dfeb35ed982b25856582151ec0176ffe42fac3539926494393a2910ddb25

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:23 GMT
last-modified
Tue, 18 May 2021 10:55:05 GMT
server
IdeaWebServer/6.1.0
content-length
5972
content-type
image/jpeg
winylefm.jpg
bilety.fm/themes/biletyfm/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bilety.fm/themes/biletyfm/img/winylefm.jpg
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.1.0 /
Resource Hash
b8d38f97f8f1b152fdbc9f6195d509409c263607adccdba8b20668979ab06da7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:23 GMT
last-modified
Thu, 29 Jul 2021 07:09:19 GMT
server
IdeaWebServer/6.1.0
content-length
5803
content-type
image/jpeg
koncertycom.png
bilety.fm/themes/biletyfm/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bilety.fm/themes/biletyfm/img/koncertycom.png
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.1.0 /
Resource Hash
fd875b4769d11a3bc33a566e01d3faa5085c656636cc8badb1c78278ad8899c8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:23 GMT
last-modified
Wed, 06 Jun 2012 12:07:51 GMT
server
IdeaWebServer/6.1.0
content-length
2799
content-type
image/png
zamek.png
bilety.fm/themes/biletyfm/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bilety.fm/themes/biletyfm/img/zamek.png
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.1.0 /
Resource Hash
5390257d217819f86f34f271a660eaf00edca5f06d833adae943097245a357c9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:23 GMT
last-modified
Wed, 23 Mar 2016 14:28:27 GMT
server
IdeaWebServer/6.1.0
content-length
11614
content-type
image/png
all.js
connect.facebook.net/pl_PL/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pl_PL/all.js?hash=8496124c69500b1cc8e2f3395e61d7d3
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
921de52791744cf5448d2d16dd21ffcd96669f5af23ca68ee77c4f633569bac5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Origin
https://bilety.fm
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 30 May 2024 17:39:23 GMT
content-md5
ZjmqGxSWFJGmv65fbQgDlQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87214
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=4314, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug
No18c9VYG+oo804u6EisxRgHnXhHZII19hqDHuJ440/NClVYbjlgJMtQSjX5pjjFFEAjdZohehIiAJ0kVUi7Ww==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
09127037cca6ec2bfc4580aa2a500784
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"f9b48da130c71351faee6a48ffff2f05"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Fri, 30 May 2025 15:21:15 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 30 May 2024 16:15:33 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5031
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Thu, 30 May 2024 18:15:33 GMT
fbevents.js
connect.facebook.net/en_US/ 		218 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 30 May 2024 17:39:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=48, rtx=0, c=19, mss=1314, tbw=6636, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
vDlECacPT4YBtUqMiVgOl1SkhKiL/nKrLcl5Rk5ssXgx7mNLe9lQWNsJ8rS73zivP27x2dCU6NbSvXlf+d6gJA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		179 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N2MF968
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
17058a81e4faf4391dd4f62714761ec950ca16742e7317813efbcff007674e77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66562
x-xss-protection
0
last-modified
Thu, 30 May 2024 16:13:15 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 May 2024 17:39:24 GMT
/
embed.biletomat.pl/ Frame 0FE2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://embed.biletomat.pl/?my=1&ck=fmq&btc=%23fdfdfd&bbc=%2300aeef&bl=Kup+Bilet&is=150&ir=10&bc=%23f5f5f5&fc=%23181818&newTab&events&aggregators&productPage&soldOut&footerHtml=false&header=false&c=264&c=10&c=21&c=139&c=196&searchBar
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.29.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
https://bilety.fm/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
24560
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
