urlscan.io logo urlscan.io
SecurityTrails logo

bilety.helios.pl Open in urlscan Pro
80.252.5.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bilety.helios.pl/
Effective URL: https://bilety.helios.pl/
Submission: On February 28 via api from US — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 14 domains to perform 88 HTTP transactions. The main IP is 80.252.5.36, located in Warsaw, Poland and belongs to AGORA, PL. The main domain is bilety.helios.pl.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on April 11th 2023. Valid for: a year.
This is the only time bilety.helios.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 25 80.252.5.36 8535 (AGORA)
3 23.197.134.25 16625 (AKAMAI-AS)
3 64.233.166.92 15169 (GOOGLE)
2 64.233.167.84 15169 (GOOGLE)
2 157.240.30.27 32934 (FACEBOOK)
1 23.196.235.139 16625 (AKAMAI-AS)
6 142.250.186.72 15169 (GOOGLE)
13 80.252.5.30 8535 (AGORA)
3 3 172.217.18.2 15169 (GOOGLE)
3 3 142.250.185.162 15169 (GOOGLE)
3 3 142.250.186.100 15169 (GOOGLE)
3 216.58.212.131 15169 (GOOGLE)
14 104.18.131.236 13335 (CLOUDFLAR...)
4 172.217.16.206 15169 (GOOGLE)
4 172.217.18.3 15169 (GOOGLE)
1 216.239.32.36 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
6 142.250.186.110 15169 (GOOGLE)
1 172.64.155.119 13335 (CLOUDFLAR...)
88 16
25    80.252.5.36 (Warsaw, Poland)

ASN8535 (AGORA, PL)
PTR: host-80-252-5-36.gazeta.pl
bilety.helios.pl
restapi.helios.pl
3    23.197.134.25 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-134-25.deploy.static.akamaitechnologies.com
secure.payu.com
3    64.233.166.92 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f92.1e100.net
pay.google.com
2    64.233.167.84 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f84.1e100.net
accounts.google.com
2    157.240.30.27 (Prague, Czech Republic)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-prg1.fbcdn.net
connect.facebook.net
1    23.196.235.139 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-235-139.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
6    142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net
www.googletagmanager.com
13    80.252.5.30 (Warsaw, Poland)

ASN8535 (AGORA, PL)
PTR: host-80-252-5-30.gazeta.pl
movies.helios.pl
3    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
www.googleadservices.com
3    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads.g.doubleclick.net
3    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
3    216.58.212.131 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f3.1e100.net
www.google.pl
14    104.18.131.236 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
4    172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f14.1e100.net
www.google-analytics.com
4    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net
www.gstatic.com
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pagead2.googlesyndication.com
6    142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net
play.google.com
1    172.64.155.119 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
Apex Domain
Subdomains		 Transfer
38 helios.pl
bilety.helios.pl
restapi.helios.pl
movies.helios.pl
3 MB
14 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 330
1 MB
14 google.com
pay.google.com — Cisco Umbrella Rank: 2911
accounts.google.com — Cisco Umbrella Rank: 24
www.google.com — Cisco Umbrella Rank: 2
play.google.com — Cisco Umbrella Rank: 37
506 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
426 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
region1.google-analytics.com — Cisco Umbrella Rank: 2124
22 KB
4 gstatic.com
www.gstatic.com
102 KB
3 google.pl
www.google.pl — Cisco Umbrella Rank: 16754
671 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
1 KB
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 136
1 KB
3 payu.com
secure.payu.com — Cisco Umbrella Rank: 246377
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176
90 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 554
307 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 106
455 B
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 3644
19 KB
88 14
Domain Requested by
18 bilety.helios.pl 1 redirects bilety.helios.pl
14 cdn.cookielaw.org www.googletagmanager.com
bilety.helios.pl
cdn.cookielaw.org
13 movies.helios.pl bilety.helios.pl
7 restapi.helios.pl bilety.helios.pl
6 play.google.com www.gstatic.com
6 www.googletagmanager.com bilety.helios.pl
www.googletagmanager.com
4 www.gstatic.com pay.google.com
www.gstatic.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
bilety.helios.pl
3 www.google.pl www.googletagmanager.com
3 www.google.com 3 redirects
3 googleads.g.doubleclick.net 3 redirects
3 www.googleadservices.com 3 redirects
3 pay.google.com bilety.helios.pl
pay.google.com
www.gstatic.com
3 secure.payu.com bilety.helios.pl
secure.payu.com
2 connect.facebook.net bilety.helios.pl
connect.facebook.net
2 accounts.google.com bilety.helios.pl
accounts.google.com
1 geolocation.onetrust.com bilety.helios.pl
1 pagead2.googlesyndication.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 appleid.cdn-apple.com bilety.helios.pl
88 20

This site contains links to these domains. Also see Links.

Domain
www.helios.pl
www.onetrust.com
Subject Issuer Validity Valid
*.helios.pl
GeoTrust TLS RSA CA G1		 2023-04-11 -
2024-04-10		 a year crt.sh
secure.payu.com
Entrust Certification Authority - L1M		 2023-09-28 -
2024-10-28		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-07 -
2024-03-06		 3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2024-01-09 -
2024-07-07		 6 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh

This page contains 4 frames:

Primary Page: https://bilety.helios.pl/
Frame ID: C2E6EC1BAA8F1711EC16A65D9279E7EB
Requests: 71 HTTP requests in this frame

Frame: https://secure.payu.com/res/v2/tunnel.html
Frame ID: EB7BC005D165E963CDA4F1D40838E9A0
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-MK3PV37
Frame ID: BEA3AC6AC7EB81413A8485F9AD9BA578
Requests: 4 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fbilety.helios.pl&mid=
Frame ID: 5B3116B118E31672CEE85F471A20F98A
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HeliosBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://bilety.helios.pl/ HTTP 301
    https://bilety.helios.pl/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

88
Requests

97 %
HTTPS

0 %
IPv6

14
Domains

20
Subdomains

16
IPs

5
Countries

5876 kB
Transfer

11628 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bilety.helios.pl/ HTTP 301
    https://bilety.helios.pl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://www.googleadservices.com/pagead/conversion/998461821/?label=jKT1CKb__V8Q_aKN3AM&url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data= HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998461821/?label=jKT1CKb__V8Q_aKN3AM&url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=156922577&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMIp5LJ4f3NhAMV-g2iAx1pnQCRMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg HTTP 302
  • https://www.google.com/pagead/1p-user-list/998461821/?label=jKT1CKb__V8Q_aKN3AM&url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=156922577&crd=COy7sQII4b2xAg&is_vtc=1&cid=CAQSGwB7FLtqUeEPJfMEesZgQLwLYlnWu48DgvT3Vw&random=1382838590 HTTP 302
  • https://www.google.pl/pagead/1p-user-list/998461821/?label=jKT1CKb__V8Q_aKN3AM&url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=156922577&crd=COy7sQII4b2xAg&is_vtc=1&cid=CAQSGwB7FLtqUeEPJfMEesZgQLwLYlnWu48DgvT3Vw&random=1382838590&ipr=y
Request Chain 44
  • https://www.googleadservices.com/pagead/conversion/985246291/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data= HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/985246291/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2108823397&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMI-5DJ4f3NhAMVzAiiAx32vg57MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg HTTP 302
  • https://www.google.com/pagead/1p-conversion/985246291/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2108823397&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMI-5DJ4f3NhAMVzAiiAx32vg57MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&cid=CAQSGwB7FLtqG_bEF6eYPiGs36_lv2S3XLGpUkDJHg&random=1571422703 HTTP 302
  • https://www.google.pl/pagead/1p-conversion/985246291/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2108823397&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMI-5DJ4f3NhAMVzAiiAx32vg57MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&cid=CAQSGwB7FLtqG_bEF6eYPiGs36_lv2S3XLGpUkDJHg&random=1571422703&ipr=y&ezwbk=AZuM4hC-iPqraQWA-IhkefLpE406MaqvlG4BafBcYXro5IwnwKxvGZcxkJlvCUoETiNy-y1FavUV8R5r7Jqe0fdbr9tt
Request Chain 45
  • https://www.googleadservices.com/pagead/conversion/944702304/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data= HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944702304/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=791039583&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMI3YrJ4f3NhAMVIwqiAx2lxgsDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg HTTP 302
  • https://www.google.com/pagead/1p-conversion/944702304/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=791039583&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMI3YrJ4f3NhAMVIwqiAx2lxgsDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&cid=CAQSGwB7FLtqGdyHNSXg3cPltyXAiRnXOAri4xihkA&random=3598917853 HTTP 302
  • https://www.google.pl/pagead/1p-conversion/944702304/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=791039583&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMI3YrJ4f3NhAMVIwqiAx2lxgsDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&cid=CAQSGwB7FLtqGdyHNSXg3cPltyXAiRnXOAri4xihkA&random=3598917853&ipr=y&ezwbk=AZuM4hAIROK4EzH6cY3EToN0r9bxev0Gr0bCN_4b7g7K038r3Ot4_NihqJrsNNvCyanoluGidddwRBLl4NT7XKb9o_Aw

