virginmobile.pl Open in urlscan Pro
89.108.195.45 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/37cBgLW
Effective URL:
https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Submission Tags: falconsandbox
Submission: On April 06 via api (April 6th 2022, 7:10:00 pm UTC) from US — Scanned from DE

Summary HTTP 131 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 24 domains to perform 131 HTTP transactions. The main IP is 89.108.195.45, located in Poland and belongs to P4NET P4 UMTS operator in Poland, PL. The main domain is virginmobile.pl.
TLS certificate: Issued by Certum Organization Validation CA SHA2 on June 1st 2021. Valid for: a year.

This is the only time virginmobile.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
25	89.108.195.45 89.108.195.45	39603 (P4NET P4 ...) (P4NET P4 UMTS operator in Poland)
10	104.26.2.138 104.26.2.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	5.196.33.116 5.196.33.116	16276 (OVH) (OVH)
11	2606:4700:303... 2606:4700:3037::ac43:dde0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	136.243.169.8 136.243.169.8	24940 (HETZNER-AS) (HETZNER-AS)
6	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2 5	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1 4	138.201.230.88 138.201.230.88	24940 (HETZNER-AS) (HETZNER-AS)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	212.77.100.251 212.77.100.251	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
4	193.34.162.28 193.34.162.28	41796 (DAG-AS) (DAG-AS)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	151.80.63.17 151.80.63.17	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	162.55.240.244 162.55.240.244	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	104.26.3.138 104.26.3.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	62.138.6.193 62.138.6.193	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
1	85.25.203.29 85.25.203.29	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
131	29

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 89.108.195.45 (Poland)

ASN39603 (P4NET P4 UMTS operator in Poland, PL)

virginmobile.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.26.2.138 (United States)

ASN13335 (CLOUDFLARENET, US)

crazy-website-widget.crazycall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.196.33.116 (France)

ASN16276 (OVH, FR)
PTR: ip116.ip-5-196-33.eu

s-eu-1.pushpushgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3037::ac43:dde0 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.2way.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-prod.2way.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.169.8 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 1-beer.funcadr.net

adsearch.adkontekst.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

5755760.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8492364.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.230.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.230.201.138.clients.your-server.de

x.cnt.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.77.100.251 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: px.wp.pl

px.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.34.162.28 (Poland)

ASN41796 (DAG-AS, PL)
PTR: ev.dmsales.io

analytics.greensender.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.80.63.17 (Roubaix, France)

ASN16276 (OVH, FR)

conversionlabs.net.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.240.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 5-spd-dict.funcns.net

api.spoldzielnia.nsaudience.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.3.138 (United States)

ASN13335 (CLOUDFLARENET, US)

leadgeneration.crazycall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.138.6.193 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: astra4639.startdedicated.com

citydsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.25.203.29 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: static-ip-85-25-203-29.inaddr.ip-pool.com

retagro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	17 KB
25	virginmobile.pl virginmobile.pl	929 KB
11	2way.app cdn.2way.app api-prod.2way.app	693 KB
11	crazycall.com crazy-website-widget.crazycall.com leadgeneration.crazycall.com	589 KB
9	doubleclick.net 2 redirects 5755760.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 190 8492364.fls.doubleclick.net pubads.g.doubleclick.net — Cisco Umbrella Rank: 478 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	16 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 99	852 B
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	40 KB
4	greensender.pl analytics.greensender.pl — Cisco Umbrella Rank: 226224	10 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 136	288 KB
4	cnt.my 1 redirects x.cnt.my — Cisco Umbrella Rank: 90319	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	235 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 7	1 KB
3	pushpushgo.com s-eu-1.pushpushgo.com — Cisco Umbrella Rank: 30027	65 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5640 adservice.google.de — Cisco Umbrella Rank: 8069	1 KB
2	adkontekst.pl adsearch.adkontekst.pl — Cisco Umbrella Rank: 307284
1	retagro.com retagro.com — Cisco Umbrella Rank: 125159	294 B
1	citydsp.com citydsp.com — Cisco Umbrella Rank: 95333	797 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98	4 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 169	37 KB
1	nsaudience.pl api.spoldzielnia.nsaudience.pl — Cisco Umbrella Rank: 108851	74 KB
1	conversionlabs.net.pl conversionlabs.net.pl — Cisco Umbrella Rank: 401677	163 B
1	wp.pl px.wp.pl — Cisco Umbrella Rank: 317015	77 B
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 2814	304 B
0	trackly.pl Failed app.trackly.pl Failed
131	24

	Domain	Requested by
32	fonts.googleapis.com	crazy-website-widget.crazycall.com client cdn.2way.app
25	virginmobile.pl	virginmobile.pl
10	cdn.2way.app	virginmobile.pl cdn.2way.app
10	crazy-website-widget.crazycall.com	virginmobile.pl crazy-website-widget.crazycall.com
6	www.facebook.com	virginmobile.pl
6	www.google-analytics.com	www.googletagmanager.com virginmobile.pl www.google-analytics.com
4	analytics.greensender.pl	virginmobile.pl
4	connect.facebook.net	virginmobile.pl connect.facebook.net
4	x.cnt.my	1 redirects virginmobile.pl x.cnt.my
4	www.googletagmanager.com	virginmobile.pl www.googletagmanager.com citydsp.com
3	s-eu-1.pushpushgo.com	virginmobile.pl s-eu-1.pushpushgo.com
2	adservice.google.com	8492364.fls.doubleclick.net 5755760.fls.doubleclick.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	8492364.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	5755760.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	adsearch.adkontekst.pl	virginmobile.pl
1	retagro.com	citydsp.com
1	citydsp.com	x.cnt.my
1	adservice.google.de	adservice.google.com
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	pagead2.googlesyndication.com	ad.doubleclick.net
1	www.googletagservices.com	ad.doubleclick.net
1	leadgeneration.crazycall.com	crazy-website-widget.crazycall.com
1	www.google.de	virginmobile.pl
1	www.google.com	virginmobile.pl
1	api.spoldzielnia.nsaudience.pl	analytics.greensender.pl
1	api-prod.2way.app	cdn.2way.app
1	conversionlabs.net.pl	virginmobile.pl
1	pubads.g.doubleclick.net	virginmobile.pl
1	ad.doubleclick.net	virginmobile.pl
1	px.wp.pl	virginmobile.pl
1	bit.ly	1 redirects
0	app.trackly.pl Failed	virginmobile.pl
131	33

This site contains links to these domains. Also see Links.

Domain
doladowania.virginmobile.pl
www.virgin.com
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
pushpushgo.com

Subject Issuer	Validity	Valid
*.virginmobile.pl Certum Organization Validation CA SHA2	`2021-06-01` - `2022-06-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.pushpushgo.com DOMENY SSL DV Certification Authority	`2020-04-24` - `2022-04-24`	2 years	crt.sh
*.2way.app R3	`2022-04-03` - `2022-07-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.adsearch.adkontekst.pl nazwaSSL	`2021-11-17` - `2022-11-11`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.x.cnt.my R3	`2022-03-12` - `2022-06-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-14` - `2022-04-14`	3 months	crt.sh
*.wp.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-10` - `2023-03-15`	a year	crt.sh
analytics.greensender.pl R3	`2022-02-24` - `2022-05-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
conversionlabs.net.pl R3	`2022-02-16` - `2022-05-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
spoldzielnia.nsaudience.pl R3	`2022-02-28` - `2022-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
citydsp.com R3	`2022-03-29` - `2022-06-27`	3 months	crt.sh
adprety.com R3	`2022-03-29` - `2022-06-27`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Frame ID: E35008E5AC6B5E503E98345966A5D0A0
Requests: 86 HTTP requests in this frame

Frame: https://5755760.fls.doubleclick.net/activityi;dc_pre=CJDQ-dqRgPcCFYvs1QodffkPcQ;src=5755760;type=pgv;cat=virgi0;ord=9443128450876;gtm=2wg3u0;auiddc=942362603.1649272195;u14=;u15=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim
Frame ID: 3FDCF6278B1E964F30C819EC9F7802E2
Requests: 1 HTTP requests in this frame

Frame: https://8492364.fls.doubleclick.net/activityi;dc_pre=COvQ_9qRgPcCFUEcBgAdC0YLkg;src=8492364;type=vmcount;cat=virgi0;ord=3518049324970;gtm=2wg3u0;auiddc=942362603.1649272195;u51=%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim
Frame ID: FC6CCE2B72B3436850CC7C11BA5E8972
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJDQ-dqRgPcCFYvs1QodffkPcQ;src=5755760;type=pgv;cat=virgi0;ord=9443128450876;gtm=2wg3u0;auiddc=942362603.1649272195;u14=;u15=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim
Frame ID: 1CA71939961B66FD5654DD645AAF81EF
Requests: 1 HTTP requests in this frame

Frame: https://crazy-website-widget.crazycall.com/prod2/widget-bubble.html
Frame ID: 8C5C8821F86356A81A33829587B51EDB
Requests: 11 HTTP requests in this frame

Frame: https://crazy-website-widget.crazycall.com/prod2/widget-popup.html
Frame ID: AEC9F5B79F9836FE264955DA5683FAF2
Requests: 11 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJDQ-dqRgPcCFYvs1QodffkPcQ;src=5755760;type=pgv;cat=virgi0;ord=9443128450876;gtm=2wg3u0;auiddc=942362603.1649272195;u14=;u15=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim
Frame ID: 950CA144DF24D3D0B0C020506FEF2FA3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.2way.app/prod2/widget-bubble.html
Frame ID: 6A7F0492208399C20073B1DA4CD6CB85
Requests: 11 HTTP requests in this frame

Frame: https://cdn.2way.app/prod2/widget-popup.html
Frame ID: 1B83E337CBED24675F3604563AA68AB7
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zawiadomienie o ataku hackerskimbell-native

Page URL History Show full URLs

https://bit.ly/37cBgLW HTTP 301
https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

131
Requests

98 %
HTTPS

45 %
IPv6

24
Domains

33
Subdomains

29
IPs

5
Countries

3005 kB
Transfer

10032 kB
Size

24
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://doladowania.virginmobile.pl/
Title: Doładuj się

Search URL Search Domain Scan URL

URL: https://www.virgin.com/
Title: Virgin.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/VirginMobilePolska

Search URL Search Domain Scan URL

URL: https://twitter.com/virginmobilepl

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/VirginMobilePL

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/virgin-mobile-polska/

Search URL Search Domain Scan URL

URL: https://pushpushgo.com/en/?utm_medium=form&utm_source=virginmobile.pl&utm_campaign=referral
Title: Powered by PushPushGo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/37cBgLW HTTP 301
https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://5755760.fls.doubleclick.net/activityi;src=5755760;type=pgv;cat=virgi0;ord=9443128450876;gtm=2wg3u0;auiddc=942362603.1649272195;u14=;u15=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim HTTP 302
https://5755760.fls.doubleclick.net/activityi;dc_pre=CJDQ-dqRgPcCFYvs1QodffkPcQ;src=5755760;type=pgv;cat=virgi0;ord=9443128450876;gtm=2wg3u0;auiddc=942362603.1649272195;u14=;u15=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim

Request Chain 42

https://8492364.fls.doubleclick.net/activityi;src=8492364;type=vmcount;cat=virgi0;ord=3518049324970;gtm=2wg3u0;auiddc=942362603.1649272195;u51=%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim HTTP 302
https://8492364.fls.doubleclick.net/activityi;dc_pre=COvQ_9qRgPcCFUEcBgAdC0YLkg;src=8492364;type=vmcount;cat=virgi0;ord=3518049324970;gtm=2wg3u0;auiddc=942362603.1649272195;u51=%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim

Request Chain 55

https://x.cnt.my/px/?r=0.2627640818730117&dom=virginmobile.pl&tz=0&sw=1600&sh=1200&ow=1600&oh=1200&iw=1600&ih=1200&scd=24&url=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim HTTP 301
https://x.cnt.my/px/?r=0.2627640818730117&dom=virginmobile.pl&tz=0&sw=1600&sh=1200&ow=1600&oh=1200&iw=1600&ih=1200&scd=24&url=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim&rand=0.40718078715215444&xtmp=1

131 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request zawiadomienie-o-ataku-hackerskim Show response
virginmobile.pl/
Redirect Chain

https://bit.ly/37cBgLW
https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

28 KB
9 KB

7433ms
7289ms

Document
text/html

89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to

Full URL

https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),

Reverse DNS

Software

Resource Hash

e72a01bda0bbc4ce10168537b02dbee4bab69708a08f550299a1d2c43e530b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Language: pl
Content-Type: text/html; charset=utf-8
Date: Wed, 06 Apr 2022 19:09:43 GMT
Referrer-Policy: same-origin : origin
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding Accept-Language
X-Cache-Status: MISS
X-Content-Type-Options: nosniff
X-Frame-Options: DENY

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 143
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Wed, 06 Apr 2022 19:09:42 GMT
location: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
referrer-policy: unsafe-url
server: nginx
via: 1.1 google

GET
H/1.1 200
OK output.7759900ffc88.css
virginmobile.pl/static/CACHE/css/ 787 KB
103 KB 220ms
219ms Stylesheet
text/css 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to

Full URL: https://virginmobile.pl/static/CACHE/css/output.7759900ffc88.css
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: 7759900ffc88aea80933d8a4adc066228ac7506f4be0fd188d5fa44a05e6388c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:50 GMT
Content-Encoding: gzip
Referrer-Policy: : origin
Last-Modified: Fri, 01 Apr 2022 06:26:14 GMT
ETag: W/"62469b06-c4beb"
X-Cache-Status: HIT
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 06 May 2022 18:56:54 GMT

