www.e-gwaltwiadomosc.pl Open in urlscan Pro
46.242.233.75  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.e-gwaltwiadomosc.pl/weryfikacja/mobile/	7 KB 3 KB	166ms 42ms	Document text/html	46.242.233.75 HOMEPL-AS
General Check archive.org Show headers Download Go to Full URL https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 46.242.233.75 , Poland, ASN12824 (HOMEPL-AS, PL), Reverse DNS cloudserver179145.home.pl Software Apache / Resource Hash 54f102d1d1b4bd8c53e8284c699634f98ff0470723a7053fbb80cff9a8ec0ac5 Request headers :method GET :authority www.e-gwaltwiadomosc.pl :scheme https :path /weryfikacja/mobile/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Sat, 16 May 2020 04:59:50 GMT content-type text/html server Apache last-modified Fri, 15 May 2020 15:03:50 GMT etag W/"1aab-5a5b11eea0180" content-encoding gzip
GET H2	200	style.css www.e-gwaltwiadomosc.pl/weryfikacja/mobile/	11 KB 3 KB	43ms 43ms	Stylesheet text/css	46.242.233.75 HOMEPL-AS
General Check archive.org Show headers Download Go to Full URL https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/style.css Requested by Host: www.e-gwaltwiadomosc.pl URL: https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 46.242.233.75 , Poland, ASN12824 (HOMEPL-AS, PL), Reverse DNS cloudserver179145.home.pl Software Apache / Resource Hash 5b795bdf7c24fe02623b68b85c8549449b382c3640bccc878eac24ef85d281e6 Request headers Referer https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Sat, 16 May 2020 04:59:50 GMT content-encoding gzip last-modified Fri, 15 May 2020 15:03:51 GMT server Apache etag W/"2abb-5a5b11ef943c0" content-type text/css
GET H2	200	fb.png www.e-gwaltwiadomosc.pl/weryfikacja/mobile/	2 KB 3 KB	42ms 41ms	Image image/png	46.242.233.75 HOMEPL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/fb.png Requested by Host: www.e-gwaltwiadomosc.pl URL: https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 46.242.233.75 , Poland, ASN12824 (HOMEPL-AS, PL), Reverse DNS cloudserver179145.home.pl Software Apache / Resource Hash 48660be52c0b2dbbabc71f51863a28341d3ca0f1b11bfd131e1aceef6aedbaf9 Request headers Referer https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 16 May 2020 04:59:50 GMT last-modified Fri, 15 May 2020 15:03:50 GMT server Apache etag "9a8-5a5b11eea0180" content-type image/png status 200 accept-ranges bytes content-length 2472
GET H2	200	start.php Show response www.licznikodwiedzin.pl/cnt/	2 KB 1 KB	153ms 42ms	Script text/html	89.161.254.183 HOMEPL-AS
General Check archive.org Show headers Download Go to Full URL https://www.licznikodwiedzin.pl/cnt/start.php?key=157910342 Requested by Host: www.e-gwaltwiadomosc.pl URL: https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.161.254.183 , Poland, ASN12824 (HOMEPL-AS, PL), Reverse DNS cloudserver2082475.home.pl Software IdeaWebServer/0.83.415 / Resource Hash c5d15cbcc683069c646ec02c46e679d52e522fb54177e9ad6c2fc218d7983b7e Request headers Referer https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Sat, 16 May 2020 04:59:50 GMT content-encoding gzip server IdeaWebServer/0.83.415 content-type text/html
GET H2	200	cnt.php www.licznikodwiedzin.pl/cnt/ Frame 61D5	0 0	42ms 41ms	Document text/html	89.161.254.183 HOMEPL-AS
General Check archive.org Show headers Download Go to Full URL https://www.licznikodwiedzin.pl/cnt/cnt.php?key=157910342&minDigits=7 Requested by Host: www.licznikodwiedzin.pl URL: https://www.licznikodwiedzin.pl/cnt/start.php?key=157910342 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.161.254.183 , Poland, ASN12824 (HOMEPL-AS, PL), Reverse DNS cloudserver2082475.home.pl Software IdeaWebServer/0.83.415 / Resource Hash Request headers :method GET :authority www.licznikodwiedzin.pl :scheme https :path /cnt/cnt.php?key=157910342&minDigits=7 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ Response headers status 200 date Sat, 16 May 2020 04:59:50 GMT content-type text/html p3p CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM" server IdeaWebServer/0.83.415 set-cookie daily_157910342=1; expires=Sun, 17-May-2020 04:59:50 GMT; path=/ content-encoding gzip
