urlscan.io logo urlscan.io
SecurityTrails logo

abonamenty.ujm.pl Open in urlscan Pro
212.85.107.2  Public Scan

Go To Rescan Add Verdict Report
URL: http://abonamenty.ujm.pl/pko.php
Submission: On February 13 via manual from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 14 HTTP transactions. The main IP is 212.85.107.2, located in Poland and belongs to HOMEPL-AS, PL. The main domain is abonamenty.ujm.pl.
This is the only time abonamenty.ujm.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 212.85.107.2 12824 (HOMEPL-AS)
3 11 136.243.169.30 24940 (HETZNER-AS)
1 193.107.88.208 48505 (KYLOS-AS)
4 4 138.201.227.223 24940 (HETZNER-AS)
2 4 136.243.156.112 24940 (HETZNER-AS)
5 5 138.201.129.175 24940 (HETZNER-AS)
2 2 138.201.129.51 24940 (HETZNER-AS)
1 138.201.129.177 24940 (HETZNER-AS)
14 6
2    212.85.107.2 (Poland)

ASN12824 (HOMEPL-AS, PL)
PTR: cloudserver002796.home.pl
abonamenty.ujm.pl
www.qpq.pl
11    136.243.169.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 3-beer.funcadr.net
adsearch.adkontekst.pl
cm.em.nscontext.eu
1    193.107.88.208 (Poland)

ASN48505 (KYLOS-AS, PL)
PTR: tunny.kylos.pl
karolchmiel.kylos.pl
4    138.201.227.223 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 5-beer.funcadr.net
mis.em.nscontext.eu
4    136.243.156.112 (Strullendorf, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 8-bt-spd-d.funcns.net
api.spoldzielnia.nsaudience.pl
5    138.201.129.175 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 1-bt-cassa.funcns.net
amis.em.nscontext.eu
2    138.201.129.51 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 9-bt-cassa.funcns.net
mis.nsaudience.pl
1    138.201.129.177 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 3-bt-cassa.funcns.net
gdpr.api.dmp.nsaudience.pl
Domain Requested by
7 adsearch.adkontekst.pl 1 redirects abonamenty.ujm.pl
adsearch.adkontekst.pl
5 amis.em.nscontext.eu 5 redirects
4 api.spoldzielnia.nsaudience.pl 2 redirects adsearch.adkontekst.pl
4 mis.em.nscontext.eu 4 redirects
4 cm.em.nscontext.eu 2 redirects adsearch.adkontekst.pl
2 mis.nsaudience.pl 2 redirects
1 gdpr.api.dmp.nsaudience.pl adsearch.adkontekst.pl
1 karolchmiel.kylos.pl abonamenty.ujm.pl
1 www.qpq.pl abonamenty.ujm.pl
1 abonamenty.ujm.pl
14 10

This site contains links to these domains. Also see Links.

Domain
qpq.pl
Subject Issuer Validity Valid
*.adsearch.adkontekst.pl
nazwaSSL		 2019-11-21 -
2020-11-20		 a year crt.sh
*.em.nscontext.eu
nazwaSSL		 2019-08-20 -
2020-08-19		 a year crt.sh
*.spoldzielnia.nsaudience.pl
nazwaSSL		 2019-09-06 -
2020-09-04		 a year crt.sh
*.api.dmp.nsaudience.pl
nazwaSSL		 2019-09-17 -
2020-09-16		 a year crt.sh

This page contains 7 frames:

Primary Page: http://abonamenty.ujm.pl/pko.php
Frame ID: CBC1F9A32F4162046C6893B57CCD8270
Requests: 9 HTTP requests in this frame

Frame: http://karolchmiel.kylos.pl/pko.php
Frame ID: 9B907EBA2E3068EC4E7CE9384C0AB4C1
Requests: 1 HTTP requests in this frame

