abdoxnoni003.7m.pl Open in urlscan Pro
149.202.75.212 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd...
Submission: On June 12 via automatic, source openphish (June 12th 2020, 2:53:32 am UTC)

Summary HTTP 71 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 9 countries across 22 domains to perform 71 HTTP transactions. The main IP is 149.202.75.212, located in France and belongs to OVH, FR. The main domain is abdoxnoni003.7m.pl.

This is the only time abdoxnoni003.7m.pl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DocuSign (Online)

Domain & IP information

	IP Address	AS Autonomous System
10	149.202.75.212 149.202.75.212	16276 (OVH) (OVH)
8	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
6	95.217.209.65 95.217.209.65	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
1 11	178.32.202.244 178.32.202.244	16276 (OVH) (OVH)
3	178.32.202.249 178.32.202.249	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:1800:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
10 15	85.194.243.85 85.194.243.85	57367 (ECO-ATMAN...) (ECO-ATMAN-PL ECO-ATMAN-)
10 10	85.194.243.82 85.194.243.82	57367 (ECO-ATMAN...) (ECO-ATMAN-PL ECO-ATMAN-)
1	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	185.86.138.16 185.86.138.16	201081 (SMARTADSE...) (SMARTADSERVER)
1	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.93.187.84 54.93.187.84	16509 (AMAZON-02) (AMAZON-02)
1	104.111.215.171 104.111.215.171	16625 (AKAMAI-AS) (AKAMAI-AS)
3	52.29.233.203 52.29.233.203	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:215... 2600:9000:215d:5e00:12:6213:9cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:c400:1f:a1b:34c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.237.119 143.204.237.119	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:215d:7c00:11:af01:b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
71	25

10 149.202.75.212 (France)

ASN16276 (OVH, FR)
PTR: ns3013739.ip-149-202-75.eu

abdoxnoni003.7m.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.217.209.65 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: exmail.mkteam.pl

s.7m.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7m.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 178.32.202.244 (Poland) 1 redirects

ASN16276 (OVH, FR)

a.spolecznosci.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
spolecznosci.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.32.202.249 (Poland)

ASN16276 (OVH, FR)

spolecznosci.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:1800:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.30 (Poland)

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 85.194.243.85 (Poland) 10 redirects

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: ip-5.85-194-243-80.net.old.eco.atman.pl

gpl.adocean.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 85.194.243.82 (Poland) 10 redirects

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: ip-2.85-194-243-80.net.old.eco.atman.pl

gpladpl.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.22 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.187.84 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-187-84.eu-central-1.compute.amazonaws.com

hb.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.171 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-171.deploy.static.akamaitechnologies.com

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.233.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-233-203.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215d:5e00:12:6213:9cc0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

si.nuggad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:c400:1f:a1b:34c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

nugmw.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.237.119 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-237-119.cph50.r.cloudfront.net

sak.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215d:7c00:11:af01:b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	7m.pl abdoxnoni003.7m.pl s.7m.pl 7m.pl	82 KB
15	adocean.pl 10 redirects gpl.adocean.pl	4 KB
11	spolecznosci.net 1 redirects a.spolecznosci.net spolecznosci.net	233 KB
10	gemius.pl 10 redirects gpladpl.hit.gemius.pl	3 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	135 KB
5	adscale.de hb.adscale.de js.adscale.de ih.adscale.de	6 KB
4	consensu.org spolecznosci.mgr.consensu.org vendorlist.consensu.org	117 KB
4	doubleclick.net googleads.g.doubleclick.net
3	userreport.com nugmw.userreport.com sak.userreport.com tag.userreport.com	22 KB
3	google-analytics.com www.google-analytics.com	18 KB
2	adnxs.com ib.adnxs.com acdn.adnxs.com	1 KB
2	smartadserver.com prg.smartadserver.com	3 KB
2	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	117 B
2	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
1	indexww.com js-sec.indexww.com
1	nuggad.net 1 redirects si.nuggad.net	511 B
1	casalemedia.com as-sec.casalemedia.com	415 B
1	adform.net adx.adform.net	466 B
1	creativecdn.com prebid-eu.creativecdn.com	171 B
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	316 B
1	google.de adservice.google.de	168 B
71	22

	Domain	Requested by
15	gpl.adocean.pl	10 redirects
10	gpladpl.hit.gemius.pl	10 redirects
10	abdoxnoni003.7m.pl	abdoxnoni003.7m.pl
6	spolecznosci.net	a.spolecznosci.net spolecznosci.net
5	a.spolecznosci.net	1 redirects s.7m.pl abdoxnoni003.7m.pl spolecznosci.net
5	pagead2.googlesyndication.com	abdoxnoni003.7m.pl pagead2.googlesyndication.com
4	7m.pl	s.7m.pl
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	ih.adscale.de	js.adscale.de
3	www.google-analytics.com
3	spolecznosci.mgr.consensu.org	spolecznosci.net spolecznosci.mgr.consensu.org
2	prg.smartadserver.com	spolecznosci.net
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	s.7m.pl	abdoxnoni003.7m.pl s.7m.pl
1	acdn.adnxs.com	spolecznosci.net
1	js-sec.indexww.com	spolecznosci.net
1	ads.pubmatic.com	spolecznosci.net
1	tag.userreport.com	sak.userreport.com
1	sak.userreport.com	nugmw.userreport.com
1	nugmw.userreport.com
1	si.nuggad.net	1 redirects
1	js.adscale.de	spolecznosci.net
1	hb.adscale.de	spolecznosci.net
1	as-sec.casalemedia.com	spolecznosci.net
1	ib.adnxs.com	spolecznosci.net
1	hbopenbid.pubmatic.com	spolecznosci.net
1	adx.adform.net	spolecznosci.net
1	prebid-eu.creativecdn.com	spolecznosci.net
1	mug.criteo.com
1	gum.criteo.com	1 redirects
1	vendorlist.consensu.org	spolecznosci.mgr.consensu.org
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
71	34

This site contains no links.

Subject Issuer	Validity	Valid
s.7m.pl Let's Encrypt Authority X3	`2020-06-04` - `2020-09-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
7m.pl Let's Encrypt Authority X3	`2020-05-28` - `2020-08-26`	3 months	crt.sh
*.spolecznosci.net Sectigo RSA Domain Validation Secure Server CA	`2020-03-23` - `2021-03-27`	a year	crt.sh
spolecznosci.mgr.consensu.org Sectigo RSA Domain Validation Secure Server CA	`2019-09-25` - `2020-10-03`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
vendorlist.consensu.org Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.adocean.pl Sectigo ECC Domain Validation Secure Server CA	`2020-01-27` - `2022-02-05`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.adscale.de Amazon	`2020-06-05` - `2021-07-07`	a year	crt.sh
cat.adscale.de DigiCert SHA2 Secure Server CA	`2019-07-29` - `2020-10-27`	a year	crt.sh
*.userreport.com RapidSSL RSA CA 2018	`2019-01-10` - `2021-03-10`	2 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh

This page contains 13 frames:

Primary Page: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
Frame ID: B2E4713B57222312DC47FD42AEEB5BCA
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200608/r20190131/zrt_lookup.html
Frame ID: 15A7309BAD7942ADB05C61B2D984E4D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6469407771801779&output=html&adk=1812271804&adf=3025194257&lmt=1581523412&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%26session%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1591930385515&bpp=13&bdt=51&idt=487&shv=r20200608&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4460855908644&frm=20&pv=2&ga_vid=1938369046.1591930386&ga_sid=1591930386&ga_hid=360001720&ga_fc=0&iag=0&icsg=10912&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065531&oid=3&pvsid=2491887064320106&pem=786&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=503
Frame ID: F9692E0BDA07A8E3BCC7D251F625832A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6469407771801779&output=html&h=280&slotname=7350901370&adk=1349948176&adf=3193654627&w=1200&fwrn=4&fwrnh=100&lmt=1581523412&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%26session%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1591930385887&bpp=2&bdt=422&idt=137&shv=r20200608&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4460855908644&frm=20&pv=1&ga_vid=1938369046.1591930386&ga_sid=1591930386&ga_hid=360001720&ga_fc=0&iag=0&icsg=43680&dssz=9&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065531&oid=3&pvsid=2491887064320106&pem=786&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=1&uci=a!1&fsb=1&xpc=4R1tjkMrEj&p=http%3A//abdoxnoni003.7m.pl&dtd=143
Frame ID: 4E814B3749F125AFD697EF2AE5066782
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6469407771801779&output=html&h=280&slotname=7350901370&adk=255952387&adf=3371666807&w=1200&fwrn=4&fwrnh=100&lmt=1581523412&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%26session%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1591930385889&bpp=1&bdt=424&idt=146&shv=r20200608&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4460855908644&frm=20&pv=1&ga_vid=1938369046.1591930386&ga_sid=1591930386&ga_hid=360001720&ga_fc=0&iag=0&icsg=43680&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065531&oid=3&pvsid=2491887064320106&pem=786&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=2&uci=a!2&fsb=1&xpc=aKhT4zPup9&p=http%3A//abdoxnoni003.7m.pl&dtd=148
Frame ID: CB3CC5A98E3630D7F12DC173BF800B04
Requests: 1 HTTP requests in this frame

