www.onetowo-3.pl Open in urlscan Pro
193.150.70.75  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.onetowo-3.pl/	10 KB 10 KB	70ms 36ms	Document text/html	193.150.70.75 NFORCE
General Check archive.org Show headers Download Go to Full URL http://www.onetowo-3.pl/ Protocol HTTP/1.1 Server 193.150.70.75 Birsk, Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software Apache / Resource Hash 038ed1701c26a4562143718c8eccbb7a6ece4394298a1afe73b8273b5a79d7b1 Request headers Host www.onetowo-3.pl Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers Date Sat, 05 Jun 2021 11:46:10 GMT Server Apache Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	init.js Show response lnaff.pl/RKL_SKRYPT/ADBLOCK/	24 KB 6 KB	46ms 16ms	Script application/javascript	2606:4700:3035::ac43:d93d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lnaff.pl/RKL_SKRYPT/ADBLOCK/init.js?user=0l6w0op&stawka=1 Requested by Host: www.onetowo-3.pl URL: http://www.onetowo-3.pl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:d93d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.27 Resource Hash 4c118f8823eabd59094aa17f7166e9f8f6ae849b8589b378251dc3083740f027 Request headers Referer http://www.onetowo-3.pl/ User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers date Sat, 05 Jun 2021 11:46:10 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} server cloudflare age 3106 x-powered-by PHP/7.2.27 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2B5Te0awkdvG3SqE5OsZ8PEUCZnHIFsvoNJZKj5HlBIJnnzjn6hPe4ag3HsCvsmsFTxvw5EHn7le3vuE6OLhYwr%2FjGyfV%2BqcmOU%2Bwwf6lhXmaoin1tqe7hcYRf9xNTyU3mO0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 65a928ad6a3f4e9d-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0a7d97c05e00004e9da88c0000000001
GET H/1.1	200 OK	v0.js Show response www.onetowo-3.pl/	254 KB 254 KB	23ms 23ms	Script application/javascript	193.150.70.75 NFORCE
General Check archive.org Show headers Download Go to Full URL http://www.onetowo-3.pl/v0.js Requested by Host: www.onetowo-3.pl URL: http://www.onetowo-3.pl/ Protocol HTTP/1.1 Server 193.150.70.75 Birsk, Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software Apache / Resource Hash bf35807fab0321da57398c08250bf764fee6144ed87f5875bcb617899142f522 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.onetowo-3.pl Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Accept */* Referer http://www.onetowo-3.pl/ Connection keep-alive Cache-Control no-cache Referer http://www.onetowo-3.pl/ User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers Date Sat, 05 Jun 2021 11:46:10 GMT Last-Modified Thu, 03 Jun 2021 16:25:16 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 259750
GET H2	200	css fonts.googleapis.com/	2 KB 632 B	16ms 16ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto&subset=latin-ext Requested by Host: www.onetowo-3.pl URL: http://www.onetowo-3.pl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://www.onetowo-3.pl/ User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 05 Jun 2021 10:08:58 GMT server ESF date Sat, 05 Jun 2021 11:46:10 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 05 Jun 2021 11:46:10 GMT
GET H/1.1	200 OK	style.css www.onetowo-3.pl/	33 KB 33 KB	49ms 38ms	Stylesheet text/css	193.150.70.75 NFORCE
General Check archive.org Show headers Download Go to Full URL http://www.onetowo-3.pl/style.css Requested by Host: www.onetowo-3.pl URL: http://www.onetowo-3.pl/ Protocol HTTP/1.1 Server 193.150.70.75 Birsk, Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software Apache / Resource Hash 3083e3fe620ef93651018052cb40b45ec7c5b5297610ec332fd4f7066138e69f Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.onetowo-3.pl Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://www.onetowo-3.pl/ Connection keep-alive Cache-Control no-cache Referer http://www.onetowo-3.pl/ User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers Date Sat, 05 Jun 2021 11:46:10 GMT Last-Modified Thu, 03 Jun 2021 16:25:16 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 33859