Frame: https://cm.em.nscontext.eu/cm/iframe//?uid=mi1703dd9289b4f075160a21fa842
Frame ID: D9A1DB19F6C2BC364BEF92CE14C60907
Requests: 1 HTTP requests in this frame

Frame: https://api.spoldzielnia.nsaudience.pl/frontend/api/matchSale.api?uid=mi1703dd9289b4f075160a21fa842
Frame ID: C01D6B6030ACB8C395D54FF97E64FDF0
Requests: 1 HTTP requests in this frame

Frame: https://api.spoldzielnia.nsaudience.pl/frontend/api/matchSale.api?uid=mi1703dd931114848b80015a294ad
Frame ID: DC9AE7CE0D515DABB4BC94440B24A19D
Requests: 1 HTTP requests in this frame

Frame: https://cm.em.nscontext.eu/cm/iframe//?uid=mi1703dd931114848b80015a294ad
Frame ID: 7BFB875841EC320BB24DA98EDE32F8C3
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: BEB887897AB88325E94B834A2C6AB3F1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Page Statistics

14
Requests

79 %
HTTPS

0 %
IPv6

6
Domains

10
Subdomains

6
IPs

2
Countries

137 kB
Transfer

499 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=74926f2de3dcadfea6670e15809cfccb HTTP 301
  • https://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=74926f2de3dcadfea6670e15809cfccb
Request Chain 3
  • https://cm.em.nscontext.eu/cm/iframe/ HTTP 302
  • https://mis.em.nscontext.eu/deimos/cm/?redirect=https://cm.em.nscontext.eu/cm/iframe//?uid=__userId__ HTTP 302
  • https://mis.em.nscontext.eu/ex/tmp1581585606811Z2115959162/mi1703dd9289b4f075160a21fa842/1?redirect=https://cm.em.nscontext.eu/cm/iframe//?uid=__userId__ HTTP 302
  • https://cm.em.nscontext.eu/cm/iframe//?uid=mi1703dd9289b4f075160a21fa842
Request Chain 4
  • https://api.spoldzielnia.nsaudience.pl/frontend/api/matchSale.api HTTP 302
  • https://amis.em.nscontext.eu/?redirect=https%3A%2F%2Fapi.spoldzielnia.nsaudience.pl%2Ffrontend%2Fapi%2FmatchSale.api%3Fuid%3D__masterId__ HTTP 302
  • https://amis.em.nscontext.eu/ex/tmp1581585606927Z1921542688/mi1703dd9289b4f075160a21fa842/1?redirect=https%3A%2F%2Fapi.spoldzielnia.nsaudience.pl%2Ffrontend%2Fapi%2FmatchSale.api%3Fuid%3D__masterId__ HTTP 302
  • https://mis.nsaudience.pl/save?uid=mi1703dd9289b4f075160a21fa842&redirect=https%3A%2F%2Fapi.spoldzielnia.nsaudience.pl%2Ffrontend%2Fapi%2FmatchSale.api%3Fuid%3Dmi1703dd9289b4f075160a21fa842 HTTP 302
  • https://api.spoldzielnia.nsaudience.pl/frontend/api/matchSale.api?uid=mi1703dd9289b4f075160a21fa842
Request Chain 11
  • https://api.spoldzielnia.nsaudience.pl/frontend/api/matchSale.api HTTP 302
  • https://amis.em.nscontext.eu/?redirect=https%3A%2F%2Fapi.spoldzielnia.nsaudience.pl%2Ffrontend%2Fapi%2FmatchSale.api%3Fuid%3D__masterId__ HTTP 302
  • https://amis.em.nscontext.eu/ex/tmp1581585608977Z133312066/mi1703dd9311176451965f49d3c59/1?redirect=https%3A%2F%2Fapi.spoldzielnia.nsaudience.pl%2Ffrontend%2Fapi%2FmatchSale.api%3Fuid%3D__masterId__ HTTP 302
  • https://amis.em.nscontext.eu/ex/tmp1581585609006Z1511896803/mi1703dd931114848b80015a294ad/2?redirect=https%3A%2F%2Fapi.spoldzielnia.nsaudience.pl%2Ffrontend%2Fapi%2FmatchSale.api%3Fuid%3D__masterId__ HTTP 302
  • https://mis.nsaudience.pl/save?uid=mi1703dd931114848b80015a294ad&redirect=https%3A%2F%2Fapi.spoldzielnia.nsaudience.pl%2Ffrontend%2Fapi%2FmatchSale.api%3Fuid%3Dmi1703dd931114848b80015a294ad HTTP 302
  • https://api.spoldzielnia.nsaudience.pl/frontend/api/matchSale.api?uid=mi1703dd931114848b80015a294ad
Request Chain 12
  • https://cm.em.nscontext.eu/cm/iframe/ HTTP 302
  • https://mis.em.nscontext.eu/deimos/cm/?redirect=https://cm.em.nscontext.eu/cm/iframe//?uid=__userId__ HTTP 302
  • https://mis.em.nscontext.eu/ex/tmp1581585608977Z312679516/mi1703dd931114848b80015a294ad/1?redirect=https://cm.em.nscontext.eu/cm/iframe//?uid=__userId__ HTTP 302
  • https://cm.em.nscontext.eu/cm/iframe//?uid=mi1703dd931114848b80015a294ad