Frame: https://spolecznosci.net/files/data.15.htm?Ho_abdoxnoni003.7m.pl
Frame ID: 8802D182C26DC3BA6E8D68741FB861A4
Requests: 1 HTTP requests in this frame

Frame: https://spolecznosci.mgr.consensu.org/portal.html
Frame ID: 049D9311C216B90A6C2604C8FF252C9B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 1D9B4C0B50C5B849ADA2DC691BD41DEB
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1
Frame ID: C582CCE8D293F883F9C2D3F67B2C1864
Requests: 1 HTTP requests in this frame

Frame: https://tag.userreport.com/server.html
Frame ID: BCD614738485324A9A94CF039CB24B39
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A55002197FEF5EE893D11FE565E2BCF0
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D022D840E2B5E47C7AAB738642EFE99B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: FCEBFFD0AC258DEACDCFCEF1B431AB77
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

71
Requests

82 %
HTTPS

32 %
IPv6

22
Domains

34
Subdomains

25
IPs

9
Countries

648 kB
Transfer

1701 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://a.spolecznosci.net/pet?s=7m&x=1360%2C1359&uu=null&cpmc=true&safe=1&ut=&cb=8196903438&uq=139062386265.345028&ref=http%253A%252F%252Fabdoxnoni003.7m.pl%252Fndcu%252Fhome%252Flogin.html%253Fcmd%253Dlogin_submit%2526id%253D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%2526session%253D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&n=0.4994846537501674&bw=1600&bh=1200 HTTP 307
https://a.spolecznosci.net/pet?s=7m&x=1360%2C1359&uu=null&cpmc=true&safe=1&ut=&cb=8196903438&uq=139062386265.345028&ref=http%253A%252F%252Fabdoxnoni003.7m.pl%252Fndcu%252Fhome%252Flogin.html%253Fcmd%253Dlogin_submit%2526id%253D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%2526session%253D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&n=0.4994846537501674&bw=1600&bh=1200&nr=1

Request Chain 36

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 40

http://www.google-analytics.com/r/collect?v=1&_v=j82&a=360001720&t=pageview&_s=1&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%26session%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&ul=en-us&de=windows-1252&dt=DocuSign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1810403480&gjid=1249787048&cid=1938369046.1591930386&tid=UA-89200509-1&_gid=2079930567.1591930387&_r=1&z=851587885 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=360001720&t=pageview&_s=1&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%26session%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&ul=en-us&de=windows-1252&dt=DocuSign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1810403480&gjid=1249787048&cid=1938369046.1591930386&tid=UA-89200509-1&_gid=2079930567.1591930387&_r=1&z=851587885

Request Chain 41

http://www.google-analytics.com/collect?v=1&_v=j82&a=360001720&t=event&_s=2&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%26session%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&ul=en-us&de=windows-1252&dt=DocuSign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=abdoxnoni003&ea=subdomain&_u=IAhAAEAB~&jid=&gjid=&cid=1938369046.1591930386&tid=UA-89200509-1&_gid=2079930567.1591930387&z=608278816 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j82&a=360001720&t=event&_s=2&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%26session%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&ul=en-us&de=windows-1252&dt=DocuSign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=abdoxnoni003&ea=subdomain&_u=IAhAAEAB~&jid=&gjid=&cid=1938369046.1591930386&tid=UA-89200509-1&_gid=2079930567.1591930387&z=608278816

Request Chain 45

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fabdoxnoni003.7m.pl%2F&domain=abdoxnoni003.7m.pl&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=fogtt3xsUWVNbDkrRy9LajFDcVpVZTdzaUZBSW53SWw3UHZkSXZrdG5oU1ZTRGVtQlo2TEFxVmc2blp2RGsydy9lUmhySGZqN3RLMFVZZkhRWUZDRG9kbXZwZlZ0VHVDMXBab0ZhVFJVMS9INnZob2k3TldJR0F3N3ArZTNGeG1MWTVER1AzMTVhZ2lKSldxN3poTDFaN0toQmpuQktGUWxnalVlZGh6cDdHR1Z3ZTNHTWhtdHlhenhua2l4YjNmMjRzLzdBT0JIS1g5cmkwNktKYmlCbWdJY1FHQWg5eTlid244RjkyZGFsdjlLcm1SVmR3R3pWbjdCTHA4bUFSbEUxZXlDfA&cppv=2

Request Chain 47

https://gpl.adocean.pl/_6256120290811502/ad.json?id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpl.adocean.pl/__/_6256120290811502/ad.json?id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DG2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DG2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=.iHKspTOu2Fbm5l2NehTULKp1LuW05tvWQs_Gtuv18n._7&id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0?

Request Chain 48

https://gpl.adocean.pl/_18568820511301154/ad.json?id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpl.adocean.pl/__/_18568820511301154/ad.json?id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DNueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DNueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=eF6wN5NEj75hKMhmoBHl0LILllfco.TkxJHysgufxeb.B7&id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0?

Request Chain 49

https://gpl.adocean.pl/_9755654885078697/ad.json?id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpl.adocean.pl/__/_9755654885078697/ad.json?id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DoSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DoSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=eFi63TOvFRDXSNwtQRtYfZKc1OAMo.s_7rl4bPC0cTP.h7&id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0?

Request Chain 50

https://gpl.adocean.pl/_12378415909155271/ad.json?id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpl.adocean.pl/__/_12378415909155271/ad.json?id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DzRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DzRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=zqga.bVUa6CL3Hk.Qq5u5JKcllhmr.TkCTHysnVoxeb.17&id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0?

Request Chain 51

https://gpl.adocean.pl/_5912055304937993/ad.json?id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpl.adocean.pl/__/_5912055304937993/ad.json?id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=eFganV05VbpPJkycFLIoAV.h1OAMRg1MM2JwG9Ys8.j.T7&id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0?

Request Chain 62

https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715 HTTP 302
https://nugmw.userreport.com/rc-ap/110ab7b6-fee0-4bba-b006-efef1f59624c/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request login.html Show response
abdoxnoni003.7m.pl/ndcu/home/ 5 KB
2 KB 45ms
31ms Document
text/html 149.202.75.212
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
Protocol: HTTP/1.1
Server: 149.202.75.212 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3013739.ip-149-202-75.eu
Software: nginx /
Resource Hash: d5d37a2eab10b9a8f16528b7d1ea9b49f5aaff0ce7153a6461a2fb242b4d2413

Request headers

Host: abdoxnoni003.7m.pl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Fri, 12 Jun 2020 02:53:05 GMT
Content-Type: text/html
Content-Length: 1608
Connection: keep-alive
Last-Modified: Wed, 12 Feb 2020 16:03:32 GMT
ETag: "12d0-59e631d308f15-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 109 KB
40 KB 26ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6659acceb3f85429d12ea2da3581d32f0e363717afe6f2321ce41296a68185b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 12 Jun 2020 02:53:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 1051099639363812245
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 40152
X-XSS-Protection: 0
Expires: Fri, 12 Jun 2020 02:53:05 GMT

GET
H/1.1 200
OK dsgn.png
abdoxnoni003.7m.pl/ndcu/home/img/ 7 KB
8 KB 20ms
20ms Image
image/png 149.202.75.212
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/img/dsgn.png
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
Protocol: HTTP/1.1
Server: 149.202.75.212 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3013739.ip-149-202-75.eu
Software: nginx /
Resource Hash: fa2776137cbda7fb85aaa56be710f14e5d3d18e231756cfbe283a2938e7d6620

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 02:53:05 GMT
Last-Modified: Wed, 12 Feb 2020 16:03:27 GMT
Server: nginx
ETag: "5e4421cf-1dd3"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7635
Expires: Mon, 07 Jun 2021 02:53:05 GMT

GET
H/1.1 200
OK do_ll.png
abdoxnoni003.7m.pl/ndcu/home/img/ 5 KB
6 KB 40ms
26ms Image
image/png 149.202.75.212
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/img/do_ll.png
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
Protocol: HTTP/1.1
Server: 149.202.75.212 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3013739.ip-149-202-75.eu
Software: nginx /
Resource Hash: ee3cec3c33913424b8a94f2ba811277a4aaf0a8476d61653769c5d953ddeecbd

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 02:53:05 GMT
Last-Modified: Wed, 12 Feb 2020 16:03:27 GMT
Server: nginx
ETag: "5e4421cf-14e8"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5352
Expires: Mon, 07 Jun 2021 02:53:05 GMT

GET
H/1.1 200
OK pl.png
abdoxnoni003.7m.pl/ndcu/home/img/ 2 KB
2 KB 40ms
27ms Image
image/png 149.202.75.212
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/img/pl.png
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
Protocol: HTTP/1.1
Server: 149.202.75.212 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3013739.ip-149-202-75.eu
Software: nginx /
Resource Hash: bd4ef9821aedbe2cb59323ab96d6c55400c0fc0f56292d528a4338b4d922f47a

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 02:53:05 GMT
Last-Modified: Wed, 12 Feb 2020 16:03:30 GMT
Server: nginx
ETag: "5e4421d2-6a7"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1703
Expires: Mon, 07 Jun 2021 02:53:05 GMT

