urlscan.io logo urlscan.io
SecurityTrails logo

flyrefund.pl Open in urlscan Pro
185.204.218.128  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.flyrefund.pl/
Effective URL: https://flyrefund.pl/pl/
Submission: On January 24 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 65 HTTP transactions. The main IP is 185.204.218.128, located in Poland and belongs to SUPERHOST-PL-AS, PL. The main domain is flyrefund.pl.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on January 25th 2021. Valid for: a year.
This is the only time flyrefund.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

39    185.204.218.128 (Poland)

ASN41079 (SUPERHOST-PL-AS, PL)
PTR: s13.hekko.net.pl
www.flyrefund.pl
flyrefund.pl
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
4    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
Apex Domain
Subdomains		 Transfer
39 flyrefund.pl
www.flyrefund.pl
flyrefund.pl
1 MB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
482 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
1 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 13
38 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
198 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
ssl.google-analytics.com — Cisco Umbrella Rank: 279
37 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 584
8 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1009 B
65 8
Domain Requested by
38 flyrefund.pl 1 redirects flyrefund.pl
6 www.facebook.com flyrefund.pl
connect.facebook.net
6 fonts.gstatic.com fonts.googleapis.com
www.google.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com flyrefund.pl
www.gstatic.com
www.google.com
3 connect.facebook.net flyrefund.pl
connect.facebook.net
2 www.google-analytics.com flyrefund.pl
www.google-analytics.com
1 ssl.google-analytics.com flyrefund.pl
1 code.jquery.com flyrefund.pl
1 fonts.googleapis.com flyrefund.pl
1 www.flyrefund.pl 1 redirects
65 11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
plus.google.com
dioma.pl
Subject Issuer Validity Valid
flyrefund.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-01-25 -
2022-02-25		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-02 -
2022-01-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://flyrefund.pl/pl/
Frame ID: 9176C5403564CBEEB6941BEE7E23F5CF
Requests: 57 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldb1tUUAAAAAMffpAnNW1U2z5BsdRjIgk_ElkPX&co=aHR0cHM6Ly9mbHlyZWZ1bmQucGw6NDQz&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=9fhdwoe8u09l
Frame ID: 066A9C8CFA498D219C0D1FEE0393B7B1
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Odszkodowanie za opóźniony lot ǀ Fly Refund

Page URL History Show full URLs

  1. https://www.flyrefund.pl/ HTTP 301
    https://flyrefund.pl/ HTTP 302
    https://flyrefund.pl/pl/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

65
Requests

100 %
HTTPS

90 %
IPv6

8
Domains

11
Subdomains

10
IPs

3
Countries

2272 kB
Transfer

4229 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.flyrefund.pl/ HTTP 301
    https://flyrefund.pl/ HTTP 302
    https://flyrefund.pl/pl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
flyrefund.pl/pl/
Redirect Chain
  • https://www.flyrefund.pl/
  • https://flyrefund.pl/
  • https://flyrefund.pl/pl/
23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
8393ee2973f791918b422cd18a802e0696025b40f1c0bba588e84310634472fe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-encoding
br
vary
Accept-Encoding,User-Agent
date
Mon, 24 Jan 2022 13:59:02 GMT
server
LiteSpeed