GET H/1.1	200 OK	d.js Show response waust.at/	13 KB 8 KB	28ms 22ms	Script application/x-javascript	2606:4700:20::681a:507 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://waust.at/d.js Requested by Host: www.onetowo-3.pl URL: http://www.onetowo-3.pl/ Protocol HTTP/1.1 Server 2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd Request headers Referer http://www.onetowo-3.pl/ User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers Date Sat, 05 Jun 2021 11:46:10 GMT content-encoding gzip CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 2034 Transfer-Encoding chunked Connection keep-alive cf-request-id 0a7d97c082000032506d368000000001 last-modified Mon, 03 May 2021 17:48:14 GMT Server cloudflare etag W/"6090375e-3444" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TY0CuMncUuc41nLfraOlPYd6%2F%2FOinKBGaD%2FsR9SGyQxEECTLka%2BlNgQIMYEklErbbNOLpl1yX9P9VyLgYD8s0PaJpj7E5bBaakaEsmOPOUs%2FbcVB%2FHnZlpuqNuT2Z4UgZA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/x-javascript access-control-allow-origin * cache-control max-age=86400 CF-RAY 65a928ad992b3250-FRA expires Sun, 06 Jun 2021 11:12:16 GMT
GET H/1.1	200 OK	piwik.js Show response ldrcp.pl/	69 KB 24 KB	35ms 19ms	Script application/javascript	2606:4700:3032::ac43:865e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://ldrcp.pl/piwik.js Requested by Host: lnaff.pl URL: https://lnaff.pl/RKL_SKRYPT/ADBLOCK/init.js?user=0l6w0op&stawka=1 Protocol HTTP/1.1 Server 2606:4700:3032::ac43:865e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbfe0f6e01f9f1557b7ad3f79ac0cce407ee661c4b34a830458baf28a08d3492 Request headers Referer http://www.onetowo-3.pl/ User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers Date Sat, 05 Jun 2021 11:46:10 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 4626 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 Content-Length 24103 cf-request-id 0a7d97c08300004e6d2f910000000001 Last-Modified Mon, 20 Apr 2020 10:22:38 GMT Server cloudflare ETag "11520-5a3b64748be4a-gzip" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=P61lVjON8S%2FnWVrCupXyJBsMzGXWt%2BrHOaHb%2BviC4OWB%2FSRvFVZ44P%2B%2F2ev%2Bs%2B%2BBw%2Fdq6X4l55MAS8tTko0So4jWubfdRrPsf%2FKv1Thy2z%2FnYapRWzKnemSPokoAbMRJRtk%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 65a928ad98424e6d-FRA
GET H/1.1	200 OK	video.jpg www.onetowo-3.pl/	117 KB 117 KB	25ms 25ms	Image image/jpeg	193.150.70.75 NFORCE
General Check archive.org Show headers Download Go to Show image Full URL http://www.onetowo-3.pl/video.jpg Requested by Host: www.onetowo-3.pl URL: http://www.onetowo-3.pl/ Protocol HTTP/1.1 Server 193.150.70.75 Birsk, Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software Apache / Resource Hash 702f3d2584e6227832dbbe8f7d8d50aff3ce085f602cb9455cc34bb7448a977f Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.onetowo-3.pl Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.onetowo-3.pl/ Connection keep-alive Cache-Control no-cache Referer http://www.onetowo-3.pl/ User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers Date Sat, 05 Jun 2021 11:46:10 GMT Last-Modified Thu, 03 Jun 2021 16:25:18 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 119377
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 15 KB	5ms 5ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto&subset=latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin http://www.onetowo-3.pl Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers date Tue, 01 Jun 2021 08:33:34 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:35 GMT server sffe age 357156 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 expires Wed, 01 Jun 2022 08:33:34 GMT
GET H3-29	200	KFOmCnqEu92Fr1Mu7GxKOzY.woff2 fonts.gstatic.com/s/roboto/v27/	12 KB 12 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto&subset=latin-ext Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin http://www.onetowo-3.pl Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers date Wed, 02 Jun 2021 00:35:59 GMT x-content-type-options nosniff age 299411 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11860 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:33 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 02 Jun 2022 00:35:59 GMT