GET
H/1.1 200
OK d2.png
abdoxnoni003.7m.pl/ndcu/home/img/ 921 B
1 KB 40ms
27ms Image
image/png 149.202.75.212
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/img/d2.png
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
Protocol: HTTP/1.1
Server: 149.202.75.212 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3013739.ip-149-202-75.eu
Software: nginx /
Resource Hash: e923ccc327cca82406d93806b3b542703d1c3c9324e808d2257b0a4b72186972

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 02:53:05 GMT
Last-Modified: Wed, 12 Feb 2020 16:03:26 GMT
Server: nginx
ETag: "5e4421ce-399"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 921
Expires: Mon, 07 Jun 2021 02:53:05 GMT

GET
H/1.1 200
OK s_seee.png
abdoxnoni003.7m.pl/ndcu/home/img/ 2 KB
2 KB 41ms
28ms Image
image/png 149.202.75.212
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/img/s_seee.png
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
Protocol: HTTP/1.1
Server: 149.202.75.212 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3013739.ip-149-202-75.eu
Software: nginx /
Resource Hash: 341dc8a2f05f363511ccd444d63a96a8879b330eda50fabb581e1776751aa38d

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 02:53:05 GMT
Last-Modified: Wed, 12 Feb 2020 16:03:31 GMT
Server: nginx
ETag: "5e4421d3-793"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1939
Expires: Mon, 07 Jun 2021 02:53:05 GMT

GET
H/1.1 200
OK spr.png
abdoxnoni003.7m.pl/ndcu/home/img/ 4 KB
4 KB 41ms
28ms Image
image/png 149.202.75.212
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/img/spr.png
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
Protocol: HTTP/1.1
Server: 149.202.75.212 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3013739.ip-149-202-75.eu
Software: nginx /
Resource Hash: 2c851b274e54497e6290ce4e37686a435dfe7aa9a6f5380db0fdf5ae00481746

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 02:53:05 GMT
Last-Modified: Wed, 12 Feb 2020 16:03:30 GMT
Server: nginx
ETag: "5e4421d2-e53"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3667
Expires: Mon, 07 Jun 2021 02:53:05 GMT

GET
H/1.1 200
OK gm.png
abdoxnoni003.7m.pl/ndcu/home/img/ 2 KB
2 KB 20ms
20ms Image
image/png 149.202.75.212
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/img/gm.png
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
Protocol: HTTP/1.1
Server: 149.202.75.212 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3013739.ip-149-202-75.eu
Software: nginx /
Resource Hash: 4ecd1784399d6be5b0b70e1ccbdeaf187a6c7a16b6d55c13f57da78950bc185a

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 02:53:05 GMT
Last-Modified: Wed, 12 Feb 2020 16:03:29 GMT
Server: nginx
ETag: "5e4421d1-827"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2087
Expires: Mon, 07 Jun 2021 02:53:05 GMT

GET
H/1.1 200
OK f.png
abdoxnoni003.7m.pl/ndcu/home/img/ 4 KB
4 KB 40ms
20ms Image
image/png 149.202.75.212
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/img/f.png
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
Protocol: HTTP/1.1
Server: 149.202.75.212 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3013739.ip-149-202-75.eu
Software: nginx /
Resource Hash: b2acef3a315eaf0ea1680dd487286e1ec570dce5d3d9b5679ff9bf6954c9ebaf

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 02:53:05 GMT
Last-Modified: Wed, 12 Feb 2020 16:03:28 GMT
Server: nginx
ETag: "5e4421d0-1044"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4164
Expires: Mon, 07 Jun 2021 02:53:05 GMT

GET
H/1.1 200
OK robot.js Show response
s.7m.pl/ 31 KB
9 KB 137ms
43ms Script
application/javascript 95.217.209.65
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.7m.pl/robot.js
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.209.65 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: exmail.mkteam.pl
Software: Apache/2.4.25 (Debian) /
Resource Hash: d0785de04d9ec05c1e05e34de27e6c95e489cb2c2ae06a666bcd1434bf8432da

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 02:53:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Jan 2020 14:32:01 GMT
Server: Apache/2.4.25 (Debian)
ETag: "7c23-59c56ce035a40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK c.png
abdoxnoni003.7m.pl/ndcu/home/img/ 38 KB
39 KB 37ms
19ms Image
image/png 149.202.75.212
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/img/c.png
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
Protocol: HTTP/1.1
Server: 149.202.75.212 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3013739.ip-149-202-75.eu
Software: nginx /
Resource Hash: 5197981709a0e557654773c547d615ee9b7b7c61350419299fa445d56ea2f1cf

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 02:53:05 GMT
Last-Modified: Wed, 12 Feb 2020 16:03:26 GMT
Server: nginx
ETag: "5e4421ce-990e"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39182
Expires: Mon, 07 Jun 2021 02:53:05 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=abdoxnoni003.7m.pl

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 02:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
316 B 14ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=abdoxnoni003.7m.pl

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 02:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200608/r20190131/ 216 KB
83 KB 45ms
27ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200608/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3697f191c20b57273f1e2d1321726aaa81178c3a4b8553f20f92d33a78ae6d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 02:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83539
x-xss-protection: 0
server: cafe
etag: 201481667177738079
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Jun 2020 02:53:05 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200608/r20190131/ Frame 15A7 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200608/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200608/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 11 Jun 2020 20:40:24 GMT
expires: Thu, 25 Jun 2020 20:40:24 GMT
content-type: text/html; charset=UTF-8
etag: 12274286891180784318
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4510
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 22361
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK stats.php Show response
7m.pl/ 4 B
711 B 181ms
79ms XHR
text/html 95.217.209.65
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://7m.pl/stats.php?name=abdoxnoni003
Requested by: Host: s.7m.pl
URL: https://s.7m.pl/robot.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.209.65 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: exmail.mkteam.pl
Software: Apache/2.4.25 (Debian) /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Jun 2020 02:53:05 GMT
Content-Encoding: gzip
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1000
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 24
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK ads.php Show response
7m.pl/ 2 KB
1 KB 92ms
92ms XHR
text/html 95.217.209.65
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://7m.pl/ads.php?lang=other&name=abdoxnoni003&mobile=0&page_url=http://abdoxnoni003.7m.pl/ndcu/home/login.html
Requested by: Host: s.7m.pl
URL: https://s.7m.pl/robot.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.209.65 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: exmail.mkteam.pl
Software: Apache/2.4.25 (Debian) /
Resource Hash: 50c627eb11b51d8817d120938c3e7a1f013ed5e22832c35efdec408986e2ddb6

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Jun 2020 02:53:05 GMT
Content-Encoding: gzip
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1000
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 581
Keep-Alive: timeout=5, max=99
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK popunder.php Show response
7m.pl/ 15 B
721 B 47ms
47ms XHR
text/html 95.217.209.65
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://7m.pl/popunder.php?id=80&name=abdoxnoni003
Requested by: Host: s.7m.pl
URL: https://s.7m.pl/robot.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.209.65 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: exmail.mkteam.pl
Software: Apache/2.4.25 (Debian) /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Jun 2020 02:53:05 GMT
Content-Encoding: gzip
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1000
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 35
Keep-Alive: timeout=5, max=98
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK spol.js Show response
s.7m.pl/ 356 B
659 B 39ms
39ms Script
application/javascript 95.217.209.65
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.7m.pl/spol.js
Requested by: Host: s.7m.pl
URL: https://s.7m.pl/robot.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.209.65 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: exmail.mkteam.pl
Software: Apache/2.4.25 (Debian) /
Resource Hash: d9a9071ff86cf603d3c6f446a71b63f625f2c0d977523e411de8465755dfb42c

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 02:53:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Apr 2020 13:29:16 GMT
Server: Apache/2.4.25 (Debian)
ETag: "164-5a23aabb32300-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK popunder.php Show response
7m.pl/ 15 B
721 B 47ms
47ms XHR
text/html 95.217.209.65
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://7m.pl/popunder.php?id=79&name=abdoxnoni003
Requested by: Host: s.7m.pl
URL: https://s.7m.pl/robot.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.209.65 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: exmail.mkteam.pl
Software: Apache/2.4.25 (Debian) /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Jun 2020 02:53:05 GMT
Content-Encoding: gzip
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1000
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 35
Keep-Alive: timeout=5, max=97
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
415 B 13ms
13ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=165&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20All%20ins%20elements%20in%20the%20DOM%20with%20class%3Dadsbygoogle%20already%20have%20ads%20in%20them.%0Aat%20gl%20(http%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A197%3A346)%0Aat%20bl%20(adsbygoogle.js%3A193%3A198)%0Aat%20adsbygoogle.js%3A189%3A43%0Aat%20pf.l.fa%20(adsbygoogle.js%3A52%3A290)%0Aat%20Df%20(adsbygoogle.js%3A60%3A357)%0Aat%20Object.Xk%20%5Bas%20push%5D%20(adsbygoogle.js%3A189%3A25)%0Aat%20display_ad%20(https%3A%2F%2Fs.7m.pl%2Frobot.js%3A521%3A54)%0Aat%20timer%20(robot.js%3A224%3A21)%0Aat%20XMLHttpRequest.xhr.onreadystatechange%20(robot.js%3A88%3A25)%0Aat%20loadJSON%20(robot.j&shv=r20200608&eid=21065531&url=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%26session%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Jun 2020 02:53:05 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame F969 0
0 49ms
48ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6469407771801779&output=html&adk=1812271804&adf=3025194257&lmt=1581523412&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%26session%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1591930385515&bpp=13&bdt=51&idt=487&shv=r20200608&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4460855908644&frm=20&pv=2&ga_vid=1938369046.1591930386&ga_sid=1591930386&ga_hid=360001720&ga_fc=0&iag=0&icsg=10912&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065531&oid=3&pvsid=2491887064320106&pem=786&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=503