Redirect headers

content-type
text/html; charset=utf-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
location
https://flyrefund.pl/pl/
content-length
0
date
Mon, 24 Jan 2022 13:59:02 GMT
server
LiteSpeed
vary
User-Agent
bootstrap.min.css
flyrefund.pl/bootstrap/css/ 		119 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/bootstrap/css/bootstrap.min.css
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
3fcf31137cc22fe567e4e20f0cc90127f05ebe1fdd336212f0d84666c8f2d0f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 09:33:03 GMT
server
LiteSpeed
etag
"1dd89-585111cf-f7f7aa6dc985088e;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
18627
expires
Mon, 31 Jan 2022 13:59:02 GMT
css
fonts.googleapis.com/ 		2 KB
1009 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 13:16:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 24 Jan 2022 13:59:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Jan 2022 13:59:02 GMT
font-awesome.min.css
flyrefund.pl/fonts/font-awesome/css/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/fonts/font-awesome/css/font-awesome.min.css
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 09:39:10 GMT
server
LiteSpeed
etag
"7187-5851133e-a1db7161a268dbb3;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6281
expires
Mon, 31 Jan 2022 13:59:02 GMT
animate.css
flyrefund.pl/js-plugin/animation-framework/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/animation-framework/animate.css
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
a50fa8f9c32cd48b97abfcc82fc2b645992c7fb38373074a26c8dab3550659d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:11:20 GMT
server
LiteSpeed
etag
"24ed-58511ac8-1a4f779e1296db8e;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1563
expires
Mon, 31 Jan 2022 13:59:02 GMT
magnific-popup.css
flyrefund.pl/js-plugin/magnific-popup/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/magnific-popup/magnific-popup.css
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
dee47cc8a5ec2992e6cffb69dfe235d9422ad0f54435d4ca2063e07cdd74a2c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:20:22 GMT
server
LiteSpeed
etag
"224b-58511ce6-6651efd8d5a0aa3a;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1920
expires
Mon, 31 Jan 2022 13:59:02 GMT
flexslider.css
flyrefund.pl/js-plugin/flexslider/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/flexslider/flexslider.css
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
7336a13b50066bea1ba2e1f6d055d741c7e7617b54f8cb7ca85a18f31c20591a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:13:34 GMT
server
LiteSpeed
etag
"f5d-58511b4e-8177f1e483bbd1e8;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1217
expires
Mon, 31 Jan 2022 13:59:02 GMT
owl.carousel.css
flyrefund.pl/js-plugin/owl.carousel/owl-carousel/ 		2 KB
556 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/owl.carousel/owl-carousel/owl.carousel.css
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
c9430ccc20d8d58e10dbcaba36ae11739cf20190424b6f55c0d8cf90241658f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:22:41 GMT
server
LiteSpeed
etag
"60b-58511d71-541b2e77b8f8fcb3;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
472
expires
Mon, 31 Jan 2022 13:59:02 GMT
owl.transitions.css
flyrefund.pl/js-plugin/owl.carousel/owl-carousel/ 		5 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/owl.carousel/owl-carousel/owl.transitions.css
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
46c63e19392696c9ccbce249541b5b7edeb46ca35679a5f91ed4f6779c0dfdbc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:22:48 GMT
server
LiteSpeed
etag
"121e-58511d78-a6f5b0871f3e36c3;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
660
expires
Mon, 31 Jan 2022 13:59:02 GMT
owl.theme.css
flyrefund.pl/js-plugin/owl.carousel/owl-carousel/ 		2 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/owl.carousel/owl-carousel/owl.theme.css
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
a72843979d55dc4d5d9bcac65c18b3b75d753258c9fece915f49e9ad52a290b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:22:46 GMT
server
LiteSpeed
etag
"6cf-58511d76-dcf1763f34051ec3;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
538
expires
Mon, 31 Jan 2022 13:59:02 GMT
diomaAnim.css
flyrefund.pl/js-plugin/appear/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/appear/diomaAnim.css
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
90eb86072f4a07f88d1581d610ef1635ffe3c1a0755b8a932a56d5461e3a6f69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:11:24 GMT
server
LiteSpeed
etag
"4026-58511acc-db1960bf927e2bc3;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1151
expires
Mon, 31 Jan 2022 13:59:02 GMT
layout.css
flyrefund.pl/css/ 		40 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/css/layout.css?v=2
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
d17f9fc8900df2b48dfc16476368c17c06951db9b59525f23bd1cad39a17f7bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Wed, 19 Feb 2020 14:50:39 GMT
server
LiteSpeed
etag
"9f7e-5e4d4b3f-c6900082f37f019c;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8823
expires
Mon, 31 Jan 2022 13:59:02 GMT
light.css
flyrefund.pl/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/css/light.css
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
685668d90d2fb21d739c01b7c8ff2969037b0b3ccd95ac9e2bbe9f3146c3cd84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Wed, 27 Dec 2017 08:19:42 GMT
server
LiteSpeed
etag
"3df5-5a43579e-5469a835f01883;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3658
expires
Mon, 31 Jan 2022 13:59:02 GMT
custom.css
flyrefund.pl/css/ 		1 KB
441 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/css/custom.css
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
8aa46250575e3c514cef9de2e04652ef411c4b65f6338ddee04cbbaddeb2da2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Mon, 08 Jan 2018 12:40:52 GMT
server
LiteSpeed
etag
"431-5a5366d4-98b14a3a89c41f26;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
357
expires
Mon, 31 Jan 2022 13:59:02 GMT
jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
gzip
last-modified
Wed, 14 Sep 2016 16:34:16 GMT
server
nginx
etag
W/"57d97c08-8c85"
vary
Accept-Encoding
x-hw
1643032742.dop143.am5.t,1643032742.cds202.am5.hn,1643032742.cds257.am5.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
8323
modernizr-2.6.1.min.js
flyrefund.pl/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js/modernizr-2.6.1.min.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
9c60deab2552b4d46873a9cfd1baf83f7bd8ab97ac303d6dadd1f348964ac3dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:11:17 GMT
server
LiteSpeed
etag
"3c0b-58511ac5-af3257b653084cd5;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5953
expires
Mon, 31 Jan 2022 13:59:02 GMT
api.js
www.google.com/recaptcha/ 		884 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Ldb1tUUAAAAAMffpAnNW1U2z5BsdRjIgk_ElkPX
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1032425abc71b7a25f84dd9f46d3b356522a611592f7dca9eb62c2b0429831d3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
1; mode=block
expires
Mon, 24 Jan 2022 13:59:02 GMT
main-logo.png
flyrefund.pl/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flyrefund.pl/images/main-logo.png
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
02110f32706fcde612c832b81d352e9c4b69de21995cee9a7772b02ad7d1fe2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
last-modified
Fri, 27 Oct 2017 08:30:08 GMT
server
LiteSpeed
etag
"6a9-59f2ee90-31a37c9b9094ee95;;;"
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1705
expires
Mon, 31 Jan 2022 13:59:02 GMT
31221501477311935.jpg
flyrefund.pl/img/offer/ 		675 KB
676 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flyrefund.pl/img/offer/31221501477311935.jpg
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
bc2446fa0a7de3687f00bcf9482c5e3d8c561e7b2b40abe28ee63de486efe50d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:03 GMT
last-modified
Fri, 27 Oct 2017 08:29:47 GMT
server
LiteSpeed
etag
"a8dbe-59f2ee7b-84b633d1ba1881e7;;;"
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
691646
expires
Mon, 31 Jan 2022 13:59:03 GMT
footer-logo.png
flyrefund.pl/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flyrefund.pl/images/footer-logo.png
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
3184804f9229cd249ea4a2af887961d95a048a23d7c59c0f2affdd6856f63d17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:03 GMT
last-modified
Fri, 27 Oct 2017 08:30:07 GMT
server
LiteSpeed
etag
"64b-59f2ee8f-83a73a127fdf1221;;;"
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1611
expires
Mon, 31 Jan 2022 13:59:03 GMT
respond.min.js
flyrefund.pl/js-plugin/respond/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/respond/respond.min.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
23f4ff6e17a90adb27b463e1b1edd527df0c0976aef9f5f558678dc98af4c667