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set pko.php
abonamenty.ujm.pl/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://abonamenty.ujm.pl/pko.php
Protocol
HTTP/1.1
Server
212.85.107.2 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver002796.home.pl
Software
IdeaWebServer/0.83.341 /
Resource Hash
8198294111bb48987ef98a2678e067350781d53bdc75f5d0d66cd05765ea774f

Request headers

Host
abonamenty.ujm.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 09:20:06 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
IdeaWebServer/0.83.341
Set-Cookie
odslony1=1; expires=Fri, 14-Feb-2020 09:20:06 GMT; domain=abonamenty.ujm.pl
Content-Encoding
gzip
zamknij.gif
www.qpq.pl/ 		255 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.qpq.pl/zamknij.gif
Requested by
Host: abonamenty.ujm.pl
URL: http://abonamenty.ujm.pl/pko.php
Protocol
HTTP/1.1
Server
212.85.107.2 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver002796.home.pl
Software
IdeaWebServer/0.83.341 /
Resource Hash
9a9d05b7fb433d8e0df831641e4fd2b653df97e4dab3e67df50752745180cc81

Request headers

Referer
http://abonamenty.ujm.pl/pko.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 09:20:06 GMT
Last-Modified
Thu, 30 Oct 2008 19:13:14 GMT
Server
IdeaWebServer/0.83.341
Connection
keep-alive
Content-Length
255
Content-Type
image/gif
/
adsearch.adkontekst.pl/_/ads2/
Redirect Chain
  • http://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=74926f2de3dcadfea6670e15809cfccb
  • https://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=74926f2de3dcadfea6670e15809cfccb
22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=74926f2de3dcadfea6670e15809cfccb
Requested by
Host: abonamenty.ujm.pl
URL: http://abonamenty.ujm.pl/pko.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.169.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
3-beer.funcadr.net
Software
nginx /
Resource Hash
0c29186a0ab9da7ffa8d9c7f1da552b48e34924080fc5ce86f66037b30aad189
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://abonamenty.ujm.pl/pko.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 09:20:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
DENY
Content-Language
en-US
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript;charset=UTF-8
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-Application-Context
dispatcher-service-tao:dispatcher-run:8532
Expires
0

Redirect headers

Location
https://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=74926f2de3dcadfea6670e15809cfccb
Date
Thu, 13 Feb 2020 09:20:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
pko.php
karolchmiel.kylos.pl/ Frame 9B90 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://karolchmiel.kylos.pl/pko.php
Requested by
Host: abonamenty.ujm.pl
URL: http://abonamenty.ujm.pl/pko.php
Protocol
HTTP/1.1
Server
193.107.88.208 , Poland, ASN48505 (KYLOS-AS, PL),
Reverse DNS
tunny.kylos.pl
Software
LiteSpeed / PHP/7.2.27
Resource Hash