GET H/1.1	200	/ Show response adsearch.adkontekst.pl/_/ads2/	23 KB 7 KB	102ms 49ms	Script application/javascript	138.201.161.134 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=0777479e274c03f3865ef57852a7c607 Requested by Host: www.licznikodwiedzin.pl URL: https://www.licznikodwiedzin.pl/cnt/start.php?key=157910342 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.201.161.134 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 2-beer.funcadr.net Software nginx / Resource Hash 5df62b29c6d75b78e6d8da7648fca902f4d50e7a2a01d92b44f561c10dd2c0ca Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sat, 16 May 2020 04:59:50 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Language en-US Cache-Control no-cache, no-store, max-age=0, must-revalidate Transfer-Encoding chunked Connection keep-alive Content-Type application/javascript;charset=UTF-8 Vary Accept-Encoding X-XSS-Protection 1; mode=block X-Application-Context dispatcher-service-tao:dispatcher-run:8532 Expires 0
GET H2	200	xx.gif www.deszczowce.pl/app/webroot/img/bannery/adkontekst/	836 B 992 B	160ms 39ms	Image image/gif	89.161.254.183 HOMEPL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.deszczowce.pl/app/webroot/img/bannery/adkontekst/xx.gif Requested by Host: www.e-gwaltwiadomosc.pl URL: https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.161.254.183 , Poland, ASN12824 (HOMEPL-AS, PL), Reverse DNS cloudserver2082475.home.pl Software IdeaWebServer/0.83.415 / Resource Hash 038f95f1b5770bd0f9a3e0b63fd15aefc33f15194ee9aabbea57aea9c48b0010 Request headers Referer https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Sat, 16 May 2020 04:59:50 GMT last-modified Thu, 04 Oct 2018 02:40:25 GMT server IdeaWebServer/0.83.415 content-type image/gif content-length 836 expires Fri, 26 Jun 2020 20:59:51 GMT
POST H/1.1	200	status Show response adsearch.adkontekst.pl/_/cmp/	2 B 519 B	26ms 26ms	XHR text/plain	138.201.161.134 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://adsearch.adkontekst.pl/_/cmp/status?own=false Requested by Host: adsearch.adkontekst.pl URL: https://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=0777479e274c03f3865ef57852a7c607 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.201.161.134 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 2-beer.funcadr.net Software nginx / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers Pragma no-cache Date Sat, 16 May 2020 04:59:50 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin https://www.e-gwaltwiadomosc.pl Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Vary Origin Content-Length 2 X-XSS-Protection 1; mode=block X-Application-Context dispatcher-service-tao:dispatcher-run:8532 Expires 0
GET H/1.1	200 OK	0777479e274c03f3865ef57852a7c607 Show response prd-header-biding.vda.netsprint.pl/units/	9 KB 4 KB	88ms 36ms	Script text/javascript	138.201.161.134 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://prd-header-biding.vda.netsprint.pl/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=13.527508090614885&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false Requested by Host: adsearch.adkontekst.pl URL: https://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=0777479e274c03f3865ef57852a7c607 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.201.161.134 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 2-beer.funcadr.net Software nginx / Resource Hash 105354238ba6ddf7785e02570c9fa5f81eae1ddeee5b71e3ad2dc556409b58de Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sat, 16 May 2020 04:59:52 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Vary Accept-Encoding Content-Language en-US Cache-Control no-cache, no-store, max-age=0, must-revalidate Transfer-Encoding chunked Connection keep-alive Content-Type text/javascript;charset=UTF-8 X-Xss-Protection 1; mode=block X-Application-Context header-bidding-service Expires 0