88 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bilety.helios.pl/
Redirect Chain
  • http://bilety.helios.pl/
  • https://bilety.helios.pl/
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse /
Resource Hash
425eab1f5ad56189e451377e38856e5009955e33f4e7299c18563c86622cb7c1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 28 Feb 2024 11:58:34 GMT
ETag
W/"034aa6d244ada1:0"
Last-Modified
Thu, 18 Jan 2024 15:38:48 GMT
Server
nginx/1.21.1.1 WhiteHorse
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
182
Content-Type
text/html
Date
Wed, 28 Feb 2024 11:58:34 GMT
Location
https://bilety.helios.pl/
Server
nginx/1.21.1.1 WhiteHorse
openpayu-2.1.js
secure.payu.com/res/v2/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.payu.com/res/v2/openpayu-2.1.js
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.134.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-134-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc72d70321a2084d113d3c44bf5857a2fc7d8d91ca77a1f7141f4245370db1e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Feb 2024 11:58:24 GMT
last-modified
Fri, 23 Feb 2024 19:00:32 GMT
server
Apache
etag
"1347-612112c9dca34"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=256
accept-ranges
bytes
content-length
4935
expires
Wed, 28 Feb 2024 12:02:40 GMT
plugin-token-2.1.js
secure.payu.com/res/v2/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.payu.com/res/v2/plugin-token-2.1.js
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.134.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-134-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
39fe2364382216642e423b3ddaf04ba4cedb9e9e5cf6f128cd443b80864c1b7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Feb 2024 11:58:24 GMT
last-modified
Fri, 23 Feb 2024 19:00:32 GMT
server
Apache
etag
"57e-612112c9dce1c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=73
accept-ranges
bytes
content-length
1406
expires
Wed, 28 Feb 2024 11:59:37 GMT
pay.js
pay.google.com/gp/p/js/ 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f92.1e100.net
Software
ESF /
Resource Hash
2d5fc8e00769aa30c75be1f3263ab5d0058ff6f126a4e48544c665696c4edd6f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-6-fvimqMnaG1f4vGO5aIqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 11:58:24 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-6-fvimqMnaG1f4vGO5aIqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjKtDikmJw0pBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEO_w8WAR85nOyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_FwPNj_Zx2bwI7VPZeYAQh2Md0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 28 Feb 2024 11:58:24 GMT
runtime.76532088a73613b9.js
bilety.helios.pl/ 		1 KB
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bilety.helios.pl/runtime.76532088a73613b9.js
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse /
Resource Hash
8c39f793040e05a1fc4b324fce49da6525f9e2c7fe0cc2d47a00cdfebfe38d14

Request headers

Referer
https://bilety.helios.pl/
Origin
https://bilety.helios.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:58:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 15:38:47 GMT
Server
nginx/1.21.1.1 WhiteHorse
ETag
W/"809d116d244ada1:0"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
polyfills.11807c86796f8336.js
bilety.helios.pl/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bilety.helios.pl/polyfills.11807c86796f8336.js
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse /
Resource Hash
81d17550334b6144011c86e2f279343bf8b3f736c3aaea645144c784a656aa75

Request headers

Referer
https://bilety.helios.pl/
Origin
https://bilety.helios.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:58:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 15:38:47 GMT
Server
nginx/1.21.1.1 WhiteHorse
ETag
W/"809d116d244ada1:0"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
scripts.33717e0bba7a5f24.js
bilety.helios.pl/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bilety.helios.pl/scripts.33717e0bba7a5f24.js
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse /
Resource Hash
9397175f9329a1d5940a4d121719a1bed983b930df92be3252bd3e28c24e4da6

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:58:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 15:38:47 GMT
Server
nginx/1.21.1.1 WhiteHorse
ETag
W/"809d116d244ada1:0"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
vendor.bad6810f2d5664f6.js
bilety.helios.pl/ 		1 MB
479 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bilety.helios.pl/vendor.bad6810f2d5664f6.js
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse /
Resource Hash
4594b88f26e4f176a861d6dc526e0a3f65521f46f6dc8367df6947ce16d345ff

Request headers

Referer
https://bilety.helios.pl/
Origin
https://bilety.helios.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:58:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 15:38:47 GMT
Server
nginx/1.21.1.1 WhiteHorse
ETag
W/"809d116d244ada1:0"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
main.87bb17f30a4c8b39.js
bilety.helios.pl/ 		817 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bilety.helios.pl/main.87bb17f30a4c8b39.js
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse /
Resource Hash
3f73b1f84f2d95ea50508c71d63dc2f15acbc074ffeb5e6a1ef480f4600cb36d

Request headers

Referer
https://bilety.helios.pl/
Origin
https://bilety.helios.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:58:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 15:38:47 GMT
Server
nginx/1.21.1.1 WhiteHorse
ETag
W/"809d116d244ada1:0"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
styles.478d9634c6d00e19.css
bilety.helios.pl/ 		701 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bilety.helios.pl/styles.478d9634c6d00e19.css
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse /
Resource Hash
ce25993e8ec3ae1984398d7305529ff13d829efb9ab973c36db99246580b02ff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:58:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 15:38:47 GMT
Server
nginx/1.21.1.1 WhiteHorse
ETag
W/"809d116d244ada1:0"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
config.json
bilety.helios.pl/assets/ 		5 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bilety.helios.pl/assets/config.json
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse /
Resource Hash
23c3bfbf0f24b8bcd09d6973ed70a09dbb4a1bb88eb116244c4a9c2865cc1284

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:58:35 GMT
Last-Modified
Tue, 26 Sep 2023 12:32:17 GMT
Server
nginx/1.21.1.1 WhiteHorse
ETag
"26e0a67c75f0d91:0"
Content-Type
application/json
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5171
tunnel.html
secure.payu.com/res/v2/ Frame EB7B 		1 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.payu.com/res/v2/tunnel.html
Requested by
Host: secure.payu.com
URL: https://secure.payu.com/res/v2/openpayu-2.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.134.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-134-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b0abe465dbd23695d9a6087a5547f563c3819ecbfc70796054671fb8a94865d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://bilety.helios.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=388
content-encoding
gzip
content-length
590
content-type
text/html
date
Wed, 28 Feb 2024 11:58:24 GMT
etag
"24e-612112c9dce1c"
expires
Wed, 28 Feb 2024 12:04:52 GMT
last-modified
Fri, 23 Feb 2024 19:00:32 GMT
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
client
accounts.google.com/gsi/ 		209 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/main.87bb17f30a4c8b39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f84.1e100.net
Software
ESF /
Resource Hash
bcf1c5243d327b29cb913d532074f097562639f77abe05a645aeb258c05d9941
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-uM79K27PfACJI8GYXsuJ8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 11:58:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-uM79K27PfACJI8GYXsuJ8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 28 Feb 2024 11:58:25 GMT
sdk.js
connect.facebook.net/pl_PL/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pl_PL/sdk.js
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/main.87bb17f30a4c8b39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.30.27 Prague, Czech Republic, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-prg1.fbcdn.net
Software
/
Resource Hash
778a61731e30e990d22ebf39e45f1ada99b9679accf584d85d55015b036f71a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Feb 2024 11:58:24 GMT
content-md5
k6mp+sXbV1lZw4ID/vQOgQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1683
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug
vorSkrV/6Yg0LBhhzPoB5q5ORs+Fn4mmkije18EzkqA3Eqsz8EtSWsZ6s/ulypLAMFH+TgqMGYZQFmrOXnb55Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
aa6b1ca1a20bd3e794e44dec26f787d9
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"cfa24098081a23410f34d995c47fc21b"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 28 Feb 2024 12:06:24 GMT
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/pl_PL/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/pl_PL/appleid.auth.js
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/main.87bb17f30a4c8b39.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.235.139 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-235-139.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
939d7ade851aabd11bbc52faaeb5601ecd27a33c0ffb09b1d2a447e2a2bf165e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Wed, 28 Feb 2024 11:58:24 GMT
Last-Modified
Fri, 09 Feb 2024 20:11:10 GMT
Server
Apple
ETag
W/"47035-1707509470291"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19032
pl.json
bilety.helios.pl/assets/i18n/ 		17 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bilety.helios.pl/assets/i18n/pl.json?t=474755
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse /
Resource Hash
14ab6c5ad7a2d82167bd219555a9bcfe8775d6456b5bf07fe490ab5f7fce774e