cf-cache-status
DYNAMIC
cf-ray
88c080deddfa5b31-VIE
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 30 May 2024 17:39:24 GMT
server
cloudflare
strict-transport-security
max-age=31536000
x-nf-request-id
01HZ59BHVX382SJGJSZAYR7W1A
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,400i,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://bilety.fm
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 14:41:43 GMT
x-content-type-options
nosniff
age
183461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48336
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:31:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 14:41:43 GMT
sort_asc_white.png
bilety.fm/themes/biletyfm/img/icon/ 		118 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bilety.fm/themes/biletyfm/img/icon/sort_asc_white.png
Requested by
Host: bilety.fm
URL: https://bilety.fm/themes/biletyfm/cache/0371eec2eb0e7647a1dd63ca1a76f6b0_all.css?biletyfm=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.1.0 /
Resource Hash
536eb518be97cecbf15bca39157a168f4405deddb689a6314bf41130f4b52b68

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/themes/biletyfm/cache/0371eec2eb0e7647a1dd63ca1a76f6b0_all.css?biletyfm=4
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:23 GMT
last-modified
Tue, 18 Oct 2011 21:30:04 GMT
server
IdeaWebServer/6.1.0
content-length
118
content-type
image/png
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Origin
https://bilety.fm
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:23 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
501928
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
76120
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-12958"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1jZghzYNvQTlJaxfX%2BhC8DWPP9cIT7in8yv15NJchskjasrLs6nrSBpfdmPrkj9og67e8OcNQMs49iryxx21UE9iLDibJwkGg%2BCIU6EH1GybQoMxC7rHLPsyYAuh4IVMMXbdZpVv"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88c080da7f19bf4c-WAW
expires
Tue, 20 May 2025 17:39:23 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
093f782260d70f914e7e591eba1502d3e992e9f7a69a17d1df6c32bcddd6f06a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Origin
https://bilety.fm
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:23 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
505536
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13600
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-3520"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5g%2FzlsZmUVIzFcM2uvTYMeGq71%2B7JcZ2SOzeLMln3msLzAe1lsbGCnUMN5JbIyy2txPwrR5f4YR96HeTfshTH8HMUczSHYsfohBXG1koUYfBzqoEXtdQLuNF3apcmBPybA6fNDkh"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88c080da7f1bbf4c-WAW
expires
Tue, 20 May 2025 17:39:23 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Origin
https://bilety.fm
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:23 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1210706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
76548
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-12b04"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bi88cEgteb4WaAWwTHVXURUWEUTfHQiYyxvlpYFkloWbZ4N1ZNKONFRomKOpvCRU%2FrstuNUibXyxFxywmHyQMe64fotz3ObwolEh5y%2BxWDcaOzWjj4zZHBD%2B%2F3gYkaHN4yMbom4i"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88c080da8f2abf4c-WAW
expires
Tue, 20 May 2025 17:39:23 GMT
1Ptug8zYS_SKggPNyCMIT5lu.woff2
fonts.gstatic.com/s/raleway/v34/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyCMIT5lu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,400i,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
2f0dc96a0b24cc9af003b43bc4f477639fced863f4f967dd2b5e451f621cd09d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://bilety.fm
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 14:46:04 GMT
x-content-type-options
nosniff
age
183200
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30860
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:31:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 14:46:04 GMT
cart.php