GET
H/1.1 200
OK output.8c32b5454ed1.js Show response
virginmobile.pl/static/CACHE/js/ 1 MB
286 KB 307ms
227ms Script
application/javascript 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to

Full URL: https://virginmobile.pl/static/CACHE/js/output.8c32b5454ed1.js
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: 8c32b5454ed1fad1e20493cba67da6e901c854fe80dec69a4f60e44677398bdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:51 GMT
Content-Encoding: gzip
Referrer-Policy: : origin
Last-Modified: Thu, 24 Mar 2022 22:44:23 GMT
ETag: W/"623cf447-11bd38"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 06 May 2022 18:56:54 GMT

GET
H/1.1 200
OK logo_n.svg
virginmobile.pl/static/img/ 135 KB
135 KB 159ms
159ms Image
image/svg+xml 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://virginmobile.pl/static/img/logo_n.svg
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: cd47bbf68ebcca31e6b4d8fcbc02476bc905bb94a736dca4e56fb19bf4d7b7f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:54 GMT
Referrer-Policy: : origin
Last-Modified: Wed, 08 Sep 2021 16:36:03 GMT
ETag: "6138e673-21a13"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137747
Expires: Fri, 06 May 2022 19:00:31 GMT

GET
H/1.1 200
OK cart.svg
virginmobile.pl/static/img/icons/red/ 2 KB
3 KB 64ms
64ms Image
image/svg+xml 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://virginmobile.pl/static/img/icons/red/cart.svg
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: 26684b355d469464e60cb22ef4cf40841a62cd8acc6400203d35d89ca696ab0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:55 GMT
Referrer-Policy: : origin
Last-Modified: Wed, 08 Sep 2021 16:36:03 GMT
ETag: "6138e673-964"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2404
Expires: Fri, 06 May 2022 19:04:40 GMT

GET
H/1.1 200
OK cart.svg
virginmobile.pl/static/img/icons/dark/ 2 KB
3 KB 1083ms
1083ms Image
image/svg+xml 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://virginmobile.pl/static/img/icons/dark/cart.svg
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: 26684b355d469464e60cb22ef4cf40841a62cd8acc6400203d35d89ca696ab0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:55 GMT
Referrer-Policy: : origin
Last-Modified: Wed, 08 Sep 2021 16:36:03 GMT
ETag: "6138e673-964"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2404
Expires: Fri, 06 May 2022 19:01:15 GMT

GET
H/1.1 200
OK login.svg
virginmobile.pl/static/img/icons/dark/ 2 KB
3 KB 374ms
56ms Image
image/svg+xml 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://virginmobile.pl/static/img/icons/dark/login.svg
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: 0236648a6db43f9bb9f25fb2f881e5a52720082a11ef551c90468853a76a2cc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:55 GMT
Referrer-Policy: : origin
Last-Modified: Wed, 08 Sep 2021 16:36:03 GMT
ETag: "6138e673-70f"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1807
Expires: Fri, 06 May 2022 19:01:15 GMT

GET
H/1.1 200
OK map.svg
virginmobile.pl/static/img/icons/light/ 2 KB
3 KB 402ms
62ms Image
image/svg+xml 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://virginmobile.pl/static/img/icons/light/map.svg
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: b0a0886f52ae89fe7fe414c4ef530df99e9ec4d67854d3fd20ec32f99681627f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:55 GMT
Referrer-Policy: : origin
Last-Modified: Wed, 08 Sep 2021 16:36:03 GMT
ETag: "6138e673-9f7"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2551
Expires: Fri, 06 May 2022 19:03:14 GMT

GET
H/1.1 200
OK map.svg
virginmobile.pl/static/img/icons/dark/ 3 KB
3 KB 430ms
55ms Image
image/svg+xml 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://virginmobile.pl/static/img/icons/dark/map.svg
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: 8489237065ebc2e9508622c211bbb263cddb1d97d9a7023f9d2a577f162446c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:55 GMT
Referrer-Policy: : origin
Last-Modified: Wed, 08 Sep 2021 16:36:03 GMT
ETag: "6138e673-a01"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2561
Expires: Fri, 06 May 2022 19:04:40 GMT

GET
H/1.1 200
OK ico_avatar_wh.svg
virginmobile.pl/static/img/ 2 KB
2 KB 469ms
66ms Image
image/svg+xml 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://virginmobile.pl/static/img/ico_avatar_wh.svg
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: f5deb95b50bdb6dcf206a0c5fed32b51e3b45968062256ea2d003d873821f747

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:55 GMT
Referrer-Policy: : origin
Last-Modified: Wed, 08 Sep 2021 16:36:03 GMT
ETag: "6138e673-70c"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1804
Expires: Fri, 06 May 2022 19:04:40 GMT

GET
H/1.1 200
OK ico_avatar_bk.svg
virginmobile.pl/static/img/ 2 KB
3 KB 85ms
57ms Image
image/svg+xml 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://virginmobile.pl/static/img/ico_avatar_bk.svg
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: df6d1ae44e01da863de79a8d42a4f55e50ae9e7f5aa2c23108b7c53bf1e2ff6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:56 GMT
Referrer-Policy: : origin
Last-Modified: Wed, 08 Sep 2021 16:36:03 GMT
ETag: "6138e673-712"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1810
Expires: Fri, 06 May 2022 19:00:42 GMT

GET
H/1.1 200
OK ico_social_facebook.svg
virginmobile.pl/static/img/footer/ 634 B
1 KB 103ms
62ms Image
image/svg+xml 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://virginmobile.pl/static/img/footer/ico_social_facebook.svg
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: fc7fce8949fb54e0ccfef87481342398f5073fdcea792feb424ec5cd96bbdccf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:56 GMT
Referrer-Policy: : origin
Last-Modified: Wed, 08 Sep 2021 16:36:03 GMT
ETag: "6138e673-27a"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 634
Expires: Fri, 06 May 2022 19:04:40 GMT

GET
H/1.1 200
OK ico_social_twitter.svg
virginmobile.pl/static/img/footer/ 1 KB
2 KB 76ms
57ms Image
image/svg+xml 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://virginmobile.pl/static/img/footer/ico_social_twitter.svg
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: 331e1313f22ed32b03b633acec8adeb3721ac1b29f06e134ee95d8a8d665c237

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:56 GMT
Referrer-Policy: : origin
Last-Modified: Wed, 08 Sep 2021 16:36:03 GMT
ETag: "6138e673-519"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1305
Expires: Fri, 06 May 2022 19:04:40 GMT

GET
H/1.1 200
OK ico_social_youtube.svg
virginmobile.pl/static/img/footer/ 1 KB
2 KB 118ms
56ms Image
image/svg+xml 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://virginmobile.pl/static/img/footer/ico_social_youtube.svg
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: 5a28bd1399b4f7276ac8a771eb1ec2c056cfb224cd896cf26b5eba3c72d74d2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:56 GMT
Referrer-Policy: : origin
Last-Modified: Wed, 08 Sep 2021 16:36:03 GMT
ETag: "6138e673-4ea"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1258
Expires: Fri, 06 May 2022 19:04:40 GMT

GET
H/1.1 200
OK ico_social_linkedin.svg
virginmobile.pl/static/img/footer/ 1 KB
2 KB 160ms
63ms Image
image/svg+xml 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://virginmobile.pl/static/img/footer/ico_social_linkedin.svg
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: 487e6d38c0dd9427f92eaa23ec2a9fc9a4a2b011f52697277dd32e3ddfc6d81e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:56 GMT
Referrer-Policy: : origin
Last-Modified: Wed, 08 Sep 2021 16:36:03 GMT
ETag: "6138e673-44c"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1100
Expires: Fri, 06 May 2022 19:04:40 GMT

GET
H/1.1 200
OK cookies.png
virginmobile.pl/static/img/ 6 KB
7 KB 99ms
57ms Image
image/png 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://virginmobile.pl/static/img/cookies.png
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: a811bb3d6f0a91055176e099c30d2cede564d479bac10f5b754623b1fcd824a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:56 GMT
Content-Encoding: gzip
Referrer-Policy: : origin
Last-Modified: Fri, 07 May 2021 13:10:29 GMT
ETag: W/"60953c45-196f"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 06 May 2022 19:00:37 GMT

GET
H/1.1 200
OK widget.js Show response
crazy-website-widget.crazycall.com/prod2/ 641 B
1 KB 104ms
46ms Script
application/javascript 104.26.2.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://crazy-website-widget.crazycall.com/prod2/widget.js

Requested by

Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98903b3debe5c36519053d828b36c80ef79d29861bca6569e52119dc32b0b5ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:55 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5756
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1x7M6whwOOMYvTspaaf7Li7pg1NAC4dUh1jNwyEwVlYqWrYaGX4ay34qBJajtlANPhhHrd0%2BupBEQ0cGcg%2F41lS6TyaJz2coyKuTYkl%2BfpzYjY0m%2BPqt1OlFYLo4RZqKjxw42TfS%2F3ePUyhhR%2BHU3K3fg0%3D"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
x-amz-request-id: QSPKXFPMYD5AJBM3
x-amz-id-2: UC55nWToiNr1q+MfTbw+lwsBhmJRkr5n+7jTSBAbxkfMOPKyBXQx8m8FfEH7HImBAldhGszWYKM=
Last-Modified: Tue, 12 Jan 2021 08:24:06 GMT
Server: cloudflare
ETag: W/"911b8ad30273f5d2c9ac3d09b6592057"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=1800
CF-RAY: 6f7cd216cfe63a05-CDG

GET
H2 200 5cee5f0c326128000b49446c.js Show response
s-eu-1.pushpushgo.com/js/ 178 KB
52 KB 57ms
16ms Script
application/javascript 5.196.33.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s-eu-1.pushpushgo.com/js/5cee5f0c326128000b49446c.js
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.33.116 , France, ASN16276 (OVH, FR),
Reverse DNS: ip116.ip-5-196-33.eu
Software: nginx /
Resource Hash: c88661a5c3af9a889c931add5762187186ef3042243fea8ca9c7e3d290ee7c8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:55 GMT
content-encoding: gzip
last-modified: Mon, 28 Mar 2022 14:13:33 GMT
server: nginx
etag: W/"6241c28d-2c7e5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=120
expires: Wed, 06 Apr 2022 19:11:55 GMT

GET
H/1.1 200
OK mobile_app.png
virginmobile.pl/static/img/ 8 KB
8 KB 99ms
78ms Image
image/png 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://virginmobile.pl/static/img/mobile_app.png
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: c341004cdf16633f4eec632ed314b2637a30b407b77fa5b72a1fc4197ce716b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:56 GMT
Content-Encoding: gzip
Referrer-Policy: : origin
Last-Modified: Wed, 08 Sep 2021 16:36:03 GMT
ETag: W/"6138e673-1e75"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 06 May 2022 19:01:15 GMT

GET
H2 200 widget.js Show response
cdn.2way.app/prod2/ 489 B
1 KB 182ms
87ms Script
application/javascript 2606:4700:3037::ac43:dde0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.2way.app/prod2/widget.js
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:dde0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2aa70b13ba994c833112ee413e15ba5d9937c7ebedcc7e11f4c79ce5831d340

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7032
cf-polished: origSize=591
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: F09AJTSVBVWTDR6Z
x-amz-id-2: ohYmklXg5zHtzy4gJ0hKsWz0absRx1NQTG3rFfnD2b3Mogz+U03spDhQP+NUzTgtsjoINhGtlCE=
last-modified: Fri, 18 Mar 2022 11:30:05 GMT
server: cloudflare
etag: W/"f9f734f0f0c1fe145232db021b2c7418"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBEOySXE63ZqsEfRh4aMLm4i0%2FNAaN%2Ft5GRvpM5NGAGCknFqS%2Fz5jzdkAtcBxzuELqbU6oMNXkXjL8ZUhP6oRYnhwns8QzZ73aupwLheaeAqT1Nfcs6XxcQQ4dNXKHHyxfZKK4UrDSzr%2FN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6f7cd2112f0e5fdd-MRS
cf-bgj: minify

GET
H/1.1 200
OK montserrat-ultralight-webfont.woff2
virginmobile.pl/static/fonts/ 13 KB
14 KB 290ms
288ms Font
application/octet-stream 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to

Full URL: https://virginmobile.pl/static/fonts/montserrat-ultralight-webfont.woff2?df4d9b7027c5
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/static/CACHE/css/output.7759900ffc88.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: 0f4b18ba4ee52c85f48ac7c47bfea5c6e29f96d9426fb9cebd3f158deb2839bf

Request headers

Referer: https://virginmobile.pl/static/CACHE/css/output.7759900ffc88.css
Origin: https://virginmobile.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:55 GMT
Referrer-Policy: : origin
Last-Modified: Fri, 07 May 2021 13:10:28 GMT
ETag: "60953c44-358c"
X-Cache-Status: HIT
Content-Type: application/octet-stream
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13708
Expires: Fri, 06 May 2022 19:00:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
67 KB 62ms
38ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLPX6F

Requested by

Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba250d44d79be62c2d77819c673d368b6f78b5b91c477906e1b326215b6b6e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67981
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Apr 2022 19:09:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 225 KB
66 KB 56ms
31ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3486L

Requested by

Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

adae97b15722a6fca586e2683ba9ef8de41da85918e3924c687679854982ab70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67434
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Apr 2022 19:09:55 GMT

GET
H/1.1 502
Bad Gateway /
adsearch.adkontekst.pl/deimos/tracking/ 0
0 86ms
19ms Image
text/html 136.243.169.8
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adsearch.adkontekst.pl/deimos/tracking/?tid=34359742437&reid=AKCS4069&expire=5&nc=15296706955651117203358
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.169.8 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1-beer.funcadr.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H/1.1 200
OK Poppins-Regular.ttf
virginmobile.pl/static/fonts/ 154 KB
155 KB 188ms
181ms Font
application/octet-stream 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to