Request headers

Accept
application/json, text/plain, */*
Referer
https://bilety.helios.pl/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:58:35 GMT
Last-Modified
Thu, 18 Jan 2024 15:38:47 GMT
Server
nginx/1.21.1.1 WhiteHorse
ETag
"809d116d244ada1:0"
Content-Type
application/json
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17249
cinema
restapi.helios.pl/api/ 		58 KB
58 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://restapi.helios.pl/api/cinema
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse / PHP/8.1.21
Resource Hash
ddf0f17578b03aa88fd0b5362bedfdee469621f03cf2411f5b4db763568c6bd1

Request headers

Accept
application/json, text/plain, */*
Referer
https://bilety.helios.pl/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Feb 2024 11:58:35 GMT
Server
nginx/1.21.1.1 WhiteHorse
X-Powered-By
PHP/8.1.21
Allow
GET
Content-Type
application/json
Access-Control-Allow-Origin
https://bilety.helios.pl
Access-Control-Expose-Headers
link
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Length
58976
Expires
-1
language
restapi.helios.pl/api/ 		2 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://restapi.helios.pl/api/language
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse / PHP/8.1.21
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
application/json, text/plain, */*
Referer
https://bilety.helios.pl/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Feb 2024 11:58:35 GMT
Server
nginx/1.21.1.1 WhiteHorse
X-Powered-By
PHP/8.1.21
Allow
GET
Content-Type
application/json
Access-Control-Allow-Origin
https://bilety.helios.pl
Access-Control-Expose-Headers
link
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Length
2
Expires
-1
ns.html
www.googletagmanager.com/ Frame BEA3 		894 B
595 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-MK3PV37
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/vendor.bad6810f2d5664f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e79b4762dfaa32d26be75c427ca8b5ed7de480478fb9727d7bc59e3f0b797b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bilety.helios.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
275
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 28 Feb 2024 11:58:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
gtm.js
www.googletagmanager.com/ 		318 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MK3PV37
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b7ef5eccea12a66170e2374603b40148555eaa6ca063c476bf9dbbdea2808f9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 11:58:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106145
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Feb 2024 11:58:25 GMT
DMSans-Regular.ttf
bilety.helios.pl/assets/fonts/DMSans/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bilety.helios.pl/assets/fonts/DMSans/DMSans-Regular.ttf
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse /
Resource Hash
9ae2da663d64342031e59b5fa680dd355171d021b7ebf83774efc7c0330ae7b5

Request headers

Referer
https://bilety.helios.pl/
Origin
https://bilety.helios.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:58:35 GMT
Last-Modified
Thu, 18 Jan 2024 15:38:47 GMT
Server
nginx/1.21.1.1 WhiteHorse
ETag
"809d116d244ada1:0"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
72000
logo.helios.png
bilety.helios.pl/assets/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bilety.helios.pl/assets/images/logo.helios.png
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse /
Resource Hash
e10ddcd43b99862241cb4fbe647ada24c13d7939d7f9a35fdb5c0c0137135150

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:58:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 15:38:47 GMT
Server
nginx/1.21.1.1 WhiteHorse
ETag
W/"809d116d244ada1:0"
Transfer-Encoding
chunked
Content-Type
image/png
Connection
keep-alive
loader.gif
bilety.helios.pl/assets/images/ 		497 KB
497 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bilety.helios.pl/assets/images/loader.gif
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/styles.478d9634c6d00e19.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse /
Resource Hash
0b865aaf44b3af1c9f722c2198e5be075d52a0c56b62c626049fccef6f1dbca5

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/styles.478d9634c6d00e19.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:58:35 GMT
Last-Modified
Thu, 18 Jan 2024 15:38:47 GMT
Server
nginx/1.21.1.1 WhiteHorse
ETag
"809d116d244ada1:0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
509054
d01e6010-d098-4899-951b-a7b7208df75a
restapi.helios.pl/api/cinema/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://restapi.helios.pl/api/cinema/d01e6010-d098-4899-951b-a7b7208df75a
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse / PHP/8.1.21
Resource Hash
3607c4b57b109a4ed7d947ddd3b6831f6c3d801623015a52577e780dc5d12aa1

Request headers

Accept
application/json, text/plain, */*
Referer
https://bilety.helios.pl/
Accept-Language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Feb 2024 11:58:35 GMT
Server
nginx/1.21.1.1 WhiteHorse
X-Powered-By
PHP/8.1.21
Allow
GET
Content-Type
application/json
Access-Control-Allow-Origin
https://bilety.helios.pl
Access-Control-Expose-Headers
link
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Length
1100
Expires
-1
screening
restapi.helios.pl/api/cinema/d01e6010-d098-4899-951b-a7b7208df75a/ 		22 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://restapi.helios.pl/api/cinema/d01e6010-d098-4899-951b-a7b7208df75a/screening?dateTimeFrom=2024-02-28T00:00:00.000&dateTimeTo=2024-02-28T23:59:59.999
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse / PHP/8.1.21
Resource Hash
f35e44df88b7a4bbe54c06a30ac1bd3f0f62c84e34704a679df04b0a0fdee50b

Request headers

Accept
application/json, text/plain, */*
Referer
https://bilety.helios.pl/
Accept-Language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Feb 2024 11:58:35 GMT
Server
nginx/1.21.1.1 WhiteHorse
X-Powered-By
PHP/8.1.21
Allow
GET
Content-Type
application/json
Access-Control-Allow-Origin
https://bilety.helios.pl
Access-Control-Expose-Headers
link
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Length
22961
Expires
-1
movieprint
restapi.helios.pl/api/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://restapi.helios.pl/api/movieprint?cinemaId=d01e6010-d098-4899-951b-a7b7208df75a&dateTimeFrom=2024-02-28T00:00:00.000&dateTimeTo=2024-02-28T23:59:59.999
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse / PHP/8.1.21
Resource Hash
40b30b66230849e4bbaf7a6004fa7574cb0fa0f38e185ca1cf4ca65a7fd7076c

Request headers

Accept
application/json, text/plain, */*
Referer
https://bilety.helios.pl/
Accept-Language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Feb 2024 11:58:35 GMT
Server
nginx/1.21.1.1 WhiteHorse
X-Powered-By
PHP/8.1.21
Allow
GET
Content-Type
application/json
Access-Control-Allow-Origin
https://bilety.helios.pl
Access-Control-Expose-Headers
link
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Length
4869
Expires
-1
movie
restapi.helios.pl/api/ 		28 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://restapi.helios.pl/api/movie?dateTimeFrom=2024-02-28T00:00:00.000&dateTimeTo=2024-02-28T23:59:59.999&cinemaId=d01e6010-d098-4899-951b-a7b7208df75a
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse / PHP/8.1.21
Resource Hash
0c43f4e3489b82f8326588d7d23f070b691306f0c04589e02df7ce9f23a02431

Request headers

Accept
application/json, text/plain, */*
Referer
https://bilety.helios.pl/
Accept-Language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Feb 2024 11:58:35 GMT
Server
nginx/1.21.1.1 WhiteHorse
X-Powered-By
PHP/8.1.21
Allow
GET
Content-Type
application/json
Access-Control-Allow-Origin
https://bilety.helios.pl
Access-Control-Expose-Headers
link
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Length
28533
Expires
-1
event
restapi.helios.pl/api/cinema/d01e6010-d098-4899-951b-a7b7208df75a/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://restapi.helios.pl/api/cinema/d01e6010-d098-4899-951b-a7b7208df75a/event?dateTimeFrom=2024-02-28T00:00:00.000&dateTimeTo=2024-02-28T23:59:59.999
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse / PHP/8.1.21
Resource Hash
ef9fc90b0310d5e2392798d4edb09d347d73eaa9e9a39c9dfffbf0db4a467cdc

Request headers

Accept
application/json, text/plain, */*
Referer
https://bilety.helios.pl/
Accept-Language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Feb 2024 11:58:35 GMT
Server
nginx/1.21.1.1 WhiteHorse
X-Powered-By
PHP/8.1.21
Allow
GET
Content-Type
application/json
Access-Control-Allow-Origin
https://bilety.helios.pl
Access-Control-Expose-Headers
link
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Length
4881
Expires
-1
bobmarleyplakatnowy.jpg
movies.helios.pl/images/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://movies.helios.pl/images/bobmarleyplakatnowy.jpg
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-30.gazeta.pl
Software
Microsoft-IIS/10.0 /
Resource Hash
2275e5c10cee9e9b1f3fa48b96abc2dfdbfe3cc74220ac89dc90e0da1154469f

