urlscan.io logo urlscan.io
SecurityTrails logo

xurl.pl Open in urlscan Pro
195.225.138.138  Public Scan

Go To Rescan Add Verdict Report
URL: http://xurl.pl/special
Submission: On May 21 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 9 domains to perform 17 HTTP transactions. The main IP is 195.225.138.138, located in Poland and belongs to OF-PL-AS, PL. The main domain is xurl.pl.
This is the only time xurl.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 195.225.138.138 29305 (OF-PL-AS)
1 1 104.31.77.81 13335 (CLOUDFLAR...)
1 104.18.43.101 13335 (CLOUDFLAR...)
4 94.130.4.218 24940 (HETZNER-AS)
2 216.58.210.14 15169 (GOOGLE)
1 2 138.201.165.92 24940 (HETZNER-AS)
2 2 88.99.233.249 24940 (HETZNER-AS)
1 2 138.201.136.84 24940 (HETZNER-AS)
2 2 188.40.17.15 24940 (HETZNER-AS)
3 3 18.153.11.4 16509 (AMAZON-02)
2 2 34.253.140.64 16509 (AMAZON-02)
1 1 88.99.176.143 24940 (HETZNER-AS)
1 136.243.87.194 24940 (HETZNER-AS)
17 8
7    195.225.138.138 (Poland)

ASN29305 (OF-PL-AS, PL)
PTR: v4.kingw.of.pl
xurl.pl
1    104.31.77.81 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
link.do
1    104.18.43.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.dudemobile.net
4    94.130.4.218 (Ukraine)

ASN24940 (HETZNER-AS, DE)
PTR: 33-hprx.funcns.net
adsearch.adkontekst.pl
2    216.58.210.14 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f14.1e100.net
www.google-analytics.com
2    138.201.165.92 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 28-hprx.funcns.net
cm.em.nscontext.eu
2    88.99.233.249 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 32-hprx.funcns.net
mis.em.nscontext.eu
2    138.201.136.84 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 7-bt-spd-d.funcns.net
api.spoldzielnia.nsaudience.pl
2    188.40.17.15 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 30-hprx.funcns.net
mis.em.nscontext.eu
3    18.153.11.4 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-4.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    34.253.140.64 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-253-140-64.eu-west-1.compute.amazonaws.com
ads.avocet.io
1    88.99.176.143 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 31-hprx.funcns.net
adsearch.adkontekst.pl
1    136.243.87.194 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 24-hprx.funcns.net
rm.em.nscontext.eu
Domain Requested by
7 xurl.pl xurl.pl
5 adsearch.adkontekst.pl 1 redirects xurl.pl
adsearch.adkontekst.pl
4 mis.em.nscontext.eu 4 redirects
3 x.bidswitch.net 3 redirects
2 ads.avocet.io 2 redirects
2 api.spoldzielnia.nsaudience.pl 1 redirects
2 cm.em.nscontext.eu 1 redirects
2 www.google-analytics.com xurl.pl
1 rm.em.nscontext.eu xurl.pl
1 www.dudemobile.net xurl.pl
1 link.do 1 redirects
17 11

This site contains no links.

Subject Issuer Validity Valid
sni49298.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-05-11 -
2018-11-17		 6 months crt.sh
*.em.nscontext.eu
nazwaSSL		 2017-09-05 -
2018-09-05		 a year crt.sh
*.spoldzielnia.nsaudience.pl
nazwaSSL		 2017-09-15 -
2018-09-15		 a year crt.sh

This page contains 6 frames:

Primary Page: http://xurl.pl/special
Frame ID: 45B572C857E99DC1FF52AA3D3B0F173F
Requests: 3 HTTP requests in this frame

Frame: http://xurl.pl/framedRedirectTop.php?url=654086
Frame ID: D88A37B14D2187F53610295159460E41
Requests: 11 HTTP requests in this frame

Frame: https://www.dudemobile.net/cl.php?id=7885a13f81a907c11e07a4e1ddf2939b
Frame ID: 82C2F75244E09440F513805A3C93BC1F
Requests: 1 HTTP requests in this frame

Frame: https://cm.em.nscontext.eu/cm/iframe//?uid=mi16383f424d92a3c4487f1c81f42
Frame ID: 65651769FB279D7080955C9A672E817F
Requests: 1 HTTP requests in this frame