Full URL: https://virginmobile.pl/static/fonts/Poppins-Regular.ttf?07cf704dabfc
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/static/CACHE/css/output.7759900ffc88.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: 78f127277756ae464f4eb665ce214cb6315746f6f4193e95b31f18f4b3e97527

Request headers

Referer: https://virginmobile.pl/static/CACHE/css/output.7759900ffc88.css
Origin: https://virginmobile.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:55 GMT
Referrer-Policy: : origin
Last-Modified: Wed, 08 Sep 2021 16:36:02 GMT
ETag: "6138e672-269f0"
X-Cache-Status: HIT
Content-Type: application/octet-stream
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 158192
Expires: Fri, 06 May 2022 19:00:31 GMT

GET
H/1.1 200
OK montserrat-semibold-webfont.woff2
virginmobile.pl/static/fonts/ 13 KB
14 KB 238ms
181ms Font
application/octet-stream 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to

Full URL: https://virginmobile.pl/static/fonts/montserrat-semibold-webfont.woff2?df4d9b7027c5
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/static/CACHE/css/output.7759900ffc88.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: 81d804f3243fb5d5a4c4bd1f9a6bbc788942e331f71ffda877a1e36a922ddcc7

Request headers

Referer: https://virginmobile.pl/static/CACHE/css/output.7759900ffc88.css
Origin: https://virginmobile.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:55 GMT
Referrer-Policy: : origin
Last-Modified: Fri, 07 May 2021 13:10:28 GMT
ETag: "60953c44-34fc"
X-Cache-Status: HIT
Content-Type: application/octet-stream
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13564
Expires: Fri, 06 May 2022 19:00:38 GMT

GET
H2 200 vendors.js Show response
cdn.2way.app/prod2/ 765 KB
197 KB 58ms
57ms Script
application/javascript 2606:4700:3037::ac43:dde0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.2way.app/prod2/vendors.js
Requested by: Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:dde0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b66d853b4b7ee2de8e3f0ae941dbd52db25cca0302f7de611157e123b082e8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1403
cf-polished: origSize=784189
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C34P2C0GWFPZDE2R
x-amz-id-2: Msb1Nx7nyRbrMj8ktyg+1o/TOcLizlcHLbc7HkzpOwoPtVb2JACCIVVTAIIG6RVI0C+hOLBIxj8=
last-modified: Fri, 18 Mar 2022 11:30:04 GMT
server: cloudflare
etag: W/"02c15ab758e6069b777bcfb973a71762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fci%2Fa43528iFctyEiUedHFT5Cs2enMB6CgGe2EKtYTd40a8iVM80%2FfW1eDdjin47EltA34CafTTFMqClYso5CDTQEXWZvFVn8jWKeDWjxRNXc%2FhIMvbaXesGRRU5wYOFs%2FEkR%2F%2Bblu7ZUbo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6f7cd21689dc5fdd-MRS
cf-bgj: minify

GET
H2 200 tracking.js Show response
cdn.2way.app/prod2/ 88 KB
24 KB 56ms
55ms Script
application/javascript 2606:4700:3037::ac43:dde0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.2way.app/prod2/tracking.js
Requested by: Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:dde0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62ce233a532d3b9dad8c54abb1fba0ddf248510495e021c852d6cd0541766d12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7033
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7VTF857W7CFC1WK0
x-amz-id-2: qJmF0x2eYpdCMS1SGUUJgIzzHDvlQk1nE20xDPnWhAxWlEUC9ZdlhXuzA+D8264VaGzMSbYzbHg=
last-modified: Fri, 18 Mar 2022 11:30:04 GMT
server: cloudflare
etag: W/"1ce15d5076d1b0eca8e92189a6ade91c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siwPTkZlQlj0PLstpAazc5KlFaypKuXveFtKFk6nMYRLqRvC%2FQ3bHJSJjCxPQAv0lwk73l7VAZXYxQc%2F0f8hJAyE3XwDKhCc2Faw3o2aK5IeGuY%2B2BFcMJ%2BxbdwYQg4lM6K9Joz7sQKME2g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6f7cd21689f45fdd-MRS
cf-bgj: minify

GET
H/1.1 200
OK cmok.svg
virginmobile.pl/static/img/icons/red/ 2 KB
3 KB 108ms
63ms Image
image/svg+xml 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://virginmobile.pl/static/img/icons/red/cmok.svg
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: a998bdca817412d71fd4380ff5092b79ab287df96da5515621fdf01578cab185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:56 GMT
Referrer-Policy: : origin
Last-Modified: Wed, 08 Sep 2021 16:36:03 GMT
ETag: "6138e673-9ba"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2490
Expires: Fri, 06 May 2022 19:04:40 GMT

GET
H/1.1 200
OK montserrat-regular-webfont.woff2
virginmobile.pl/static/fonts/ 13 KB
14 KB 300ms
247ms Font
application/octet-stream 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to

Full URL: https://virginmobile.pl/static/fonts/montserrat-regular-webfont.woff2?df4d9b7027c5
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/static/CACHE/css/output.7759900ffc88.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: 7c36a8dac66b8a41d29987eb4039bcc097e76ec88a158dde9e592ba6a121e619

Request headers

Referer: https://virginmobile.pl/static/CACHE/css/output.7759900ffc88.css
Origin: https://virginmobile.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:55 GMT
Referrer-Policy: : origin
Last-Modified: Fri, 07 May 2021 13:10:28 GMT
ETag: "60953c44-3490"
X-Cache-Status: HIT
Content-Type: application/octet-stream
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13456
Expires: Fri, 06 May 2022 19:00:37 GMT

GET
H/1.1 200
OK Poppins-Bold.ttf
virginmobile.pl/static/fonts/ 150 KB
151 KB 345ms
152ms Font
application/octet-stream 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to

Full URL: https://virginmobile.pl/static/fonts/Poppins-Bold.ttf?07cf704dabfc
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/static/CACHE/css/output.7759900ffc88.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: c24de5695a67f26e8e1a2770f7a62f82d1aae59a68c498412bf7986beeb7d84b

Request headers

Referer: https://virginmobile.pl/static/CACHE/css/output.7759900ffc88.css
Origin: https://virginmobile.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:55 GMT
Referrer-Policy: : origin
Last-Modified: Wed, 08 Sep 2021 16:36:02 GMT
ETag: "6138e672-2592c"
X-Cache-Status: HIT
Content-Type: application/octet-stream
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 153900
Expires: Fri, 06 May 2022 19:00:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3486L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3909
date: Wed, 06 Apr 2022 18:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 06 Apr 2022 20:04:46 GMT

GET
H3

200

activityi;dc_pre=CJDQ-dqRgPcCFYvs1QodffkPcQ;src=5755760;type=pgv;cat=virgi0;ord=9443128450876;gtm=2wg3u0;auiddc=942362603.1649272195;u14=;u15=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-h... Show response
5755760.fls.doubleclick.net/ Frame 3FDC
Redirect Chain

https://5755760.fls.doubleclick.net/activityi;src=5755760;type=pgv;cat=virgi0;ord=9443128450876;gtm=2wg3u0;auiddc=942362603.1649272195;u14=;u15=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku...
https://5755760.fls.doubleclick.net/activityi;dc_pre=CJDQ-dqRgPcCFYvs1QodffkPcQ;src=5755760;type=pgv;cat=virgi0;ord=9443128450876;gtm=2wg3u0;auiddc=942362603.1649272195;u14=;u15=https%3A%2F%2Fvirgi...

582 B
438 B

53ms
23ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5755760.fls.doubleclick.net/activityi;dc_pre=CJDQ-dqRgPcCFYvs1QodffkPcQ;src=5755760;type=pgv;cat=virgi0;ord=9443128450876;gtm=2wg3u0;auiddc=942362603.1649272195;u14=;u15=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3486L

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

2bcddd4c6ac42b5657464d6999c9948857f2ef0cd86a5253d3c86b96e02578dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 413
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Apr 2022 19:09:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Apr 2022 19:09:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5755760.fls.doubleclick.net/activityi;dc_pre=CJDQ-dqRgPcCFYvs1QodffkPcQ;src=5755760;type=pgv;cat=virgi0;ord=9443128450876;gtm=2wg3u0;auiddc=942362603.1649272195;u14=;u15=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
x.cnt.my/async/track/ 3 KB
1 KB 60ms
11ms Script
application/javascript 138.201.230.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://x.cnt.my/async/track/?r=0.4309377257526674
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.230.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.230.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 019db5a04633268591cdec5134fb5841c2a548d6c502ebb20de15a202a1b4a2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:55 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 11:42:42 GMT
server: nginx
content-type: application/javascript
etag: W/"6076d532-a11"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 33ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26313
x-xss-protection: 0
pragma: public
x-fb-debug: 33yu5VtHGTP3u+p8J39XDXtvd3KkBMoLoW+1bbBcNQD4G4X1JW+1w1zP2X8L31EesP5ry/XlrDE6ETezlhuDug==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 06 Apr 2022 19:09:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.0 200
OK / Show response
px.wp.pl//exdotdynamic/ 0
77 B 248ms
36ms Script
text/plain 212.77.100.251
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.wp.pl//exdotdynamic/?gwpAction=view&gwpReferer=https%253A//virginmobile.pl/zawiadomienie-o-ataku-hackerskim&tt=7720660527&gwpClientId=virginmobile
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_256_GCM
Server: 212.77.100.251 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: px.wp.pl
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 0
Server: BigIP

GET
H2 200 am.js Show response
analytics.greensender.pl/scripts/js/ 12 KB
5 KB 161ms
80ms Script
application/javascript 193.34.162.28
DAG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.greensender.pl/scripts/js/am.js
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.34.162.28 , Poland, ASN41796 (DAG-AS, PL),
Reverse DNS: ev.dmsales.io
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: f9083029a49011e27bebc908dc2fb538c860a87aeb7a41bd5c1292744f0efec9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:55 GMT
content-encoding: gzip
last-modified: Mon, 24 Sep 2018 11:37:53 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "3122-5769c6b6f8640-gzip"
vary: Referer,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age=1209600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin, content-type, accept, cookie
content-length: 4521
expires: Wed, 20 Apr 2022 19:09:55 GMT

GET
H/1.1 200
OK vendors.js Show response
crazy-website-widget.crazycall.com/prod2/ 671 KB
169 KB 43ms
41ms Script
application/javascript 104.26.2.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://crazy-website-widget.crazycall.com/prod2/vendors.js

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adef15edbb0b3cc117516779323f2729272f91d4afe8a937b7d5ac88a36d8458

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:55 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 9607
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abIDclqZuQ2cc7p2acrQYJ5y%2Bfc%2B17kkRjAzOLKX1fkVeWTvK55sBiTOtAYShNllubcyPDnLNmPvC1b%2Fq7%2F6h65GVPcR%2FWedbHAaK2J5pqxoDoSa%2F7w%2FSBS5q62BGlON9y%2BRD15zLcyR79gSkdi%2FWP34uBw%3D"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
x-amz-request-id: ZJDRYPHAEGANV0NV
x-amz-id-2: l5qxWa0/KBla1izzB+iMULrx/pSzhwVg1IO0gaDzF1mSC7LGOewjRNsNrS/+cyoNCRIIPvm5EeU=
Last-Modified: Tue, 12 Jan 2021 08:24:06 GMT
Server: cloudflare
ETag: W/"7ad6fae276d17d96b0a62921b51c9b3a"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=1800
CF-RAY: 6f7cd217994a3a05-CDG

GET
H/1.1 200
OK tracking.js Show response
crazy-website-widget.crazycall.com/prod2/ 90 KB
25 KB 53ms
29ms Script
application/javascript 104.26.2.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://crazy-website-widget.crazycall.com/prod2/tracking.js

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30cfd09daef6ff209b8d6fde858e06ff779806dc1eb1ce8ef95fcaaaa1b8ca93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:55 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 317
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYuJRDtPH0EkObnCDxdIogXc54aLlIM5ubKw5EugpeSRXM2F%2BsppXmV32sy9YHhiI5N6jgLKGA92jcMS2Bp%2FXO01%2Flf0cllPNPIpizmSK1d8FP%2BMWiRRdNMr5qb%2BnWKeU71SteCVHohTcIosB8V02QMpM7I%3D"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
x-amz-request-id: 6NFGV66XC7A9W0Z5
x-amz-id-2: mHMZcEfZVdCd6Ksfo4st2kHG7LWoG5S41CAcQ7b61UYd8aqwhvZwLh8FmypRpX0zAFJQtvkVeFg=
Last-Modified: Tue, 12 Jan 2021 08:24:06 GMT
Server: cloudflare
ETag: W/"76672ff241ec992a2e701b75f4fe3453"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=1800
CF-RAY: 6f7cd217abb4908e-FRA

GET
H/1.1 200
OK frontend.json Show response
virginmobile.pl/static/config/ 1 KB
1 KB 107ms
56ms XHR
application/json 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to

Full URL: https://virginmobile.pl/static/config/frontend.json?v=
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/static/CACHE/js/output.8c32b5454ed1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: f2a7ba1ecebeb3843ded304b050dfc3bf39aebd479b1d252a0a42b2742680d21

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:55 GMT
Content-Encoding: gzip
Referrer-Policy: : origin
Last-Modified: Fri, 07 May 2021 13:10:33 GMT
ETag: W/"60953c49-4f1"
X-Cache-Status: HIT
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/json
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 06 May 2022 18:58:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 176 KB
65 KB 44ms
24ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X0N44PTN2F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLPX6F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da28b7038b216a97293557fc9047bea16bdde621b68324bd575deb23a088d808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66201
x-xss-protection: 0
expires: Wed, 06 Apr 2022 19:09:55 GMT

GET
H2 200 analytics-marketing.js Show response
analytics.greensender.pl/scripts/js/ 12 KB
5 KB 64ms
50ms Script
application/javascript 193.34.162.28
DAG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.greensender.pl/scripts/js/analytics-marketing.js
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.34.162.28 , Poland, ASN41796 (DAG-AS, PL),
Reverse DNS: ev.dmsales.io
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: f9083029a49011e27bebc908dc2fb538c860a87aeb7a41bd5c1292744f0efec9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:55 GMT
content-encoding: gzip
last-modified: Mon, 24 Sep 2018 11:37:57 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "3122-5769c6bac8f40-gzip"
vary: Referer,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age=1209600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin, content-type, accept, cookie
content-length: 4521
expires: Wed, 20 Apr 2022 19:09:55 GMT

GET
H2 200 B10744537.143595521;sz=1x2;ord=341296936228 Show response
ad.doubleclick.net/ddm/adj/N331001.197812NSO.CODESRV/ 34 KB
13 KB 44ms
43ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N331001.197812NSO.CODESRV/B10744537.143595521;sz=1x2;ord=341296936228?