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200608/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6469407771801779&output=html&adk=1812271804&adf=3025194257&lmt=1581523412&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%26session%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1591930385515&bpp=13&bdt=51&idt=487&shv=r20200608&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4460855908644&frm=20&pv=2&ga_vid=1938369046.1591930386&ga_sid=1591930386&ga_hid=360001720&ga_fc=0&iag=0&icsg=10912&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065531&oid=3&pvsid=2491887064320106&pem=786&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=503
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Jun 2020 02:53:06 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 12-Jun-2020 03:08:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Jun 2020 02:53:06 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200608/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d233c1838084b7e804e0e7a887190eeeb356132b1f625c7fa96ed3efd61e8b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 02:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591788966119694"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27882
x-xss-protection: 0
expires: Fri, 12 Jun 2020 02:53:06 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4E81 0
0 357ms
356ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6469407771801779&output=html&h=280&slotname=7350901370&adk=1349948176&adf=3193654627&w=1200&fwrn=4&fwrnh=100&lmt=1581523412&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%26session%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1591930385887&bpp=2&bdt=422&idt=137&shv=r20200608&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4460855908644&frm=20&pv=1&ga_vid=1938369046.1591930386&ga_sid=1591930386&ga_hid=360001720&ga_fc=0&iag=0&icsg=43680&dssz=9&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065531&oid=3&pvsid=2491887064320106&pem=786&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=1&uci=a!1&fsb=1&xpc=4R1tjkMrEj&p=http%3A//abdoxnoni003.7m.pl&dtd=143

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200608/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6469407771801779&output=html&h=280&slotname=7350901370&adk=1349948176&adf=3193654627&w=1200&fwrn=4&fwrnh=100&lmt=1581523412&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%26session%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1591930385887&bpp=2&bdt=422&idt=137&shv=r20200608&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4460855908644&frm=20&pv=1&ga_vid=1938369046.1591930386&ga_sid=1591930386&ga_hid=360001720&ga_fc=0&iag=0&icsg=43680&dssz=9&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065531&oid=3&pvsid=2491887064320106&pem=786&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=1&uci=a!1&fsb=1&xpc=4R1tjkMrEj&p=http%3A//abdoxnoni003.7m.pl&dtd=143
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Jun 2020 02:53:06 GMT
server: cafe
content-length: 21770
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 12-Jun-2020 03:08:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Jun 2020 02:53:06 GMT
cache-control: private

GET
H2 200 main.js Show response
a.spolecznosci.net/core/25b8a6cca21995fe8b2359503a4854a7/ 33 KB
11 KB 97ms
30ms Script
application/javascript 178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/core/25b8a6cca21995fe8b2359503a4854a7/main.js

Requested by

Host: s.7m.pl
URL: https://s.7m.pl/spol.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

1afeb9446d05494499eaa9a219ac49ba8665a865a85447ee7d7d80ca88470a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 02:53:06 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=300
strict-transport-security: max-age=31536000
expires: Fri, 12 Jun 2020 02:54:38 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame CB3C 0
0 129ms
129ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6469407771801779&output=html&h=280&slotname=7350901370&adk=255952387&adf=3371666807&w=1200&fwrn=4&fwrnh=100&lmt=1581523412&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%26session%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1591930385889&bpp=1&bdt=424&idt=146&shv=r20200608&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4460855908644&frm=20&pv=1&ga_vid=1938369046.1591930386&ga_sid=1591930386&ga_hid=360001720&ga_fc=0&iag=0&icsg=43680&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065531&oid=3&pvsid=2491887064320106&pem=786&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=2&uci=a!2&fsb=1&xpc=aKhT4zPup9&p=http%3A//abdoxnoni003.7m.pl&dtd=148

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200608/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6469407771801779&output=html&h=280&slotname=7350901370&adk=255952387&adf=3371666807&w=1200&fwrn=4&fwrnh=100&lmt=1581523412&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%26session%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1591930385889&bpp=1&bdt=424&idt=146&shv=r20200608&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4460855908644&frm=20&pv=1&ga_vid=1938369046.1591930386&ga_sid=1591930386&ga_hid=360001720&ga_fc=0&iag=0&icsg=43680&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065531&oid=3&pvsid=2491887064320106&pem=786&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=2&uci=a!2&fsb=1&xpc=aKhT4zPup9&p=http%3A//abdoxnoni003.7m.pl&dtd=148
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Jun 2020 02:53:06 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 12-Jun-2020 03:08:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Jun 2020 02:53:06 GMT
cache-control: private

GET
H2 200 app.js Show response
spolecznosci.net/js/modules/ 166 KB
65 KB 34ms
33ms Script
application/javascript 178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/app.js?h=18a6f5b87a6c9a152b00

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/25b8a6cca21995fe8b2359503a4854a7/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e52e05e9b578749ee9c1a960a1abb9975bc4bdb4856bc93d1af97d120f10205c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 02:53:06 GMT
content-encoding: gzip
last-modified: Tue, 09 Jun 2020 11:52:35 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Sat, 12 Jun 2021 02:53:06 GMT

GET
H2 200 a.js Show response
spolecznosci.net/js/modules/ 74 KB
16 KB 33ms
32ms Script
application/javascript 178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/a.js?h=a283c3e1da068ba5e49c

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/25b8a6cca21995fe8b2359503a4854a7/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

f7d853a6d5efb7cd26d0313486d79e7a0dd9e7da45c0b10f93993db70ea4cbc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 02:53:06 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 12:39:46 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Sat, 12 Jun 2021 02:53:06 GMT

GET
H2 200 hb.js Show response
spolecznosci.net/js/modules/ 372 KB
134 KB 35ms
34ms Script
application/javascript 178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/hb.js?h=ab7c4889207bdd0656dd

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/25b8a6cca21995fe8b2359503a4854a7/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

c094805e4b88da0ecf6ad9bac8b08053c82df9d57f453c36829c5f6bba5b5ac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 02:53:06 GMT
content-encoding: gzip
last-modified: Tue, 09 Jun 2020 06:51:48 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Sat, 12 Jun 2021 02:53:06 GMT

GET
H2 200 au.js Show response
spolecznosci.net/js/modules/ 10 KB
3 KB 32ms
31ms Script
application/javascript 178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/au.js?h=c27d6abde777b35e0829

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/25b8a6cca21995fe8b2359503a4854a7/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

7e4e9b3bfd0e2b30a426e3285ef61e6b8871c033e0737f59dba015cf375a8d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 02:53:06 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 08:05:49 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Sat, 12 Jun 2021 02:53:06 GMT

GET
H2 200 cmp.stable.min.js Show response
spolecznosci.mgr.consensu.org/js/ 26 KB
10 KB 97ms
30ms Script
application/javascript 178.32.202.249
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.mgr.consensu.org/js/cmp.stable.min.js

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/app.js?h=18a6f5b87a6c9a152b00

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.249 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

a85812b9308ea7c1ce319c4c852315cd8e097b882e8ed99c34d50f7584896b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 02:53:06 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 08:49:57 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600, public
strict-transport-security: max-age=31536000
expires: Fri, 12 Jun 2020 03:53:06 GMT

GET
H2 200 pr.js Show response
spolecznosci.net/js/modules/ 1 KB
984 B 29ms
29ms Script
application/javascript 178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/pr.js?h=57477a8c5066c3f6ee9d

Requested by

Host: a.spolecznosci.net
URL: https://a.spolecznosci.net/core/25b8a6cca21995fe8b2359503a4854a7/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

a6338f5c152a76c9f15c9a013c7bf2cc61d3a99597afd49f9540926113424057

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 02:53:06 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 08:05:49 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Sat, 12 Jun 2021 02:53:06 GMT

POST
H2

200

pet Show response
a.spolecznosci.net/
Redirect Chain

https://a.spolecznosci.net/pet?s=7m&x=1360%2C1359&uu=null&cpmc=true&safe=1&ut=&cb=8196903438&uq=139062386265.345028&ref=http%253A%252F%252Fabdoxnoni003.7m.pl%252Fndcu%252Fhome%252Flogin.html%253Fcm...
https://a.spolecznosci.net/pet?s=7m&x=1360%2C1359&uu=null&cpmc=true&safe=1&ut=&cb=8196903438&uq=139062386265.345028&ref=http%253A%252F%252Fabdoxnoni003.7m.pl%252Fndcu%252Fhome%252Flogin.html%253Fcm...