bilety.fm/ 		182 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bilety.fm/cart.php?ajax=true&token=3a2016cf552c804a9618494036678886&_=1717090763878
Requested by
Host: bilety.fm
URL: https://bilety.fm/themes/biletyfm/cache/0412da50558cc0c5b23818d6d76077d5.js?biletyfm=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.1.0 /
Resource Hash
ed770b378b311eb6a97e7cdca8d6a00c976cd5fb3d49f0045962f676e58fcf3f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://bilety.fm/pl/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:23 GMT
content-encoding
gzip
server
IdeaWebServer/6.1.0
content-type
text/html; charset=utf-8
jcalendar
bilety.fm/panel/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bilety.fm/panel/jcalendar
Requested by
Host: bilety.fm
URL: https://bilety.fm/themes/biletyfm/cache/0412da50558cc0c5b23818d6d76077d5.js?biletyfm=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.1.0 /
Resource Hash
85f48bc19eca52689298d68d313a93b0e87626c8b63f411b513f3fe241f64ba1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Referer
https://bilety.fm/pl/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:23 GMT
content-encoding
gzip
server
IdeaWebServer/6.1.0
content-type
text/html; charset=utf-8
12481-medium.jpg
bilety.fm/img/p/1/2/4/8/1/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bilety.fm/img/p/1/2/4/8/1/12481-medium.jpg
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.1.0 /
Resource Hash
28170b50669456ba031e0f0289694abd1deaddce67873a5bbe5ea540a0d3969b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:24 GMT
last-modified
Wed, 04 Oct 2023 08:57:43 GMT
server
IdeaWebServer/6.1.0
content-length
5845
content-type
image/jpeg
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:24 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2354
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
88c080db2d20bfbc-WAW
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sun, 02 Jun 2024 17:39:24 GMT
963486854040759
connect.facebook.net/signals/config/ 		65 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/963486854040759?v=2.9.156&r=stable&domain=bilety.fm&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
ff2f5f4fea596263595ecc390b6ab59270890c8f4846aebabd613cd89e197fda
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 30 May 2024 17:39:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=23, mss=1232, tbw=4345, tp=10, tpl=0, uplat=164, ullat=0
pragma
public
x-fb-debug
hwxUANQJgpr4hOAdkqxXCb4P2hrr6BzAqx3mHfPXQWOycetPug8wDgw70R+UY79xbmJS3VoDUvyr7YFskS/Zdw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
recaptcha__pl.js
www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/ 		527 KB
210 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__pl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
f2a7a9db0b14db7072b0195ac6cfed0ad9cce14d1dd0243fc7b16764ff6a82cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Origin
https://bilety.fm
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 04:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
213997
x-xss-protection
0
last-modified
Mon, 27 May 2024 02:00:43 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 May 2025 04:48:58 GMT
/
www.facebook.com/tr/ 		0
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=963486854040759&ev=PageView&dl=https%3A%2F%2Fbilety.fm%2Fpl%2F&rl=&if=false&ts=1717090764590&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1717090764582.1919413269&cs_est=true&ler=empty&cdl=API_unavailable&it=1717090764049&coo=false&rqm=GET
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=1, c=10, mss=1314, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 30 May 2024 17:39:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=963486854040759&ev=PageView&dl=https%3A%2F%2Fbilety.fm%2Fpl%2F&rl=&if=false&ts=1717090764590&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1717090764582.1919413269&cs_est=true&ler=empty&cdl=API_unavailable&it=1717090764049&coo=false&rqm=FGET
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9bdef85e153a749d","source_keys":["1","2"]},{"key_piece":"0x30a82dd80977bad0","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 30 May 2024 17:39:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=1, c=10, mss=1314, tbw=3133, tp=-1, tpl=-1, uplat=111, ullat=0