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:24:33 GMT
server
LiteSpeed
etag
"fea-58511de1-d9e409cc1922f428;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1899
expires
Mon, 31 Jan 2022 13:59:02 GMT
jquery-2.1.1.min.js
flyrefund.pl/js-plugin/jquery/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/jquery/jquery-2.1.1.min.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:17:07 GMT
server
LiteSpeed
etag
"14915-58511c23-afccd3fe0d069b39;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
28763
expires
Mon, 31 Jan 2022 13:59:02 GMT
jquery-ui.js
flyrefund.pl/js-plugin/jquery/ 		509 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/jquery/jquery-ui.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:17:20 GMT
server
LiteSpeed
etag
"7f20a-58511c30-529c2bcea7507b20;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
120945
expires
Mon, 31 Jan 2022 13:59:02 GMT
bootstrap.js
flyrefund.pl/bootstrap/js/ 		68 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/bootstrap/js/bootstrap.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
63f8882030700a92484115938571504f9d26e6dc2e5578358ab8269d9abf2b30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 09:33:17 GMT
server
LiteSpeed
etag
"1114f-585111dd-a7777589ff513f9b;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13952
expires
Mon, 31 Jan 2022 13:59:02 GMT
jquery.easing.1.3.js
flyrefund.pl/js-plugin/easing/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/easing/jquery.easing.1.3.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
8b84c5d9a9f10070d15064097aba446660f3a43dbcf038ea9d627e1693c09861

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:13:32 GMT
server
LiteSpeed
etag
"2075-58511b4c-e298c021bffb97bd;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1907
expires
Mon, 31 Jan 2022 13:59:02 GMT
smooth-scroll.min.js
flyrefund.pl/js-plugin/jquery/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/jquery/smooth-scroll.min.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
7152f32cfe8bcc6164eadd77c30c667478f96314b4ad4e4b8927c78349b6e628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:17:21 GMT
server
LiteSpeed
etag
"1392-58511c31-91556fb9589f2b46;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2011
expires
Mon, 31 Jan 2022 13:59:02 GMT
owl.carousel.min.js
flyrefund.pl/js-plugin/owl.carousel/owl-carousel/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/owl.carousel/owl-carousel/owl.carousel.min.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:22:45 GMT
server
LiteSpeed
etag
"5d80-58511d75-cd4be15aabb1f42c;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6299
expires
Mon, 31 Jan 2022 13:59:02 GMT
jquery.magnific-popup.min.js
flyrefund.pl/js-plugin/magnific-popup/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/magnific-popup/jquery.magnific-popup.min.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
0a8d45917eb861a4efd3a27a5a0121d11830986bfcbfe3305cd43d7b137b5685