Request headers

Host
karolchmiel.kylos.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://abonamenty.ujm.pl/pko.php
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://abonamenty.ujm.pl/pko.php

Response headers

Connection
Keep-Alive
X-Powered-By
PHP/7.2.27
Content-Type
text/html; charset=UTF-8
Content-Length
866
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Thu, 13 Feb 2020 09:20:06 GMT
Server
LiteSpeed
Cookie set /
cm.em.nscontext.eu/cm/iframe// Frame D9A1
Redirect Chain
  • https://cm.em.nscontext.eu/cm/iframe/
  • https://mis.em.nscontext.eu/deimos/cm/?redirect=https://cm.em.nscontext.eu/cm/iframe//?uid=__userId__
  • https://mis.em.nscontext.eu/ex/tmp1581585606811Z2115959162/mi1703dd9289b4f075160a21fa842/1?redirect=https://cm.em.nscontext.eu/cm/iframe//?uid=__userId__
  • https://cm.em.nscontext.eu/cm/iframe//?uid=mi1703dd9289b4f075160a21fa842
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.em.nscontext.eu/cm/iframe//?uid=mi1703dd9289b4f075160a21fa842
Requested by
Host: adsearch.adkontekst.pl
URL: https://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=74926f2de3dcadfea6670e15809cfccb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.169.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
3-beer.funcadr.net
Software
nginx /
Resource Hash

Request headers

Host
cm.em.nscontext.eu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
http://abonamenty.ujm.pl/pko.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
volatileUid=mi1703dd9289b4f075160a21fa842; tmp1581585606811Z2115959162=mi1703dd9289b4f075160a21fa842; uid=mi1703dd9289b4f075160a21fa842
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://abonamenty.ujm.pl/pko.php

Response headers

Server
nginx
Date
Thu, 13 Feb 2020 09:20:06 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
uid=mi1703dd9289b4f075160a21fa842;Path=/;SameSite=None;Secure;Domain=.em.nscontext.eu;Expires=Sat, 12-Feb-2022 09:20:06 GMT ec=ec;Path=/;SameSite=None;Secure;Expires=Thu, 13-Feb-2020 10:20:06 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Server
nginx
Date
Thu, 13 Feb 2020 09:20:06 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
uid=mi1703dd9289b4f075160a21fa842;Path=/;SameSite=None;Secure;Domain=.em.nscontext.eu;Expires=Sat, 12-Feb-2022 09:20:06 GMT;Max-Age=63072000
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://cm.em.nscontext.eu/cm/iframe//?uid=mi1703dd9289b4f075160a21fa842
Cookie set matchSale.api
api.spoldzielnia.nsaudience.pl/frontend/api/ Frame C01D
Redirect Chain
  • https://api.spoldzielnia.nsaudience.pl/frontend/api/matchSale.api
  • https://amis.em.nscontext.eu/?redirect=https%3A%2F%2Fapi.spoldzielnia.nsaudience.pl%2Ffrontend%2Fapi%2FmatchSale.api%3Fuid%3D__masterId__
  • https://amis.em.nscontext.eu/ex/tmp1581585606927Z1921542688/mi1703dd9289b4f075160a21fa842/1?redirect=https%3A%2F%2Fapi.spoldzielnia.nsaudience.pl%2Ffrontend%2Fapi%2FmatchSale.api%3Fuid%3D__masterId__
  • https://mis.nsaudience.pl/save?uid=mi1703dd9289b4f075160a21fa842&redirect=https%3A%2F%2Fapi.spoldzielnia.nsaudience.pl%2Ffrontend%2Fapi%2FmatchSale.api%3Fuid%3Dmi1703dd9289b4f075160a21fa842
  • https://api.spoldzielnia.nsaudience.pl/frontend/api/matchSale.api?uid=mi1703dd9289b4f075160a21fa842
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.spoldzielnia.nsaudience.pl/frontend/api/matchSale.api?uid=mi1703dd9289b4f075160a21fa842
Requested by
Host: adsearch.adkontekst.pl
URL: https://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=74926f2de3dcadfea6670e15809cfccb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.156.112 Strullendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
8-bt-spd-d.funcns.net
Software
Microsoft-IIS/7.5 /
Resource Hash