pragma
no-cache
x-fb-debug
CxAn6Ia1vdwf637jrFU13qNGQiXeBLYaAduuITnRb9L+lrw7J/ELT2tbTdtmXVkB4Lqy9XkH3YHzCX+R9PkLFw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
web
onesignal.com/api/v1/sync/d56642f7-fff2-4781-9af1-81129059b1ab/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/d56642f7-fff2-4781-9af1-81129059b1ab/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
508ea614fc8817f72e72d2195a50d27647031ab63a2c41396f496f130191f511
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:24 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
1866
cf-polished
origSize=4473
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
662170e6-159a-44a3-8244-c35b3ecd0cab
x-runtime
0.027728
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"ad73f9a3d3f33cd0bac3185949c8c4ae"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
88c080dfed2fbfbc-WAW
access-control-allow-headers
SDK-Version
expires
Thu, 30 May 2024 18:39:24 GMT
ga-audiences
www.google.pl/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=128908984&utmhn=bilety.fm&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=pl-pl&utmje=0&utmfl=-&utmdt=bilety%20na...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25851983-1&cid=1664354814.1717090765&jid=1956263519&_v=5.7.2&z=128908984
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25851983-1&cid=1664354814.1717090765&jid=1956263519&_v=5.7.2&z=128908984
  • https://www.google.pl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25851983-1&cid=1664354814.1717090765&jid=1956263519&_v=5.7.2&z=128908984&slf_rd=1&random=1287940293
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.pl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25851983-1&cid=1664354814.1717090765&jid=1956263519&_v=5.7.2&z=128908984&slf_rd=1&random=1287940293
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
https://bilety.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 May 2024 17:39:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 May 2024 17:39:26 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.pl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25851983-1&cid=1664354814.1717090765&jid=1956263519&_v=5.7.2&z=128908984&slf_rd=1&random=1287940293
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget.js
widget.user.com/
Redirect Chain
  • https://biletomat.user.com/widget.js
  • https://widget.user.com/widget.js
149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget.js
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H3
Server
172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a42d968fc76e247c24e6e0d2e666e9b429dce934e25e6353cb83ec04b4de444

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
https://bilety.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Thu, 30 May 2024 17:39:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Apr 2024 06:26:59 GMT
server
cloudflare
x-amz-request-id
6MET9VWJM3AE1FT3
age
1548
etag
W/"9581f59f51f5b6c0153354100ea8da60"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cf-ray
88c080e6492034fd-WAW
alt-svc
h3=":443"; ma=86400
x-amz-id-2
x9mEQC+3VWy4hNPmDOsqO+2TjWfRk8NWDW9pQH8IlK+Ae3THZtz/9YBwhnpBAsEe+h2uQvYfHHc=

Redirect headers

date
Thu, 30 May 2024 17:39:25 GMT
cf-cache-status
HIT
server
cloudflare
age
40069
vary
Accept-Encoding
location
https://widget.user.com/widget.js
cache-control
max-age=3600
cf-ray
88c080e38d8234fd-WAW
alt-svc
h3=":443"; ma=86400
content-length
0
js
www.googletagmanager.com/gtag/ 		304 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E878NRXPV3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2MF968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
829fc7cd7bc96cd66c3bab829ded000714f920baf5c9f54cbc6bd1065c23c035
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103797
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 May 2024 17:39:25 GMT
collect