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:59:02 GMT
Last-Modified
Thu, 08 Feb 2024 14:35:39 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"efae6e169c5ada1:0"
Content-Length
43606
Content-Type
image/jpeg
zegnajcielaleczkiplakatPL.jpg
movies.helios.pl/images/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://movies.helios.pl/images/zegnajcielaleczkiplakatPL.jpg
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-30.gazeta.pl
Software
Microsoft-IIS/10.0 /
Resource Hash
9be268792e669d06817424daf53722b2f915f68cffb61727886fa4829600a4b0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:59:02 GMT
Last-Modified
Tue, 06 Feb 2024 15:54:49 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"3dc653d01459da1:0"
Content-Length
45675
Content-Type
image/jpeg
madamewebnowyplakat.jpg
movies.helios.pl/images/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://movies.helios.pl/images/madamewebnowyplakat.jpg
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-30.gazeta.pl
Software
Microsoft-IIS/10.0 /
Resource Hash
728c72284c16aa2f6ec01ba3a7ddb84ace6268b9711c9fb806217a600802b12d

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:59:02 GMT
Last-Modified
Fri, 22 Dec 2023 11:13:22 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"93c4be0c734da1:0"
Content-Length
59765
Content-Type
image/jpeg
emmaiczarnyplakat.jpg
movies.helios.pl/images/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://movies.helios.pl/images/emmaiczarnyplakat.jpg
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-30.gazeta.pl
Software
Microsoft-IIS/10.0 /
Resource Hash
cf02a62adf76fc1280e6910311af63016f037d611526238e618da529cac516a9

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:59:02 GMT
Last-Modified
Fri, 12 Jan 2024 10:20:25 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"90fd50f54045da1:0"
Content-Length
54090
Content-Type
image/jpeg
diuna.jpg
movies.helios.pl/plakaty/diuna/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://movies.helios.pl/plakaty/diuna/diuna.jpg
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-30.gazeta.pl
Software
Microsoft-IIS/10.0 /
Resource Hash
437870cd45f2d5a0aa31ae64de4045eda6c6b50185daa4cf5a99acc31fa8206c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:59:02 GMT
Last-Modified
Fri, 24 Sep 2021 12:18:45 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"75eba523eb1d71:0"
Content-Length
36799
Content-Type
image/jpeg
piesikotplakat.jpg
movies.helios.pl/images/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://movies.helios.pl/images/piesikotplakat.jpg
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-30.gazeta.pl
Software
Microsoft-IIS/10.0 /
Resource Hash
8321ed791067d560a7ebd7c6c850c064324fd8d73c861f1f52690127ac3eb06d

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:59:02 GMT
Last-Modified
Fri, 12 Jan 2024 11:04:51 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"153c792a4745da1:0"
Content-Length
52248
Content-Type
image/jpeg
akademiapanakleksaplakat.jpg
movies.helios.pl/images/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://movies.helios.pl/images/akademiapanakleksaplakat.jpg
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-30.gazeta.pl
Software
Microsoft-IIS/10.0 /
Resource Hash
df7d7a0f6abda9f3fea9669f63f71d167569fb9fd674c70eaede3f6e422c710a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:59:03 GMT
Last-Modified
Fri, 27 Oct 2023 10:23:43 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"62d438a9bf8da1:0"
Content-Length
53310
Content-Type
image/jpeg
Anatomiaupadku.jpg
movies.helios.pl/images/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://movies.helios.pl/images/Anatomiaupadku.jpg
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-30.gazeta.pl
Software
Microsoft-IIS/10.0 /
Resource Hash
305d734aee8d579e51c9357253672a77f73f1af582d9deed5845ae735ed0b8a6

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:59:03 GMT
Last-Modified
Thu, 01 Feb 2024 21:17:03 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"3d178205455da1:0"
Content-Length
31694
Content-Type
image/jpeg
zagadkaklarymuuplakat.jpg
movies.helios.pl/images/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://movies.helios.pl/images/zagadkaklarymuuplakat.jpg
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-30.gazeta.pl
Software
Microsoft-IIS/10.0 /
Resource Hash
e0648e59e7d3cf209f24f5bdfebe8c2aa515226def9c59d6786d93e48b18b4d0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:59:03 GMT
Last-Modified
Fri, 26 Jan 2024 13:23:18 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"69c940d35a50da1:0"
Content-Length
55985
Content-Type
image/jpeg
samiswoipoczplakat.jpg
movies.helios.pl/images/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://movies.helios.pl/images/samiswoipoczplakat.jpg
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-30.gazeta.pl
Software
Microsoft-IIS/10.0 /
Resource Hash
70ee9f4f344292500b34c057b33fe634ec82e44fca0c6b1fa91b3e5be228c25a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:59:03 GMT
Last-Modified
Thu, 04 Jan 2024 15:37:21 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"2ded2fe8233fda1:0"
Content-Length
56950
Content-Type
image/jpeg
kogelmogel5nowyplakat.jpg
movies.helios.pl/images/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://movies.helios.pl/images/kogelmogel5nowyplakat.jpg
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-30.gazeta.pl
Software
Microsoft-IIS/10.0 /
Resource Hash
23e3f1da59de4afe321786d5cc58960c9dce586ba0240811065d29e151595e63

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:59:03 GMT
Last-Modified
Fri, 22 Dec 2023 11:13:40 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"6154d7eac734da1:0"
Content-Length
48304
Content-Type
image/jpeg
demonslayer.jpg
movies.helios.pl/images/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://movies.helios.pl/images/demonslayer.jpg
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-30.gazeta.pl
Software
Microsoft-IIS/10.0 /
Resource Hash
5fa3c30eee3b6848780895eef0273ffc545055f8e8b79773239191361b179771

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:59:03 GMT
Last-Modified
Tue, 06 Feb 2024 10:39:13 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"8dd1deb9e858da1:0"
Content-Length
71849
Content-Type
image/jpeg
helios_HNS_202402_Paczes_i_Lotek_400x578px_v02.jpg
movies.helios.pl/images/ 		778 KB
778 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://movies.helios.pl/images/helios_HNS_202402_Paczes_i_Lotek_400x578px_v02.jpg
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.252.5.30 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-30.gazeta.pl
Software
Microsoft-IIS/10.0 /
Resource Hash
b1d58efcaaa629009d7a884c44783c513cf09e790c0b1dd30858688d1666e7a0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:59:03 GMT
Last-Modified
Wed, 07 Feb 2024 15:55:04 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"84a2b73de59da1:0"
Content-Length
796740
Content-Type
image/jpeg
fa-solid-900.620019ed9d1100b6.woff2
bilety.helios.pl/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bilety.helios.pl/fa-solid-900.620019ed9d1100b6.woff2
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/styles.478d9634c6d00e19.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer
https://bilety.helios.pl/styles.478d9634c6d00e19.css
Origin
https://bilety.helios.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:58:35 GMT
Last-Modified
Thu, 18 Jan 2024 15:38:47 GMT
Server
nginx/1.21.1.1 WhiteHorse
ETag
"809d116d244ada1:0"
Content-Type
application/font-woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
78268
RobotoCondensed-Regular.ttf
bilety.helios.pl/assets/fonts/RobotoCondensed/ 		163 KB
163 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bilety.helios.pl/assets/fonts/RobotoCondensed/RobotoCondensed-Regular.ttf
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/styles.478d9634c6d00e19.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse /
Resource Hash
04d2424978ab93cd524970aff21200ec88358176992af718ecd9fe96be5ae4b8

Request headers

Referer
https://bilety.helios.pl/styles.478d9634c6d00e19.css
Origin
https://bilety.helios.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:58:35 GMT
Last-Modified
Thu, 18 Jan 2024 15:38:47 GMT
Server
nginx/1.21.1.1 WhiteHorse
ETag
"809d116d244ada1:0"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
166836
RobotoCondensed-Bold.ttf
bilety.helios.pl/assets/fonts/RobotoCondensed/ 		162 KB
163 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bilety.helios.pl/assets/fonts/RobotoCondensed/RobotoCondensed-Bold.ttf
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/styles.478d9634c6d00e19.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse /
Resource Hash
14948aedbcaf906a9cacab38de5fff889bde887ecbd710b8a1ada3ae84c65477