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:03 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:20:20 GMT
server
LiteSpeed
etag
"510f-58511ce4-4a6c4124944188fa;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7208
expires
Mon, 31 Jan 2022 13:59:03 GMT
jquery.flexslider-min.js
flyrefund.pl/js-plugin/flexslider/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/flexslider/jquery.flexslider-min.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
6e8340e550796c39ef28a317ec8095399bbf5b24f418f01861af924598d0a3eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:03 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:13:38 GMT
server
LiteSpeed
etag
"401d-58511b52-2e691c7186b2d294;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4904
expires
Mon, 31 Jan 2022 13:59:03 GMT
jquery.isotope.min.js
flyrefund.pl/js-plugin/isotope/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/isotope/jquery.isotope.min.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
743b919a337dfbb6d1e8648d0793532d47f8af48059e17f7e32ae8738c7614a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:03 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:17:00 GMT
server
LiteSpeed
etag
"3ead-58511c1c-7e6c06d2a1ebfc33;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4863
expires
Mon, 31 Jan 2022 13:59:03 GMT
jquery.form.js
flyrefund.pl/js-plugin/dioma-contact-ajax-plugin/js/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/dioma-contact-ajax-plugin/js/jquery.form.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
c9c4ea8698ca4e723c0b9d8c478ec5b2e9a68f090f067ee171b0263dcd09c0fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:03 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:13:12 GMT
server
LiteSpeed
etag
"afee-58511b38-282f9dcf8432594b;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11800
expires
Mon, 31 Jan 2022 13:59:03 GMT
jquery.validate.min.js
flyrefund.pl/js-plugin/dioma-contact-ajax-plugin/js/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/dioma-contact-ajax-plugin/js/jquery.validate.min.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
7649d55e6b1b98bc0dc1023ffa14975e7a48c7d1d2a00b9cfffd3668a0f9191e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:03 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:13:17 GMT
server
LiteSpeed
etag
"53f8-58511b3d-df234bd45e28f7f3;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6203
expires
Mon, 31 Jan 2022 13:59:03 GMT
jquery.stellar.min.js
flyrefund.pl/js-plugin/parallax/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/parallax/js/jquery.stellar.min.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
f5610dca639dfbc602be3ad30b5e98bff001f6f61d4ce0a618fe8ae3e6906059

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:03 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:22:58 GMT
server
LiteSpeed
etag
"315d-58511d82-d51c5bd3bf3f80d7;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3184
expires
Mon, 31 Jan 2022 13:59:03 GMT
jquery.localscroll-1.2.7-min.js
flyrefund.pl/js-plugin/parallax/js/ 		2 KB
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/parallax/js/jquery.localscroll-1.2.7-min.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
df2a1a05dc79c403d7dc61aa141aa5de9160342c291c2a37ce37b91a4c910af2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:03 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:22:54 GMT
server
LiteSpeed
etag
"618-58511d7e-39f1403d8de3f88f;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
747
expires
Mon, 31 Jan 2022 13:59:03 GMT
jquery.appear.js
flyrefund.pl/js-plugin/appear/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js-plugin/appear/jquery.appear.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
c19b0f2361c60f7d6f17e19d83f35f52858cfe756eb094cb9b1ed29f80a87871

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:03 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:11:26 GMT
server
LiteSpeed
etag
"10ff-58511ace-1a8be339b93801c4;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1221
expires
Mon, 31 Jan 2022 13:59:03 GMT
custom.js
flyrefund.pl/js/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js/custom.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
a7d6765953c1b14fe847eff38db5c44e1d348be2af79ace8ffcafcadf83a84d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:03 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2016 10:11:15 GMT
server
LiteSpeed
etag
"9376-58511ac3-8cd725ab2c11385a;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8402
expires
Mon, 31 Jan 2022 13:59:03 GMT
airport.js
flyrefund.pl/js/ 		2 KB
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/js/airport.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
e75eea0614872097dbda9e4aebd75574a9b4f06fecabc8771081de10685ed8ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:03 GMT
content-encoding
br
last-modified
Thu, 09 Feb 2017 12:28:26 GMT
server
LiteSpeed
etag
"9d8-589c606a-b4cf0180609bc15e;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
715
expires
Mon, 31 Jan 2022 13:59:03 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flyrefund.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 20:07:29 GMT
x-content-type-options
nosniff
age
496293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45416
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 20:07:29 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ 		354 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ldb1tUUAAAAAMffpAnNW1U2z5BsdRjIgk_ElkPX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flyrefund.pl/
Origin
https://flyrefund.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 12:44:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4474
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143013
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 12:44:29 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6851
date
Mon, 24 Jan 2022 12:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 24 Jan 2022 14:04:52 GMT
21146661477308255.jpg
flyrefund.pl//img/offer/ 		464 KB
464 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flyrefund.pl//img/offer/21146661477308255.jpg
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
5e9e70aaa311f83b5bb07396cc149146e7f7e510bf524f514b3385ca884375f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
last-modified
Fri, 27 Oct 2017 08:29:25 GMT
server
LiteSpeed
etag
"73e9b-59f2ee65-4ddf98cf535b072c;;;"
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
474779
expires
Mon, 31 Jan 2022 13:59:02 GMT
pixels.png
flyrefund.pl/images/theme-pics/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flyrefund.pl/images/theme-pics/pixels.png
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/css/layout.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
3fd61fa8b69664ce0dba9634ec73a89da8c9026fcb889b0fac8e3c0ac8b85759