Requested by

Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

baa4b8fba4ba98b948de278160534849246a9c75f31d591ad3d06a9cadfeeb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 19:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12679
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=COvQ_9qRgPcCFUEcBgAdC0YLkg;src=8492364;type=vmcount;cat=virgi0;ord=3518049324970;gtm=2wg3u0;auiddc=942362603.1649272195;u51=%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2F... Show response
8492364.fls.doubleclick.net/ Frame FC6C
Redirect Chain

https://8492364.fls.doubleclick.net/activityi;src=8492364;type=vmcount;cat=virgi0;ord=3518049324970;gtm=2wg3u0;auiddc=942362603.1649272195;u51=%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%...
https://8492364.fls.doubleclick.net/activityi;dc_pre=COvQ_9qRgPcCFUEcBgAdC0YLkg;src=8492364;type=vmcount;cat=virgi0;ord=3518049324970;gtm=2wg3u0;auiddc=942362603.1649272195;u51=%2Fzawiadomienie-o-a...

464 B
384 B

58ms
58ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8492364.fls.doubleclick.net/activityi;dc_pre=COvQ_9qRgPcCFUEcBgAdC0YLkg;src=8492364;type=vmcount;cat=virgi0;ord=3518049324970;gtm=2wg3u0;auiddc=942362603.1649272195;u51=%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLPX6F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

fec7a70f5a08594ccbc80e04330ec3d17e09118148cafaaf5755fdd7e062b538

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Apr 2022 19:09:55 GMT
expires: Wed, 06 Apr 2022 19:09:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Apr 2022 19:09:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8492364.fls.doubleclick.net/activityi;dc_pre=COvQ_9qRgPcCFUEcBgAdC0YLkg;src=8492364;type=vmcount;cat=virgi0;ord=3518049324970;gtm=2wg3u0;auiddc=942362603.1649272195;u51=%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 502
Bad Gateway /
adsearch.adkontekst.pl/deimos/tracking/ 0
0 35ms
13ms Image
text/html 136.243.169.8
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adsearch.adkontekst.pl/deimos/tracking/?tid=102706&reid=1351&expire=720&nc=1649272195130
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.169.8 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1-beer.funcadr.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H2 200 DFPAudiencePixel;ord=329828141720.70496;dc_seg=443486784
pubads.g.doubleclick.net/activity;dc_iu=/75224259/ 42 B
761 B 88ms
49ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/75224259/DFPAudiencePixel;ord=329828141720.70496;dc_seg=443486784?

Requested by

Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 19:09:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 visit.png
conversionlabs.net.pl/ 68 B
163 B 69ms
17ms Image
image/png 151.80.63.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://conversionlabs.net.pl/visit.png?sid=58c6a8b84c2a7ccab64c2f26&matched=1&url=https%3A%2F%2Fvirginmobile.pl%2F

Requested by

Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

151.80.63.17 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:55 GMT
server: nginx
content-length: 68
x-frame-options: SAMEORIGIN
content-type: image/png

GET 626078129
app.trackly.pl/rmtag/24200/ 0
0

GET
H2 200 configuration Show response
api-prod.2way.app/widget/virgin/ 114 B
826 B 1076ms
851ms XHR
application/json 2606:4700:3037::ac43:dde0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-prod.2way.app/widget/virgin/configuration?onlyActiveProjects=true&device=Desktop
Requested by: Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/vendors.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:dde0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd5e0878b3800a493b3fe001ea8a5b79bb24a850e207727bec24f8a58ee9afb2

Request headers

Accept: application/json, text/plain, */*
Referer: https://virginmobile.pl/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:56 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amzn-requestid: e17cc6c2-51d2-4680-b07a-31c557855357
x-amz-apigw-id: QLDMtGIcDoEF8Gw=
last-modified: Wed, 06 Apr 2022 19:09:56 GMT
server: cloudflare
x-amzn-trace-id: Root=1-624de584-6eecb9e87ffa9c4713a5bb65;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIF5imkuBSgtcw%2F2gPaUHQsGrXBkPB7Qtym34gQ5jthssO4TDJjslvFHDHP1nRSc%2BpjV7pZQxiJJFjUMffo55KjPwWJy%2F%2FZFU6DNGCdM3m1L9zS3man80eWtxTqhZ0SD%2Fellu%2BYWal62BiE0g0h5fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=1800
cf-ray: 6f7cd21a7e849751-AMS
expires: Wed, 06 Apr 2022 19:39:56 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 62ms
19ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-34088446-1&cid=1895425091.1649272195&jid=793960849&gjid=1876860511&_gid=193961545.1649272195&_u=YGBAgAABAAAAAE~&z=597016262

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://virginmobile.pl/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 06 Apr 2022 19:09:56 GMT
content-type: text/plain
access-control-allow-origin: https://virginmobile.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 90ms
54ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-69463566-1&cid=1895425091.1649272195&jid=1215129594&gjid=938744787&_gid=193961545.1649272195&_u=YGDAgAABAAAAAE~&z=2047765002

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://virginmobile.pl/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 06 Apr 2022 19:09:56 GMT
content-type: text/plain
access-control-allow-origin: https://virginmobile.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 42ms
9ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2143576840&t=pageview&_s=1&dl=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim&ul=en-us&de=UTF-8&dt=Zawiadomienie%20o%20ataku%20hackerskim&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=793960849&gjid=1876860511&cid=1895425091.1649272195&tid=UA-34088446-1&_gid=193961545.1649272195&gtm=2wg3u0K3486L&z=1739313546

Requested by

Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 12:58:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22288
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
8ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2143576840&t=pageview&_s=1&dl=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim&ul=en-us&de=UTF-8&dt=Zawiadomienie%20o%20ataku%20hackerskim&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgAABAAAAAE~&jid=1215129594&gjid=938744787&cid=1895425091.1649272195&tid=UA-69463566-1&_gid=193961545.1649272195&gtm=2wg3u0TLPX6F&z=511793185

Requested by

Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 12:58:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22288
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cart Show response
virginmobile.pl/spitfire-web-api/api/v1/ 300 B
1 KB 123ms
110ms XHR
application/json 89.108.195.45
P4NET P4 UMTS ope...

General

Check archive.org

Show headers Download Go to

Full URL: https://virginmobile.pl/spitfire-web-api/api/v1/cart?null&_=1649272194854
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/static/CACHE/js/output.8c32b5454ed1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.108.195.45 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
Software: /
Resource Hash: e61c5944fed2a5a85ea78fbb3883b18ab510c52f2d23f039fb7b101d6226c3be

Request headers

Accept: application/json, */*; q=0.01
x-app-id: U2FsdGVkX1+1FdjueG3/gmb7nry+uhkts9f01hBuLEo=
Referer: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

UserData: {"firstName":null,"lastName":null,"msisdns":[],"msisdnNames":{},"currentMsisdn":null,"authorized":false,"uuid":null}
Date: Wed, 06 Apr 2022 19:09:56 GMT
Connection: keep-alive
Content-Length: 300
Content-Type: application/json;charset=UTF-8

GET
H2 200 dc_pre=COvQ_9qRgPcCFUEcBgAdC0YLkg;src=8492364;type=vmcount;cat=virgi0;ord=3518049324970;gtm=2wg3u0;auiddc=*;u51=%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomien...
adservice.google.com/ddm/fls/z/ Frame FC6C 42 B
494 B 67ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COvQ_9qRgPcCFUEcBgAdC0YLkg;src=8492364;type=vmcount;cat=virgi0;ord=3518049324970;gtm=2wg3u0;auiddc=*;u51=%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim

Requested by

Host: 8492364.fls.doubleclick.net
URL: https://8492364.fls.doubleclick.net/activityi;dc_pre=COvQ_9qRgPcCFUEcBgAdC0YLkg;src=8492364;type=vmcount;cat=virgi0;ord=3518049324970;gtm=2wg3u0;auiddc=942362603.1649272195;u51=%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8492364.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 19:09:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 virginmobile.pl.js Show response
x.cnt.my/async/parser/ 7 KB
2 KB 11ms
11ms Script
application/javascript 138.201.230.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://x.cnt.my/async/parser/virginmobile.pl.js?r=4.01&dom=virginmobile.pl
Requested by: Host: x.cnt.my
URL: https://x.cnt.my/async/track/?r=0.4309377257526674
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.230.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.230.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 9d2f31532632ac35367d31e6bf9741180267e04e6fe3fc200324b590392fa22a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:56 GMT
content-encoding: gzip
last-modified: Thu, 07 May 2020 09:02:46 GMT
server: nginx
content-type: application/javascript
etag: W/"5eb3ceb6-1ac1"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
x.cnt.my/px/
Redirect Chain

https://x.cnt.my/px/?r=0.2627640818730117&dom=virginmobile.pl&tz=0&sw=1600&sh=1200&ow=1600&oh=1200&iw=1600&ih=1200&scd=24&url=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim
https://x.cnt.my/px/?r=0.2627640818730117&dom=virginmobile.pl&tz=0&sw=1600&sh=1200&ow=1600&oh=1200&iw=1600&ih=1200&scd=24&url=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim&rand=0...

35 B
555 B

13ms
13ms

Image
image/gif

138.201.230.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.cnt.my/px/?r=0.2627640818730117&dom=virginmobile.pl&tz=0&sw=1600&sh=1200&ow=1600&oh=1200&iw=1600&ih=1200&scd=24&url=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim&rand=0.40718078715215444&xtmp=1
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: H2
Server: 138.201.230.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.230.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 19:09:56 GMT
server: nginx
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: no-cache,max-age=0,must-revalidate, no-cache
content-type: image/gif; charset=utf-8
content-length: 35
expires: 0

Redirect headers

date: Wed, 06 Apr 2022 19:09:56 GMT
server: nginx
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location: /px/?r=0.2627640818730117&dom=virginmobile.pl&tz=0&sw=1600&sh=1200&ow=1600&oh=1200&iw=1600&ih=1200&scd=24&url=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim&rand=0.40718078715215444&xtmp=1
cache-control: no-cache
content-type: text/plain; charset=utf-8
content-length: 206
expires: 0

GET
H3 200 2103406193291219 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 20ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2103406193291219?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1dc3a4d00e0496c9f01a6eec38b1cbcc3cb569d5888376d2f94721d951ef4fc3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89164
x-xss-protection: 0
pragma: public
x-fb-debug: kZPZkaeTHiOo5I778aYMhxN3Af/+THKz6MUMwNBWY/P9mt9Xk79E2cpbF9SFRjuZriJTEbXEVnewJ7pTL1O6KQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 06 Apr 2022 19:09:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dc_pre=CJDQ-dqRgPcCFYvs1QodffkPcQ;src=5755760;type=pgv;cat=virgi0;ord=9443128450876;gtm=2wg3u0;auiddc=942362603.1649272195;u14=;u15=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim;... Show response
adservice.google.com/ddm/fls/i/ Frame 1CA7 581 B
504 B 55ms
44ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJDQ-dqRgPcCFYvs1QodffkPcQ;src=5755760;type=pgv;cat=virgi0;ord=9443128450876;gtm=2wg3u0;auiddc=942362603.1649272195;u14=;u15=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim

Requested by

Host: 5755760.fls.doubleclick.net
URL: https://5755760.fls.doubleclick.net/activityi;dc_pre=CJDQ-dqRgPcCFYvs1QodffkPcQ;src=5755760;type=pgv;cat=virgi0;ord=9443128450876;gtm=2wg3u0;auiddc=942362603.1649272195;u14=;u15=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6111faddd95881e9d5c8cc1da183735d6b3854c2430b88aa0c0524472fec23dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5755760.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Apr 2022 19:09:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK bootstrapScript.js Show response
api.spoldzielnia.nsaudience.pl/frontend/api/ 74 KB
74 KB 70ms
23ms Script
application/javascript 162.55.240.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.spoldzielnia.nsaudience.pl/frontend/api/bootstrapScript.js?inlined&cookie&sourceId=dbms_virginmobile.pl&doSale
Requested by: Host: analytics.greensender.pl
URL: https://analytics.greensender.pl/scripts/js/am.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.55.240.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 5-spd-dict.funcns.net
Software: nginx /
Resource Hash: edccb4a542aa15f3566c238d627516cdc540607b9a9a10b70a6b8613403109d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 19:09:56 GMT
Server: nginx
P3P: CP="CAO COR COR CON TEL IVD SAM IND BUS"
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript;charset=UTF-8
Content-Length: 75758
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 analitycs
analytics.greensender.pl/ 42 B
377 B 148ms
85ms Image
image/gif 193.34.162.28
DAG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.greensender.pl/analitycs?pathname=/zawiadomienie-o-ataku-hackerskim&domain=virginmobile.pl&type=pageview&category=&action=&pagetitle=Zawiadomienie%20o%20ataku%20hackerskim&pageencoding=UTF-8&eid=1b4a603a-8520-4e12-8f85-34ddcf24da1c&ms=1223619955468&parameter=null&session=91d00285-dddc-43f0-aa15-7ba3a73d8a99&parameter_get=%7B%7D&resolution=1600x1200&color_depth=24&page_id=382-1479917863&
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.34.162.28 , Poland, ASN41796 (DAG-AS, PL),
Reverse DNS: ev.dmsales.io
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:56 GMT
server: Apache/2.4.41 (Ubuntu)
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin
cache-control: no-cache
access-control-allow-credentials: true
content-disposition: inline; filename="1px.png"
access-control-allow-headers: origin, content-type, accept, cookie