Request headers

Referer
https://bilety.helios.pl/styles.478d9634c6d00e19.css
Origin
https://bilety.helios.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:58:35 GMT
Last-Modified
Thu, 18 Jan 2024 15:38:47 GMT
Server
nginx/1.21.1.1 WhiteHorse
ETag
"809d116d244ada1:0"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
166340
/
www.google.pl/pagead/1p-user-list/998461821/ Frame BEA3
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/998461821/?label=jKT1CKb__V8Q_aKN3AM&url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998461821/?label=jKT1CKb__V8Q_aKN3AM&url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=156...
  • https://www.google.com/pagead/1p-user-list/998461821/?label=jKT1CKb__V8Q_aKN3AM&url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=156922577&crd=COy7sQII4b2...
  • https://www.google.pl/pagead/1p-user-list/998461821/?label=jKT1CKb__V8Q_aKN3AM&url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=156922577&crd=COy7sQII4b2x...
42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.pl/pagead/1p-user-list/998461821/?label=jKT1CKb__V8Q_aKN3AM&url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=156922577&crd=COy7sQII4b2xAg&is_vtc=1&cid=CAQSGwB7FLtqUeEPJfMEesZgQLwLYlnWu48DgvT3Vw&random=1382838590&ipr=y
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-MK3PV37
Protocol
H2
Server
216.58.212.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.googletagmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 11:58:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Feb 2024 11:58:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.pl/pagead/1p-user-list/998461821/?label=jKT1CKb__V8Q_aKN3AM&url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=156922577&crd=COy7sQII4b2xAg&is_vtc=1&cid=CAQSGwB7FLtqUeEPJfMEesZgQLwLYlnWu48DgvT3Vw&random=1382838590&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.pl/pagead/1p-conversion/985246291/ Frame BEA3
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/985246291/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/985246291/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2108823397&sscte=1&crd=COy7sQ...
  • https://www.google.com/pagead/1p-conversion/985246291/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2108823397&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMI-5...
  • https://www.google.pl/pagead/1p-conversion/985246291/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2108823397&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMI-5D...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.pl/pagead/1p-conversion/985246291/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2108823397&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMI-5DJ4f3NhAMVzAiiAx32vg57MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&cid=CAQSGwB7FLtqG_bEF6eYPiGs36_lv2S3XLGpUkDJHg&random=1571422703&ipr=y&ezwbk=AZuM4hC-iPqraQWA-IhkefLpE406MaqvlG4BafBcYXro5IwnwKxvGZcxkJlvCUoETiNy-y1FavUV8R5r7Jqe0fdbr9tt
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-MK3PV37
Protocol
H2
Server
216.58.212.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.googletagmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 11:58:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Feb 2024 11:58:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.pl/pagead/1p-conversion/985246291/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2108823397&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMI-5DJ4f3NhAMVzAiiAx32vg57MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&cid=CAQSGwB7FLtqG_bEF6eYPiGs36_lv2S3XLGpUkDJHg&random=1571422703&ipr=y&ezwbk=AZuM4hC-iPqraQWA-IhkefLpE406MaqvlG4BafBcYXro5IwnwKxvGZcxkJlvCUoETiNy-y1FavUV8R5r7Jqe0fdbr9tt
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.pl/pagead/1p-conversion/944702304/ Frame BEA3
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/944702304/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944702304/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=791039583&sscte=1&crd=COy7sQI...
  • https://www.google.com/pagead/1p-conversion/944702304/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=791039583&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMI3Yr...
  • https://www.google.pl/pagead/1p-conversion/944702304/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=791039583&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMI3YrJ...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.pl/pagead/1p-conversion/944702304/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=791039583&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMI3YrJ4f3NhAMVIwqiAx2lxgsDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&cid=CAQSGwB7FLtqGdyHNSXg3cPltyXAiRnXOAri4xihkA&random=3598917853&ipr=y&ezwbk=AZuM4hAIROK4EzH6cY3EToN0r9bxev0Gr0bCN_4b7g7K038r3Ot4_NihqJrsNNvCyanoluGidddwRBLl4NT7XKb9o_Aw
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-MK3PV37
Protocol
H2
Server
216.58.212.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.googletagmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 11:58:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Feb 2024 11:58:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.pl/pagead/1p-conversion/944702304/?url=https%3A%2F%2Fbilety.helios.pl%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=791039583&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMI3YrJ4f3NhAMVIwqiAx2lxgsDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&cid=CAQSGwB7FLtqGdyHNSXg3cPltyXAiRnXOAri4xihkA&random=3598917853&ipr=y&ezwbk=AZuM4hAIROK4EzH6cY3EToN0r9bxev0Gr0bCN_4b7g7K038r3Ot4_NihqJrsNNvCyanoluGidddwRBLl4NT7XKb9o_Aw
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/pl_PL/ 		298 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pl_PL/sdk.js?hash=a09f72eebb8eefb97fcd4a2ea15cf201
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.30.27 Prague, Czech Republic, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-prg1.fbcdn.net
Software
/
Resource Hash
9874844fbcc45d17fe18d4f722ba59188eea323b79dc99a65b4afae3775004ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bilety.helios.pl/
Origin
https://bilety.helios.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Feb 2024 11:58:25 GMT
content-md5
2cKIlLJ9oM2mROwbcN5euA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87350
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug
tDhHXV3ArV8E+7WK3xl7AOeo6SSr7EPtv+HfCG9/NtgFQ1ST9nnimIAXOmSB7YMchTeC3R/yCwVHKw/7fbdG0A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
e77a2aa7884b6b6d02040624ad153eb0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"87a11191123deba3e2eab25f20962fd2"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 27 Feb 2025 06:52:05 GMT
payframe
pay.google.com/gp/p/ui/ Frame 5B31 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fbilety.helios.pl&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f92.1e100.net
Software
ESF /
Resource Hash
dd6585e65d97b80450892ca3ca6e1aa5229e805323f3488533000f84b362ee6b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kTAXBjAN9scnfx5Zq8ybOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bilety.helios.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-kTAXBjAN9scnfx5Zq8ybOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Wed, 28 Feb 2024 11:58:25 GMT
expires
Wed, 28 Feb 2024 11:58:25 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjKtDikmJw0pBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEO_w8WAR85nOyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_FwPNz_Zx2bwIWzNycwAgAJ4jIh"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js?did=7abf05b2-6f77-4c27-bde0-da584a08c265
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK3PV37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Feb 2024 11:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OKrCs7nhvutcs03VCUskmw==
age
58303
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6841
x-ms-lease-status
unlocked
last-modified
Mon, 26 Feb 2024 20:27:29 GMT
server
cloudflare
etag
0x8DC37095AEE323A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b83135be-401e-0011-6af5-68a337000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
85c87ee18ace193f-FRA
js
www.googletagmanager.com/gtag/ 		267 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RSP2YSMWXY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK3PV37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4662fc80890a893955b88e5814796b1c8b80a73f865f9e48a2bcbc945675b9f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 11:58:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92792
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Feb 2024 11:58:25 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK3PV37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Feb 2024 11:32:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1582
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 28 Feb 2024 13:32:03 GMT
destination
www.googletagmanager.com/gtag/ 		204 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-998461821&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK3PV37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
81b9ac2470b6b78e9cd98494015d87f5166d22e1751875ac521e14a3d14a5b9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 11:58:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75950
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Feb 2024 11:58:25 GMT
destination
www.googletagmanager.com/gtag/ 		204 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-985246291&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK3PV37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
26dc7a2c97bc0c9f6803a230722bea72bd0784c34f49a71faefaa9848db437d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 11:58:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75952
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Feb 2024 11:58:25 GMT
destination
www.googletagmanager.com/gtag/ 		237 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-944702304&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK3PV37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
5ef18aff733af992cded52750dc56fe7b4abcf67569ce1f2c9f36958a250f445
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 11:58:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84524
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Feb 2024 11:58:25 GMT
style
accounts.google.com/gsi/ 		533 B
586 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f84.1e100.net
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-F6YNKzU_jPgLZrkul4BH-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 11:58:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-F6YNKzU_jPgLZrkul4BH-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 28 Feb 2024 11:58:25 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.hOezgzvI6D4.es5.O/am=gEEa/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 5B31 		159 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.hOezgzvI6D4.es5.O/am=gEEa/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriL19pU_q9xXbbjFdmFhWzIUyHw0w/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fbilety.helios.pl&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
895b718bf2e5f732aea12e71c24d71c696cead2839ab287460e84bd2f839173d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 20:54:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57479
x-xss-protection
0
last-modified
Tue, 27 Feb 2024 03:45:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Feb 2025 20:54:00 GMT
7abf05b2-6f77-4c27-bde0-da584a08c265.json
cdn.cookielaw.org/consent/7abf05b2-6f77-4c27-bde0-da584a08c265/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/7abf05b2-6f77-4c27-bde0-da584a08c265/7abf05b2-6f77-4c27-bde0-da584a08c265.json
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff65cf062f1a7ef4b49be1088e8c6af96d08de636a681cb72c066b417244f884
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Feb 2024 11:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
57996
content-md5
eefLjSKUDfuIAG4loaJVxQ==
content-length
1481
x-ms-lease-status
unlocked
last-modified
Tue, 21 Nov 2023 13:34:36 GMT
server
cloudflare
etag
0x8DBEA969AF83B38
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0795c6e6-d01e-003c-777f-1c1044000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
85c87ee44b8e9b94-FRA
expires
Thu, 29 Feb 2024 11:58:25 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 11:39:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
1137
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 28 Feb 2024 12:39:28 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RSP2YSMWXY&gtm=45je42q1v892915486z878501924za200&_p=1709121504594&gcs=G100&gcd=13p3p3p3p5&npa=1&dma_cps=-&dma=1&cid=876084836.1709121506&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=denied&_s=1&sid=1709121505&sct=1&seg=0&dl=https%3A%2F%2Fbilety.helios.pl%2F&dt=Helios&en=page_view&_fv=1&_ss=2&tfd=1739
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RSP2YSMWXY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 11:58:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bilety.helios.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
landing
pagead2.googlesyndication.com/pagead/ 		42 B