GET H/1.1	200 OK	tools.js Show response prd-header-biding.vda.netsprint.pl/js/ Frame 0956	186 KB 59 KB	40ms 39ms	Script application/javascript	138.201.161.134 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://prd-header-biding.vda.netsprint.pl/js/tools.js Requested by Host: prd-header-biding.vda.netsprint.pl URL: https://prd-header-biding.vda.netsprint.pl/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=13.527508090614885&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.201.161.134 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 2-beer.funcadr.net Software nginx / Resource Hash fb1bddda0518b2b9969441cdbdae6404ad3916fa51999581b0099645c35b5758 Request headers Referer https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 16 May 2020 04:59:52 GMT Content-Encoding gzip Last-Modified Tue, 07 Apr 2020 12:27:43 GMT Server nginx Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=300 Transfer-Encoding chunked Connection keep-alive Accept-Ranges bytes X-Application-Context header-bidding-service
POST H/1.1	200 OK	prebid ib.adnxs.com/ut/v3/ Frame 0956	19 B 0	46ms 16ms	XHR application/json	185.33.221.90 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: prd-header-biding.vda.netsprint.pl URL: https://prd-header-biding.vda.netsprint.pl/js/tools.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.90 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.13.4 / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 16 May 2020 04:59:54 GMT X-Proxy-Origin 185.217.171.12; 185.217.171.12; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.47:80 AN-X-Request-Uuid 3291f99d-970f-4d58-a9f6-2e4a7eb269df Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.e-gwaltwiadomosc.pl Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	/ Show response adsearch.adkontekst.pl/_/ads2/	7 KB 2 KB	28ms 27ms	Script text/javascript	138.201.161.134 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://adsearch.adkontekst.pl/_/ads2/?strict=true&QAPS_AKPL=0777479e274c03f3865ef57852a7c607&dispatched=true&useBehavioralTargeting=true Requested by Host: prd-header-biding.vda.netsprint.pl URL: https://prd-header-biding.vda.netsprint.pl/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=13.527508090614885&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.201.161.134 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 2-beer.funcadr.net Software nginx / Resource Hash fdb2a37bb58c93c40b76b372766fb3bea6c78e1141fc92afc886e99459c6d15d Request headers Referer https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 16 May 2020 04:59:52 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type text/javascript; charset=UTF-8
POST H/1.1	200 OK	dibs Show response prd-dib-logger-service.vda.netsprint.pl/loggers/	2 B 315 B	28ms 28ms	XHR text/plain	136.243.169.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://prd-dib-logger-service.vda.netsprint.pl/loggers/dibs Requested by Host: prd-header-biding.vda.netsprint.pl URL: https://prd-header-biding.vda.netsprint.pl/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=13.527508090614885&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.169.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 3-beer.funcadr.net Software nginx / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers Date Sat, 16 May 2020 04:59:53 GMT Server nginx Vary Origin Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin https://www.e-gwaltwiadomosc.pl Access-Control-Allow-Credentials true Connection keep-alive Content-Length 2 X-Application-Context dib-logger-service