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/css/layout.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:03 GMT
content-encoding
br
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flyrefund.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:56:06 GMT
x-content-type-options
nosniff
age
468176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46988
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:11 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 03:56:06 GMT
fontawesome-webfont.woff2
flyrefund.pl/fonts/font-awesome/fonts/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://flyrefund.pl/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/fonts/font-awesome/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.204.218.128 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS
s13.hekko.net.pl
Software
LiteSpeed /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://flyrefund.pl/fonts/font-awesome/css/font-awesome.min.css
Origin
https://flyrefund.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:02 GMT
last-modified
Wed, 14 Dec 2016 09:39:31 GMT
server
LiteSpeed
etag
"118d8-58511353-3409397f789924b7;;;"
vary
User-Agent
content-type
application/octet-stream
accept-ranges
bytes
content-length
71896
jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v12/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e4563071048dd98f7120d73d55aa8f31fef27b1c1cf600eb38306421078153d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flyrefund.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:52:07 GMT
x-content-type-options
nosniff
age
490015
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29328
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 21:52:07 GMT
jizaRExUiTo99u79D0yExdGM.woff2
fonts.gstatic.com/s/ptsans/v12/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0yExdGM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cc569a18a9dfd7f191b5cf516e335c67255047ffbd4da0f1e8109598665ada8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flyrefund.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 10:59:51 GMT
x-content-type-options
nosniff
age
529151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26408
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 10:59:51 GMT
collect
www.google-analytics.com/j/ 		2 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1712979455&t=pageview&_s=1&dl=https%3A%2F%2Fflyrefund.pl%2Fpl%2F&ul=en-us&de=UTF-8&dt=Odszkodowanie%20za%20op%C3%B3%C5%BAniony%20lot%20%C7%80%20Fly%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=941356472&gjid=1549867524&cid=363890209.1643032743&tid=UA-101277360-1&_gid=202758441.1643032743&_r=1&_slc=1&z=975383065
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://flyrefund.pl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 13:59:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://flyrefund.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26187
x-xss-protection
0
pragma
public
x-fb-debug
uyn/tt2XmCudPGNbiSfmM+X0gRboZhOyT/nTzZhoMQ+AlYpvRTJiHriNN7XknCqhtTcNh5QrWgxeSPajTJDKmQ==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Mon, 24 Jan 2022 13:59:03 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
xfbml.customerchat.js
connect.facebook.net/pl_PL/sdk/ 		299 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pl_PL/sdk/xfbml.customerchat.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bc89d2f8b5d1c4419f12c0924225fbc693ddf217e3abac68aafba83d7e3205e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
24JwSYPSiokc01pgARAIDg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 24 Jan 2022 13:59:07 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
86102
x-fb-rlafr
0
x-fb-debug
AeZiSpeQSVz7JBesDBhokeH92dDPLiD3Wnmiit5mLpNQ+GUpxRKNsJkfnY3zL0uUrKGO47kJcYGdZTxPX0scZQ==
x-fb-trip-id
917726464
x-fb-content-md5
87ca507571fd05c4acc07113ec3070f7
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 24 Jan 2022 13:59:03 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"15d50ed53c27def5a8db8eb2ba22377a"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
anchor
www.google.com/recaptcha/api2/ Frame 066A 		40 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldb1tUUAAAAAMffpAnNW1U2z5BsdRjIgk_ElkPX&co=aHR0cHM6Ly9mbHlyZWZ1bmQucGw6NDQz&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=9fhdwoe8u09l
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4893b3015bd1c74b459f80da8ce54a38863dc67b8fc3b73f1d0273ffeb6731ab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-U3ZP5SUthrf+1blEZ1vuUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 24 Jan 2022 13:59:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-U3ZP5SUthrf+1blEZ1vuUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20598
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
181768225955154
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/181768225955154?v=2.9.49&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f6aae75c4b195207e8eed8f624046472ed42b547c58ce1f5d60ae35ca5deee91
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