Frame: https://api.spoldzielnia.nsaudience.pl/frontend/api/sale.api?uid=mi16383f424b5e492134a8b054de
Frame ID: 3EE4085D16BE235B318270EFED6DA790
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: A3A4787C96829731A898DF71402741AA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

17
Requests

18 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

8
IPs

5
Countries

448 kB
Transfer

851 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://link.do/rewards HTTP 301
  • https://www.dudemobile.net/cl.php?id=7885a13f81a907c11e07a4e1ddf2939b
Request Chain 10
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 11
  • http://www.google-analytics.com/r/collect?v=1&_v=j67&a=1629689396&t=pageview&_s=1&dl=http%3A%2F%2Fxurl.pl%2FframedRedirectTop.php%3Furl%3D654086&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x72&je=0&_u=IEBAAEAB~&jid=891136156&gjid=1933541564&cid=346493986.1526927205&tid=UA-38188073-4&_gid=1349047917.1526927205&_r=1&z=864188990 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j67&a=1629689396&t=pageview&_s=1&dl=http%3A%2F%2Fxurl.pl%2FframedRedirectTop.php%3Furl%3D654086&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x72&je=0&_u=IEBAAEAB~&jid=891136156&gjid=1933541564&cid=346493986.1526927205&tid=UA-38188073-4&_gid=1349047917.1526927205&_r=1&z=864188990
Request Chain 13
  • https://cm.em.nscontext.eu/cm/iframe/ HTTP 302
  • https://mis.em.nscontext.eu/deimos/cm/?redirect=https://cm.em.nscontext.eu/cm/iframe//?uid=__userId__ HTTP 302
  • https://mis.em.nscontext.eu/ex/tmp1526927205593Z2099498763/mi16383f424d92a3c4487f1c81f42/1?redirect=https://cm.em.nscontext.eu/cm/iframe//?uid=__userId__ HTTP 302
  • https://cm.em.nscontext.eu/cm/iframe//?uid=mi16383f424d92a3c4487f1c81f42
Request Chain 14
  • https://api.spoldzielnia.nsaudience.pl/frontend/api/matchSale.api HTTP 302
  • https://mis.em.nscontext.eu/?redirect=https%3A%2F%2Fapi.spoldzielnia.nsaudience.pl%2Ffrontend%2Fapi%2Fsale.api%3Fuid%3D__masterId__ HTTP 302
  • https://mis.em.nscontext.eu/ex/tmp1526927205557Z156627310/mi16383f424b5e492134a8b054de/1?redirect=https%3A%2F%2Fapi.spoldzielnia.nsaudience.pl%2Ffrontend%2Fapi%2Fsale.api%3Fuid%3D__masterId__ HTTP 302
  • https://api.spoldzielnia.nsaudience.pl/frontend/api/sale.api?uid=mi16383f424b5e492134a8b054de
Request Chain 17
  • https://x.bidswitch.net/sync?ssp=netsprint HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=netsprint HTTP 302
  • https://ads.avocet.io/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dnetsprint%26bsw_param%3Dc38b7100-ecb7-4bde-ab2a-30e226ccca6b HTTP 302
  • https://ads.avocet.io/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dnetsprint%26bsw_param%3Dc38b7100-ecb7-4bde-ab2a-30e226ccca6b HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=d3a0acf5-01c0-47c7-883c-0c22fb2aeac6&ssp=netsprint&bsw_param=c38b7100-ecb7-4bde-ab2a-30e226ccca6b HTTP 302
  • https://adsearch.adkontekst.pl/deimos/rtbcm?dspId=bidswitch&buyerId=c38b7100-ecb7-4bde-ab2a-30e226ccca6b HTTP 302
  • https://rm.em.nscontext.eu/?dspId=bidswitch&buyerId=c38b7100-ecb7-4bde-ab2a-30e226ccca6b

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set special
xurl.pl/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://xurl.pl/special
Protocol
HTTP/1.1
Server
195.225.138.138 , Poland, ASN29305 (OF-PL-AS, PL),
Reverse DNS
v4.kingw.of.pl
Software
/ PHP/5.3.29
Resource Hash
d7d6ac930a1b2f9ae5c54da4bea5d688a2967e96f7a03c74f4fdc8dfce8daa94

Request headers

Host
xurl.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
45B572C857E99DC1FF52AA3D3B0F173F