GET
H2 200 analitycs
analytics.greensender.pl/ 42 B
172 B 147ms
87ms Image
image/gif 193.34.162.28
DAG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.greensender.pl/analitycs?pathname=/zawiadomienie-o-ataku-hackerskim&domain=virginmobile.pl&type=pageview&category=&action=&pagetitle=Zawiadomienie%20o%20ataku%20hackerskim&pageencoding=UTF-8&eid=71306078-1638-46e5-b2d6-8c2e69373a05&ms=1223619955471&parameter=null&session=91d00285-dddc-43f0-aa15-7ba3a73d8a99&parameter_get=%7B%7D&resolution=1600x1200&color_depth=24&page_id=DMS5EB3E18F588CC&
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.34.162.28 , Poland, ASN41796 (DAG-AS, PL),
Reverse DNS: ev.dmsales.io
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:56 GMT
server: Apache/2.4.41 (Ubuntu)
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin
cache-control: no-cache
access-control-allow-credentials: true
content-disposition: inline; filename="1px.png"
access-control-allow-headers: origin, content-type, accept, cookie

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 68ms
46ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34088446-1&cid=1895425091.1649272195&jid=793960849&_u=YGBAgAABAAAAAE~&z=384285877

Requested by

Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 19:09:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 69ms
46ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34088446-1&cid=1895425091.1649272195&jid=793960849&_u=YGBAgAABAAAAAE~&z=384285877

Requested by

Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 19:09:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK configuration Show response
leadgeneration.crazycall.com/imjf.crazycall.com/ 81 KB
5 KB 84ms
43ms XHR
application/json 104.26.3.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://leadgeneration.crazycall.com/imjf.crazycall.com/configuration?onlyActiveProjects=true&device=Desktop

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/vendors.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c65f9e315a677508b089e79732031aa4e415a0b48756f50e342eb1742e5038af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://virginmobile.pl/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:56 GMT
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1748
x-amzn-requestid: 3277a834-84b1-4419-a10d-e5deee138439
Transfer-Encoding: chunked
x-cache: Miss from cloudfront
Connection: keep-alive
Content-Encoding: br
x-amz-apigw-id: QK-7nEqpDoEFmDQ=
Last-Modified: Wed, 06 Apr 2022 18:40:48 GMT
Server: cloudflare
x-amzn-trace-id: Root=1-624ddeb0-747500765770e675545f03dd;Sampled=0
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLOeNIEU8EWfoKqcvBDDR%2FbLBl4KvvnRTgBKPKY23Kiyg5c0YELdZF17USljki9UJQLnPHyXzSPe%2Fh6%2BqUsdZhBdb4rhZ4MXjcp%2BmI88esZuwGB%2Bm48ZBto12T589rjw7%2FbtgiQncKZp2%2FCa17w%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json
access-control-allow-origin: *
Vary: Accept-Encoding
Cache-Control: public, max-age=14400
x-amz-cf-pop: DUS51-P2
CF-RAY: 6f7cd21aae559944-FRA
x-amz-cf-id: gkaXOTH9BUQQTxbnf9N7sCIJzuT4-Y268XtVoRl0T3kj8g8KxCNoBg==
Expires: Wed, 06 Apr 2022 23:09:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 119 KB
37 KB 56ms
32ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N331001.197812NSO.CODESRV/B10744537.143595521;sz=1x2;ord=341296936228?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a59c05d1a0531610285fb30680c6ff8cb80b987cfd7f118a84e44ca4dd942f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36931
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649071906742826"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220405/r20110914/elements/html/ 8 KB
4 KB 36ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220405/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N331001.197812NSO.CODESRV/B10744537.143595521;sz=1x2;ord=341296936228?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Apr 2022 19:07:18 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
575 B 234ms
43ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsscX8sbb2CuLPYqF7_eUWgD0uHg_gdJ3oYiFnVT7ZLPbbIKyDwP2OGa5OVV8WNe7uDRKTnigQgFhkg3pxGQ5Id8Y03WZvZ9sRy239YtDOoF2RE_VlkP2mXm0h9ZmvilghbWyw&sig=Cg0ArKJSzG9F2iQcfDqqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cisv=r20220405.44617&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N331001.197812NSO.CODESRV/B10744537.143595521;sz=1x2;ord=341296936228?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Apr 2022 19:09:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 16ms
15ms Ping
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-X0N44PTN2F&gtm=2oe3u0&_p=2143576840&sr=1600x1200&_z=ccd.AAB&ul=en-us&cid=1895425091.1649272195&_s=1&dl=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim&dt=Zawiadomienie%20o%20ataku%20hackerskim&sid=1649272195&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X0N44PTN2F&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 19:09:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://virginmobile.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2860664054180776 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2860664054180776?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b4d7600a220e192377074034fdc6e39f449a8352ab09787c81a1ba795c988be5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89185
x-xss-protection: 0
pragma: public
x-fb-debug: ROfQXS+0V1S4p3/mk9vrllY0cdVWnA337UEIOSPLTlInDkYGpxpA0RWJcbsRpnG98CUeFeYsEMgqPpxEWBK6CQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 06 Apr 2022 19:09:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 109ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2103406193291219&ev=PageView&dl=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim&rl=&if=false&ts=1649272195649&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649272195647.456758301&it=1649272195455&coo=false&exp=p1&rqm=GET

Requested by

Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H/1.1 200
OK widget-bubble.html Show response
crazy-website-widget.crazycall.com/prod2/ Frame 8C5C 1 KB
1 KB 31ms
31ms Document
text/html 104.26.2.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://crazy-website-widget.crazycall.com/prod2/widget-bubble.html

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/tracking.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4b5c528bc3d08a6b57603536be20bb18977c468793c92796c533ca68d5abc88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Age: 3016
CF-Cache-Status: HIT
CF-RAY: 6f7cd21ba8873a05-CDG
Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html
Date: Wed, 06 Apr 2022 19:09:56 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Last-Modified: Tue, 12 Jan 2021 08:24:06 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRp7TJSJPOoCNbaL2eBmN2ehucF6aCU0Iza3LqxBfx3laMDMZNlUJPf7C9SCrfAzNjgKDxayTPpvjEwwv5YjpBoJJbiOPRw%2F32MMfaTxxn%2BzCqfGChaXeaUUKlUxUzHQ5%2BJyR5nbHxo9QoTUQPs%2Fic8gQSY%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
x-amz-id-2: luyBZVbHpBVfAgomO9VnbnlN/mUqtxbdHhGtrsUoUkcK6LJrQ013iTDuTmzJNE0A2neEljcS5Ug=
x-amz-request-id: FESPVE3T0HY2XGMR

GET
H/1.1 200
OK widget-popup.html Show response
crazy-website-widget.crazycall.com/prod2/ Frame AEC9 1 KB
1 KB 24ms
24ms Document
text/html 104.26.2.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://crazy-website-widget.crazycall.com/prod2/widget-popup.html

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/tracking.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63e2680dd9d67fbd48797cbb0c3efd83f0f464d4004b413414e5bfa673a1c64b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Age: 31714
CF-Cache-Status: HIT
CF-RAY: 6f7cd21b99d0908e-FRA
Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html
Date: Wed, 06 Apr 2022 19:09:56 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRb1c2SA6aBkQPwywdyBP26n%2BkWp%2Bw5DNenOWbAfbyyAVeC06jib3SWFV6CklokG9p3TToHhYCEs17ngxBw8ZQNSj%2FBXTDW8ZRBk908SrlF2VLwLfZE%2FgNQTq%2BfaE3HDVxqyibwiLu2dTl5iYWmypqdCyFA%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
last-modified: Tue, 12 Jan 2021 08:24:06 GMT
x-amz-id-2: HfHmYwUM8KzuzE9H49YRo8QsuvlaBtnKjtWjIP5NxmBhNSyCA6rO51ymQnIZ209iPSmdqiC0NZM=
x-amz-request-id: RZFYV2XDHXRSN78G

GET
H2 200 push.js Show response
s-eu-1.pushpushgo.com/scripts/62333e71a78bb26849fcf737/ 28 KB
9 KB 34ms
34ms Script
application/javascript 5.196.33.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s-eu-1.pushpushgo.com/scripts/62333e71a78bb26849fcf737/push.js
Requested by: Host: s-eu-1.pushpushgo.com
URL: https://s-eu-1.pushpushgo.com/js/5cee5f0c326128000b49446c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.33.116 , France, ASN16276 (OVH, FR),
Reverse DNS: ip116.ip-5-196-33.eu
Software: nginx /
Resource Hash: 2c83b2e857b8adecba7bf6fa4051ee8767cf421fa3494598dc7d6e8e1c885e60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:56 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 13:58:19 GMT
server: nginx
etag: W/"62333e7b-6ff4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
expires: Thu, 07 Apr 2022 19:09:56 GMT

GET
H2 200 beacon.js Show response
s-eu-1.pushpushgo.com/scripts/62333e71a78bb26849fcf737/ 16 KB
4 KB 34ms
34ms Script
application/javascript 5.196.33.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s-eu-1.pushpushgo.com/scripts/62333e71a78bb26849fcf737/beacon.js
Requested by: Host: s-eu-1.pushpushgo.com
URL: https://s-eu-1.pushpushgo.com/js/5cee5f0c326128000b49446c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.33.116 , France, ASN16276 (OVH, FR),
Reverse DNS: ip116.ip-5-196-33.eu
Software: nginx /
Resource Hash: 56e2a20b37a6f4bc56f2884d23a8806a1f556303035ced2cff79fd8ed696f8eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:56 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 13:58:18 GMT
server: nginx
etag: W/"62333e7a-3eba"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
expires: Thu, 07 Apr 2022 19:09:56 GMT

GET
H2 200 dc_pre=CJDQ-dqRgPcCFYvs1QodffkPcQ;src=5755760;type=pgv;cat=virgi0;ord=9443128450876;gtm=2wg3u0;auiddc=942362603.1649272195;u14=;u15=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim;... Show response
adservice.google.de/ddm/fls/i/ Frame 950C 194 B
870 B 70ms
46ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJDQ-dqRgPcCFYvs1QodffkPcQ;src=5755760;type=pgv;cat=virgi0;ord=9443128450876;gtm=2wg3u0;auiddc=942362603.1649272195;u14=;u15=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJDQ-dqRgPcCFYvs1QodffkPcQ;src=5755760;type=pgv;cat=virgi0;ord=9443128450876;gtm=2wg3u0;auiddc=942362603.1649272195;u14=;u15=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim;~oref=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Apr 2022 19:09:56 GMT
expires: Wed, 06 Apr 2022 19:09:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame AEC9 2 KB
610 B 58ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget-popup.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:51:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AEC9 664 B
429 B 59ms
17ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget-popup.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 19:05:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AEC9 2 KB
594 B 59ms
17ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget-popup.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9fc929f9d307cf53bea691c3794c5ee2874ff5e1d2c7d308d71120ae3aa8c788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 17:56:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AEC9 1 KB
931 B 56ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget-popup.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7be9e5f63b77a88b00d5be374fb63b5b560c1aa06cc9b0421f967095b50222d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 17:10:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AEC9 1 KB
513 B 57ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget-popup.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a80820010b6b9da3f8acdcbf9ad00d1bfefe04929cf45dc48ba456049205bf24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 19:01:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AEC9 2 KB
589 B 57ms
17ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget-popup.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5fbfb6df23e8d35816a49550a9a2792dfc28d1ff72275fa91866018ea9a982d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 17:51:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AEC9 2 KB
592 B 67ms
26ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget-popup.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4bbb558bcc73c6ec7de1a3bfee854935d2acb54b5055f49347a47fff164c2ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 17:13:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H/1.1 200
OK vendors.js Show response
crazy-website-widget.crazycall.com/prod2/ Frame AEC9 671 KB
169 KB 41ms
41ms Script
application/javascript 104.26.2.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://crazy-website-widget.crazycall.com/prod2/vendors.js

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget-popup.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adef15edbb0b3cc117516779323f2729272f91d4afe8a937b7d5ac88a36d8458

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/prod2/widget-popup.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:56 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 9608
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9e19j%2B193tob7NP6249ZcplRpgw1ImVlEVpGb%2BEtH%2BXvN4w8C15TxROsFyEQOXA7n8OyeYc9Tr7C2byROH0NpP%2BIEd28IN%2BETLr9YK%2FrhpK8LZ7uYSmsxaaz1yUA9z5LhDlCScMt4U3Q1TatVF8t6f%2FTWM8%3D"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
x-amz-request-id: ZJDRYPHAEGANV0NV
x-amz-id-2: l5qxWa0/KBla1izzB+iMULrx/pSzhwVg1IO0gaDzF1mSC7LGOewjRNsNrS/+cyoNCRIIPvm5EeU=
Last-Modified: Tue, 12 Jan 2021 08:24:06 GMT
Server: cloudflare
ETag: W/"7ad6fae276d17d96b0a62921b51c9b3a"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=1800
CF-RAY: 6f7cd21bf9743a05-CDG