GET H2	403	firmos Show response www.g2a.com/r/ Frame FBE8	273 B 1 KB	126ms 24ms	Document text/html	184.30.208.149 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.g2a.com/r/firmos Requested by Host: ldrcp.pl URL: http://ldrcp.pl/piwik.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.30.208.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-208-149.deploy.static.akamaitechnologies.com Software AkamaiGHost / Resource Hash eee7a78e18ca0706b7e04b2e70ede8479362095d274503922eb0d417d0235f10 Request headers :method GET :authority www.g2a.com :scheme https :path /r/firmos pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.onetowo-3.pl/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Referer http://www.onetowo-3.pl/ Response headers server AkamaiGHost mime-version 1.0 content-type text/html content-length 273 expires Sat, 05 Jun 2021 11:46:10 GMT date Sat, 05 Jun 2021 11:46:10 GMT set-cookie bm_sz=CD28158FAF1A5032641810B1B2B06540~YAAQJ4QUAip/mZN5AQAAd6n+2wy0m7q+Gm2vBpZAzbq2jaRfQ3buZ+juaaBnndZiEYQHjlWyBOAmvXWN+To4IIBdIPGJegFpFQtlbgyDH6Ug4logKjj6XCP/QEqnTl6yaoIoo3YJIu6bL3zdy5HCRF5osZKR7tvKvX07zxf/TZgdc4VeSIRRry/fHHxy; Domain=.g2a.com; Path=/; Expires=Sat, 05 Jun 2021 15:46:10 GMT; Max-Age=14400; HttpOnly _abck=AAF52FAC9D6526303EE5E9EF69DF94FA~-1~YAAQJ4QUAit/mZN5AQAAd6n+2waZUVUcZy1phJaWsS4ZHrlXJxloCbYw0exYnVT/hb87VKBlAgDSZbu+cm88a3x58vGbjKQY/SWp2YkEs7aidQeM50aXAgrMKhCklGLdQPKydv/RY01aq+RE75mKVSvTrrfCF09oPxQEi5rMRtnclsXY90x3GtlHYROOBQXPEruxz53Ui35N2VIhVvtyMU4FD6rfPvgKsry3zuGGkibTNq2qTpY9Ook30xn6phIo0nK8CUkWhEVFCzUMk0B8nPsAJVafK27j5HHyeFL3EOXgvGFnwAvGbJKIFK5WHHcCVbh8S38Mq7Sgsh2QOmDkEuDiEaKx0ffjVCO8MDnucOXh5Kur+9Kl6aA=~-1~-1~-1; Domain=.g2a.com; Path=/; Expires=Sun, 05 Jun 2022 11:46:10 GMT; Max-Age=31536000; Secure
GET H2	200	karczu auth.bitbay.net/ref/ Frame E0F1	0 0	232ms 192ms	Document text/html	104.18.5.135 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://auth.bitbay.net/ref/karczu Requested by Host: ldrcp.pl URL: http://ldrcp.pl/piwik.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.5.135 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net *.google.com google.com gstatic.com *.gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src *.bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:*; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com *.google.com; object-src 'self' https://thmep.bitbay.net *.online-metrix.net *.bitbay.net; worker-src 'self' blob: Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority auth.bitbay.net :scheme https :path /ref/karczu pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.onetowo-3.pl/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Referer http://www.onetowo-3.pl/ Response headers date Sat, 05 Jun 2021 11:46:10 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding Accept-Encoding last-modified Tue, 11 May 2021 09:37:21 GMT x-xss-protection 1; mode=block x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-security-policy frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net *.google.com google.com gstatic.com *.gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src *.bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:*; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com *.google.com; object-src 'self' https://thmep.bitbay.net *.online-metrix.net *.bitbay.net; worker-src 'self' blob: cf-cache-status DYNAMIC cf-request-id 0a7d97c133000023c785867000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 65a928aeb88423c7-ZRH content-encoding br