Response headers

Date
Mon, 21 May 2018 18:26:43 GMT
Server
X-Powered-By
PHP/5.3.29
Set-Cookie
shorturl=29r39uoqts1gcu99vv5mia9530; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Keep-Alive
timeout=10, max=10
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html
bootstrap.css
xurl.pl/themes/v3/styles/css/ 		127 KB
127 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://xurl.pl/themes/v3/styles/css/bootstrap.css
Requested by
Host: xurl.pl
URL: http://xurl.pl/special
Protocol
HTTP/1.1
Server
195.225.138.138 , Poland, ASN29305 (OF-PL-AS, PL),
Reverse DNS
v4.kingw.of.pl
Software
/
Resource Hash
bb74e0857a515bba7514be5880db482d5e2f32047b5b27bed2b8d064e731b094

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xurl.pl
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://xurl.pl/special
Cookie
shorturl=29r39uoqts1gcu99vv5mia9530
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xurl.pl/special
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 21 May 2018 18:26:44 GMT
Last-Modified
Fri, 16 Aug 2013 18:23:12 GMT
Server
ETag
"5a44941-1fcce-520e6e10"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=9
Content-Length
130254
screen.css
xurl.pl/themes/v3/styles/ 		39 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://xurl.pl/themes/v3/styles/screen.css
Requested by
Host: xurl.pl
URL: http://xurl.pl/special
Protocol
HTTP/1.1
Server
195.225.138.138 , Poland, ASN29305 (OF-PL-AS, PL),
Reverse DNS
v4.kingw.of.pl
Software
/
Resource Hash
c633c8575301d2e600d0006875ae313be2de2d0813e8f5db62c9dc8de38bc2df

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xurl.pl
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://xurl.pl/special
Cookie
shorturl=29r39uoqts1gcu99vv5mia9530
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xurl.pl/special
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 21 May 2018 18:26:44 GMT
Last-Modified
Fri, 16 Aug 2013 18:23:11 GMT
Server
ETag
"5a4493f-9a8b-520e6e0f"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=10
Content-Length
39563
framedRedirectTop.php
xurl.pl/ Frame D88A 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://xurl.pl/framedRedirectTop.php?url=654086
Requested by
Host: xurl.pl
URL: http://xurl.pl/special
Protocol
HTTP/1.1
Server
195.225.138.138 , Poland, ASN29305 (OF-PL-AS, PL),
Reverse DNS
v4.kingw.of.pl
Software
/ PHP/5.3.29
Resource Hash
a8034b2a9c1d4262b7f16fdf0e128450af5253d697731c3ee1449b57c1cb17da

Request headers

Host
xurl.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://xurl.pl/special
Accept-Encoding
gzip, deflate
Cookie
shorturl=29r39uoqts1gcu99vv5mia9530
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
45B572C857E99DC1FF52AA3D3B0F173F
Referer
http://xurl.pl/special

Response headers

Date
Mon, 21 May 2018 18:26:44 GMT
Server
X-Powered-By
PHP/5.3.29
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Keep-Alive
timeout=10, max=10
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html
cl.php
www.dudemobile.net/ Frame 82C2
Redirect Chain
  • https://link.do/rewards
  • https://www.dudemobile.net/cl.php?id=7885a13f81a907c11e07a4e1ddf2939b
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dudemobile.net/cl.php?id=7885a13f81a907c11e07a4e1ddf2939b
Requested by
Host: xurl.pl
URL: http://xurl.pl/special
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.43.101 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.6.36
Resource Hash

Request headers

:method
GET
:authority
www.dudemobile.net
:scheme
https
:path
/cl.php?id=7885a13f81a907c11e07a4e1ddf2939b
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://xurl.pl/special
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
45B572C857E99DC1FF52AA3D3B0F173F
Referer
http://xurl.pl/special

Response headers

status
200
date
Mon, 21 May 2018 18:26:44 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dd47d53cd6ab9cc55d4b75c5c94f7f0171526927204; expires=Tue, 21-May-19 18:26:44 GMT; path=/; domain=.dudemobile.net; HttpOnly
x-powered-by
PHP/5.6.36
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
41e917d54f9397aa-FRA
content-encoding
gzip