region1.analytics.google.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-E878NRXPV3&_ng=1&gtm=45je45m0v870030958za200zb865214871&_p=1717090763827&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=507160958.1717090765&ul=pl-pl&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717090765&sct=1&seg=0&dl=https%3A%2F%2Fbilety.fm%2Fpl%2F&dt=bilety%20na%20koncerty%2C%20spektakle%20i%20wydarzenia%20sportowe%20-%20bilety.fm&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2409
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E878NRXPV3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 30 May 2024 17:39:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bilety.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-E878NRXPV3&cid=507160958.1717090765&gtm=45je45m0v870030958za200zb865214871&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E878NRXPV3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 30 May 2024 17:39:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bilety.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.pl/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.pl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-E878NRXPV3&cid=507160958.1717090765&gtm=45je45m0v870030958za200zb865214871&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=14238052
Requested by
Host: bilety.fm
URL: https://bilety.fm/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 30 May 2024 17:39:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget-app.4e4e98218888971f173e.js
widget.user.com/ 		92 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget-app.4e4e98218888971f173e.js
Requested by
Host: biletomat.user.com
URL: https://biletomat.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
030f7fa22bba9e4834ce68ce502f78520d0c5eaee401d7ff5654de7dc6494086

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Apr 2024 06:26:59 GMT
server
cloudflare
x-amz-request-id
6MEWRFHC8W6T90FD
age
1549
etag
W/"f294a3ea881ab4414e2e49f086355597"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cf-ray
88c080ec3a5f34fd-WAW
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Mhtor1pB/wnSHGWLHbPxZgiu2YWEfDyO0yCdx+MPFfJ45B4Lt/P2szjgarLj7drCfR3G2s4nuKMpFLBMefiG8A==
widget-actionsStore.4e4e98218888971f173e.js
widget.user.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget-actionsStore.4e4e98218888971f173e.js
Requested by
Host: biletomat.user.com
URL: https://biletomat.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Apr 2024 06:26:59 GMT
server
cloudflare
x-amz-request-id
6MEXZF72RCB57X4P
age
1549
etag
W/"0d051876f932526893b9cf6305e9ce28"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cf-ray
88c080ee7e7134fd-WAW
alt-svc
h3=":443"; ma=86400
x-amz-id-2
XK/GV3qK51MLo+7EK/5/rEbyUwEOWSrdTSGDBNi3BUMTyrCfeP2WWiknHOzgiQxGNWSuVSefOaRLCAobTwx4Dg==
/
biletomat.user.com/api/v2/user-chatping/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://biletomat.user.com/api/v2/user-chatping/
Requested by
Host: biletomat.user.com
URL: https://biletomat.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b714ecfbd278edba031fb1759308132959743ff7e9228a91dacfb0ed5fb13d05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://bilety.fm/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
ue-backend
tenants
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
vary
Cookie, Origin
allow
POST, OPTIONS
content-type
application/json
x-frame-options
DENY
access-control-allow-origin
https://bilety.fm
access-control-allow-credentials
true
ue-node
apinode38
cf-ray
88c080f15b2934fd-WAW
/
biletomat.user.com/api/v2/user-chatping/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://biletomat.user.com/api/v2/user-chatping/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://bilety.fm
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, set-cookie, clientuser-key, convo-id
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://bilety.fm
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88c080efad8734b5-WAW
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 17:39:27 GMT
server
cloudflare
ue-backend
tenants
ue-node
apinode57
vary
Origin
favicon.ico
bilety.fm/img/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bilety.fm/img/favicon.ico?1688487187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.1.0 /