GET H/1.1	200 OK	piwik.php ldrcp.pl/	43 B 736 B	52ms 52ms	Image image/gif	2606:4700:3032::ac43:865e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://ldrcp.pl/piwik.php?action_name=Ksi%C4%85dz%20zgwa%C5%82ci%C5%82%2014-letni%C4%85%20dziewczynk%C4%99%3F%20Skandal%20w%20parafii%20w%20.%20Mieszka%C5%84cy%20s%C4%85%20wzburzeni.%20Reakcja%20Kurii%20by%C5%82a...&idsite=1&rec=1&r=166202&h=13&m=46&s=10&url=http%3A%2F%2Fwww.onetowo-3.pl%2F&_id=d67ab70afdade817&_idts=1622893570&_idvc=1&_idn=0&_refts=0&_viewts=1622893570&send_image=1&cookie=1&res=1600x1200&dimension1=ADBLOCK&_cvar=%7B%221%22%3A%5B%22lang%22%2C%22en-US%22%5D%7D&gt_ms=36&pv_id=w9g8ol Requested by Host: www.onetowo-3.pl URL: http://www.onetowo-3.pl/ Protocol HTTP/1.1 Server 2606:4700:3032::ac43:865e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer http://www.onetowo-3.pl/ User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers Date Sat, 05 Jun 2021 11:46:10 GMT CF-Cache-Status DYNAMIC NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aIrYqnXpb44JUNjyQ2%2BkKMiH1S%2FHbifz%2BMGf4ZWMoXQZsTZon8dI%2FpUKxcA5wSOrMfaSImoR0IeBsQjJBhpGE%2BGM8aStG61ed8dr%2Fh%2FpvF7uMV%2BL%2FaafBxiVz554d6ygfIo%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/gif Cache-Control no-store Connection keep-alive CF-RAY 65a928ae7a7a4e6d-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 Content-Length 43 cf-request-id 0a7d97c10c00004e6d1e887000000001
GET H/1.1	200 OK	/ Show response whos.amung.us/pingjs/	29 B 213 B	250ms 238ms	Script text/javascript	67.202.114.212 STEADFAST
General Check archive.org Show headers Download Go to Full URL http://whos.amung.us/pingjs/?k=wglfy2ztjh&t=Ksi%C4%85dz%20zgwa%C5%82ci%C5%82%2014-letni%C4%85%20dziewczynk%C4%99%3F%20Skandal%20w%20parafii%20w%20.%20Mieszka%C5%84cy%20s%C4%85%20wzbur&c=d&x=http%3A%2F%2Fwww.onetowo-3.pl%2F&y=&a=0&v=27&r=4319 Requested by Host: waust.at URL: http://waust.at/d.js Protocol HTTP/1.1 Server 67.202.114.212 Crown Point, United States, ASN32748 (STEADFAST, US), Reverse DNS amung.us Software / Resource Hash 0a601cac2b9235a688d567a67ee51c58a98f52a08d43065736230cfeab432eec Request headers Referer http://www.onetowo-3.pl/ User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers date Sat, 05 Jun 2021 11:46:10 GMT content-encoding gzip transfer-encoding chunked content-type text/javascript;charset=UTF-8
GET		amp-loader-0.1.js cdn.ampproject.org/rtv/012011252111001/v0/	0 0
GET H/1.1	200 OK	onet.svg www.onetowo-3.pl/img/	1 KB 2 KB	25ms 25ms	Image image/svg+xml	193.150.70.75 NFORCE
General Check archive.org Show headers Download Go to Show image Full URL http://www.onetowo-3.pl/img/onet.svg Requested by Host: www.onetowo-3.pl URL: http://www.onetowo-3.pl/ Protocol HTTP/1.1 Server 193.150.70.75 Birsk, Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software Apache / Resource Hash ce85dca8331b5a4266d5ad2bd58c702718be630d7b26e4db4ac2990161fe0aa4 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.onetowo-3.pl Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.onetowo-3.pl/ Cookie P_CIASTKO=1; _pk_id.1.52bf=d67ab70afdade817.1622893570.1.1622893570.1622893570.; _pk_ses.1.52bf=1 Connection keep-alive Cache-Control no-cache Referer http://www.onetowo-3.pl/ User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers Date Sat, 05 Jun 2021 11:46:10 GMT Last-Modified Thu, 03 Jun 2021 16:25:28 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1516
GET H/1.1	200 OK	wiadomosci.svg www.onetowo-3.pl/img/	2 KB 2 KB	23ms 23ms	Image image/svg+xml	193.150.70.75 NFORCE
General Check archive.org Show headers Download Go to Show image Full URL http://www.onetowo-3.pl/img/wiadomosci.svg Requested by Host: www.onetowo-3.pl URL: http://www.onetowo-3.pl/ Protocol HTTP/1.1 Server 193.150.70.75 Birsk, Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software Apache / Resource Hash 2f80f6a2f7e19cb291975cbe6413740c2b982579048174432fa2334887e998a9 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.onetowo-3.pl Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.onetowo-3.pl/ Cookie P_CIASTKO=1; _pk_id.1.52bf=d67ab70afdade817.1622893570.1.1622893570.1622893570.; _pk_ses.1.52bf=1 Connection keep-alive Cache-Control no-cache Referer http://www.onetowo-3.pl/ User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers Date Sat, 05 Jun 2021 11:46:10 GMT Last-Modified Thu, 03 Jun 2021 16:25:30 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1969