Redirect headers

status
301
date
Mon, 21 May 2018 18:26:44 GMT
content-type
text/html
set-cookie
__cfduid=d9fca3cfcf67c3177625bce0ceed5d69d1526927204; expires=Tue, 21-May-19 18:26:44 GMT; path=/; domain=.link.do; HttpOnly; Secure PHPSESSID=7v2e72dans9i2otet73te3n8p3; path=/ short_rewards=1; expires=Mon, 21-May-2018 19:00:05 GMT; path=/; httponly
x-powered-by
PHP/5.4.45-0+deb7u9
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
location
https://www.dudemobile.net/cl.php?id=7885a13f81a907c11e07a4e1ddf2939b
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
41e917d4bb8a9744-FRA
bootstrap.css
xurl.pl/themes/v3/styles/css/ Frame D88A 		127 KB
127 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://xurl.pl/themes/v3/styles/css/bootstrap.css
Requested by
Host: xurl.pl
URL: http://xurl.pl/framedRedirectTop.php?url=654086
Protocol
HTTP/1.1
Server
195.225.138.138 , Poland, ASN29305 (OF-PL-AS, PL),
Reverse DNS
v4.kingw.of.pl
Software
/
Resource Hash
bb74e0857a515bba7514be5880db482d5e2f32047b5b27bed2b8d064e731b094

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xurl.pl
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://xurl.pl/framedRedirectTop.php?url=654086
Cookie
shorturl=29r39uoqts1gcu99vv5mia9530
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xurl.pl/framedRedirectTop.php?url=654086
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 21 May 2018 18:26:44 GMT
Last-Modified
Fri, 16 Aug 2013 18:23:12 GMT
Server
ETag
"5a44941-1fcce-520e6e10"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=9
Content-Length
130254
screen.css
xurl.pl/themes/v3/styles/ Frame D88A 		39 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://xurl.pl/themes/v3/styles/screen.css
Requested by
Host: xurl.pl
URL: http://xurl.pl/framedRedirectTop.php?url=654086
Protocol
HTTP/1.1
Server
195.225.138.138 , Poland, ASN29305 (OF-PL-AS, PL),
Reverse DNS
v4.kingw.of.pl
Software
/
Resource Hash
c633c8575301d2e600d0006875ae313be2de2d0813e8f5db62c9dc8de38bc2df

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xurl.pl
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://xurl.pl/special
Cookie
shorturl=29r39uoqts1gcu99vv5mia9530
Connection
keep-alive
Cache-Control
no-cache

Response headers

Date
Mon, 21 May 2018 18:26:44 GMT
Last-Modified
Fri, 16 Aug 2013 18:23:11 GMT
Server
ETag
"5a4493f-9a8b-520e6e0f"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=10
Content-Length
39563
red.png
xurl.pl/themes/v3/images/logo/ Frame D88A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xurl.pl/themes/v3/images/logo/red.png
Requested by
Host: xurl.pl
URL: http://xurl.pl/framedRedirectTop.php?url=654086
Protocol
HTTP/1.1
Server
195.225.138.138 , Poland, ASN29305 (OF-PL-AS, PL),
Reverse DNS
v4.kingw.of.pl
Software
/
Resource Hash
5696b86cafd00b7c0ea1afead82ad1530db1a17a683bfa10d14d37781f95cff5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xurl.pl
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://xurl.pl/framedRedirectTop.php?url=654086
Cookie
shorturl=29r39uoqts1gcu99vv5mia9530
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xurl.pl/framedRedirectTop.php?url=654086
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 21 May 2018 18:26:44 GMT
Last-Modified
Sat, 31 Aug 2013 22:47:44 GMT
Server
ETag
"5a447df-1a69-52227290"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=8
Content-Length
6761
/
adsearch.adkontekst.pl/_/ads/ Frame D88A 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://adsearch.adkontekst.pl/_/ads/?QAPS_AKPL=b290fe239207177a78f816b049a64836
Requested by
Host: xurl.pl
URL: http://xurl.pl/framedRedirectTop.php?url=654086
Protocol
HTTP/1.1
Server
94.130.4.218 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
33-hprx.funcns.net
Software
Microsoft-IIS/7.5 /
Resource Hash
b9cd482f2c10c568011d3f7ca3268cd0d90eafbf7e0130ce70280f34b01ba86d