5 KB
2 KB

33ms
33ms

XHR
application/javascript

178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/pet?s=7m&x=1360%2C1359&uu=null&cpmc=true&safe=1&ut=&cb=8196903438&uq=139062386265.345028&ref=http%253A%252F%252Fabdoxnoni003.7m.pl%252Fndcu%252Fhome%252Flogin.html%253Fcmd%253Dlogin_submit%2526id%253D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%2526session%253D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&n=0.4994846537501674&bw=1600&bh=1200&nr=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

2add0ce24fdaeebad691b7702bfba12b7452e7d40d9ceeb7cc3f724099c6a602

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 02:53:06 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: http://abdoxnoni003.7m.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 12 Jun 2020 02:53:06 GMT
status: 307
server: nginx
location: /pet?s=7m&x=1360%2C1359&uu=null&cpmc=true&safe=1&ut=&cb=8196903438&uq=139062386265.345028&ref=http%253A%252F%252Fabdoxnoni003.7m.pl%252Fndcu%252Fhome%252Flogin.html%253Fcmd%253Dlogin_submit%2526id%253D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%2526session%253D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&n=0.4994846537501674&bw=1600&bh=1200&nr=1
vary: Origin
access-control-allow-origin: http://abdoxnoni003.7m.pl
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H2 200 data.15.htm
spolecznosci.net/files/ Frame 8802 0
0 32ms
32ms Document
text/html 178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/files/data.15.htm?Ho_abdoxnoni003.7m.pl

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/app.js?h=18a6f5b87a6c9a152b00

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: spolecznosci.net
:scheme: https
:path: /files/data.15.htm?Ho_abdoxnoni003.7m.pl
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431

Response headers

status: 200
server: nginx
date: Fri, 12 Jun 2020 02:53:06 GMT
content-type: text/html
last-modified: Mon, 18 May 2020 13:45:02 GMT
vary: Accept-Encoding
expires: Sat, 12 Jun 2021 02:53:06 GMT
cache-control: max-age=31536000 public
content-encoding: gzip
strict-transport-security: max-age=31536000

GET
H2 200 cmp.min.js Show response
spolecznosci.mgr.consensu.org/js/ 266 KB
88 KB 30ms
30ms Script
application/javascript 178.32.202.249
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.mgr.consensu.org/js/cmp.min.js

Requested by

Host: spolecznosci.mgr.consensu.org
URL: https://spolecznosci.mgr.consensu.org/js/cmp.stable.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.249 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

2dd97813ce32d152904345d0f0d98f5a001faa5d14ebe80e59663dd05c39a4cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 02:53:06 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 08:49:57 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600, public
strict-transport-security: max-age=31536000
expires: Fri, 12 Jun 2020 03:53:06 GMT

GET
H2 200 portal.html
spolecznosci.mgr.consensu.org/ Frame 049D 0
0 29ms
29ms Document
text/html 178.32.202.249
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.mgr.consensu.org/portal.html

Requested by

Host: spolecznosci.mgr.consensu.org
URL: https://spolecznosci.mgr.consensu.org/js/cmp.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.249 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: spolecznosci.mgr.consensu.org
:scheme: https
:path: /portal.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431

Response headers

status: 200
server: nginx
date: Fri, 12 Jun 2020 02:53:06 GMT
content-type: text/html
content-length: 126
last-modified: Thu, 29 Nov 2018 11:19:31 GMT
accept-ranges: bytes
strict-transport-security: max-age=31536000

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

45 KB
18 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 7007
date: Fri, 12 Jun 2020 00:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Fri, 12 Jun 2020 02:56:19 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 34ms
16ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200608&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200608/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6a0ea8b570ed15cb95ffa25f59984cbb9b653430be7d609da2fcbc1303f4b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 02:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5616
x-xss-protection: 0

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 97 KB
18 KB 24ms
8ms Fetch
application/json 2600:9000:20eb:1800:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: spolecznosci.mgr.consensu.org
URL: https://spolecznosci.mgr.consensu.org/js/cmp.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:1800:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad25613558e2ab513ed517de8b22c470db976ae72dbe1ee9fae7cbc459f80c5b

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 00:32:12 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 8455
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 11 Jun 2020 16:00:46 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: J1hJuy6rXgqAD.r5CjxF1FefD7WlCD_1
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA2-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: CS1MiUGDmPeDdv0suYOmdBQIMD0nl4sm80zHbOQnR7JJqkiJHxEuEg==

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200608/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 02:53:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1591403518460474"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5540
X-XSS-Protection: 0
Expires: Fri, 12 Jun 2020 02:53:06 GMT

GET
H2

200

collect
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j82&a=360001720&t=pageview&_s=1&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd146...
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=360001720&t=pageview&_s=1&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd14...

35 B
101 B

33ms
32ms

Image
image/gif

2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=360001720&t=pageview&_s=1&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%26session%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&ul=en-us&de=windows-1252&dt=DocuSign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1810403480&gjid=1249787048&cid=1938369046.1591930386&tid=UA-89200509-1&_gid=2079930567.1591930387&_r=1&z=851587885

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jun 2020 02:53:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/collect?v=1&_v=j82&a=360001720&t=pageview&_s=1&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%26session%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&ul=en-us&de=windows-1252&dt=DocuSign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1810403480&gjid=1249787048&cid=1938369046.1591930386&tid=UA-89200509-1&_gid=2079930567.1591930387&_r=1&z=851587885
Non-Authoritative-Reason: HSTS

GET
H2

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j82&a=360001720&t=event&_s=2&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f043...
https://www.google-analytics.com/collect?v=1&_v=j82&a=360001720&t=event&_s=2&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f04...

35 B
99 B

6ms
6ms

Image
image/gif

2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&a=360001720&t=event&_s=2&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%26session%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&ul=en-us&de=windows-1252&dt=DocuSign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=abdoxnoni003&ea=subdomain&_u=IAhAAEAB~&jid=&gjid=&cid=1938369046.1591930386&tid=UA-89200509-1&_gid=2079930567.1591930387&z=608278816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jun 2020 03:43:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 256189
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j82&a=360001720&t=event&_s=2&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%26session%3D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&ul=en-us&de=windows-1252&dt=DocuSign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=abdoxnoni003&ea=subdomain&_u=IAhAAEAB~&jid=&gjid=&cid=1938369046.1591930386&tid=UA-89200509-1&_gid=2079930567.1591930387&z=608278816
Non-Authoritative-Reason: HSTS

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 1D9B 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 12 Jun 2020 00:14:00 GMT
expires: Sat, 12 Jun 2021 00:14:00 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9546
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
120 B 14ms
14ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200608&jk=2491887064320106&bg=!DQ6lDhZYH0uIIbrDypUCAAAAWlIAAAARmQF52q5QHGQp3JSnB565x2sVJXwdof6weHhHtrnH9-1mmftcOUkk-PrzQMHn34u7yop_P_rL7cbJRhLkrVYxqLrNlBh9Cik-eTo_aYJOVuICAe5nZXqQTx7mH9FryzaZ7qu14YLITqQrPbrQGK0jiocwBy76TqY1Spoi9SmUUWgmR0yk64vW8oz1OFtHeW4oTEqrGpj-NZ9bbI1L3myujEsC3qdUEQhkCrN4s9lRf-Hk4tVHQVKTHYZ09MB_xa3pJ-Xj5-qrhLHH-2DU5zNlTEAlZfSiu96pnH5ym_gWyznTRuMSt_SN962kUSUruyE3A3UzfV-KdI6P1G9VyJ9Lo48xSvhQ-D-_YxRtjfa8-o3PapThUf567YL2kYKg6c-se1YzIcd7QDMToFwWhVTx7VqKHQxIqOW5FcSGmxo3MczNsHSh7JG9uxynvHTgRcjUyGe0cnhNOqr5oY83xN1Cqr7w-N9Zbs7mfqStXvCPVKy7wagWF4DsQLB8A40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jun 2020 02:53:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
a.spolecznosci.net/av/320050/123/ 35 B
216 B 30ms
29ms Image
image/gif 178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.spolecznosci.net/av/320050/123/?a=abdoxnoni003.7m.pl_ShowPopup

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 02:53:06 GMT
server: nginx
strict-transport-security: max-age=31536000
x-cache: MISS
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fabdoxnoni003.7m.pl%2F&domain=abdoxnoni003.7m.pl&cw=1
https://mug.criteo.com/sid?cpp=fogtt3xsUWVNbDkrRy9LajFDcVpVZTdzaUZBSW53SWw3UHZkSXZrdG5oU1ZTRGVtQlo2TEFxVmc2blp2RGsydy9lUmhySGZqN3RLMFVZZkhRWUZDRG9kbXZwZlZ0VHVDMXBab0ZhVFJVMS9INnZob2k3TldJR0F3N3ArZT...