AjTeekQAfaB3IACOgKtkcNh8MmS81plzdHBZdKAOxsjUR/MhWcAooaKVrdbEXvr0/WO+ZwmMe42siwg1wzTIOQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 24 Jan 2022 13:59:03 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=181768225955154&ev=PageView&dl=https%3A%2F%2Fflyrefund.pl%2Fpl%2F&rl=&if=false&ts=1643032743374&sw=1600&sh=1200&v=2.9.49&r=stable&ec=0&o=30&fbp=fb.1.1643032743372.1880050260&it=1643032743249&coo=false&rqm=GET
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 24 Jan 2022 13:59:03 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 066A 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldb1tUUAAAAAMffpAnNW1U2z5BsdRjIgk_ElkPX&co=aHR0cHM6Ly9mbHlyZWZ1bmQucGw6NDQz&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=9fhdwoe8u09l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 12:44:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4474
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 12:44:29 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 066A 		354 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldb1tUUAAAAAMffpAnNW1U2z5BsdRjIgk_ElkPX&co=aHR0cHM6Ly9mbHlyZWZ1bmQucGw6NDQz&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=9fhdwoe8u09l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 12:44:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4474
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143013
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 12:44:29 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 066A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:05:30 GMT
x-content-type-options
nosniff
age
471213
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 26 Jan 2022 03:05:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 066A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldb1tUUAAAAAMffpAnNW1U2z5BsdRjIgk_ElkPX&co=aHR0cHM6Ly9mbHlyZWZ1bmQucGw6NDQz&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=9fhdwoe8u09l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:18:05 GMT
x-content-type-options
nosniff
age
528058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 066A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldb1tUUAAAAAMffpAnNW1U2z5BsdRjIgk_ElkPX&co=aHR0cHM6Ly9mbHlyZWZ1bmQucGw6NDQz&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=9fhdwoe8u09l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 06:37:08 GMT
x-content-type-options
nosniff
age
285715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 21 Jan 2023 06:37:08 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 066A 		102 B
133 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldb1tUUAAAAAMffpAnNW1U2z5BsdRjIgk_ElkPX&co=aHR0cHM6Ly9mbHlyZWZ1bmQucGw6NDQz&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=9fhdwoe8u09l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e671437dbdfea29e6d58d838049e22ef37097277eb96cb7d87eb08c90bfe035a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldb1tUUAAAAAMffpAnNW1U2z5BsdRjIgk_ElkPX&co=aHR0cHM6Ly9mbHlyZWZ1bmQucGw6NDQz&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=9fhdwoe8u09l
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111
x-xss-protection
1; mode=block
expires
Mon, 24 Jan 2022 13:59:03 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: flyrefund.pl
URL: https://flyrefund.pl/js/custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3394
date
Mon, 24 Jan 2022 13:02:29 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 24 Jan 2022 15:02:29 GMT
/
www.facebook.com/plugins/customer_chat/facade_gating/ 		36 B
79 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/customer_chat/facade_gating/?page_id=166149853867369&suppress_http_code=1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/sdk/xfbml.customerchat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b361cfab629429b7375bc1e378f717b3e7e7688f0f30e5dd74deee724749ec24
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://flyrefund.pl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
iUpxmsMXAROvck2ilK7yz5F1dnoyCbFZP13LZKv4it2YE7UZdqR8jXxkdehVe4lOyQ6YyWR4xRsw/lLsnADUsQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 24 Jan 2022 13:59:03 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flyrefund.pl
vary
Accept-Encoding
cache-control
private, no-cache, no-store, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/plugins/customer_chat/SDK/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f7dc4134ec5f4%26domain%3Dflyrefund.pl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fflyrefund.pl%252Ff2106f153e9f7e%26relation%3Dparent.parent&current_url=https%3A%2F%2Fflyrefund.pl%2Fpl%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=pl_PL&log_id=d01c10e8-0d97-431a-8b65-b56cdbc513a1&logged_in_greeting=Dzie%C5%84%20dobry%2C%20w%20czym%20mog%C4%99%20pom%C3%B3c%3F&logged_out_greeting=Dzie%C5%84%20dobry%2C%20w%20czym%20mog%C4%99%20pom%C3%B3c%3F&page_id=166149853867369&request_time=1643032743782&sdk=joey&suppress_http_code=1&theme_color=%23ff8c04
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/sdk/xfbml.customerchat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://flyrefund.pl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
V5DMzzWnXMQIrb/6G/LBL/gJOOKA9wF1urth1dRruSgrGmJRF/8cRjFoGV4oZilsgbKxACMjsnPVNQma80zLyQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 24 Jan 2022 13:59:03 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://flyrefund.pl
cache-control