Request headers

Referer
http://xurl.pl/framedRedirectTop.php?url=654086
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 21 May 2018 18:26:44 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=UTF-8
/
adsearch.adkontekst.pl/quad/spliter/ Frame D88A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://adsearch.adkontekst.pl/quad/spliter/?prefix=akon&prid=0&caid=0&plh=b290fe239207177a78f816b049a64836&plid=0&namespace=qa_akon&nc=1526927204845&qss=true&nc2=430688105&type=K1&ref=http%3A%2F%2Fxurl.pl%2Fspecial
Requested by
Host: adsearch.adkontekst.pl
URL: http://adsearch.adkontekst.pl/_/ads/?QAPS_AKPL=b290fe239207177a78f816b049a64836
Protocol
HTTP/1.1
Server
94.130.4.218 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
33-hprx.funcns.net
Software
Microsoft-IIS/7.5 /
Resource Hash
279bf72916c1ea0e48e66548ae45451045fa60110948e5cb67219640be44c0bb

Request headers

Referer
http://xurl.pl/framedRedirectTop.php?url=654086
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 May 2018 18:26:44 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CUR OUR NOR"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
/
adsearch.adkontekst.pl/_/both/ Frame D88A 		455 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://adsearch.adkontekst.pl/_/both/?prefix=akon&namespace=qa_akon&nc=0&browser=safari
Requested by
Host: adsearch.adkontekst.pl
URL: http://adsearch.adkontekst.pl/_/ads/?QAPS_AKPL=b290fe239207177a78f816b049a64836
Protocol
HTTP/1.1
Server
94.130.4.218 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
33-hprx.funcns.net
Software
Microsoft-IIS/7.5 /
Resource Hash
32fcf14ecc96f2f0bcafdaa41647c1e6acc8d7df4780868c7f19aa425321fd6d

Request headers

Referer
http://xurl.pl/framedRedirectTop.php?url=654086
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 21 May 2018 18:26:44 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=UTF-8
analytics.js
www.google-analytics.com/ Frame D88A
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: xurl.pl
URL: http://xurl.pl/framedRedirectTop.php?url=654086
Protocol
SPDY
Server
216.58.210.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://xurl.pl/framedRedirectTop.php?url=654086
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 12 Apr 2018 18:13:11 GMT
server
Golfe2
age
6232
date
Mon, 21 May 2018 16:42:52 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
14353
expires
Mon, 21 May 2018 18:42:52 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/r/ Frame D88A
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j67&a=1629689396&t=pageview&_s=1&dl=http%3A%2F%2Fxurl.pl%2FframedRedirectTop.php%3Furl%3D654086&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x72&...
  • https://www.google-analytics.com/r/collect?v=1&_v=j67&a=1629689396&t=pageview&_s=1&dl=http%3A%2F%2Fxurl.pl%2FframedRedirectTop.php%3Furl%3D654086&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x72...
35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j67&a=1629689396&t=pageview&_s=1&dl=http%3A%2F%2Fxurl.pl%2FframedRedirectTop.php%3Furl%3D654086&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x72&je=0&_u=IEBAAEAB~&jid=891136156&gjid=1933541564&cid=346493986.1526927205&tid=UA-38188073-4&_gid=1349047917.1526927205&_r=1&z=864188990
Requested by
Host: xurl.pl
URL: http://xurl.pl/framedRedirectTop.php?url=654086
Protocol
SPDY
Server
216.58.210.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://xurl.pl/framedRedirectTop.php?url=654086
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 May 2018 18:26:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j67&a=1629689396&t=pageview&_s=1&dl=http%3A%2F%2Fxurl.pl%2FframedRedirectTop.php%3Furl%3D654086&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x72&je=0&_u=IEBAAEAB~&jid=891136156&gjid=1933541564&cid=346493986.1526927205&tid=UA-38188073-4&_gid=1349047917.1526927205&_r=1&z=864188990
Non-Authoritative-Reason
HSTS
/
adsearch.adkontekst.pl/quad/spliter/ Frame D88A 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://adsearch.adkontekst.pl/quad/spliter/?prid=887&caid=503248&nc=1526927205330&cc=2&form=507498:2:;&content=&qnr=0&without=&extra=&w=936&h=60&qss=true&flash=false&iid=-1939312736378357&prefix=akon&namespace=qa_akon&type=2&ref=http%3A%2F%2Fxurl.pl%2Fspecial
Requested by
Host: adsearch.adkontekst.pl
URL: http://adsearch.adkontekst.pl/_/ads/?QAPS_AKPL=b290fe239207177a78f816b049a64836
Protocol
HTTP/1.1
Server
94.130.4.218 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
33-hprx.funcns.net
Software
Microsoft-IIS/7.5 /
Resource Hash
57232ad607d3a15b75b38429ac8d0b0f225c2f83f439afee4efa69975e83b59b