Request headers

Host
api.spoldzielnia.nsaudience.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
http://abonamenty.ujm.pl/pko.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uid=mi1703dd9289b4f075160a21fa842; ut=1581585607067
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://abonamenty.ujm.pl/pko.php

Response headers

Server
Microsoft-IIS/7.5
Date
Thu, 13 Feb 2020 09:20:07 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="CAO COR COR CON TEL IVD SAM IND BUS"
Set-Cookie
ut=1581585607094;Path=/;Secure;SameSite=None;Expires=Fri, 12-Feb-2021 09:20:07 GMT uid=mi1703dd9289b4f075160a21fa842;Path=/;Secure;SameSite=None;Expires=Fri, 12-Feb-2021 09:20:07 GMT cpp=AAAAAAAAAjFeRRTHAAAAAAAAAsJeRRTHAAAAAAAAADNeRRTHAAAAAAAAAXZeRRTH;Path=/;Secure;SameSite=None;Expires=Sat, 14-Mar-2020 09:20:07 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding
gzip

Redirect headers

Server
Microsoft-IIS/7.5
Date
Thu, 13 Feb 2020 09:20:07 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
uid=mi1703dd9289b4f075160a21fa842;Path=/;Secure;SameSite=None;Domain=.nsaudience.pl;Expires=Sat, 12-Feb-2022 09:20:07 GMT;Max-Age=63072000 ut=1581585607067;Path=/;Secure;SameSite=None;Domain=.nsaudience.pl;Expires=Sat, 12-Feb-2022 09:20:07 GMT;Max-Age=63072000
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://api.spoldzielnia.nsaudience.pl/frontend/api/matchSale.api?uid=mi1703dd9289b4f075160a21fa842
status
adsearch.adkontekst.pl/_/cmp/ 		0
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsearch.adkontekst.pl/_/cmp/status?own=false
Requested by
Host: adsearch.adkontekst.pl
URL: https://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=74926f2de3dcadfea6670e15809cfccb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.169.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
3-beer.funcadr.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Access-Control-Request-Method
POST
Origin
http://abonamenty.ujm.pl
Referer
http://abonamenty.ujm.pl/pko.php
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Thu, 13 Feb 2020 09:20:06 GMT
X-Content-Type-Options
nosniff
Access-Control-Max-Age
1800
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Application-Context
dispatcher-service-tao:dispatcher-run:8532
Pragma
no-cache
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Server
nginx
X-Frame-Options
DENY
Vary
Origin
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
http://abonamenty.ujm.pl
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Expires
0
get.js
gdpr.api.dmp.nsaudience.pl/frontend/agreement/ 		84 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr.api.dmp.nsaudience.pl/frontend/agreement/get.js?source_id=ns&callback=ns_vda.dispatcher.rodos.callAllCallbacks
Requested by
Host: adsearch.adkontekst.pl
URL: https://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=74926f2de3dcadfea6670e15809cfccb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.129.177 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
3-bt-cassa.funcns.net
Software
Microsoft-IIS/7.5 /
Resource Hash
86d37d15e6fec711dec2cc55422fed6acea9cbe128df584c76442b25699e6ddb