455 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p3p5&rnd=2147150589.1709121506&url=https%3A%2F%2Fbilety.helios.pl%2F&dma_cps=-&dma=1&npa=1&gtm=45He42q1n81MK3PV37v78501924za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK3PV37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 11:58:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=364782706&t=pageview&_s=1&dl=https%3A%2F%2Fbilety.helios.pl%2F&ul=en-us&de=UTF-8&dt=Helios&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGAAAAAjEAAAAAAEKk~&cid=876084836.1709121506&tid=UA-3710505-1&_gid=411422771.1709121506&gtm=45He42q1n81MK3PV37v78501924za200&gcs=G100&gcd=13p3p3p3p5&dma_cps=-&dma=1&npa=1&z=1312739939
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Feb 2024 20:03:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57280
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=364782706&t=pageview&_s=1&dl=https%3A%2F%2Fbilety.helios.pl%2F&ul=en-us&de=UTF-8&dt=Helios&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGgAAAAjEAAAAAAEKk~&cid=876084836.1709121506&tid=UA-3710505-2&_gid=1809115191.1709121506&gtm=45He42q1n81MK3PV37v78501924za200&gcs=G100&gcd=13p3p3p3p5&dma_cps=-&dma=1&npa=1&z=1117920732
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Feb 2024 20:03:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57280
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.hOezgzvI6D4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Eb28Qt... Frame 5B31 		75 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.hOezgzvI6D4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Eb28QtijFV0.L.B1.O/am=gEEa/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrht5UGtDImU732Xx8oUxjU4K4KZmg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.hOezgzvI6D4.es5.O/am=gEEa/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriL19pU_q9xXbbjFdmFhWzIUyHw0w/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
8a37b02b94b8facedfb153e760d7a7c1134dbcbab8febd31763384234ea5df4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 20:54:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27699
x-xss-protection
0
last-modified
Tue, 27 Feb 2024 03:45:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Feb 2025 20:54:00 GMT
pay
pay.google.com/gp/p/ui/ Frame 5B31 		1 MB
378 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.hOezgzvI6D4.es5.O/am=gEEa/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriL19pU_q9xXbbjFdmFhWzIUyHw0w/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f92.1e100.net
Software
ESF /
Resource Hash
cab5a740fb05af3af9f137efe4a351facc4b52b255c929d3ddb156251f780eaa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qOvBg334alzhOJ_sybQQSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 11:58:25 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-qOvBg334alzhOJ_sybQQSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjKtDikmJw0pBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEO_w8WAR85nOyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_FwPNz_Zx2bwIZNr08yAwAJgDIz"
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 28 Feb 2024 11:58:25 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.hOezgzvI6D4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Eb28Qt... Frame 5B31 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.hOezgzvI6D4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Eb28QtijFV0.L.B1.O/am=gEEa/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrht5UGtDImU732Xx8oUxjU4K4KZmg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.hOezgzvI6D4.es5.O/am=gEEa/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriL19pU_q9xXbbjFdmFhWzIUyHw0w/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
ba7eda8d803c3c269fad97a1e45b0b23b7dc9a35c56fcc1f32971ea138c4254a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 20:54:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4139
x-xss-protection
0
last-modified
Tue, 27 Feb 2024 03:45:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Feb 2025 20:54:00 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.hOezgzvI6D4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Eb28Qt... Frame 5B31 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.hOezgzvI6D4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Eb28QtijFV0.L.B1.O/am=gEEa/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrht5UGtDImU732Xx8oUxjU4K4KZmg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.hOezgzvI6D4.es5.O/am=gEEa/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriL19pU_q9xXbbjFdmFhWzIUyHw0w/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
67d0702b5dbfdb7393d5b855087885d152ddb0a0cd40d70aa45b022d903f1dd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 20:54:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14349
x-xss-protection
0
last-modified
Tue, 27 Feb 2024 03:45:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Feb 2025 20:54:00 GMT
log
play.google.com/ Frame 5B31 		131 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.hOezgzvI6D4.es5.O/am=gEEa/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriL19pU_q9xXbbjFdmFhWzIUyHw0w/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 28 Feb 2024 11:58:26 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Feb 2024 11:58:26 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 28 Feb 2024 11:58:26 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 5B31 		131 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.hOezgzvI6D4.es5.O/am=gEEa/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriL19pU_q9xXbbjFdmFhWzIUyHw0w/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 28 Feb 2024 11:58:26 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Feb 2024 11:58:26 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 28 Feb 2024 11:58:26 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 5B31 		131 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pl.hOezgzvI6D4.es5.O/am=gEEa/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriL19pU_q9xXbbjFdmFhWzIUyHw0w/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 28 Feb 2024 11:58:26 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Feb 2024 11:58:26 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 28 Feb 2024 11:58:26 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		68 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.119 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
809131692400e617b2bca6830799cb095a65057f948eba12c71caa8b1d2be016
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://bilety.helios.pl/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 11:58:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
85c87ee70eb19261-FRA
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202310.2.0/ 		426 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js?did=7abf05b2-6f77-4c27-bde0-da584a08c265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
838f4b697deefb701f31eb892e6dde74a92dd7c65d4d56f967bb79c17a66d79e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Feb 2024 11:58:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
3zwKFeg02sA5dMnkMN3c/A==
age
29927
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
105024
x-ms-lease-status
unlocked
last-modified
Tue, 05 Dec 2023 03:37:34 GMT
server
cloudflare
etag
0x8DBF54385213BD6
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9da7b195-801e-001e-0647-27d55b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
85c87ee76f6e193f-FRA
pl.json
cdn.cookielaw.org/consent/7abf05b2-6f77-4c27-bde0-da584a08c265/caa96f53-c015-4dac-8447-e049097bc70b/ 		193 KB
38 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/7abf05b2-6f77-4c27-bde0-da584a08c265/caa96f53-c015-4dac-8447-e049097bc70b/pl.json
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eed01db22be32dc9445fbfb8c7ed2743b9f13a415cba685790485133d517afc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Feb 2024 11:58:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
77248
content-md5
5famp5+0ydpqhjtXS63liQ==
content-length
39120
x-ms-lease-status
unlocked
last-modified
Tue, 21 Nov 2023 13:34:45 GMT
server
cloudflare
etag
0x8DBEA96A04B21B1
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
edb7295c-201e-0028-249e-1c582b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
85c87ee7fe8b9b94-FRA
expires
Thu, 29 Feb 2024 11:58:26 GMT
iab2V2Data.json
cdn.cookielaw.org/vendorlist/ 		553 KB
72 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/vendorlist/iab2V2Data.json
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96fafe4a36a0db600be149e2ca0ea5457c3db870a3e905b2be459d37928bdb2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Feb 2024 11:58:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
1JfYxNiR9vOGrhf+cjQkEA==
age
15071
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
73113
x-ms-lease-status
unlocked
last-modified
Wed, 28 Feb 2024 06:26:59 GMT
server
cloudflare
etag
0x8DC3826450A48F8
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7496e16c-601e-0029-2011-6a07f7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
85c87ee7fe8c9b94-FRA
googleData.json
cdn.cookielaw.org/vendorlist/ 		56 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/vendorlist/googleData.json
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2671c2cfd90b0423fedb26eddd059393bca1c69e0fd99ecef69013461155cdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Feb 2024 11:58:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
iIspEnIo59ZJ3oUaAck1Dw==
age
145
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
16304
x-ms-lease-status
unlocked
last-modified
Wed, 28 Feb 2024 09:45:31 GMT
server
cloudflare
etag
0x8DC384200D62D8B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ca97b3b5-b01e-002a-0c3a-6ae693000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
85c87ee7fe8f9b94-FRA
otTCF.js
cdn.cookielaw.org/scripttemplates/202310.2.0/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202310.2.0/otTCF.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b225b553da329022367ef9806c9820cbb60051aede8489749a879cfc3bed0677
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Feb 2024 11:58:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
hm3OoSxk2AlRMovgolMY2Q==
age
29114
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11706
x-ms-lease-status
unlocked
last-modified
Tue, 05 Dec 2023 03:37:33 GMT
server
cloudflare
etag
0x8DBF54384516017
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ce3ba6b9-c01e-006d-59ef-278dc8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
85c87ee7f815193f-FRA
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/202310.2.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202310.2.0/assets/otCenterRounded.json
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Feb 2024 11:58:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
oYt+EDUnaeOgBEWKs5v3Eg==
age
15071
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2626
x-ms-lease-status
unlocked
last-modified
Tue, 05 Dec 2023 03:37:28 GMT
server
cloudflare
etag
0x8DBF5438120B44A
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
848edcb6-601e-0039-794e-27c29f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
85c87ee90f4e9b94-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202310.2.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202310.2.0/assets/v2/otPcCenter.json
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Feb 2024 11:58:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
PV7Y7lcwNLcROEFo5k3N7g==
age
15071
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12708
x-ms-lease-status
unlocked
last-modified
Tue, 05 Dec 2023 03:37:29 GMT
server
cloudflare
etag
0x8DBF54381FE513E
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
061d1057-801e-0031-8082-27d890000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
85c87ee90f4f9b94-FRA
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/202310.2.0/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202310.2.0/assets/otCookieSettingsButton.json
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7429ba59299387d5b2445949464b6b58111c47c8363459c1dfe16a541ff0c397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Feb 2024 11:58:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
HZ4CF8sFCthNRNvjE80iGw==
age
78692
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1766
x-ms-lease-status
unlocked
last-modified
Tue, 05 Dec 2023 03:37:29 GMT
server
cloudflare
etag
0x8DBF54381B7D553
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
1f2c9780-601e-004b-4d8a-27c5d0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
85c87ee90f539b94-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202310.2.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202310.2.0/assets/otCommonStyles.css
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Feb 2024 11:58:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
57997
x-ms-lease-status
unlocked
last-modified
Tue, 05 Dec 2023 03:37:38 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
49e80492-701e-0068-427d-275f13000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
85c87ee90f559b94-FRA
DMSans-Bold.ttf
bilety.helios.pl/assets/fonts/DMSans/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bilety.helios.pl/assets/fonts/DMSans/DMSans-Bold.ttf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse /
Resource Hash
3edb1342cebb1b19c3e3fee912497961006e29bf58486ba0404c33c54c463435