Request headers

Referer
http://xurl.pl/framedRedirectTop.php?url=654086
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 May 2018 18:26:45 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CUR OUR NOR"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Cookie set /
cm.em.nscontext.eu/cm/iframe// Frame 6565
Redirect Chain
  • https://cm.em.nscontext.eu/cm/iframe/
  • https://mis.em.nscontext.eu/deimos/cm/?redirect=https://cm.em.nscontext.eu/cm/iframe//?uid=__userId__
  • https://mis.em.nscontext.eu/ex/tmp1526927205593Z2099498763/mi16383f424d92a3c4487f1c81f42/1?redirect=https://cm.em.nscontext.eu/cm/iframe//?uid=__userId__
  • https://cm.em.nscontext.eu/cm/iframe//?uid=mi16383f424d92a3c4487f1c81f42
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.em.nscontext.eu/cm/iframe//?uid=mi16383f424d92a3c4487f1c81f42
Requested by
Host:
URL: gummibear.boxstatic-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.165.92 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
28-hprx.funcns.net
Software
Microsoft-IIS/7.5 /
Resource Hash

Request headers

Host
cm.em.nscontext.eu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://xurl.pl/framedRedirectTop.php?url=654086
Accept-Encoding
gzip, deflate
Cookie
tmp1526927205557Z156627310=mi16383f424b5e492134a8b054de; volatileUid=mi16383f424d92a3c4487f1c81f42; tmp1526927205593Z2099498763=mi16383f424d92a3c4487f1c81f42; uid=mi16383f424d92a3c4487f1c81f42
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
45B572C857E99DC1FF52AA3D3B0F173F
Referer
http://xurl.pl/framedRedirectTop.php?url=654086

Response headers

Server
Microsoft-IIS/7.5
Date
Mon, 21 May 2018 18:26:45 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
uid=mi16383f424d92a3c4487f1c81f42;Path=/;Domain=.em.nscontext.eu;Expires=Wed, 20-May-2020 18:26:45 GMT ec=ec;Path=/;Expires=Mon, 21-May-2018 19:26:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Server
Microsoft-IIS/7.5
Date
Mon, 21 May 2018 18:26:45 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
uid=mi16383f424d92a3c4487f1c81f42;Path=/;Domain=.em.nscontext.eu;Expires=Wed, 20-May-2020 18:26:45 GMT;Max-Age=63072000
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://cm.em.nscontext.eu/cm/iframe//?uid=mi16383f424d92a3c4487f1c81f42
Cookie set sale.api
api.spoldzielnia.nsaudience.pl/frontend/api/ Frame 3EE4
Redirect Chain
  • https://api.spoldzielnia.nsaudience.pl/frontend/api/matchSale.api
  • https://mis.em.nscontext.eu/?redirect=https%3A%2F%2Fapi.spoldzielnia.nsaudience.pl%2Ffrontend%2Fapi%2Fsale.api%3Fuid%3D__masterId__
  • https://mis.em.nscontext.eu/ex/tmp1526927205557Z156627310/mi16383f424b5e492134a8b054de/1?redirect=https%3A%2F%2Fapi.spoldzielnia.nsaudience.pl%2Ffrontend%2Fapi%2Fsale.api%3Fuid%3D__masterId__
  • https://api.spoldzielnia.nsaudience.pl/frontend/api/sale.api?uid=mi16383f424b5e492134a8b054de
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.spoldzielnia.nsaudience.pl/frontend/api/sale.api?uid=mi16383f424b5e492134a8b054de
Requested by
Host:
URL: gummibear.boxstatic-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.136.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
7-bt-spd-d.funcns.net
Software
Microsoft-IIS/7.5 /
Resource Hash

Request headers

Host
api.spoldzielnia.nsaudience.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://xurl.pl/framedRedirectTop.php?url=654086
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
45B572C857E99DC1FF52AA3D3B0F173F
Referer
http://xurl.pl/framedRedirectTop.php?url=654086

Response headers

Server
Microsoft-IIS/7.5
Date
Mon, 21 May 2018 18:26:45 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="CAO COR COR CON TEL IVD SAM IND BUS"
Set-Cookie
ut=1526927205577;Path=/;Expires=Tue, 21-May-2019 18:26:45 GMT uid=mi16383f424b5e492134a8b054de;Path=/;Expires=Tue, 21-May-2019 18:26:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding
gzip