GET
H/1.1 200
OK widget-popup.js Show response
crazy-website-widget.crazycall.com/prod2/ Frame AEC9 75 KB
15 KB 36ms
36ms Script
application/javascript 104.26.2.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://crazy-website-widget.crazycall.com/prod2/widget-popup.js

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget-popup.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf956fa3f0c4d4531b9a7182dd3f6103fc9076e39c97ca7a91de92161212b07b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/prod2/widget-popup.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:56 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 30370
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbxjdsWTiNWZliO%2FalHXPRldupmevcWBeBLIjqZ22lhv0ds7Af%2BInUDnqobc9fTjpkcnI%2F8zEDHh2sUWspRTYkzyZJtIvs8lK680u20d9aYqA51DhtQv0cErK5zKOWJ3hL6KLM%2Bvj0mi7KCWA5%2FvLXhbtSk%3D"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
x-amz-request-id: HEHG2608NB3ZFWF7
x-amz-id-2: ZB/6s9qao9cUREbdI6/84PXyklzgVO29idmkvY2uh++PMfprusmIhzeKNF+0ZDRL9m94aaRA0DA=
Last-Modified: Tue, 12 Jan 2021 08:24:06 GMT
Server: cloudflare
ETag: W/"b67369cd421200e3475a6216105c9528"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=1800
CF-RAY: 6f7cd21bea73908e-FRA

GET
H3 200 758534217592930 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 14ms
14ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/758534217592930?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d15ab340756d5ff3d38c1d0cdca32bd54410a887c171f79ba62985c0f122e4a1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89290
x-xss-protection: 0
pragma: public
x-fb-debug: WhBSt+bCpDTOgjY8h4fbpSLPOCF47mYs+dKJvd/rsCXY3WVE3u9V4nQfPnK11NRD+fRV+6K9vvN0JVThl+6zIA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 06 Apr 2022 19:09:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 19ms
10ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2860664054180776&ev=PageView&dl=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim&rl=&if=false&ts=1649272195803&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649272195647.456758301&it=1649272195455&coo=false&exp=p1&rqm=GET

Requested by

Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8C5C 2 KB
610 B 46ms
29ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget-bubble.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 17:37:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8C5C 664 B
429 B 42ms
26ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget-bubble.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 17:21:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8C5C 2 KB
594 B 48ms
33ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget-bubble.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9fc929f9d307cf53bea691c3794c5ee2874ff5e1d2c7d308d71120ae3aa8c788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 17:17:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8C5C 1 KB
502 B 37ms
21ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget-bubble.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7be9e5f63b77a88b00d5be374fb63b5b560c1aa06cc9b0421f967095b50222d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 19:09:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8C5C 1 KB
513 B 33ms
18ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget-bubble.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a80820010b6b9da3f8acdcbf9ad00d1bfefe04929cf45dc48ba456049205bf24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 17:32:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8C5C 2 KB
589 B 41ms
25ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget-bubble.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5fbfb6df23e8d35816a49550a9a2792dfc28d1ff72275fa91866018ea9a982d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:55:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8C5C 2 KB
592 B 36ms
22ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget-bubble.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4bbb558bcc73c6ec7de1a3bfee854935d2acb54b5055f49347a47fff164c2ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 17:37:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H/1.1 200
OK vendors.js Show response
crazy-website-widget.crazycall.com/prod2/ Frame 8C5C 671 KB
169 KB 59ms
45ms Script
application/javascript 104.26.2.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://crazy-website-widget.crazycall.com/prod2/vendors.js

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget-bubble.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adef15edbb0b3cc117516779323f2729272f91d4afe8a937b7d5ac88a36d8458

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/prod2/widget-bubble.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:56 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 14459
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYih1aP4erKyR%2B4JLqRPmspc3UvRV2AhzJTUh959s%2BPDyEzRrpG%2Bt1zwGukzDk%2BNxiXeg0NSUAE0enxrkBM95zjeEMsKwqLoViBMta%2BsII39wKi1xyWeQ1VA0sA2Otw9pTHNZ3Pcj5cWCbacjiMs1AMDh0E%3D"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
x-amz-request-id: 3D625W7PXG8E00CY
x-amz-id-2: lQ7iARZihYW9zGuqH+Dd0Z6FR9O9TnOsfqUgB5jRdm/AdyExkd2I8SPC/t7KI6iWCbW5XSE84iE=
Last-Modified: Tue, 12 Jan 2021 08:24:06 GMT
Server: cloudflare
ETag: W/"7ad6fae276d17d96b0a62921b51c9b3a"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=1800
CF-RAY: 6f7cd21c2aed908e-FRA

GET
H/1.1 200
OK widget-bubble.js Show response
crazy-website-widget.crazycall.com/prod2/ Frame 8C5C 115 KB
19 KB 61ms
33ms Script
application/javascript 104.26.2.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://crazy-website-widget.crazycall.com/prod2/widget-bubble.js

Requested by

Host: crazy-website-widget.crazycall.com
URL: https://crazy-website-widget.crazycall.com/prod2/widget-bubble.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

115c3e96d9b855af8c1bd9719ac37172d8d27696bd2fe52a65bf308fc22a65ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/prod2/widget-bubble.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:56 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 30104
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yKD7XTozvOXjPKfrRrlNhIzRNPpIj%2F%2BBv0lXQH3TnUPTZ1%2FT1XBo5dc9NmcJUAx0yvs2r945cfP%2B%2B0x6Dw4E0x193iDyOrOM2GtG7KaDKojyfIpKPiZHzfhiJwwDnGp8Q0U4UvTC6iygjEAtLCbMTn8nrM%3D"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
x-amz-request-id: HEHPF7EACTR2JWD8
x-amz-id-2: 9UV+aQ08an4F0VtzKfyRS72gu1M2VpMBHOJFDMGulB8ffwZgbf67JIhGg7dDqqZYNJBw2uWyGxI=
Last-Modified: Tue, 12 Jan 2021 08:24:06 GMT
Server: cloudflare
ETag: W/"48ec889a6da04d25b0e9136f30c32983"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=1800
CF-RAY: 6f7cd21c4c0c9b9a-FRA

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=758534217592930&ev=PageView&dl=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim&rl=&if=false&ts=1649272195871&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649272195647.456758301&it=1649272195455&coo=false&exp=p1&rqm=GET

Requested by

Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AEC9 8 KB
709 B 33ms
18ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

299ea571b2d2696bc505f52435e0b2948e1fc7065a72d2b5a9f438ad18f2c278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:22:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8C5C 8 KB
709 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

299ea571b2d2696bc505f52435e0b2948e1fc7065a72d2b5a9f438ad18f2c278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crazy-website-widget.crazycall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:33:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 855fd5ee32708dd03189b471727c0b9b66ac8bc92aee1b8046e6056844291b6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 8c114d967502d8c30d304db742c7c9e4.png
crazy-website-widget.crazycall.com/prod2/ 15 KB
16 KB 22ms
22ms Image
image/png 104.26.2.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crazy-website-widget.crazycall.com/prod2/8c114d967502d8c30d304db742c7c9e4.png

Requested by

Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bf1b4df9ef2f20701a8f6cfc8976a30644da318a60e6e4834d2b9ef89331324

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 19:09:56 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 12942
CF-RAY: 6f7cd21d6d0a908e-FRA
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 14976
x-amz-id-2: p6uNB1tLbxFxH8Ssua/3BXKqpw7yxLvvulMk1L5aOpGKfYt6jUgFRzaYKiS34co9oUvL3DZHHqk=
Last-Modified: Tue, 12 Jan 2021 08:24:03 GMT
Server: cloudflare
ETag: "8c114d967502d8c30d304db742c7c9e4"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8j5xR0C7PVyQJ6mfq%2BfvRpeyf7SiB3X%2F4khb8Crv9X%2B2JwSDDcjE3BAHx2CacY0U4ip0F9FY2SHZUFw3RSb072nCyPK6n2txttK3w2MsUdxEvM2MXwU%2FiuUuhNsV9raqu6iI11ydQfR7vDq6W%2BGDdYt5NM4%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: WW0CF6TJZJHN3DNQ
Cache-Control: max-age=1800
Accept-Ranges: bytes
Content-Type: image/png

GET
DATA 200
OK truncated
/ 225 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 009646982c6794a07f69e836da22f7cf07b45b25f5039fe109429f0598a31f17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2103406193291219&ev=Microdata&dl=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim&rl=&if=false&ts=1649272196152&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Zawiadomienie%20o%20ataku%20hackerskim%22%2C%22meta%3Adescription%22%3A%22Virgin%20Mobile%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Zawiadomienie%20o%20ataku%20hackerskim%20na%20Virgin%20Mobile%22%2C%22og%3Adescription%22%3A%22Virgin%20Mobile%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Virgin%20Mobile%20Polska%22%2C%22url%22%3A%22https%3A%2F%2Fvirginmobile.pl%22%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2FVirginMobilePolska%2F%22%2C%22https%3A%2F%2Ftwitter.com%2Fvirginmobilepl%22%2C%22https%3A%2F%2Fplus.google.com%2F115211595411335895980%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fvirginmobilepl%2F%22%2C%22http%3A%2F%2Fpinterest.com%2Fvirginmobilepl%22%2C%22https%3A%2F%2Fwww.youtube.com%2Fuser%2FVirginMobilePL%22%2C%22https%3A%2F%2Fwww.wikidata.org%2Fwiki%2FQ7933970%22%2C%22https%3A%2F%2Fpl.wikipedia.org%2Fwiki%2FVirgin_Mobile%22%5D%7D%2C%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Blog%22%2C%22url%22%3A%22https%3A%2F%2Fvirginmobile.pl%2Fklub-virgin-artykuly%2Ftechnogig%22%7D%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1649272195647.456758301&it=1649272195455&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2860664054180776&ev=Microdata&dl=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim&rl=&if=false&ts=1649272196304&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Zawiadomienie%20o%20ataku%20hackerskim%22%2C%22meta%3Adescription%22%3A%22Virgin%20Mobile%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Zawiadomienie%20o%20ataku%20hackerskim%20na%20Virgin%20Mobile%22%2C%22og%3Adescription%22%3A%22Virgin%20Mobile%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Virgin%20Mobile%20Polska%22%2C%22url%22%3A%22https%3A%2F%2Fvirginmobile.pl%22%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2FVirginMobilePolska%2F%22%2C%22https%3A%2F%2Ftwitter.com%2Fvirginmobilepl%22%2C%22https%3A%2F%2Fplus.google.com%2F115211595411335895980%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fvirginmobilepl%2F%22%2C%22http%3A%2F%2Fpinterest.com%2Fvirginmobilepl%22%2C%22https%3A%2F%2Fwww.youtube.com%2Fuser%2FVirginMobilePL%22%2C%22https%3A%2F%2Fwww.wikidata.org%2Fwiki%2FQ7933970%22%2C%22https%3A%2F%2Fpl.wikipedia.org%2Fwiki%2FVirgin_Mobile%22%5D%7D%2C%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Blog%22%2C%22url%22%3A%22https%3A%2F%2Fvirginmobile.pl%2Fklub-virgin-artykuly%2Ftechnogig%22%7D%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1649272195647.456758301&it=1649272195455&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 06 Apr 2022 19:09:56 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=758534217592930&ev=Microdata&dl=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim&rl=&if=false&ts=1649272196373&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Zawiadomienie%20o%20ataku%20hackerskim%22%2C%22meta%3Adescription%22%3A%22Virgin%20Mobile%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Zawiadomienie%20o%20ataku%20hackerskim%20na%20Virgin%20Mobile%22%2C%22og%3Adescription%22%3A%22Virgin%20Mobile%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Virgin%20Mobile%20Polska%22%2C%22url%22%3A%22https%3A%2F%2Fvirginmobile.pl%22%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2FVirginMobilePolska%2F%22%2C%22https%3A%2F%2Ftwitter.com%2Fvirginmobilepl%22%2C%22https%3A%2F%2Fplus.google.com%2F115211595411335895980%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fvirginmobilepl%2F%22%2C%22http%3A%2F%2Fpinterest.com%2Fvirginmobilepl%22%2C%22https%3A%2F%2Fwww.youtube.com%2Fuser%2FVirginMobilePL%22%2C%22https%3A%2F%2Fwww.wikidata.org%2Fwiki%2FQ7933970%22%2C%22https%3A%2F%2Fpl.wikipedia.org%2Fwiki%2FVirgin_Mobile%22%5D%7D%2C%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Blog%22%2C%22url%22%3A%22https%3A%2F%2Fvirginmobile.pl%2Fklub-virgin-artykuly%2Ftechnogig%22%7D%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1649272195647.456758301&it=1649272195455&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 06 Apr 2022 19:09:57 GMT

GET
H3 200 widget-bubble.html Show response
cdn.2way.app/prod2/ Frame 6A7F 1 KB
1 KB 178ms
178ms Document
text/html 2606:4700:3037::ac43:dde0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.2way.app/prod2/widget-bubble.html
Requested by: Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/tracking.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:dde0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4106b46db68193a3e201f2c943d68837d0f24614baf4422419ccfb74ee881db4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6f7cd21fed585959-AMS
content-encoding: br
content-type: text/html
date: Wed, 06 Apr 2022 19:09:57 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Fri, 18 Mar 2022 11:30:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Orwp8TgZCbdBZRu8f7n3q2%2F8nHyTqkKh%2FBxnKB5JzJJvxiIc425kHBZsrLLzD%2FE35L6qqJTXKC4yXySZRSsvd%2FP52nzWzxEkfZMhjrYyUUb%2B5N%2ForjaaOpNYQBxSMQaQNqjd7bNulUJnjlw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: +f21srp2WzjO3H5R/F0TvjOizs2mcCnvGkJUSNz76WdXwqwFg+T7X0Nqx8sPK/7qhqj4wjHlqMw=
x-amz-request-id: 7XKA8236XSCSSRQZ