Request headers

Referer
https://bilety.helios.pl/
Origin
https://bilety.helios.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:58:37 GMT
Last-Modified
Thu, 18 Jan 2024 15:38:47 GMT
Server
nginx/1.21.1.1 WhiteHorse
ETag
"809d116d244ada1:0"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
71852
DMSans-Medium.ttf
bilety.helios.pl/assets/fonts/DMSans/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bilety.helios.pl/assets/fonts/DMSans/DMSans-Medium.ttf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
80.252.5.36 Warsaw, Poland, ASN8535 (AGORA, PL),
Reverse DNS
host-80-252-5-36.gazeta.pl
Software
nginx/1.21.1.1 WhiteHorse /
Resource Hash
418ce314f345540ffabeb91fb58c9a3cd83cb2df850ff32313c833e4604740c0

Request headers

Referer
https://bilety.helios.pl/
Origin
https://bilety.helios.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 11:58:37 GMT
Last-Modified
Thu, 18 Jan 2024 15:38:47 GMT
Server
nginx/1.21.1.1 WhiteHorse
ETag
"809d116d244ada1:0"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
71764
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
560 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: bilety.helios.pl
URL: https://bilety.helios.pl/polyfills.11807c86796f8336.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Feb 2024 11:58:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
65014
x-ms-lease-status
unlocked
last-modified
Tue, 27 Feb 2024 03:06:32 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a89a1ee2-901e-0002-4364-69873b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
85c87ee97fa49b94-FRA
logo_helios_2014_cmyk_300dpi.jpg
cdn.cookielaw.org/logos/864704fa-5ece-4694-8e2e-26b41ed16ea7/09f97c1a-110f-419f-845c-5bcaa067427d/6a99e94f-a9e9-47a6-8b79-0c60245a1c1a/ 		938 KB
939 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/864704fa-5ece-4694-8e2e-26b41ed16ea7/09f97c1a-110f-419f-845c-5bcaa067427d/6a99e94f-a9e9-47a6-8b79-0c60245a1c1a/logo_helios_2014_cmyk_300dpi.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d235582c526ad0da38f7ab59e9e36b13af3b4ed7f77657577d06c5e5aa0afe13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Feb 2024 11:58:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
uHSAniNa+9YlvmNZ/zf7bg==
age
15014
content-length
960412
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 18 Feb 2022 13:41:45 GMT
server
cloudflare
etag
0x8D9F2E4676B979F
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
aacfa5d1-701e-0035-5da2-135597000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
85c87ee98948193f-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bilety.helios.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Feb 2024 11:58:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
66722
x-ms-lease-status
unlocked
last-modified
Tue, 27 Feb 2024 03:06:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
360756de-601e-0039-6c30-69c29f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
85c87ee9894b193f-FRA

Verdicts & Comments Add Verdict or Comment

208 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| OpenPayU object| webpackChunkhelios function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononscrollendpatched function| make_url function| _typeof boolean| windowIsDefined function| unicode_hack function| Slider object| FontAwesomeConfig object| ___FONT_AWESOME___ function| _ object| __zone_symbol__messagefalse object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__scrollfalse object| __zone_symbol__resizefalse object| __zone_symbol__beforeunloadfalse object| __zone_symbol__unloadfalse object| dataLayer object| AppleID object| FB object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchantIdsHashedValueListForGpayButtonVariant string| dynamicGpayButtonVariant object| google object| __zone_symbol__testfalse object| __zone_symbol__ON_PROPERTYtest object| google_tag_manager object| google_tag_data object| __zone_symbol__loadfalse object| otEventListeners string| GoogleAnalyticsObject function| ga object| default_gsi object| _F_toggles object| closure_lm_846862 object| __G_ID_CLIENT__ function| onYouTubeIframeAPIReady object| __zone_symbol__pagehidefalse object| OneTrustStub object| gaplugins object| __buffer object| gaGlobal object| gaData object| __zone_symbol__focusfalse object| __zone_symbol__blurfalse object| __zone_symbol__pageshowfalse function| _UA-3710505-1_sendHitTask function| _UA-3710505-2_sendHitTask string| OnetrustActiveGroups string| OptanonActiveGroups function| __tcfapi object| otStubData object| otIabModule object| Optanon object| OneTrust function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.helios.pl/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Wed+Feb+28+2024+12%3A58%3A26+GMT%2B0100+(Central+European+Standard+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=d768d275-ca95-45cf-a836-8d9ffe01e46f&interactionCount=0&landingPath=https%3A%2F%2Fbilety.helios.pl%2F%23%2Fscreening&groups=C0005%3A0%2CC0004%3A0%2CC0003%3A0%2CC0001%3A1%2CC0002%3A0%2CV2STACK42%3A0&genVendors=V12%3A0%2CV13%3A0%2CV6%3A0%2CV16%3A0%2CV17%3A0%2CV15%3A0%2CV7%3A0%2CV10%3A0%2CV21%3A0%2CV5%3A0%2CV9%3A0%2CV3%3A0%2CV20%3A0%2CV11%3A0%2CV4%3A0%2CV1%3A0%2CV18%3A0%2CV2%3A0%2CV8%3A0%2CV22%3A0%2CV14%3A0%2CV19%3A0%2C
.google.com/ Name: NID
Value: 512=e5HQeeoo93DPCsIBTvPfok1icsiZofNrLOHYqCLzD081T5liT5Vi2odnYNEKkZU0O1foasI6QkWq-0twuy5Dr4ki4jWpSCQ1-loJIgdHuSis-hnUzUkjbSqlOshmIhp_5JaDWX_NjwVAyVJrBVfy_9OXCdH_CvLYd3GTSb8CNXc