Resource Hash
d0c980f5578f63939b1eb935147b0774a466b5a7112e2605a1c890a52acd5afc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:28 GMT
last-modified
Fri, 07 Oct 2011 10:02:03 GMT
server
IdeaWebServer/6.1.0
content-length
1150
content-type
application/octet-stream
widget-chatStore.4e4e98218888971f173e.js
widget.user.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget-chatStore.4e4e98218888971f173e.js
Requested by
Host: biletomat.user.com
URL: https://biletomat.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a34c36eba1fc5d92f556851778a8695936a52b8a63445aaee9863b2fc6b04e8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Apr 2024 06:26:59 GMT
server
cloudflare
x-amz-request-id
6MET2AMJB1P3WQAV
age
1545
etag
W/"4550e64d06e66cf5565b1f1d49a27aa4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cf-ray
88c080f508f534fd-WAW
alt-svc
h3=":443"; ma=86400
x-amz-id-2
jBp1ycShDXRh3edUaIZeKbcAKJah7b5XGZWTMii51X6Bl/gvcyJ2zeIEnQLqRdQ6ljGlRaiNEP4=
favicon.ico
bilety.fm/img/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://bilety.fm/img/favicon.ico?1688487187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.161.251.72 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2081602.home.pl
Software
IdeaWebServer/6.1.0 /
Resource Hash
d0c980f5578f63939b1eb935147b0774a466b5a7112e2605a1c890a52acd5afc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bilety.fm/pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:28 GMT
last-modified
Fri, 07 Oct 2011 10:02:03 GMT
server
IdeaWebServer/6.1.0
content-length
1150
content-type
application/octet-stream

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| OneSignal string| baseDir string| static_token string| token number| priceDisplayPrecision number| priceDisplayMethod number| roundMode function| ps_round function| autoUrl function| autoUrlNoList function| toggle function| toggleMultiple function| showElemFromSelect function| openCloseAllDiv function| toggleElemValue function| addBookmark function| writeBookmarkLink function| writeBookmarkLinkObject function| checkCustomizations function| emptyCustomizations function| ceilf function| floorf function| setCurrency function| isArrowKey object| jsonCartGlobal object| ajaxCart function| openBranch function| closeBranch function| toggleBranch function| pc_serialScrollFixLock function| $ function| jQuery boolean| has_canvas object| FB object| _gaq function| fbq function| _fbq function| gtag object| dataLayer number| CUSTOMIZE_TEXTFIELD string| customizationIdMessage string| removingLinkText object| __buffer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client number| __oneSignalSdkLoadCount function| __jp0 object| _gat object| gaGlobal object| google_tag_manager object| google_tag_data object| civchat function| onYouTubeIframeAPIReady object| webpackChunkusercom_widget object| regeneratorRuntime function| parcelRequire object| UE function| userengage object| recaptcha object| UsercomInstance

14 Cookies

Domain/Path Name / Value
.bilety.fm/ Name: 8812c36aa5ae336c2a77bf63211d899a
Value: vWRMFj8dMJhb52BnG4%2BcA%2FgmODdU226k%2BRLYOcKPoImAsuPXz48F827A3Mjrp9WelFUJINbfiVALhIUNgZJHhAXcRVwnwrLfmBnYWbrCj%2FQHsfl0UKSBNZ8cff8rkBT%2BwqSm5Ud2hXSaR0%2BdrjvESFvTsGLbQszGPQLxQWZyvTs%3D000118
bilety.fm/ Name: dembowska
Value: a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22a1e1bf779a709df6886df4dc0d6ee102%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22146.70.85.176%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1717090763%3B%7D12081fcdc8e698a46e8d991274ebcb8b
.onesignal.com/ Name: __cf_bm
Value: iHeZ4QfxO7ELb2yzAG0zewqb8o1THfI_avtfCkrxWns-1717090763-1.0.1.1-woNQINR02gb29p2NaC3nzBmofFn76SKNUkTE2epVKGnGMLuZ1lyj0px7.w7RmOEfR8uAaHoBL_lAxGt6TXibuQ
.bilety.fm/ Name: _fbp
Value: fb.1.1717090764582.1919413269
.biletomat.pl/ Name: __cf_bm
Value: LWKYEmm1AFczeZKqbUcUkBqpoQdB0cOJsU54T37Hl5I-1717090764-1.0.1.1-FL0kJ0Q3GXYh4CWD3kUcegGPXe46pjQddsnnGLzvSvDYMbFoLrN1r21KT8xzD3SLJc1CCaZL9B6wik7PWLurHQ
.bilety.fm/ Name: __utma
Value: 63485244.1664354814.1717090765.1717090765.1717090765.1
.bilety.fm/ Name: __utmc
Value: 63485244