424 B
675 B

47ms
15ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=fogtt3xsUWVNbDkrRy9LajFDcVpVZTdzaUZBSW53SWw3UHZkSXZrdG5oU1ZTRGVtQlo2TEFxVmc2blp2RGsydy9lUmhySGZqN3RLMFVZZkhRWUZDRG9kbXZwZlZ0VHVDMXBab0ZhVFJVMS9INnZob2k3TldJR0F3N3ArZTNGeG1MWTVER1AzMTVhZ2lKSldxN3poTDFaN0toQmpuQktGUWxnalVlZGh6cDdHR1Z3ZTNHTWhtdHlhenhua2l4YjNmMjRzLzdBT0JIS1g5cmkwNktKYmlCbWdJY1FHQWg5eTlid244RjkyZGFsdjlLcm1SVmR3R3pWbjdCTHA4bUFSbEUxZXlDfA&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

17f45a7f185f390d34c967be404fddaf6736265718d788c9adaca82cb3d8f238

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 12 Jun 2020 02:53:07 GMT
status: 200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 424
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
status: 302
date: Fri, 12 Jun 2020 02:53:07 GMT
location: https://mug.criteo.com/sid?cpp=fogtt3xsUWVNbDkrRy9LajFDcVpVZTdzaUZBSW53SWw3UHZkSXZrdG5oU1ZTRGVtQlo2TEFxVmc2blp2RGsydy9lUmhySGZqN3RLMFVZZkhRWUZDRG9kbXZwZlZ0VHVDMXBab0ZhVFJVMS9INnZob2k3TldJR0F3N3ArZTNGeG1MWTVER1AzMTVhZ2lKSldxN3poTDFaN0toQmpuQktGUWxnalVlZGh6cDdHR1Z3ZTNHTWhtdHlhenhua2l4YjNmMjRzLzdBT0JIS1g5cmkwNktKYmlCbWdJY1FHQWg5eTlid244RjkyZGFsdjlLcm1SVmR3R3pWbjdCTHA4bUFSbEUxZXlDfA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: http://abdoxnoni003.7m.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 509
expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
171 B 48ms
15ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=ab7c4889207bdd0656dd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 12 Jun 2020 02:53:07 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://abdoxnoni003.7m.pl
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2

200

ad.json Show response
gpl.adocean.pl/__/_1591930388/
Redirect Chain

https://gpl.adocean.pl/_6256120290811502/ad.json?id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0?
https://gpl.adocean.pl/__/_6256120290811502/ad.json?id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0?
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DG2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b....
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DG2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE...
https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=.iHKspTOu2Fbm5l2NehTULKp1LuW05tvWQs_Gtuv18n._7&id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0?

60 B
260 B

352ms
352ms

XHR
text/json

85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=.iHKspTOu2Fbm5l2NehTULKp1LuW05tvWQs_Gtuv18n._7&id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: 940cf45225fc7d157fc3da339af548bde918047660c228381d21b7eb1df112c6

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jun 2020 02:53:08 GMT
server: GAD
status: 200
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-type: text/json
content-length: 60
expires: Thu, 11 Jun 2020 02:53:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jun 2020 02:53:08 GMT
server: GHC
status: 301
location: https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=.iHKspTOu2Fbm5l2NehTULKp1LuW05tvWQs_Gtuv18n._7&id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 11 Jun 2020 02:53:08 GMT

GET
H2

200

ad.json Show response
gpl.adocean.pl/__/_1591930388/
Redirect Chain

https://gpl.adocean.pl/_18568820511301154/ad.json?id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0?
https://gpl.adocean.pl/__/_18568820511301154/ad.json?id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0?
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DNueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb....
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DNueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtx...
https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=eF6wN5NEj75hKMhmoBHl0LILllfco.TkxJHysgufxeb.B7&id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0?

60 B
244 B

332ms
331ms

XHR
text/json

85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=eF6wN5NEj75hKMhmoBHl0LILllfco.TkxJHysgufxeb.B7&id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: 8ca44d53cfe5ed4bfafd235dced85b76aeafca260a058733de0c035f2e553a63

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jun 2020 02:53:08 GMT
server: GAD
status: 200
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-type: text/json
content-length: 60
expires: Thu, 11 Jun 2020 02:53:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jun 2020 02:53:08 GMT
server: GHC
status: 301
location: https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=eF6wN5NEj75hKMhmoBHl0LILllfco.TkxJHysgufxeb.B7&id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 11 Jun 2020 02:53:08 GMT

GET
H2

200

ad.json Show response
gpl.adocean.pl/__/_1591930388/
Redirect Chain

https://gpl.adocean.pl/_9755654885078697/ad.json?id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0?
https://gpl.adocean.pl/__/_9755654885078697/ad.json?id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0?
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DoSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7....
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DoSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJ...
https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=eFi63TOvFRDXSNwtQRtYfZKc1OAMo.s_7rl4bPC0cTP.h7&id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0?

60 B
244 B

332ms
331ms

XHR
text/json

85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=eFi63TOvFRDXSNwtQRtYfZKc1OAMo.s_7rl4bPC0cTP.h7&id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: f5c0215b990a76c67413bf3163443468a0daae310e8f8f5753369960fb334ff3

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jun 2020 02:53:08 GMT
server: GAD
status: 200
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-type: text/json
content-length: 60
expires: Thu, 11 Jun 2020 02:53:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jun 2020 02:53:08 GMT
server: GHC
status: 301
location: https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=eFi63TOvFRDXSNwtQRtYfZKc1OAMo.s_7rl4bPC0cTP.h7&id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 11 Jun 2020 02:53:08 GMT

GET
H2

200

ad.json Show response
gpl.adocean.pl/__/_1591930388/
Redirect Chain

https://gpl.adocean.pl/_12378415909155271/ad.json?id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0?
https://gpl.adocean.pl/__/_12378415909155271/ad.json?id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0?
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DzRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX....
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DzRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujX...
https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=zqga.bVUa6CL3Hk.Qq5u5JKcllhmr.TkCTHysnVoxeb.17&id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0?

60 B
244 B

332ms
332ms

XHR
text/json

85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=zqga.bVUa6CL3Hk.Qq5u5JKcllhmr.TkCTHysnVoxeb.17&id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: 68082b4a1044fb154e385a6bc1ad82ff3e7d116bfdbe204749f083111993b234

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jun 2020 02:53:08 GMT
server: GAD
status: 200
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-type: text/json
content-length: 60
expires: Thu, 11 Jun 2020 02:53:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jun 2020 02:53:08 GMT
server: GHC
status: 301
location: https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=zqga.bVUa6CL3Hk.Qq5u5JKcllhmr.TkCTHysnVoxeb.17&id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 11 Jun 2020 02:53:08 GMT

GET
H2

200

ad.json Show response
gpl.adocean.pl/__/_1591930388/
Redirect Chain

https://gpl.adocean.pl/_5912055304937993/ad.json?id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0?
https://gpl.adocean.pl/__/_5912055304937993/ad.json?id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0?
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr....
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2F_1591930388%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZp...
https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=eFganV05VbpPJkycFLIoAV.h1OAMRg1MM2JwG9Ys8.j.T7&id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0?

60 B
244 B

354ms
354ms

XHR
text/json

85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=eFganV05VbpPJkycFLIoAV.h1OAMRg1MM2JwG9Ys8.j.T7&id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: 4def54078cb07d59fb5b0ad438691b9ec81c3a968c4eebbfe065836e229599b2

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jun 2020 02:53:08 GMT
server: GAD
status: 200
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-type: text/json
content-length: 60
expires: Thu, 11 Jun 2020 02:53:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jun 2020 02:53:08 GMT
server: GHC
status: 301
location: https://gpl.adocean.pl/__/_1591930388/ad.json?hclsdata=&hcudata=eFganV05VbpPJkycFLIoAV.h1OAMRg1MM2JwG9Ys8.j.T7&id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 11 Jun 2020 02:53:08 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 20 B
466 B 175ms
116ms XHR
application/json 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTQ4MjE3NiZ0cmFuc2FjdGlvbklkPTdjMmZkYjMzLTNmNGYtNGQzYy05NmJkLTczY2U5Mzk4M2IyYSZyY3VyPVBMTg%3D%3D&bWlkPTQ4MjE3NyZ0cmFuc2FjdGlvbklkPTUwNTVlM2ZhLTRjMzEtNDViNC1iOTg3LTBlNjM0NDE0ZjQ1NiZyY3VyPVBMTg%3D%3D&bWlkPTQ4MjE3NCZ0cmFuc2FjdGlvbklkPWQwZjViOTUyLTc5NTEtNDYyYy04ODMyLTk2YmRhYjAzNmFjNCZyY3VyPVBMTg%3D%3D&bWlkPTQ4MjE3NSZ0cmFuc2FjdGlvbklkPTU5ZjM4YzJlLWU0YWMtNDVhMS04Yjk1LTNhZGU4YzM5MjJmZSZyY3VyPVBMTg%3D%3D&pt=gross&stid=147601a9-9a43-4616-a277-73c4a6dc1385&fd=1

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=ab7c4889207bdd0656dd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c83c7670c31d4127fb493e87ba84436b9ac70c4ef71614027252eb671350d7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jun 2020 02:53:08 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://abdoxnoni003.7m.pl
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 20
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 91ms
60ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=ab7c4889207bdd0656dd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 12 Jun 2020 02:53:07 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: http://abdoxnoni003.7m.pl

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
1 KB 154ms
100ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=ab7c4889207bdd0656dd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jun 2020 02:53:07 GMT
x-smrt-d: 4%3b22%3b81
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: http://abdoxnoni003.7m.pl
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
1 KB 153ms
99ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=ab7c4889207bdd0656dd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jun 2020 02:53:07 GMT
x-smrt-d: 4%3b22%3b101
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: http://abdoxnoni003.7m.pl
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 257 B
1 KB 99ms
55ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=ab7c4889207bdd0656dd