POST H/1.1	200 OK	times Show response prd-dib-logger-service.vda.netsprint.pl/loggers/	2 B 315 B	27ms 27ms	XHR text/plain	136.243.169.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://prd-dib-logger-service.vda.netsprint.pl/loggers/times Requested by Host: prd-header-biding.vda.netsprint.pl URL: https://prd-header-biding.vda.netsprint.pl/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=13.527508090614885&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.169.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 3-beer.funcadr.net Software nginx / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers Date Sat, 16 May 2020 04:59:53 GMT Server nginx Vary Origin Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin https://www.e-gwaltwiadomosc.pl Access-Control-Allow-Credentials true Connection keep-alive Content-Length 2 X-Application-Context dib-logger-service
GET H/1.1	200 OK	/ Show response adsearch.adkontekst.pl/quad/spliter/	6 KB 2 KB	27ms 27ms	Script text/javascript	138.201.161.134 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://adsearch.adkontekst.pl/quad/spliter/?prefix=akon&prid=0&caid=0&plh=0777479e274c03f3865ef57852a7c607&plid=0&namespace=qa_akon&nc=1589605192933&qss=true&nc2=898431738&dispatched=false&adblock=false&useBehavioralTargeting=true&type=K1&ref=https%3A%2F%2Fwww.e-gwaltwiadomosc.pl%2Fweryfikacja%2Fmobile%2F Requested by Host: adsearch.adkontekst.pl URL: https://adsearch.adkontekst.pl/_/ads2/?strict=true&QAPS_AKPL=0777479e274c03f3865ef57852a7c607&dispatched=true&useBehavioralTargeting=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.201.161.134 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 2-beer.funcadr.net Software nginx / Resource Hash 7b9fd7b184c59482df5d11b87165be1f005fa9a2adcead05625dc5ba55b826b2 Request headers Referer https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sat, 16 May 2020 04:59:52 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked P3P CP="NOI DSP COR NID CUR OUR NOR" Cache-Control no-cache Connection keep-alive Content-Type text/javascript; charset=UTF-8
GET H/1.1	200 OK	/ Show response adsearch.adkontekst.pl/_/both/	456 KB 121 KB	43ms 42ms	Script text/javascript	138.201.161.134 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://adsearch.adkontekst.pl/_/both/?prefix=akon&namespace=qa_akon&nc=0&browser=safari&dispatched=false&adblock=false Requested by Host: adsearch.adkontekst.pl URL: https://adsearch.adkontekst.pl/_/ads2/?strict=true&QAPS_AKPL=0777479e274c03f3865ef57852a7c607&dispatched=true&useBehavioralTargeting=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.201.161.134 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 2-beer.funcadr.net Software nginx / Resource Hash 7538b3c7fb5ba79fd38b5b46d5503dc954375464dd725ac350d48d7a6a328472 Request headers Referer https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 16 May 2020 04:59:53 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type text/javascript; charset=UTF-8
GET H/1.1	200 OK	/ Show response adsearch.adkontekst.pl/quad/spliter/	6 KB 3 KB	29ms 29ms	Script text/javascript	138.201.161.134 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://adsearch.adkontekst.pl/quad/spliter/?prid=944&caid=103713&nc=1589605193404&cc=3&form=507626:3:Q1:R1:G1:S1:V1:A3;&content=_512+facebooka+_256+znasz+znajomymi+zaloguj+zaczac+witamy+udostepniac+rzeczy+rozne+rodzina+ludzmi+laczyc&qnr=0&without=&extra=&w=160&h=600&qss=true&flash=false&iid=-7513822377232290&prefix=akon&namespace=qa_akon&type=2&dispatched=true&useBehavioralTargeting=true&ref=https%3A%2F%2Fwww.e-gwaltwiadomosc.pl%2Fweryfikacja%2Fmobile%2F Requested by Host: adsearch.adkontekst.pl URL: https://adsearch.adkontekst.pl/_/ads2/?strict=true&QAPS_AKPL=0777479e274c03f3865ef57852a7c607&dispatched=true&useBehavioralTargeting=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.201.161.134 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 2-beer.funcadr.net Software nginx / Resource Hash 614691fdee34048e9fef3010c3bef0e91dad42ccdd03b389569c68a8d1c8f60a Request headers Referer https://www.e-gwaltwiadomosc.pl/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sat, 16 May 2020 04:59:53 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked P3P CP="NOI DSP COR NID CUR OUR NOR" Cache-Control no-cache Connection keep-alive Content-Type text/javascript; charset=UTF-8