private, no-cache, no-store, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/plugins/customer_chat/facade/ 		1 KB
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f7dc4134ec5f4%26domain%3Dflyrefund.pl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fflyrefund.pl%252Ff2106f153e9f7e%26relation%3Dparent.parent&current_url=https%3A%2F%2Fflyrefund.pl%2Fpl%2F&is_loaded_by_facade=true&locale=pl_PL&log_id=d01c10e8-0d97-431a-8b65-b56cdbc513a1&logged_in_greeting=Dzie%C5%84%20dobry%2C%20w%20czym%20mog%C4%99%20pom%C3%B3c%3F&logged_out_greeting=Dzie%C5%84%20dobry%2C%20w%20czym%20mog%C4%99%20pom%C3%B3c%3F&page_id=166149853867369&request_time=1643032743782&sdk=joey&suppress_http_code=1&theme_color=%23ff8c04
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/sdk/xfbml.customerchat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b47ea1ff9e0f19ca02e20e82cf038a65148e42ce8c714bb4546dc4fbab73c76b
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://flyrefund.pl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
sXv1aGJn/w5rjv32iIWnuB5w3Jz5+nv9s8R5rXp4JlxI9tXl/y1+Ph6VAjquPKMynZfBZziVEjqXMMDuWGEHcA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 24 Jan 2022 13:59:03 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flyrefund.pl
vary
Accept-Encoding
cache-control
private, no-cache, no-store, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
reload
www.google.com/recaptcha/api2/ Frame 066A 		30 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Ldb1tUUAAAAAMffpAnNW1U2z5BsdRjIgk_ElkPX
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
29b05a9b5cc56093522cf2d31b98ffce7a5be0059077cc8d2a78449e27b64410
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldb1tUUAAAAAMffpAnNW1U2z5BsdRjIgk_ElkPX&co=aHR0cHM6Ly9mbHlyZWZ1bmQucGw6NDQz&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=9fhdwoe8u09l
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Mon, 24 Jan 2022 13:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16997
x-xss-protection
1; mode=block
expires
Mon, 24 Jan 2022 13:59:03 GMT
/
www.facebook.com/plugins/customer_chat/SDK/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f7dc4134ec5f4%26domain%3Dflyrefund.pl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fflyrefund.pl%252Ff2106f153e9f7e%26relation%3Dparent.parent&current_url=https%3A%2F%2Fflyrefund.pl%2Fpl%2F&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=51&locale=pl_PL&log_id=d01c10e8-0d97-431a-8b65-b56cdbc513a1&logged_in_greeting=Dzie%C5%84%20dobry%2C%20w%20czym%20mog%C4%99%20pom%C3%B3c%3F&logged_out_greeting=Dzie%C5%84%20dobry%2C%20w%20czym%20mog%C4%99%20pom%C3%B3c%3F&page_id=166149853867369&request_time=1643032743833&sdk=joey&suppress_http_code=1&theme_color=%23ff8c04
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/sdk/xfbml.customerchat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://flyrefund.pl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
k5o/yb2RAP52+0bOrONwT5FJq/oJi+dfIItQ9cBr8W6ntAsDFER3hZFlVBB+kAJiZ5eHWRR9BFYRetAya6TkTw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 24 Jan 2022 13:59:03 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://flyrefund.pl
cache-control
private, no-cache, no-store, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=181768225955154&ev=Microdata&dl=https%3A%2F%2Fflyrefund.pl%2Fpl%2F&rl=&if=false&ts=1643032744877&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Odszkodowanie%20za%20op%C3%B3%C5%BAniony%20lot%20%C7%80%20Fly%20Refund%22%2C%22meta%3Adescription%22%3A%22Czy%20wiesz%2C%20%C5%BCe%20za%20op%C3%B3%C5%BAniony%20lub%20odwo%C5%82any%20lot%20przys%C5%82uguje%20rekompensata%3F%20Dzi%C4%99ki%20pomocy%20Fly%20Refund%20mo%C5%BCesz%20uzyska%C4%87%20nale%C5%BCne%20odszkodowanie%20od%20linii%20lotniczych.%22%2C%22meta%3Akeywords%22%3A%22op%C3%B3%C5%BAniony%20lot%2C%20odwo%C5%82any%20lot%2C%20odszkodowanie%20za%20op%C3%B3%C5%BAniony%20lot%2C%20odszkodowanie%20za%20odwo%C5%82any%20lot%2C%20op%C3%B3%C5%BAniony%20lot%20odszkodowanie%2C%20odwo%C5%82any%20lot%20odszkodowanie%2C%20jak%20uzyska%C4%87%20odszkodowanie%20za%20op%C3%B3%C5%BAniony%20lot%2C%20jak%20uzyska%C4%87%20odszkodowanie%20za%20odwo%C5%82any%20lot%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.49&r=stable&ec=1&o=30&fbp=fb.1.1643032743372.1880050260&it=1643032743249&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flyrefund.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:59:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 24 Jan 2022 13:59:04 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| html5 object| Modernizr function| yepnope object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| GoogleAnalyticsObject function| ga object| respond function| $ function| jQuery object| smoothScroll object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Stellar boolean| isMobile boolean| isDesktop function| diomaAnimAppear function| animateTxt function| initializeMainMenu function| appendBootstrap function| initialize function| gaSSDSLoad function| toTop function| scrollToItem function| getDistanceFromLatLonInKm function| deg2rad function| CookieScriptSetCookie function| CookieScriptGetCookie function| fbq function| _fbq function| fbAsyncInit object| recaptcha object| closure_lm_215398 object| FB object| _gat object| _gaq