Redirect headers

Server
Microsoft-IIS/7.5
Date
Mon, 21 May 2018 18:26:45 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
uid=mi16383f424b5e492134a8b054de;Path=/;Domain=.em.nscontext.eu;Expires=Wed, 20-May-2020 18:26:45 GMT;Max-Age=63072000
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://api.spoldzielnia.nsaudience.pl/frontend/api/sale.api?uid=mi16383f424b5e492134a8b054de
truncated
/ Frame A3A4 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8d90d1c34b2cf176ae743361793df9ee6418708d8a8b5e4a7f69cf9503ba984

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ Frame A3A4 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ed62e3d304b93a243e8390e6161d14d28447a34b5cb8953ce048fc83c94383d

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
/
rm.em.nscontext.eu/ Frame D88A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=netsprint
  • https://x.bidswitch.net/ul_cb/sync?ssp=netsprint
  • https://ads.avocet.io/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dnetsprint%26bsw_param%3Dc38b7100-ecb7-4bde-ab2a-30e226ccca6b
  • https://ads.avocet.io/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dnetsprint%26bsw_param%3Dc38b7100-ecb7-4bde-ab2a-30e226ccca6b
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=d3a0acf5-01c0-47c7-883c-0c22fb2aeac6&ssp=netsprint&bsw_param=c38b7100-ecb7-4bde-ab2a-30e226ccca6b
  • https://adsearch.adkontekst.pl/deimos/rtbcm?dspId=bidswitch&buyerId=c38b7100-ecb7-4bde-ab2a-30e226ccca6b
  • https://rm.em.nscontext.eu/?dspId=bidswitch&buyerId=c38b7100-ecb7-4bde-ab2a-30e226ccca6b
631 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm.em.nscontext.eu/?dspId=bidswitch&buyerId=c38b7100-ecb7-4bde-ab2a-30e226ccca6b
Requested by
Host: xurl.pl
URL: http://xurl.pl/special
Protocol
HTTP/1.1
Server
136.243.87.194 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
24-hprx.funcns.net
Software
Microsoft-IIS/7.5 /
Resource Hash
c12998add033bf7f99e0ea18be87cbd554980348d1d24a95218e62618d8946a0

Request headers

Referer
http://xurl.pl/framedRedirectTop.php?url=654086
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 21 May 2018 18:26:46 GMT
Server
Microsoft-IIS/7.5
Connection
keep-alive
Content-Type
image/jpeg
Transfer-Encoding
chunked
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 21 May 2018 18:26:44 GMT
Server
Microsoft-IIS/7.5
Transfer-Encoding
chunked
P3P
CP = "NOI DSP COR NID CUR OUR NOR"
Location
https://rm.em.nscontext.eu/?dspId=bidswitch&buyerId=c38b7100-ecb7-4bde-ab2a-30e226ccca6b
Cache-Control
no-cache
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Domain/Path Name / Value
api.spoldzielnia.nsaudience.pl/ Name: uid
Value: mi16383f424b5e492134a8b054de
cm.em.nscontext.eu/ Name: ec
Value: ec
.em.nscontext.eu/ Name: tmp1526927205593Z2099498763
Value: mi16383f424d92a3c4487f1c81f42
api.spoldzielnia.nsaudience.pl/ Name: ut
Value: 1526927205577
.em.nscontext.eu/ Name: volatileUid
Value: mi16383f424d92a3c4487f1c81f42
.em.nscontext.eu/ Name: tmp1526927205557Z156627310
Value: mi16383f424b5e492134a8b054de
.xurl.pl/ Name: _gat
Value: 1
xurl.pl/ Name: shorturl
Value: 29r39uoqts1gcu99vv5mia9530
api.spoldzielnia.nsaudience.pl/ Name: google_capping
Value: 1526927205648
.dudemobile.net/ Name: __cfduid
Value: dd47d53cd6ab9cc55d4b75c5c94f7f0171526927204
.em.nscontext.eu/ Name: uid
Value: mi16383f424d92a3c4487f1c81f42
.xurl.pl/ Name: _gid
Value: GA1.2.1349047917.1526927205
.xurl.pl/ Name: _ga
Value: GA1.2.346493986.1526927205