Request headers

Referer
http://abonamenty.ujm.pl/pko.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 09:20:06 GMT
Server
Microsoft-IIS/7.5
P3P
CP="CAO COR COR CON TEL IVD SAM IND BUS"
Cache-Control
private, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
application/x-javascript;charset=UTF-8
Content-Length
84
Expires
Thu, 01 Jan 1970 00:00:00 GMT
status
adsearch.adkontekst.pl/_/cmp/ 		2 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsearch.adkontekst.pl/_/cmp/status?own=false
Requested by
Host: abonamenty.ujm.pl
URL: http://abonamenty.ujm.pl/pko.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.169.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
3-beer.funcadr.net
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://abonamenty.ujm.pl/pko.php
Origin
http://abonamenty.ujm.pl
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 09:20:06 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
DENY
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
http://abonamenty.ujm.pl
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
Content-Length
2
X-XSS-Protection
1; mode=block
X-Application-Context
dispatcher-service-tao:dispatcher-run:8532
Expires
0
/
adsearch.adkontekst.pl/_/ads2/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsearch.adkontekst.pl/_/ads2/?strict=true&QAPS_AKPL=74926f2de3dcadfea6670e15809cfccb&dispatched=true&useBehavioralTargeting=true
Requested by
Host: adsearch.adkontekst.pl
URL: https://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=74926f2de3dcadfea6670e15809cfccb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.169.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
3-beer.funcadr.net
Software
nginx /
Resource Hash
e686b9c7898cebd2eb4068ad4812a9a363b18970b6255e8a5f22b61a551cb00d

Request headers

Referer
http://abonamenty.ujm.pl/pko.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 09:20:08 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=UTF-8
/
adsearch.adkontekst.pl/quad/spliter/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsearch.adkontekst.pl/quad/spliter/?prefix=akon&prid=0&caid=0&plh=74926f2de3dcadfea6670e15809cfccb&plid=0&namespace=qa_akon&nc=1581585608803&qss=true&nc2=269357250&dispatched=false&adblock=false&useBehavioralTargeting=true&type=K1&ref=http%3A%2F%2Fabonamenty.ujm.pl%2Fpko.php
Requested by
Host: adsearch.adkontekst.pl
URL: https://adsearch.adkontekst.pl/_/ads2/?strict=true&QAPS_AKPL=74926f2de3dcadfea6670e15809cfccb&dispatched=true&useBehavioralTargeting=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.169.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
3-beer.funcadr.net
Software
nginx /
Resource Hash
6fad8e7fe2859602f4e95afd10f599fcf212d15b52629ac1c98078eafb33cec2

Request headers

Referer
http://abonamenty.ujm.pl/pko.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 09:20:08 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CUR OUR NOR"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
/
adsearch.adkontekst.pl/_/both/ 		456 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsearch.adkontekst.pl/_/both/?prefix=akon&namespace=qa_akon&nc=0&browser=safari&dispatched=false&adblock=false
Requested by
Host: adsearch.adkontekst.pl
URL: https://adsearch.adkontekst.pl/_/ads2/?strict=true&QAPS_AKPL=74926f2de3dcadfea6670e15809cfccb&dispatched=true&useBehavioralTargeting=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.169.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
3-beer.funcadr.net
Software
nginx /
Resource Hash
9b8a238cbee8ea9ed12d394e181a018a4c1691017284beb1f2ae15a62799dfdc