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

7ebdebdee38c410140420f6c89bf9641e23e74cf6a1bd43670b20c483834eb6e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 12 Jun 2020 02:53:10 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.26:80
AN-X-Request-Uuid: c388ff2a-fee8-459d-bdab-17ef2b3dcc51
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://abdoxnoni003.7m.pl
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 257
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 0
415 B 70ms
27ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=425881&v=7.2&r={%22id%22:%222483f24f4ded08a%22,%22imp%22:[{%22id%22:%2225cb3b2d57793ba%22,%22ext%22:{%22siteID%22:%22425881%22,%22sid%22:%22750x300%22},%22banner%22:{%22w%22:750,%22h%22:300,%22topframe%22:1}},{%22id%22:%2226e4266959de5e2%22,%22ext%22:{%22siteID%22:%22425881%22,%22sid%22:%22750x200%22},%22banner%22:{%22w%22:750,%22h%22:200,%22topframe%22:1}},{%22id%22:%2227277cc210c3235%22,%22ext%22:{%22siteID%22:%22425881%22,%22sid%22:%22750x100%22},%22banner%22:{%22w%22:750,%22h%22:100,%22topframe%22:1}},{%22id%22:%22287e13d77a923b2%22,%22ext%22:{%22siteID%22:%22425881%22,%22sid%22:%22728x90%22},%22banner%22:{%22w%22:728,%22h%22:90,%22topframe%22:1}},{%22id%22:%222999bbbf81a90c8%22,%22ext%22:{%22siteID%22:%22433148%22,%22sid%22:%22336x280%22},%22banner%22:{%22w%22:336,%22h%22:280,%22topframe%22:1}},{%22id%22:%22305a7fb57baf5ce%22,%22ext%22:{%22siteID%22:%22433148%22,%22sid%22:%22300x250%22},%22banner%22:{%22w%22:300,%22h%22:250,%22topframe%22:1}}],%22site%22:{%22page%22:%22http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%22},%22ext%22:{%22source%22:%22prebid%22},%22source%22:{%22ext%22:{%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22spolecznosci.pl%22,%22sid%22:%225046%22,%22hp%22:1}]}}},%22regs%22:{%22ext%22:{%22gdpr%22:0}},%22user%22:{%22ext%22:{%22consent%22:%22%22}}}&ac=j&sd=1
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=ab7c4889207bdd0656dd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 12 Jun 2020 02:53:07 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: http://abdoxnoni003.7m.pl
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Fri, 12 Jun 2020 02:53:07 GMT

POST
H2 200 dsh Show response
hb.adscale.de/ 11 B
358 B 117ms
54ms XHR
text/plain 54.93.187.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adscale.de/dsh
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=ab7c4889207bdd0656dd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.187.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-187-84.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Jun 2020 02:53:08 GMT
content-encoding: gzip
p3p: CP=NOI PSA OUR
status: 200
content-type: text/plain
access-control-allow-origin: http://abdoxnoni003.7m.pl
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: none

GET
H/1.1 200
OK userconnect.js Show response
js.adscale.de/ 15 KB
5 KB 62ms
20ms Script
application/javascript 104.111.215.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/userconnect.js
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=ab7c4889207bdd0656dd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.171 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-171.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b421ca0ae38a2c2c3a630a82e36565f7781a9d2c274000d21c2d8e20c1ac660c

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: sEW8X4cfVjbJM.BHiHWcil16Yai1kJaL
Content-Encoding: gzip
Last-Modified: Tue, 09 Jun 2020 02:05:04 GMT
Server: AmazonS3
x-amz-request-id: 11079CAED1C0C04D
ETag: "fadb2110cca53df642b543ccc4af0172"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=300
Date: Fri, 12 Jun 2020 02:53:08 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4701
x-amz-id-2: jGAwjuAQ51P3g5PLW0etb6viBXmRhlOQ0/os5SDXUQNbxbrATA6o7GFyZRUUEb2Bi4NbIUq/CEo=

GET
H2 200 userconnect Show response
ih.adscale.de/ 181 B
360 B 71ms
21ms Script
application/javascript 52.29.233.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/userconnect?ssl=1&sid=0b2b7b19-6fc4-4e4d-a39c-194667c3d966&cbfn=stroeerCoreConnect&ts=1591930388112&umd=false&gdpr_err=CMP_CALL_FAILED
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.233.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-233-203.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 6d62d5829b3adde8fec4b48d4f3f473a2fb2765e22e0d1d0afae1f77dcc56570

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 12 Jun 2020 02:53:08 GMT
server: Apache-Coyote/1.1
content-length: 181
content-type: application/javascript

GET
H2 200 map
ih.adscale.de/ Frame C582 0
0 22ms
22ms Document
text/html 52.29.233.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/map?format=display&ssl=1
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.233.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-233-203.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

:method: GET
:authority: ih.adscale.de
:scheme: https
:path: /map?format=display&ssl=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uu=ca7feee92dca48509ae547d054d4676f; ng=2#2180410814#26532173#88675
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431

Response headers

status: 200
date: Fri, 12 Jun 2020 02:53:08 GMT
content-type: text/html;charset=ISO-8859-1
content-length: 2596
server: Apache-Coyote/1.1
set-cookie: tu=4#2301050822#48~~442202~442202~1#101~~442202~442202~1#39~~442202~442202~1#40~~442202~442202~1#42~~442202~442202~1#75~~442202~442202~1#108~~442202~442202~1#63~~442202~442202~1; Max-Age=2592000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None

GET
H2

200

nuggad Show response
nugmw.userreport.com/rc-ap/110ab7b6-fee0-4bba-b006-efef1f59624c/si.nuggad.net/
Redirect Chain

https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715
https://nugmw.userreport.com/rc-ap/110ab7b6-fee0-4bba-b006-efef1f59624c/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715

2 KB
2 KB

64ms
20ms

Script
text/javascript

2600:9000:21f3:c400:1f:a1b:34c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nugmw.userreport.com/rc-ap/110ab7b6-fee0-4bba-b006-efef1f59624c/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:c400:1f:a1b:34c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 1b99a265be6725e0fdb47bbfc1e7057474938db8b49dab7edc573e969442774a

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 02:53:08 GMT
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
server: nginx/1.14.1
x-amz-cf-pop: FRA2-C2
access-control-allow-methods: get, post, options
content-type: text/javascript
status: 200
cache-control: s-maxage=0, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: accept
content-length: 1862
x-amz-cf-id: XnvS57HIFXi0kViX1LDiPi6tvqcSfH42_FkQ3kmxSZ6_XKWLwJ7dpQ==

Redirect headers

date: Fri, 12 Jun 2020 02:53:08 GMT
via: 1.1 acb35e6ef5d12e899aaf8732fdedd02c.cloudfront.net (CloudFront)
server: nginx/1.14.1
x-amz-cf-pop: CPH50-C1
status: 302
access-control-allow-methods: get, post, options
location: https://nugmw.userreport.com/rc-ap/110ab7b6-fee0-4bba-b006-efef1f59624c/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
cache-control: s-maxage=0, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: accept
content-length: 0
x-amz-cf-id: aF0ZgTHWSUydt8daz-RjkUI7TgnRjVKkVE8ggeLC6qAaLn6USzV6ug==

GET
H2 200 nuggad
ih.adscale.de/ 49 B
286 B 22ms
21ms Image
image/gif 52.29.233.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/nuggad?/nvars/d7=2&d10=2&d2=2&d4=0&d11=2&d8=1&d9=1&d12=3&d1=1&d3=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.233.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-233-203.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 12 Jun 2020 02:53:08 GMT
server: Apache-Coyote/1.1
content-type: image/gif
content-length: 49
p3p: CP=NOI PSA OUR

GET
H2 200 launcher.js Show response
sak.userreport.com/sdm/ 64 KB
20 KB 151ms
57ms Script
application/javascript 143.204.237.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sak.userreport.com/sdm/launcher.js
Requested by: Host: nugmw.userreport.com
URL: https://nugmw.userreport.com/rc-ap/110ab7b6-fee0-4bba-b006-efef1f59624c/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-119.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a7315598045b0762a4a7c6f40fb6c0da236c402566d27a8ab70db5d8cbb7a58

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: GWFVIbVrEULGta0P7hxp6E817LeR6Zwy
content-encoding: gzip
last-modified: Mon, 18 May 2020 09:31:22 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-C1
date: Fri, 12 Jun 2020 02:53:08 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=7200, s-maxage=60
x-amz-cf-id: 0j5TGQdxCrFOHqa5dZKBRcE4JwBS88eDj0j9hCSGqretgFuZLX1ZbQ==
via: 1.1 3a630ce21c7f0cd3702d89e40e7e5376.cloudfront.net (CloudFront)

POST
H2 200 pet Show response
a.spolecznosci.net/ 72 B
448 B 31ms
31ms XHR
text/javascript 178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/pet?s=7m&x=1359%2C1360&uu=null&cpmc=true&safe=1&ut=&cb=8196903438&uq=139062386265.345028&ref=http%253A%252F%252Fabdoxnoni003.7m.pl%252Fndcu%252Fhome%252Flogin.html%253Fcmd%253Dlogin_submit%2526id%253D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431%2526session%253D0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&n=0.09813506247571979&bw=1600&bh=1200

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/a.js?h=a283c3e1da068ba5e49c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

3d0aa5482e0c3cf33cc59bbb1b158b3c18ca5ad90effea25b1e2d6f6a5569fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 12 Jun 2020 02:53:08 GMT
server: nginx
status: 200
vary: Origin
content-type: text/javascript; charset=utf-8
access-control-allow-origin: http://abdoxnoni003.7m.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 72
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 server.html
tag.userreport.com/ Frame BCD6 0
0 115ms
33ms Document
text/html 2600:9000:215d:7c00:11:af01:b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.userreport.com/server.html
Requested by: Host: sak.userreport.com
URL: https://sak.userreport.com/sdm/launcher.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:7c00:11:af01:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash

Request headers

:method: GET
:authority: tag.userreport.com
:scheme: https
:path: /server.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431

Response headers

status: 200
content-type: text/html
server: nginx/1.12.2
last-modified: Tue, 14 Apr 2020 13:55:12 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
date: Fri, 12 Jun 2020 02:00:06 GMT
cache-control: max-age=3600
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 85813c3d382dcae0aa1651f8f6eac244.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: oSJaFdk4ZmD7BNo5mUcIj3w9BMokUa86BFYtsQVpXe-OtIc2ZsEqkQ==
age: 3191

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame A550 0
0 76ms
32ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=ab7c4889207bdd0656dd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=127146
Expires: Sat, 13 Jun 2020 14:12:19 GMT
Date: Fri, 12 Jun 2020 02:53:13 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame D022 0
0 74ms
20ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=ab7c4889207bdd0656dd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431

Response headers

Server: Apache
Last-Modified: Mon, 19 Jun 2017 19:18:19 GMT
ETag: "e20015-112-55254ff6a1972"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 211
Date: Fri, 12 Jun 2020 02:53:13 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame FCEB 0
0 74ms
20ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=ab7c4889207bdd0656dd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431&session=0c50d3e91a0955b561dd3dd1467f04310c50d3e91a0955b561dd3dd1467f0431

Response headers

Server: nginx/1.13.10
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Sat, 12 Jun 2021 02:53:13 GMT
Date: Fri, 12 Jun 2020 02:53:13 GMT
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DocuSign (Online)

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.spolecznosci.net/	1970-01-19 10:55:22	Name: v Value: 1591930386.309
.spolecznosci.net/	1970-01-19 18:59:12	Name: tgx Value: v%3A1%7CWo%3A55%7CKr%3ANL%7CRe%3A2745912%7CAd%3A0%7CSw%3A1600%7COs%3ALINUX-8664000%7CUa%3AOTHER-0%7CCt%3ARESIDENTIAL%7CIsp%3AOTHER
.doubleclick.net/	1970-01-19 19:33:46	Name: IDE Value: AHWqTUkzW8lS3n1FU1LEYAcH25h1LVBmFEA4mb88UNhcGr9P9eChePFZyiXJ4ATp

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://s.7m.pl/robot.js(Line 338) Message: dalej
console-api	log	URL: https://s.7m.pl/robot.js(Line 338) Message: dalej
console-api	log	URL: https://s.7m.pl/robot.js(Line 373) Message: bottom_static
console-api	log	URL: https://s.7m.pl/robot.js(Line 700) Message: popunder

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7m.pl
a.spolecznosci.net
abdoxnoni003.7m.pl
acdn.adnxs.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
as-sec.casalemedia.com
googleads.g.doubleclick.net
gpl.adocean.pl
gpladpl.hit.gemius.pl
gum.criteo.com
hb.adscale.de
hbopenbid.pubmatic.com
ib.adnxs.com
ih.adscale.de
js-sec.indexww.com
js.adscale.de
mug.criteo.com
nugmw.userreport.com
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
prg.smartadserver.com
s.7m.pl
sak.userreport.com
si.nuggad.net
spolecznosci.mgr.consensu.org
spolecznosci.net
tag.userreport.com
tpc.googlesyndication.com
vendorlist.consensu.org
www.google-analytics.com
www.googletagservices.com
104.111.215.171
143.204.237.119
149.202.75.212
178.250.2.146
178.32.202.244
178.32.202.249
185.184.8.30
185.64.189.112
185.86.138.16
2.18.232.130
2.18.233.180
2.18.234.21
2600:9000:20eb:1800:1:af78:4c0:93a1
2600:9000:215d:5e00:12:6213:9cc0:93a1
2600:9000:215d:7c00:11:af01:b40:93a1
2600:9000:21f3:c400:1f:a1b:34c0:93a1
2a00:1450:4001:801::2002
2a00:1450:4001:81b::200e
2a00:1450:4001:81e::2001
2a00:1450:4001:81e::2002
2a02:2638::1c
37.157.4.29
37.252.173.22
52.29.233.203
54.93.187.84
85.194.243.82
85.194.243.85
95.217.209.65
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
17f45a7f185f390d34c967be404fddaf6736265718d788c9adaca82cb3d8f238
1afeb9446d05494499eaa9a219ac49ba8665a865a85447ee7d7d80ca88470a9b
1b99a265be6725e0fdb47bbfc1e7057474938db8b49dab7edc573e969442774a
2add0ce24fdaeebad691b7702bfba12b7452e7d40d9ceeb7cc3f724099c6a602
2c851b274e54497e6290ce4e37686a435dfe7aa9a6f5380db0fdf5ae00481746
2d233c1838084b7e804e0e7a887190eeeb356132b1f625c7fa96ed3efd61e8b2
2dd97813ce32d152904345d0f0d98f5a001faa5d14ebe80e59663dd05c39a4cf
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
341dc8a2f05f363511ccd444d63a96a8879b330eda50fabb581e1776751aa38d
3d0aa5482e0c3cf33cc59bbb1b158b3c18ca5ad90effea25b1e2d6f6a5569fd0
4a7315598045b0762a4a7c6f40fb6c0da236c402566d27a8ab70db5d8cbb7a58
4def54078cb07d59fb5b0ad438691b9ec81c3a968c4eebbfe065836e229599b2
4ecd1784399d6be5b0b70e1ccbdeaf187a6c7a16b6d55c13f57da78950bc185a
50c627eb11b51d8817d120938c3e7a1f013ed5e22832c35efdec408986e2ddb6
5197981709a0e557654773c547d615ee9b7b7c61350419299fa445d56ea2f1cf
6659acceb3f85429d12ea2da3581d32f0e363717afe6f2321ce41296a68185b8
68082b4a1044fb154e385a6bc1ad82ff3e7d116bfdbe204749f083111993b234
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6d62d5829b3adde8fec4b48d4f3f473a2fb2765e22e0d1d0afae1f77dcc56570
7e4e9b3bfd0e2b30a426e3285ef61e6b8871c033e0737f59dba015cf375a8d60
7ebdebdee38c410140420f6c89bf9641e23e74cf6a1bd43670b20c483834eb6e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8ca44d53cfe5ed4bfafd235dced85b76aeafca260a058733de0c035f2e553a63
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
940cf45225fc7d157fc3da339af548bde918047660c228381d21b7eb1df112c6
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a6338f5c152a76c9f15c9a013c7bf2cc61d3a99597afd49f9540926113424057
a85812b9308ea7c1ce319c4c852315cd8e097b882e8ed99c34d50f7584896b21
ad25613558e2ab513ed517de8b22c470db976ae72dbe1ee9fae7cbc459f80c5b
b2acef3a315eaf0ea1680dd487286e1ec570dce5d3d9b5679ff9bf6954c9ebaf
b421ca0ae38a2c2c3a630a82e36565f7781a9d2c274000d21c2d8e20c1ac660c
b6a0ea8b570ed15cb95ffa25f59984cbb9b653430be7d609da2fcbc1303f4b3d
bd4ef9821aedbe2cb59323ab96d6c55400c0fc0f56292d528a4338b4d922f47a
c094805e4b88da0ecf6ad9bac8b08053c82df9d57f453c36829c5f6bba5b5ac3
c83c7670c31d4127fb493e87ba84436b9ac70c4ef71614027252eb671350d7c8
d0785de04d9ec05c1e05e34de27e6c95e489cb2c2ae06a666bcd1434bf8432da
d3697f191c20b57273f1e2d1321726aaa81178c3a4b8553f20f92d33a78ae6d6
d5d37a2eab10b9a8f16528b7d1ea9b49f5aaff0ce7153a6461a2fb242b4d2413
d9a9071ff86cf603d3c6f446a71b63f625f2c0d977523e411de8465755dfb42c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52e05e9b578749ee9c1a960a1abb9975bc4bdb4856bc93d1af97d120f10205c
e923ccc327cca82406d93806b3b542703d1c3c9324e808d2257b0a4b72186972
ee3cec3c33913424b8a94f2ba811277a4aaf0a8476d61653769c5d953ddeecbd
f5c0215b990a76c67413bf3163443468a0daae310e8f8f5753369960fb334ff3
f7d853a6d5efb7cd26d0313486d79e7a0dd9e7da45c0b10f93993db70ea4cbc5
fa2776137cbda7fb85aaa56be710f14e5d3d18e231756cfbe283a2938e7d6620

abdoxnoni003.7m.pl Open in urlscan Pro 149.202.75.212 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

71 Requests

82 %HTTPS

32 %IPv6

22 Domains

34 Subdomains

25 IPs

9 Countries

648 kBTransfer

1701 kBSize

3 Cookies

0 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

abdoxnoni003.7m.pl Open in urlscan Pro
149.202.75.212 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

82 %
HTTPS

32 %
IPv6

22
Domains

34
Subdomains

25
IPs

9
Countries

648 kB
Transfer

1701 kB
Size

3
Cookies

71 HTTP transactions
0 data transactions