GET H/1.1	200 OK	debug.jpg www.onetowo-3.pl/	3 MB 3 MB	47ms 36ms	Image image/jpeg	193.150.70.75 NFORCE
General Check archive.org Show headers Download Go to Show image Full URL http://www.onetowo-3.pl/debug.jpg Requested by Host: www.onetowo-3.pl URL: http://www.onetowo-3.pl/ Protocol HTTP/1.1 Server 193.150.70.75 Birsk, Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software Apache / Resource Hash 04cf1d9b7a28267c1ef59bbec8f8d85d922ec38530baecaa4810fcd8c0b590b0 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.onetowo-3.pl Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.onetowo-3.pl/ Cookie P_CIASTKO=1; _pk_id.1.52bf=d67ab70afdade817.1622893570.1.1622893570.1622893570.; _pk_ses.1.52bf=1 Connection keep-alive Cache-Control no-cache Referer http://www.onetowo-3.pl/ User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers Date Sat, 05 Jun 2021 11:46:10 GMT Last-Modified Thu, 03 Jun 2021 16:25:25 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3225654
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d Request headers Referer http://www.onetowo-3.pl/ User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers Content-Type image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cdn.ampproject.org

URL

https://cdn.ampproject.org/rtv/012011252111001/v0/amp-loader-0.1.js

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| LEADNETWORK_ADBLOCK_POKAZ_SMS function| LEADNETWORK_ADBLOCK_setCookie function| LEADNETWORK_ADBLOCK_getCookie function| LEADNETWORK_ADBLOCK_SPRAWDZ_SMS string| u object| _paq string| userLang function| FuckAdBlock object| fuckAdBlock object| dayNames object| monthNames object| now function| playb function| playb1 object| _wau object| global object| AMP_CONFIG object| AMP object| __AMP_LOG object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES object| __AMP_EXPERIMENT_BRANCHES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS string| wau_w_col string| wau_w_siz object| WAU_ren function| WAU_dynamic function| WAU_dynamic_request function| WAU_r_d function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady function| setCookie_PIWIk function| getCookie_PIWIK object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| x string| x1 string| x2

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.onetowo-3.pl/	1970-01-19 18:48:15	Name: _pk_ses.1.52bf Value: 1
			www.onetowo-3.pl/	1970-01-20 04:14:08	Name: _pk_id.1.52bf Value: d67ab70afdade817.1622893570.1.1622893570.1622893570.
			www.onetowo-3.pl/	1970-01-19 18:58:18	Name: P_CIASTKO Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: http://www.onetowo-3.pl/v0.js(Line 525) Message: Powered by AMP ⚡ HTML – Version 2011252111001 http://www.onetowo-3.pl/
console-api	error	URL: http://www.onetowo-3.pl/v0.js(Line 105) Message: localStorage not supported.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.bitbay.net
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
ldrcp.pl
lnaff.pl
waust.at
whos.amung.us
www.g2a.com
www.onetowo-3.pl
cdn.ampproject.org
104.18.5.135
184.30.208.149
193.150.70.75
2606:4700:20::681a:507
2606:4700:3032::ac43:865e
2606:4700:3035::ac43:d93d
2a00:1450:4001:802::200a
2a00:1450:4001:809::2003
67.202.114.212
038ed1701c26a4562143718c8eccbb7a6ece4394298a1afe73b8273b5a79d7b1
04cf1d9b7a28267c1ef59bbec8f8d85d922ec38530baecaa4810fcd8c0b590b0
0a601cac2b9235a688d567a67ee51c58a98f52a08d43065736230cfeab432eec
2f80f6a2f7e19cb291975cbe6413740c2b982579048174432fa2334887e998a9
3083e3fe620ef93651018052cb40b45ec7c5b5297610ec332fd4f7066138e69f
4c118f8823eabd59094aa17f7166e9f8f6ae849b8589b378251dc3083740f027
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
702f3d2584e6227832dbbe8f7d8d50aff3ce085f602cb9455cc34bb7448a977f
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
bf35807fab0321da57398c08250bf764fee6144ed87f5875bcb617899142f522
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce85dca8331b5a4266d5ad2bd58c702718be630d7b26e4db4ac2990161fe0aa4
dbfe0f6e01f9f1557b7ad3f79ac0cce407ee661c4b34a830458baf28a08d3492
eee7a78e18ca0706b7e04b2e70ede8479362095d274503922eb0d417d0235f10