16 Console Messages

Source Level URL
Text
other warning URL: https://bilety.helios.pl/#/screening
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.helios.pl/#/screening
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.helios.pl/#/screening
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.helios.pl/#/screening
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.helios.pl/#/screening
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.helios.pl/#/screening
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.helios.pl/#/screening
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.helios.pl/#/screening
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.helios.pl/#/screening
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.helios.pl/#/screening
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.helios.pl/#/screening
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.helios.pl/#/screening
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.helios.pl/#/screening
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.helios.pl/#/screening
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.helios.pl/#/screening
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bilety.helios.pl/#/screening
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
appleid.cdn-apple.com
bilety.helios.pl
cdn.cookielaw.org
connect.facebook.net
geolocation.onetrust.com
googleads.g.doubleclick.net
movies.helios.pl
pagead2.googlesyndication.com
pay.google.com
play.google.com
region1.google-analytics.com
restapi.helios.pl
secure.payu.com
www.google-analytics.com
www.google.com
www.google.pl
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.18.131.236
142.250.181.226
142.250.185.162
142.250.186.100
142.250.186.110
142.250.186.72
157.240.30.27
172.217.16.206
172.217.18.2
172.217.18.3
172.64.155.119
216.239.32.36
216.58.212.131
23.196.235.139
23.197.134.25
64.233.166.92
64.233.167.84
80.252.5.30
80.252.5.36
04d2424978ab93cd524970aff21200ec88358176992af718ecd9fe96be5ae4b8
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
0b865aaf44b3af1c9f722c2198e5be075d52a0c56b62c626049fccef6f1dbca5
0c43f4e3489b82f8326588d7d23f070b691306f0c04589e02df7ce9f23a02431
0eed01db22be32dc9445fbfb8c7ed2743b9f13a415cba685790485133d517afc
14948aedbcaf906a9cacab38de5fff889bde887ecbd710b8a1ada3ae84c65477
14ab6c5ad7a2d82167bd219555a9bcfe8775d6456b5bf07fe490ab5f7fce774e
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
2275e5c10cee9e9b1f3fa48b96abc2dfdbfe3cc74220ac89dc90e0da1154469f
23c3bfbf0f24b8bcd09d6973ed70a09dbb4a1bb88eb116244c4a9c2865cc1284
23e3f1da59de4afe321786d5cc58960c9dce586ba0240811065d29e151595e63
26dc7a2c97bc0c9f6803a230722bea72bd0784c34f49a71faefaa9848db437d3
2d5fc8e00769aa30c75be1f3263ab5d0058ff6f126a4e48544c665696c4edd6f
305d734aee8d579e51c9357253672a77f73f1af582d9deed5845ae735ed0b8a6
3607c4b57b109a4ed7d947ddd3b6831f6c3d801623015a52577e780dc5d12aa1
39fe2364382216642e423b3ddaf04ba4cedb9e9e5cf6f128cd443b80864c1b7b
3edb1342cebb1b19c3e3fee912497961006e29bf58486ba0404c33c54c463435
3f73b1f84f2d95ea50508c71d63dc2f15acbc074ffeb5e6a1ef480f4600cb36d
40b30b66230849e4bbaf7a6004fa7574cb0fa0f38e185ca1cf4ca65a7fd7076c
418ce314f345540ffabeb91fb58c9a3cd83cb2df850ff32313c833e4604740c0
425eab1f5ad56189e451377e38856e5009955e33f4e7299c18563c86622cb7c1
437870cd45f2d5a0aa31ae64de4045eda6c6b50185daa4cf5a99acc31fa8206c
4594b88f26e4f176a861d6dc526e0a3f65521f46f6dc8367df6947ce16d345ff
4662fc80890a893955b88e5814796b1c8b80a73f865f9e48a2bcbc945675b9f1
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5b0abe465dbd23695d9a6087a5547f563c3819ecbfc70796054671fb8a94865d
5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc
5ef18aff733af992cded52750dc56fe7b4abcf67569ce1f2c9f36958a250f445
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fa3c30eee3b6848780895eef0273ffc545055f8e8b79773239191361b179771
67d0702b5dbfdb7393d5b855087885d152ddb0a0cd40d70aa45b022d903f1dd7
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
70ee9f4f344292500b34c057b33fe634ec82e44fca0c6b1fa91b3e5be228c25a
728c72284c16aa2f6ec01ba3a7ddb84ace6268b9711c9fb806217a600802b12d
7429ba59299387d5b2445949464b6b58111c47c8363459c1dfe16a541ff0c397
778a61731e30e990d22ebf39e45f1ada99b9679accf584d85d55015b036f71a5
809131692400e617b2bca6830799cb095a65057f948eba12c71caa8b1d2be016
81b9ac2470b6b78e9cd98494015d87f5166d22e1751875ac521e14a3d14a5b9d
81d17550334b6144011c86e2f279343bf8b3f736c3aaea645144c784a656aa75
8321ed791067d560a7ebd7c6c850c064324fd8d73c861f1f52690127ac3eb06d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838f4b697deefb701f31eb892e6dde74a92dd7c65d4d56f967bb79c17a66d79e
895b718bf2e5f732aea12e71c24d71c696cead2839ab287460e84bd2f839173d
8a37b02b94b8facedfb153e760d7a7c1134dbcbab8febd31763384234ea5df4f
8c39f793040e05a1fc4b324fce49da6525f9e2c7fe0cc2d47a00cdfebfe38d14
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9397175f9329a1d5940a4d121719a1bed983b930df92be3252bd3e28c24e4da6
939d7ade851aabd11bbc52faaeb5601ecd27a33c0ffb09b1d2a447e2a2bf165e
96fafe4a36a0db600be149e2ca0ea5457c3db870a3e905b2be459d37928bdb2a
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9874844fbcc45d17fe18d4f722ba59188eea323b79dc99a65b4afae3775004ee
9ae2da663d64342031e59b5fa680dd355171d021b7ebf83774efc7c0330ae7b5
9be268792e669d06817424daf53722b2f915f68cffb61727886fa4829600a4b0
b1d58efcaaa629009d7a884c44783c513cf09e790c0b1dd30858688d1666e7a0
b225b553da329022367ef9806c9820cbb60051aede8489749a879cfc3bed0677
b7ef5eccea12a66170e2374603b40148555eaa6ca063c476bf9dbbdea2808f9d
ba7eda8d803c3c269fad97a1e45b0b23b7dc9a35c56fcc1f32971ea138c4254a
bcf1c5243d327b29cb913d532074f097562639f77abe05a645aeb258c05d9941
c2671c2cfd90b0423fedb26eddd059393bca1c69e0fd99ecef69013461155cdd
cab5a740fb05af3af9f137efe4a351facc4b52b255c929d3ddb156251f780eaa
cc72d70321a2084d113d3c44bf5857a2fc7d8d91ca77a1f7141f4245370db1e4
ce25993e8ec3ae1984398d7305529ff13d829efb9ab973c36db99246580b02ff
cf02a62adf76fc1280e6910311af63016f037d611526238e618da529cac516a9
d235582c526ad0da38f7ab59e9e36b13af3b4ed7f77657577d06c5e5aa0afe13
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
dd6585e65d97b80450892ca3ca6e1aa5229e805323f3488533000f84b362ee6b
ddf0f17578b03aa88fd0b5362bedfdee469621f03cf2411f5b4db763568c6bd1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df7d7a0f6abda9f3fea9669f63f71d167569fb9fd674c70eaede3f6e422c710a
e0648e59e7d3cf209f24f5bdfebe8c2aa515226def9c59d6786d93e48b18b4d0
e10ddcd43b99862241cb4fbe647ada24c13d7939d7f9a35fdb5c0c0137135150
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79b4762dfaa32d26be75c427ca8b5ed7de480478fb9727d7bc59e3f0b797b13
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9fc90b0310d5e2392798d4edb09d347d73eaa9e9a39c9dfffbf0db4a467cdc
f35e44df88b7a4bbe54c06a30ac1bd3f0f62c84e34704a679df04b0a0fdee50b
ff65cf062f1a7ef4b49be1088e8c6af96d08de636a681cb72c066b417244f884