GET
H3 200 widget-popup.html Show response
cdn.2way.app/prod2/ Frame 1B83 1 KB
1 KB 156ms
156ms Document
text/html 2606:4700:3037::ac43:dde0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.2way.app/prod2/widget-popup.html
Requested by: Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/tracking.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:dde0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ed83727ad53be305cfac5a922d2aa2bc29fe77d7c1966bca6d6065bd2ee331d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6f7cd21fed5c5959-AMS
content-encoding: br
content-type: text/html
date: Wed, 06 Apr 2022 19:09:57 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Fri, 18 Mar 2022 11:30:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHC%2F7IP3G8031RgGB3F1U%2Bw945iuhSi597%2Fe%2FhnSpQBJV%2FuuiTz%2BL6bD6ELyWxT4%2BGTHZBztGE2rHA1ZyUnVx7Po%2F0aVGuLAWiSyqn7xvoeOhJuUuna5S2qyyZc%2BnDFT4Hh5laEN8hKKRH8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: Rm8MRPqQ/uaNmnK2R+vvJ/zkguXqjLU4xta8ZhHquVn/gb6pvOe0nXxUheU4Oyf0LLQwvOhBiEs=
x-amz-request-id: 7XK642PAX99RB24D

GET
H3 200 css
fonts.googleapis.com/ Frame 1B83 2 KB
537 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget-popup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 17:17:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1B83 664 B
356 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget-popup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:52:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1B83 2 KB
521 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget-popup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9fc929f9d307cf53bea691c3794c5ee2874ff5e1d2c7d308d71120ae3aa8c788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 17:19:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1B83 1 KB
429 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis

Requested by

Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget-popup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7be9e5f63b77a88b00d5be374fb63b5b560c1aa06cc9b0421f967095b50222d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:11:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1B83 1 KB
440 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand

Requested by

Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget-popup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a80820010b6b9da3f8acdcbf9ad00d1bfefe04929cf45dc48ba456049205bf24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:36:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1B83 2 KB
516 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora

Requested by

Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget-popup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5fbfb6df23e8d35816a49550a9a2792dfc28d1ff72275fa91866018ea9a982d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 17:49:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1B83 2 KB
519 B 26ms
25ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway

Requested by

Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget-popup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4bbb558bcc73c6ec7de1a3bfee854935d2acb54b5055f49347a47fff164c2ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:17:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:57 GMT

GET
H3 200 vendors.js Show response
cdn.2way.app/prod2/ Frame 1B83 766 KB
198 KB 288ms
287ms Script
application/javascript 2606:4700:3037::ac43:dde0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.2way.app/prod2/vendors.js
Requested by: Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget-popup.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:dde0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22add89cff3ba673053bf7f957001a162c911cfc2a55945c0040794aed6b9fbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/prod2/widget-popup.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:57 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7XKFF2XBE6D106Y1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: xpinU+0jdXftu9/FcYXb6wHvgAVLO/qaDSb4JFEdXHlq9Yk+gS8AcsY8NoxaU3liDk2kfyxP5pc=
last-modified: Fri, 18 Mar 2022 11:30:04 GMT
server: cloudflare
etag: W/"02c15ab758e6069b777bcfb973a71762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJOkacey%2B0zkZXHVyb7sRAH7viIJ1h4d17%2FkW0Xn6EWtCyv5PQmZ%2B%2FlcVMKs8vB3yDEaSZMwjmxPHvWkBP43%2BOZSqzvx0JKYjRFBxHT1rf2OODLiWhrmeNDIXgNud1v2z%2Flbz3WRoL6XVo0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6f7cd220ffbf5959-AMS

GET
H3 200 widget-popup.js Show response
cdn.2way.app/prod2/ Frame 1B83 75 KB
15 KB 54ms
53ms Script
application/javascript 2606:4700:3037::ac43:dde0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.2way.app/prod2/widget-popup.js
Requested by: Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget-popup.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:dde0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34ee4b9609d802a0d2583e418b0af4b9242259ff2a6cdd395bde0b934efc3244

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/prod2/widget-popup.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3774
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MSNE2R1QHJR16VNS
x-amz-id-2: FkULyaG13WqoIVoYYeT3TC1kwVobZG8QAU3f9Z3p/m8x4iUN+rnxPRQtcSorRYngalaSlVd0jvM=
last-modified: Fri, 18 Mar 2022 11:30:05 GMT
server: cloudflare
etag: W/"103b2528b0e15941940d1b95323a2a87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8f0gLQG1ZhiNyTwO8w1onUvr8owdg7PTMJGDdzGLBUUg4OBiUaEqV8JDN4OEkuGsNi%2BofK9BO%2B6eUNrhU4LIjoXkPHHJ6JRlZtG6VG1I9T69WkX0NVez32ZVJiRZrvBStjpQz%2F%2Bim274zJI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6f7cd220ffc45959-AMS
cf-bgj: minify

GET
H3 200 css
fonts.googleapis.com/ Frame 6A7F 2 KB
537 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget-bubble.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 17:35:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6A7F 664 B
356 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget-bubble.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:21:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6A7F 2 KB
521 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget-bubble.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9fc929f9d307cf53bea691c3794c5ee2874ff5e1d2c7d308d71120ae3aa8c788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:02:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6A7F 1 KB
429 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis

Requested by

Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget-bubble.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7be9e5f63b77a88b00d5be374fb63b5b560c1aa06cc9b0421f967095b50222d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:12:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6A7F 1 KB
440 B 19ms
17ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand

Requested by

Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget-bubble.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a80820010b6b9da3f8acdcbf9ad00d1bfefe04929cf45dc48ba456049205bf24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 17:20:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6A7F 2 KB
516 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora

Requested by

Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget-bubble.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5fbfb6df23e8d35816a49550a9a2792dfc28d1ff72275fa91866018ea9a982d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:59:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6A7F 2 KB
519 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway

Requested by

Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget-bubble.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4bbb558bcc73c6ec7de1a3bfee854935d2acb54b5055f49347a47fff164c2ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:15:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:57 GMT

GET
H3 200 vendors.js Show response
cdn.2way.app/prod2/ Frame 6A7F 766 KB
198 KB 515ms
514ms Script
application/javascript 2606:4700:3037::ac43:dde0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.2way.app/prod2/vendors.js
Requested by: Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget-bubble.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:dde0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22add89cff3ba673053bf7f957001a162c911cfc2a55945c0040794aed6b9fbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/prod2/widget-bubble.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7XKFF2XBE6D106Y1
x-amz-id-2: xpinU+0jdXftu9/FcYXb6wHvgAVLO/qaDSb4JFEdXHlq9Yk+gS8AcsY8NoxaU3liDk2kfyxP5pc=
last-modified: Fri, 18 Mar 2022 11:30:04 GMT
server: cloudflare
etag: W/"02c15ab758e6069b777bcfb973a71762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqjLM%2Bdx6TVu42eEoDH4bD4Te5Ao7ijddNmGMvgjdlJBKkE%2FlHz%2BF%2B6MdQYU6YC3E0Rv36FLty%2F5W0yPNVpAeE4FwWvj%2BrdzlzHEJoyKs4%2Bj4tIo9b0fV9Y7R3vpcF8hqqMvvDMtUDRra2A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6f7cd22118235959-AMS

GET
H3 200 widget-bubble.js Show response
cdn.2way.app/prod2/ Frame 6A7F 280 KB
31 KB 71ms
70ms Script
application/javascript 2606:4700:3037::ac43:dde0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.2way.app/prod2/widget-bubble.js
Requested by: Host: cdn.2way.app
URL: https://cdn.2way.app/prod2/widget-bubble.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:dde0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ccb2a67ad13224348f41623ca7a663b0dfd06d64f5b2a3bb60546679b0886ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/prod2/widget-bubble.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3774
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MPJ1CB004TXPPSCT
x-amz-id-2: q5oxDpz4IMFCn7g8LF92TT7lHVFyQGgprBy0/CyUTxFdzB+xole0Zkny8FrZbVtGTDf1jeaHaT8=
last-modified: Fri, 18 Mar 2022 11:30:04 GMT
server: cloudflare
etag: W/"4bf261537b94b3ba9c11a83df0b06da2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edJGbLZ86OmIRFvzxBwO9k%2B3TyzPHMBmqPOwR%2BGB%2Fb2b3F%2BhvOpDUBD%2BEOUsqIS7aL%2FBjr%2FBdpx5UqSq9PsArLtXl4B0iN9KVyAkFK7xLgtFQSvgxUdk7uenaHDtZE5Xl%2FjdN79xQfBLqZg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6f7cd22118255959-AMS
cf-bgj: minify

GET
H3 200 css
fonts.googleapis.com/ Frame 1B83 8 KB
709 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

299ea571b2d2696bc505f52435e0b2948e1fc7065a72d2b5a9f438ad18f2c278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 17:27:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6A7F 8 KB
709 B 33ms
33ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

299ea571b2d2696bc505f52435e0b2948e1fc7065a72d2b5a9f438ad18f2c278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.2way.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 17:15:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 19:09:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 19:09:58 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 855fd5ee32708dd03189b471727c0b9b66ac8bc92aee1b8046e6056844291b6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 d4003527413fab58651aa228c477942a.svg
cdn.2way.app/prod2/ 36 KB
27 KB 52ms
52ms Image
image/svg+xml 2606:4700:3037::ac43:dde0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.2way.app/prod2/d4003527413fab58651aa228c477942a.svg
Requested by: Host: virginmobile.pl
URL: https://virginmobile.pl/zawiadomienie-o-ataku-hackerskim
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:dde0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8744e2a28a9d140ea55c854cff8bb388f50e789245991b417c3622d41c18e0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6M6GYET49YPBFZHD
x-amz-id-2: lY3HDditQA7Nw9nw7kMzUNI259XgxTGuGQWmqi5KdrG/hxjYpfXXRQghaPeju1y1XlIX6GYmK7g=
last-modified: Fri, 18 Mar 2022 11:30:04 GMT
server: cloudflare
etag: W/"d4003527413fab58651aa228c477942a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BcFY2FgE94X8Z7HO436QcrpyCfZziszLAiOcG%2F0DA1DSWd3PR4XiW%2BiVgMxSpSEoMzs76YUzOiT1EmvQR0Sih0v06GPSh8UvWkVJf3PLrm%2BKkYvmZyrVRsL1OEBAMXa9GgC01CpPAoGmfE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 6f7cd2264c845959-AMS

GET
DATA 200
OK truncated
/ 225 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 009646982c6794a07f69e836da22f7cf07b45b25f5039fe109429f0598a31f17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dsp Show response
citydsp.com/ 885 B
797 B 123ms
44ms Script
text/javascript 62.138.6.193
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://citydsp.com/dsp?h=virginmobile.pl&r=0.5037529300195922
Requested by: Host: x.cnt.my
URL: https://x.cnt.my/async/parser/virginmobile.pl.js?r=4.01&dom=virginmobile.pl
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.138.6.193 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: astra4639.startdedicated.com
Software: nginx /
Resource Hash: c342f7ba0edb5ab8261f6187c53fd12a9f9c5d4bdc98cc3379cc865957ad21e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 19:09:58 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-store, no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK init Show response
retagro.com/ 0
294 B 39ms
10ms Script
text/javascript 85.25.203.29
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://retagro.com/init?r=0.6066501588012925
Requested by: Host: citydsp.com
URL: https://citydsp.com/dsp?h=virginmobile.pl&r=0.5037529300195922
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.25.203.29 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: static-ip-85-25-203-29.inaddr.ip-pool.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 19:09:58 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-store, no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
37 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-222454802-1

Requested by

Host: citydsp.com
URL: https://citydsp.com/dsp?h=virginmobile.pl&r=0.5037529300195922

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c06bea65db1333cb559fc9a7e01c35c2fa2658c753addb5f09c2fd5fa7c1a535

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:09:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38123
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Apr 2022 19:09:58 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 15ms
14ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2143576840&t=pageview&_s=1&dl=https%3A%2F%2Fvirginmobile.pl%2Fzawiadomienie-o-ataku-hackerskim&ul=en-us&de=UTF-8&dt=Zawiadomienie%20o%20ataku%20hackerskim&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAUABAAAAAG~&jid=1174059347&gjid=995766909&cid=1895425091.1649272195&tid=UA-222454802-1&_gid=193961545.1649272195&_r=1&gtm=2ou3u0&z=1383247509

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://virginmobile.pl/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 19:09:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://virginmobile.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-222454802-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://virginmobile.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3912
date: Wed, 06 Apr 2022 18:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 06 Apr 2022 20:04:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.trackly.pl
URL: https://app.trackly.pl/rmtag/24200/626078129