GET DATA	200 OK	truncated / Frame 4DAB	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 86ed6192dc45a26e281c718282a5001f479dfaaba30275786f4cdd7dd4873ba6 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 4DAB	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f8d90d1c34b2cf176ae743361793df9ee6418708d8a8b5e4a7f69cf9503ba984 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| __updateOrientation function| getInternetExplorerVersion number| ver number| deszczowcepl_rand boolean| deszczowcepl_ad boolean| deszczowcepl_attempt string| placementHash string| emissionArea object| nshbParams object| requiredAgreementsNshb boolean| duplicatorCheckerEnabled string| duplicatorCheckerLoggerUrl string| frameTypeNotInFrame string| frameTypeFriendly string| frameTypeUnfriendly boolean| iframeCheckerEnabled string| dibLoggerUrl object| requiredAgreements number| agreements_cmpMaxWaitForScriptAttempts number| agreements_cmpExistsWaitForCallbackMs number| agreements_cmpWaitForScriptMs boolean| enableJsDebug object| jsServerLoggerScript string| viewName string| ajaxLoggerDibLoggerUrl string| nsEmiterSource string| mobile string| adblock string| polyfillUrl string| gamWtgPrebidScriptUrl object| $jscomp function| addBehavioralParam function| onAfterAgreements function| executeEmiter object| ns_vda object| adElement string| objectName object| 0777479e274c03f3865ef57852a7c607Oa48c49d6 boolean| 0777479e274c03f3865ef57852a7c607 object| ns_global_vars object| qa_akon object| __gwt_activeModules object| gummiTarget

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.licznikodwiedzin.pl/	1970-01-19 09:34:51	Name: daily_157910342 Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://prd-header-biding.vda.netsprint.pl/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=13.527508090614885&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false(Line 1) Message: emCpm: 13.527508090614885
console-api	log	URL: https://prd-header-biding.vda.netsprint.pl/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=13.527508090614885&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false(Line 1) Message: currency: PLN
console-api	log	URL: https://prd-header-biding.vda.netsprint.pl/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=13.527508090614885&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false(Line 1) Message: executing emiter
console-api	log	URL: https://prd-header-biding.vda.netsprint.pl/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=13.527508090614885&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false(Line 1) Message: [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsearch.adkontekst.pl
ib.adnxs.com
prd-dib-logger-service.vda.netsprint.pl
prd-header-biding.vda.netsprint.pl
www.deszczowce.pl
www.e-gwaltwiadomosc.pl
www.licznikodwiedzin.pl
136.243.169.30
138.201.161.134
185.33.221.90
46.242.233.75
89.161.254.183
038f95f1b5770bd0f9a3e0b63fd15aefc33f15194ee9aabbea57aea9c48b0010
105354238ba6ddf7785e02570c9fa5f81eae1ddeee5b71e3ad2dc556409b58de
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
48660be52c0b2dbbabc71f51863a28341d3ca0f1b11bfd131e1aceef6aedbaf9
54f102d1d1b4bd8c53e8284c699634f98ff0470723a7053fbb80cff9a8ec0ac5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b795bdf7c24fe02623b68b85c8549449b382c3640bccc878eac24ef85d281e6
5df62b29c6d75b78e6d8da7648fca902f4d50e7a2a01d92b44f561c10dd2c0ca
614691fdee34048e9fef3010c3bef0e91dad42ccdd03b389569c68a8d1c8f60a
7538b3c7fb5ba79fd38b5b46d5503dc954375464dd725ac350d48d7a6a328472
7b9fd7b184c59482df5d11b87165be1f005fa9a2adcead05625dc5ba55b826b2
86ed6192dc45a26e281c718282a5001f479dfaaba30275786f4cdd7dd4873ba6
c5d15cbcc683069c646ec02c46e679d52e522fb54177e9ad6c2fc218d7983b7e
f8d90d1c34b2cf176ae743361793df9ee6418708d8a8b5e4a7f69cf9503ba984
fb1bddda0518b2b9969441cdbdae6404ad3916fa51999581b0099645c35b5758
fdb2a37bb58c93c40b76b372766fb3bea6c78e1141fc92afc886e99459c6d15d