10 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AGh639WK0ddhtuxHrmkcx52ldydpRMBPLiFW1rqEMmu6eSDTXTiUgidn3xGAy_17StXzMUpB2HMlFt1tfDp9piA
flyrefund.pl/ Name: PHPSESSID
Value: f8b0b77b0be36e2d1a09cf0f80960dac
.flyrefund.pl/ Name: _ga
Value: GA1.2.363890209.1643032743
.flyrefund.pl/ Name: _gid
Value: GA1.2.202758441.1643032743
.flyrefund.pl/ Name: _gat
Value: 1
.flyrefund.pl/ Name: _fbp
Value: fb.1.1643032743372.1880050260
.flyrefund.pl/ Name: __utma
Value: 56092028.363890209.1643032743.1643032744.1643032744.1
.flyrefund.pl/ Name: __utmb
Value: 56092028.0.10.1643032744
.flyrefund.pl/ Name: __utmc
Value: 56092028
.flyrefund.pl/ Name: __utmz
Value: 56092028.1643032744.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

1 Console Messages

Source Level URL
Text
network error URL: https://flyrefund.pl/images/theme-pics/pixels.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
connect.facebook.net
flyrefund.pl
fonts.googleapis.com
fonts.gstatic.com
ssl.google-analytics.com
www.facebook.com
www.flyrefund.pl
www.google-analytics.com
www.google.com
www.gstatic.com
185.204.218.128
2001:4de0:ac18::1:a:2b
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
02110f32706fcde612c832b81d352e9c4b69de21995cee9a7772b02ad7d1fe2b
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
0a8d45917eb861a4efd3a27a5a0121d11830986bfcbfe3305cd43d7b137b5685
1032425abc71b7a25f84dd9f46d3b356522a611592f7dca9eb62c2b0429831d3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
23f4ff6e17a90adb27b463e1b1edd527df0c0976aef9f5f558678dc98af4c667
29b05a9b5cc56093522cf2d31b98ffce7a5be0059077cc8d2a78449e27b64410
3184804f9229cd249ea4a2af887961d95a048a23d7c59c0f2affdd6856f63d17
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fcf31137cc22fe567e4e20f0cc90127f05ebe1fdd336212f0d84666c8f2d0f7
3fd61fa8b69664ce0dba9634ec73a89da8c9026fcb889b0fac8e3c0ac8b85759
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
46c63e19392696c9ccbce249541b5b7edeb46ca35679a5f91ed4f6779c0dfdbc
4893b3015bd1c74b459f80da8ce54a38863dc67b8fc3b73f1d0273ffeb6731ab
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e9e70aaa311f83b5bb07396cc149146e7f7e510bf524f514b3385ca884375f3
63f8882030700a92484115938571504f9d26e6dc2e5578358ab8269d9abf2b30
685668d90d2fb21d739c01b7c8ff2969037b0b3ccd95ac9e2bbe9f3146c3cd84
6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad
6e8340e550796c39ef28a317ec8095399bbf5b24f418f01861af924598d0a3eb
7152f32cfe8bcc6164eadd77c30c667478f96314b4ad4e4b8927c78349b6e628
7336a13b50066bea1ba2e1f6d055d741c7e7617b54f8cb7ca85a18f31c20591a
743b919a337dfbb6d1e8648d0793532d47f8af48059e17f7e32ae8738c7614a7
7649d55e6b1b98bc0dc1023ffa14975e7a48c7d1d2a00b9cfffd3668a0f9191e
7cc569a18a9dfd7f191b5cf516e335c67255047ffbd4da0f1e8109598665ada8
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e4563071048dd98f7120d73d55aa8f31fef27b1c1cf600eb38306421078153d
8393ee2973f791918b422cd18a802e0696025b40f1c0bba588e84310634472fe
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8aa46250575e3c514cef9de2e04652ef411c4b65f6338ddee04cbbaddeb2da2f
8b84c5d9a9f10070d15064097aba446660f3a43dbcf038ea9d627e1693c09861
90eb86072f4a07f88d1581d610ef1635ffe3c1a0755b8a932a56d5461e3a6f69
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
9c60deab2552b4d46873a9cfd1baf83f7bd8ab97ac303d6dadd1f348964ac3dc
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a50fa8f9c32cd48b97abfcc82fc2b645992c7fb38373074a26c8dab3550659d9
a72843979d55dc4d5d9bcac65c18b3b75d753258c9fece915f49e9ad52a290b8
a7d6765953c1b14fe847eff38db5c44e1d348be2af79ace8ffcafcadf83a84d5
b361cfab629429b7375bc1e378f717b3e7e7688f0f30e5dd74deee724749ec24
b47ea1ff9e0f19ca02e20e82cf038a65148e42ce8c714bb4546dc4fbab73c76b
bc2446fa0a7de3687f00bcf9482c5e3d8c561e7b2b40abe28ee63de486efe50d
bc89d2f8b5d1c4419f12c0924225fbc693ddf217e3abac68aafba83d7e3205e2
c19b0f2361c60f7d6f17e19d83f35f52858cfe756eb094cb9b1ed29f80a87871
c9430ccc20d8d58e10dbcaba36ae11739cf20190424b6f55c0d8cf90241658f6
c9c4ea8698ca4e723c0b9d8c478ec5b2e9a68f090f067ee171b0263dcd09c0fb
d17f9fc8900df2b48dfc16476368c17c06951db9b59525f23bd1cad39a17f7bc
dee47cc8a5ec2992e6cffb69dfe235d9422ad0f54435d4ca2063e07cdd74a2c0
df2a1a05dc79c403d7dc61aa141aa5de9160342c291c2a37ce37b91a4c910af2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e671437dbdfea29e6d58d838049e22ef37097277eb96cb7d87eb08c90bfe035a
e75eea0614872097dbda9e4aebd75574a9b4f06fecabc8771081de10685ed8ff
f5610dca639dfbc602be3ad30b5e98bff001f6f61d4ce0a618fe8ae3e6906059
f6aae75c4b195207e8eed8f624046472ed42b547c58ce1f5d60ae35ca5deee91
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48