Request headers

Referer
http://abonamenty.ujm.pl/pko.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 09:20:08 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=UTF-8
Cookie set matchSale.api
api.spoldzielnia.nsaudience.pl/frontend/api/ Frame DC9A
Redirect Chain
  • https://api.spoldzielnia.nsaudience.pl/frontend/api/matchSale.api
  • https://amis.em.nscontext.eu/?redirect=https%3A%2F%2Fapi.spoldzielnia.nsaudience.pl%2Ffrontend%2Fapi%2FmatchSale.api%3Fuid%3D__masterId__
  • https://amis.em.nscontext.eu/ex/tmp1581585608977Z133312066/mi1703dd9311176451965f49d3c59/1?redirect=https%3A%2F%2Fapi.spoldzielnia.nsaudience.pl%2Ffrontend%2Fapi%2FmatchSale.api%3Fuid%3D__masterId__
  • https://amis.em.nscontext.eu/ex/tmp1581585609006Z1511896803/mi1703dd931114848b80015a294ad/2?redirect=https%3A%2F%2Fapi.spoldzielnia.nsaudience.pl%2Ffrontend%2Fapi%2FmatchSale.api%3Fuid%3D__masterId__
  • https://mis.nsaudience.pl/save?uid=mi1703dd931114848b80015a294ad&redirect=https%3A%2F%2Fapi.spoldzielnia.nsaudience.pl%2Ffrontend%2Fapi%2FmatchSale.api%3Fuid%3Dmi1703dd931114848b80015a294ad
  • https://api.spoldzielnia.nsaudience.pl/frontend/api/matchSale.api?uid=mi1703dd931114848b80015a294ad
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.spoldzielnia.nsaudience.pl/frontend/api/matchSale.api?uid=mi1703dd931114848b80015a294ad
Requested by
Host:
URL: gummibear.boxstatic-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.156.112 Strullendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
8-bt-spd-d.funcns.net
Software
Microsoft-IIS/7.5 /
Resource Hash

Request headers

Host
api.spoldzielnia.nsaudience.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
http://abonamenty.ujm.pl/pko.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uid=mi1703dd931114848b80015a294ad; ut=1581585609068
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://abonamenty.ujm.pl/pko.php

Response headers

Server
Microsoft-IIS/7.5
Date
Thu, 13 Feb 2020 09:20:09 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="CAO COR COR CON TEL IVD SAM IND BUS"
Set-Cookie
ut=1581585609657;Path=/;Secure;SameSite=None;Expires=Fri, 12-Feb-2021 09:20:09 GMT uid=mi1703dd931114848b80015a294ad;Path=/;Secure;SameSite=None;Expires=Fri, 12-Feb-2021 09:20:09 GMT cpp=AAAAAAAAAjFeRRTJAAAAAAAAAsJeRRTJAAAAAAAAADNeRRTJAAAAAAAAAXZeRRTJ;Path=/;Secure;SameSite=None;Expires=Sat, 14-Mar-2020 09:20:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding
gzip

Redirect headers

Server
Microsoft-IIS/7.5
Date
Thu, 13 Feb 2020 09:20:09 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
uid=mi1703dd931114848b80015a294ad;Path=/;Secure;SameSite=None;Domain=.nsaudience.pl;Expires=Sat, 12-Feb-2022 09:20:09 GMT;Max-Age=63072000 ut=1581585609068;Path=/;Secure;SameSite=None;Domain=.nsaudience.pl;Expires=Sat, 12-Feb-2022 09:20:09 GMT;Max-Age=63072000
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://api.spoldzielnia.nsaudience.pl/frontend/api/matchSale.api?uid=mi1703dd931114848b80015a294ad
Cookie set /
cm.em.nscontext.eu/cm/iframe// Frame 7BFB
Redirect Chain
  • https://cm.em.nscontext.eu/cm/iframe/
  • https://mis.em.nscontext.eu/deimos/cm/?redirect=https://cm.em.nscontext.eu/cm/iframe//?uid=__userId__
  • https://mis.em.nscontext.eu/ex/tmp1581585608977Z312679516/mi1703dd931114848b80015a294ad/1?redirect=https://cm.em.nscontext.eu/cm/iframe//?uid=__userId__
  • https://cm.em.nscontext.eu/cm/iframe//?uid=mi1703dd931114848b80015a294ad
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.em.nscontext.eu/cm/iframe//?uid=mi1703dd931114848b80015a294ad
Requested by
Host:
URL: gummibear.boxstatic-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.169.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
3-beer.funcadr.net
Software
nginx /
Resource Hash