.bilety.fm/ Name: __utmz
Value: 63485244.1717090765.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.bilety.fm/ Name: __utmt
Value: 1
.bilety.fm/ Name: __utmb
Value: 63485244.1.10.1717090765
.bilety.fm/ Name: _ga_E878NRXPV3
Value: GS1.1.1717090765.1.0.1717090765.60.0.0
.bilety.fm/ Name: _ga
Value: GA1.1.507160958.1717090765
.user.com/ Name: _ueuuid
Value: G4bZQ5Oh_ashhISa
.bilety.fm/ Name: __ca__chat
Value: 9xcyvjzr4rck

12 Console Messages

Source Level URL
Text
other warning URL: https://bilety.fm/pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.fm/pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.fm/pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.fm/pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.fm/pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.fm/pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.fm/pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.fm/pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.fm/pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.fm/pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.fm/pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.fm/pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

biletomat.user.com
bilety.fm
cdn.onesignal.com
cdnjs.cloudflare.com
connect.facebook.net
embed.biletomat.pl
fonts.googleapis.com
fonts.gstatic.com
onesignal.com
region1.analytics.google.com
ssl.google-analytics.com
stats.g.doubleclick.net
widget.user.com
www.facebook.com
www.google.com
www.google.pl
www.googletagmanager.com
www.gstatic.com
104.16.160.145
104.17.24.14
142.250.181.227
142.250.184.195
142.250.185.200
142.250.186.104
142.250.186.163
142.250.186.164
157.240.0.6
157.240.252.35
172.67.29.228
172.67.38.130
216.239.34.36
216.58.212.138
64.233.184.154
89.161.251.72
030f7fa22bba9e4834ce68ce502f78520d0c5eaee401d7ff5654de7dc6494086
0582d75baa422d14aa5d2b22ff70aeb1b02fb02cf9853d20804718af7b51162d
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf
093f782260d70f914e7e591eba1502d3e992e9f7a69a17d1df6c32bcddd6f06a
0f09132e3b75c5b582c1d47ac21872e0c207f5eeb2a4e4be8ed0b373eb35e46f
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
17058a81e4faf4391dd4f62714761ec950ca16742e7317813efbcff007674e77
28170b50669456ba031e0f0289694abd1deaddce67873a5bbe5ea540a0d3969b
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
2f0dc96a0b24cc9af003b43bc4f477639fced863f4f967dd2b5e451f621cd09d
35ecfae21e123032b142d5345fbee542048feb1ff1a62fb025828020261447ce
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
4a34c36eba1fc5d92f556851778a8695936a52b8a63445aaee9863b2fc6b04e8
4ab6f5ce7e9d1964f30ac43e8e184c2c3860b0d3d53b3bcb6b4003c616c05adb
508ea614fc8817f72e72d2195a50d27647031ab63a2c41396f496f130191f511
536eb518be97cecbf15bca39157a168f4405deddb689a6314bf41130f4b52b68
5390257d217819f86f34f271a660eaf00edca5f06d833adae943097245a357c9
6a42d968fc76e247c24e6e0d2e666e9b429dce934e25e6353cb83ec04b4de444
6c17dfeb35ed982b25856582151ec0176ffe42fac3539926494393a2910ddb25
6c458ecc42424ad31dac9d499726aca46d6c5f570d37a5cb2d1098901c4ef47a
770481b2dea729fe340ab1dc08648bcb042aee892bb2779d9021e6c410e18d01
829fc7cd7bc96cd66c3bab829ded000714f920baf5c9f54cbc6bd1065c23c035
85f48bc19eca52689298d68d313a93b0e87626c8b63f411b513f3fe241f64ba1
8b6f5887368a30af2590020ef416513f98f629a8912cb7234294e457ac3fcc2a
921de52791744cf5448d2d16dd21ffcd96669f5af23ca68ee77c4f633569bac5
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b714ecfbd278edba031fb1759308132959743ff7e9228a91dacfb0ed5fb13d05
b8d38f97f8f1b152fdbc9f6195d509409c263607adccdba8b20668979ab06da7
ba92acdb9fc547c5113d1551561d4e4a3a6dd0e0a3a17b1e943800c663fa60a1
d0c980f5578f63939b1eb935147b0774a466b5a7112e2605a1c890a52acd5afc
dcd642b7e177ff0508a2e5130b6bd7e7297a951ebf434e50fefa6e0aa86eba17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ed770b378b311eb6a97e7cdca8d6a00c976cd5fb3d49f0045962f676e58fcf3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a7a9db0b14db7072b0195ac6cfed0ad9cce14d1dd0243fc7b16764ff6a82cb
fd875b4769d11a3bc33a566e01d3faa5085c656636cc8badb1c78278ad8899c8
ff2f5f4fea596263595ecc390b6ab59270890c8f4846aebabd613cd89e197fda