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 06:27:04	Name: _bit Value: m36j9G-d60f130357c054069b-00r
.virginmobile.pl/	1969-12-31 23:59:59	Name: TS01b64dd3 Value: 0111bfdb33179ba47fc84af0ba12204b5adfdc02c5cdc213b9345d48ae15d11b5d30449b88e693094c40cad2c3e61bf64d4a0e4d50
.virginmobile.pl/	1970-01-20 04:17:28	Name: _gcl_au Value: 1.1.942362603.1649272195
.virginmobile.pl/	1970-01-23 17:43:52	Name: amplitude_id_dc6d62a556c46b9403f16699c2ebe4d6virginmobile.pl Value: eyJkZXZpY2VJZCI6ImEyOThjZWYzLWY5YmItNDNjOC1iNWUyLWY0OTE5ZmZjM2FjN1IiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTY0OTI3MjE5NTI5MiwibGFzdEV2ZW50VGltZSI6MTY0OTI3MjE5NTI5MiwiZXZlbnRJZCI6MCwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjB9
.doubleclick.net/	1970-01-20 11:29:28	Name: IDE Value: AHWqTUl4x8VJ0d-DykTbjZB5OIUBW2L1XTTjd6h7hLKWWGu2Hn-YuiLIyV7ECFTmXQo
.virginmobile.pl/	1970-01-20 02:09:18	Name: _gid Value: GA1.2.193961545.1649272195
.virginmobile.pl/	1970-01-20 02:07:52	Name: _dc_gtm_UA-34088446-1 Value: 1
.virginmobile.pl/	1970-01-20 02:07:52	Name: _dc_gtm_UA-69463566-1 Value: 1
virginmobile.pl/	1969-12-31 23:59:59	Name: fontsize Value: normal
.virginmobile.pl/	1969-12-31 23:59:59	Name: ma_session Value: 91d00285-dddc-43f0-aa15-7ba3a73d8a99
.virginmobile.pl/	1969-12-31 23:59:59	Name: ma_int Value: 1649272195471
.cnt.my/	1970-01-20 10:53:28	Name: xcntID Value: y2e659ea951ab1d3cf
.virginmobile.pl/	1969-12-31 23:59:59	Name: JSESSIONID Value: E466EBFB9795A97033C48AEAB670FD8D
.virginmobile.pl/	1969-12-31 23:59:59	Name: TS0101ef3a Value: 0111bfdb33629146d9bfdef02637fa133e411fff1d445fb70c1697e67cca371f5b4b97c8d1b35263a51351fedc82f0887ea0f70dfa
.virginmobile.pl/	1970-01-20 19:39:04	Name: _ga_X0N44PTN2F Value: GS1.1.1649272195.1.0.1649272195.0
analytics.greensender.pl/	1970-01-20 10:53:28	Name: ma_person Value: c7e9a859-8713-4398-8b9b-1962dab68028
virginmobile.pl/	1969-12-31 23:59:59	Name: userData Value: %7B%22firstName%22%3Anull%2C%22lastName%22%3Anull%2C%22msisdns%22%3A%5B%5D%2C%22msisdnNames%22%3A%7B%7D%2C%22currentMsisdn%22%3Anull%2C%22authorized%22%3Afalse%2C%22uuid%22%3Anull%7D
.virginmobile.pl/	1970-01-20 04:17:28	Name: _fbp Value: fb.1.1649272195647.456758301
virginmobile.pl/	1970-01-20 10:53:28	Name: CC-ClientUUID Value: 214c2cda-6271-448a-9dd1-b605d57554b0
.facebook.com/	1970-01-20 04:17:28	Name: fr Value: 0mPriHWoL7Z4NekZo..BiTeWE...1.0.BiTeWE.
virginmobile.pl/	1969-12-31 23:59:59	Name: TS57f4c9e3027 Value: 08016493d0ab2000d9e3b91432df4facaf7843c64e8e374e32439bcd28cc320962947adfe1df9aa8088e8aced0113000088161ec66d55df3f0890687a37cb76cf5ed83dd31b36189404e49a1e1c2c9561aba9fbc5f01f3867fe7d924fc0d3e81
citydsp.com/	1970-01-20 06:27:04	Name: userId Value: 6840833109
.virginmobile.pl/	1970-01-20 19:39:04	Name: _ga Value: GA1.2.1895425091.1649272195
.virginmobile.pl/	1970-01-20 02:07:52	Name: _gat_gtag_UA_222454802_1 Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	Message: Failed to set referrer policy: The value 'same-origin, : origin' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
network	error	URL: https://adsearch.adkontekst.pl/deimos/tracking/?tid=34359742437&reid=AKCS4069&expire=5&nc=15296706955651117203358 Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network	error	URL: https://adsearch.adkontekst.pl/deimos/tracking/?tid=102706&reid=1351&expire=720&nc=1649272195130 Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network	error	URL: https://app.trackly.pl/rmtag/24200/626078129 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N331001.197812NSO.CODESRV/B10744537.143595521;sz=1x2;ord=341296936228? Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N331001.197812NSO.CODESRV/B10744537.143595521;sz=1x2;ord=341296936228? Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N331001.197812NSO.CODESRV/B10744537.143595521;sz=1x2;ord=341296936228?(Line 147) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N331001.197812NSO.CODESRV/B10744537.143595521;sz=1x2;ord=341296936228?(Line 147) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5755760.fls.doubleclick.net
8492364.fls.doubleclick.net
ad.doubleclick.net
adsearch.adkontekst.pl
adservice.google.com
adservice.google.de
analytics.greensender.pl
api-prod.2way.app
api.spoldzielnia.nsaudience.pl
app.trackly.pl
bit.ly
cdn.2way.app
citydsp.com
connect.facebook.net
conversionlabs.net.pl
crazy-website-widget.crazycall.com
fonts.googleapis.com
googleads4.g.doubleclick.net
leadgeneration.crazycall.com
pagead2.googlesyndication.com
pubads.g.doubleclick.net
px.wp.pl
retagro.com
s-eu-1.pushpushgo.com
stats.g.doubleclick.net
virginmobile.pl
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.cnt.my
app.trackly.pl
104.26.2.138
104.26.3.138
136.243.169.8
138.201.230.88
142.250.185.162
142.250.185.198
142.250.185.66
151.80.63.17
162.55.240.244
193.34.162.28
212.77.100.251
2606:4700:3037::ac43:dde0
2a00:1450:4001:808::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2004
2a00:1450:400c:c07::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
5.196.33.116
62.138.6.193
67.199.248.11
85.25.203.29
89.108.195.45
009646982c6794a07f69e836da22f7cf07b45b25f5039fe109429f0598a31f17
019db5a04633268591cdec5134fb5841c2a548d6c502ebb20de15a202a1b4a2a
0236648a6db43f9bb9f25fb2f881e5a52720082a11ef551c90468853a76a2cc6
05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0ccb2a67ad13224348f41623ca7a663b0dfd06d64f5b2a3bb60546679b0886ea
0f4b18ba4ee52c85f48ac7c47bfea5c6e29f96d9426fb9cebd3f158deb2839bf
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115c3e96d9b855af8c1bd9719ac37172d8d27696bd2fe52a65bf308fc22a65ff
1dc3a4d00e0496c9f01a6eec38b1cbcc3cb569d5888376d2f94721d951ef4fc3
22add89cff3ba673053bf7f957001a162c911cfc2a55945c0040794aed6b9fbc
26684b355d469464e60cb22ef4cf40841a62cd8acc6400203d35d89ca696ab0d
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
299ea571b2d2696bc505f52435e0b2948e1fc7065a72d2b5a9f438ad18f2c278
2b66d853b4b7ee2de8e3f0ae941dbd52db25cca0302f7de611157e123b082e8b
2bcddd4c6ac42b5657464d6999c9948857f2ef0cd86a5253d3c86b96e02578dc
2c83b2e857b8adecba7bf6fa4051ee8767cf421fa3494598dc7d6e8e1c885e60
30cfd09daef6ff209b8d6fde858e06ff779806dc1eb1ce8ef95fcaaaa1b8ca93
331e1313f22ed32b03b633acec8adeb3721ac1b29f06e134ee95d8a8d665c237
34ee4b9609d802a0d2583e418b0af4b9242259ff2a6cdd395bde0b934efc3244
4106b46db68193a3e201f2c943d68837d0f24614baf4422419ccfb74ee881db4
487e6d38c0dd9427f92eaa23ec2a9fc9a4a2b011f52697277dd32e3ddfc6d81e
4bbb558bcc73c6ec7de1a3bfee854935d2acb54b5055f49347a47fff164c2ce2
56e2a20b37a6f4bc56f2884d23a8806a1f556303035ced2cff79fd8ed696f8eb
5a28bd1399b4f7276ac8a771eb1ec2c056cfb224cd896cf26b5eba3c72d74d2b
5fbfb6df23e8d35816a49550a9a2792dfc28d1ff72275fa91866018ea9a982d1
6111faddd95881e9d5c8cc1da183735d6b3854c2430b88aa0c0524472fec23dc
62ce233a532d3b9dad8c54abb1fba0ddf248510495e021c852d6cd0541766d12
63e2680dd9d67fbd48797cbb0c3efd83f0f464d4004b413414e5bfa673a1c64b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf1b4df9ef2f20701a8f6cfc8976a30644da318a60e6e4834d2b9ef89331324
7759900ffc88aea80933d8a4adc066228ac7506f4be0fd188d5fa44a05e6388c
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
78f127277756ae464f4eb665ce214cb6315746f6f4193e95b31f18f4b3e97527
7be9e5f63b77a88b00d5be374fb63b5b560c1aa06cc9b0421f967095b50222d7
7c36a8dac66b8a41d29987eb4039bcc097e76ec88a158dde9e592ba6a121e619
7ed83727ad53be305cfac5a922d2aa2bc29fe77d7c1966bca6d6065bd2ee331d
81d804f3243fb5d5a4c4bd1f9a6bbc788942e331f71ffda877a1e36a922ddcc7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8489237065ebc2e9508622c211bbb263cddb1d97d9a7023f9d2a577f162446c1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855fd5ee32708dd03189b471727c0b9b66ac8bc92aee1b8046e6056844291b6b
8c32b5454ed1fad1e20493cba67da6e901c854fe80dec69a4f60e44677398bdf
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
98903b3debe5c36519053d828b36c80ef79d29861bca6569e52119dc32b0b5ee
9d2f31532632ac35367d31e6bf9741180267e04e6fe3fc200324b590392fa22a
9fc929f9d307cf53bea691c3794c5ee2874ff5e1d2c7d308d71120ae3aa8c788
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a59c05d1a0531610285fb30680c6ff8cb80b987cfd7f118a84e44ca4dd942f55
a80820010b6b9da3f8acdcbf9ad00d1bfefe04929cf45dc48ba456049205bf24
a811bb3d6f0a91055176e099c30d2cede564d479bac10f5b754623b1fcd824a4
a998bdca817412d71fd4380ff5092b79ab287df96da5515621fdf01578cab185
adae97b15722a6fca586e2683ba9ef8de41da85918e3924c687679854982ab70
adef15edbb0b3cc117516779323f2729272f91d4afe8a937b7d5ac88a36d8458
b0a0886f52ae89fe7fe414c4ef530df99e9ec4d67854d3fd20ec32f99681627f
b4d7600a220e192377074034fdc6e39f449a8352ab09787c81a1ba795c988be5
ba250d44d79be62c2d77819c673d368b6f78b5b91c477906e1b326215b6b6e57
baa4b8fba4ba98b948de278160534849246a9c75f31d591ad3d06a9cadfeeb6e
c06bea65db1333cb559fc9a7e01c35c2fa2658c753addb5f09c2fd5fa7c1a535
c24de5695a67f26e8e1a2770f7a62f82d1aae59a68c498412bf7986beeb7d84b
c2aa70b13ba994c833112ee413e15ba5d9937c7ebedcc7e11f4c79ce5831d340
c341004cdf16633f4eec632ed314b2637a30b407b77fa5b72a1fc4197ce716b0
c342f7ba0edb5ab8261f6187c53fd12a9f9c5d4bdc98cc3379cc865957ad21e3
c65f9e315a677508b089e79732031aa4e415a0b48756f50e342eb1742e5038af
c88661a5c3af9a889c931add5762187186ef3042243fea8ca9c7e3d290ee7c8b
c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4
cd47bbf68ebcca31e6b4d8fcbc02476bc905bb94a736dca4e56fb19bf4d7b7f2
cf956fa3f0c4d4531b9a7182dd3f6103fc9076e39c97ca7a91de92161212b07b
d15ab340756d5ff3d38c1d0cdca32bd54410a887c171f79ba62985c0f122e4a1
d4b5c528bc3d08a6b57603536be20bb18977c468793c92796c533ca68d5abc88
d8744e2a28a9d140ea55c854cff8bb388f50e789245991b417c3622d41c18e0e
da28b7038b216a97293557fc9047bea16bdde621b68324bd575deb23a088d808
df6d1ae44e01da863de79a8d42a4f55e50ae9e7f5aa2c23108b7c53bf1e2ff6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61c5944fed2a5a85ea78fbb3883b18ab510c52f2d23f039fb7b101d6226c3be
e72a01bda0bbc4ce10168537b02dbee4bab69708a08f550299a1d2c43e530b7e
edccb4a542aa15f3566c238d627516cdc540607b9a9a10b70a6b8613403109d1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a7ba1ecebeb3843ded304b050dfc3bf39aebd479b1d252a0a42b2742680d21
f5deb95b50bdb6dcf206a0c5fed32b51e3b45968062256ea2d003d873821f747
f9083029a49011e27bebc908dc2fb538c860a87aeb7a41bd5c1292744f0efec9
fc7fce8949fb54e0ccfef87481342398f5073fdcea792feb424ec5cd96bbdccf
fd5e0878b3800a493b3fe001ea8a5b79bb24a850e207727bec24f8a58ee9afb2
fec7a70f5a08594ccbc80e04330ec3d17e09118148cafaaf5755fdd7e062b538

virginmobile.pl Open in urlscan Pro 89.108.195.45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

131 Requests

98 %HTTPS

45 %IPv6

24 Domains

33 Subdomains

29 IPs

5 Countries

3005 kBTransfer

10032 kBSize

24 Cookies

7 Outgoing links

Page URL History

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

virginmobile.pl Open in urlscan Pro
89.108.195.45 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

98 %
HTTPS

45 %
IPv6

24
Domains

33
Subdomains

29
IPs

5
Countries

3005 kB
Transfer

10032 kB
Size

24
Cookies

131 HTTP transactions
4 data transactions