Request headers

Host
cm.em.nscontext.eu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
http://abonamenty.ujm.pl/pko.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
tmp1581585608977Z133312066=mi1703dd9311176451965f49d3c59; volatileUid=mi1703dd931114848b80015a294ad; tmp1581585608977Z312679516=mi1703dd931114848b80015a294ad; tmp1581585609006Z1511896803=mi1703dd931114848b80015a294ad; uid=mi1703dd931114848b80015a294ad
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://abonamenty.ujm.pl/pko.php

Response headers

Server
nginx
Date
Thu, 13 Feb 2020 09:20:09 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
uid=mi1703dd931114848b80015a294ad;Path=/;SameSite=None;Secure;Domain=.em.nscontext.eu;Expires=Sat, 12-Feb-2022 09:20:09 GMT ec=ec;Path=/;SameSite=None;Secure;Expires=Thu, 13-Feb-2020 10:20:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Server
nginx
Date
Thu, 13 Feb 2020 09:20:09 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
uid=mi1703dd931114848b80015a294ad;Path=/;SameSite=None;Secure;Domain=.em.nscontext.eu;Expires=Sat, 12-Feb-2022 09:20:09 GMT;Max-Age=63072000
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://cm.em.nscontext.eu/cm/iframe//?uid=mi1703dd931114848b80015a294ad
truncated
/ Frame BEB8 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86ed6192dc45a26e281c718282a5001f479dfaaba30275786f4cdd7dd4873ba6

Request headers

Referer
http://abonamenty.ujm.pl/pko.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BEB8 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8d90d1c34b2cf176ae743361793df9ee6418708d8a8b5e4a7f69cf9503ba984

Request headers

Referer
http://abonamenty.ujm.pl/pko.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| placementHash string| placementDivId string| emiterScriptUrl string| emissionArea boolean| duplicatorCheckerEnabled string| duplicatorCheckerLoggerUrl string| frameTypeNotInFrame string| frameTypeFriendly string| frameTypeUnfriendly boolean| iframeCheckerEnabled string| dibLoggerUrl object| requiredAgreements number| agreements_cmpMaxWaitForScriptAttempts number| agreements_cmpExistsWaitForCallbackMs number| agreements_cmpWaitForScriptMs boolean| spIframeNeeded string| spIframeUrl boolean| cookieMatchingNeeded string| cookieMatchingUrl boolean| enableJsDebug object| jsServerLoggerScript string| viewName string| ajaxLoggerDibLoggerUrl string| nsEmiterSource string| mobile string| adblock string| polyfillUrl string| gamWtgPrebidScriptUrl object| $jscomp function| addBehavioralParam function| onAfterAgreements function| executeEmiter object| ns_vda object| ns_global_vars object| qa_akon object| __gwt_activeModules object| gummiTarget

11 Cookies

Domain/Path Name / Value
api.spoldzielnia.nsaudience.pl/ Name: uid
Value: mi1703dd9289b4f075160a21fa842
api.spoldzielnia.nsaudience.pl/ Name: cpp
Value: AAAAAAAAAjFeRRTHAAAAAAAAAsJeRRTHAAAAAAAAADNeRRTHAAAAAAAAAXZeRRTH
.nsaudience.pl/ Name: ut
Value: 1581585607067
cm.em.nscontext.eu/ Name: ec
Value: ec
api.spoldzielnia.nsaudience.pl/ Name: ut
Value: 1581585607094
.nsaudience.pl/ Name: uid
Value: mi1703dd9289b4f075160a21fa842
.em.nscontext.eu/ Name: uid
Value: mi1703dd9289b4f075160a21fa842
.em.nscontext.eu/ Name: volatileUid
Value: mi1703dd9289b4f075160a21fa842
.em.nscontext.eu/ Name: tmp1581585606927Z1921542688
Value: mi1703dd9289b4f075160a21fa842
.em.nscontext.eu/ Name: tmp1581585606811Z2115959162
Value: mi1703dd9289b4f075160a21fa842
.abonamenty.ujm.pl/ Name: odslony1
Value: 1