URL: http://24podatnik.com/
Submission: On July 19 via manual from PL

Summary

This website contacted 25 IPs in 6 countries across 23 domains to perform 28 HTTP transactions. The main IP is 5.61.59.102, located in Dronten, Netherlands and belongs to SCALAXY-AS, NL. The main domain is 24podatnik.com.
This is the only time 24podatnik.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Santander (Banking)

Domain & IP information

IP Address AS Autonomous System
4 5.61.59.102 58061 (SCALAXY-AS)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 151.139.128.8 20446 (HIGHWINDS3)
1 151.139.128.11 20446 (HIGHWINDS3)
1 152.199.19.160 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.58.104.15 35139 (SQUIZ)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 185.38.249.42 197226 (SPRINT-SDC)
1 23.45.236.174 16625 (AKAMAI-AS)
1 91.200.21.16 15439 (EUROBANK-EFG)
1 92.43.119.114 31229 (PL-BEYOND-AS)
1 2a0a:7d80:1:7... 6697 (BELPAK-AS...)
1 193.109.225.10 21344 (INTELIGO)
1 193.41.230.87 16167 (BREBANK-M...)
1 193.105.248.157 196999 (NESTBANK)
1 91.213.58.97 49611 (BPSA-AS)
1 2.16.186.193 20940 (AKAMAI-ASN1)
1 195.14.4.2 39008 (EFG-AS)
1 193.22.28.252 197285 (SOFTNET-P...)
1 195.182.52.100 47322 (ALIOR-AS)
1 193.41.231.130 59977 (PL_SANTAN...)
1 108.161.188.228 33438 (HIGHWINDS2)
28 25
Domain Requested by
4 unpkg.com 2 redirects 24podatnik.com
4 24podatnik.com 24podatnik.com
1 fonticons-free-fonticons.netdna-ssl.com use.fonticons.com
1 www.centrum24.pl 24podatnik.com
1 www.aliorbank.pl 24podatnik.com
1 wbs-bank.pl 24podatnik.com
1 www.rbinternational.com.pl 24podatnik.com
1 www.przelewy24.pl 24podatnik.com
1 online.pocztowy.pl 24podatnik.com
1 nestbank.pl 24podatnik.com
1 www.mbank.pl 24podatnik.com
1 inteligo.pl 24podatnik.com
1 www.ideabank.by 24podatnik.com
1 gbsbank.pl 24podatnik.com
1 www.eurobank.com.cy 24podatnik.com
1 www.citibank.pl 24podatnik.com
1 www.bph.pl 24podatnik.com
1 cdn-pays.bnpparibas.com 24podatnik.com
1 www.bosbank.pl 24podatnik.com
1 ajax.googleapis.com 24podatnik.com
1 ajax.aspnetcdn.com 24podatnik.com
1 use.fonticons.com 24podatnik.com
1 fontawesome.com 24podatnik.com
1 use.fontawesome.com 24podatnik.com
28 24

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-02 -
2022-07-01
a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-13 -
2021-12-14
a year crt.sh
use.fonticons.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-13 -
2021-12-14
a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2020-11-16 -
2021-11-10
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-06-22 -
2021-09-14
3 months crt.sh
bosbank.pl
Certum Extended Validation CA SHA2
2019-12-03 -
2021-12-02
2 years crt.sh
bnp03s.bnpparibas.com
DigiCert SHA2 Secure Server CA
2021-07-13 -
2022-07-20
a year crt.sh
24podatnik.com
R3
2021-07-17 -
2021-10-15
3 months crt.sh
www.bph.pl
DigiCert EV RSA CA G2
2020-10-09 -
2021-11-10
a year crt.sh
www.online.citibank.pl
DigiCert SHA2 Extended Validation Server CA
2020-11-12 -
2021-10-23
a year crt.sh
www.eurobank.com.cy
Entrust Certification Authority - L1K
2020-01-22 -
2021-09-19
2 years crt.sh
gbsbank.pl
Certum Extended Validation CA SHA2
2021-07-13 -
2022-07-13
a year crt.sh
ideabank.by
GeoTrust EV RSA CA 2018
2021-02-03 -
2022-03-06
a year crt.sh
inteligo.pl
Certum Extended Validation CA SHA2
2021-02-12 -
2022-02-12
a year crt.sh
www.mbank.pl
DigiCert SHA2 Extended Validation Server CA
2020-12-30 -
2022-01-19
a year crt.sh
nestbank.pl
GeoTrust EV RSA CA 2018
2020-12-04 -
2021-12-08
a year crt.sh
online.pocztowy.pl
DigiCert SHA2 Extended Validation Server CA
2021-02-22 -
2022-03-01
a year crt.sh
*.przelewy24.pl
DigiCert SHA2 Secure Server CA
2021-05-29 -
2022-06-03
a year crt.sh
rbinternational.com.pl
GeoTrust EV RSA CA 2018
2020-10-21 -
2021-10-25
a year crt.sh
*.wbs-bank.pl
Certum Organization Validation CA SHA2
2020-06-11 -
2022-06-11
2 years crt.sh
www.aliorbank.pl
DigiCert SHA2 Extended Validation Server CA
2020-12-15 -
2021-12-19
a year crt.sh
centrum24.pl
Certum Extended Validation CA SHA2
2020-08-19 -
2021-08-19
a year crt.sh
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-22 -
2022-03-18
a year crt.sh

This page contains 1 frames:

Primary Page: http://24podatnik.com/
Frame ID: 7B551A7DAAD85E14C40EF5FBA5BCA5EC
Requests: 34 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
  • html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

28
Requests

89 %
HTTPS

21 %
IPv6

23
Domains

24
Subdomains

25
IPs

6
Countries

583 kB
Transfer

1353 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://unpkg.com/element-ui/lib/theme-chalk/index.css HTTP 302
  • https://unpkg.com/element-ui@2.15.3/lib/theme-chalk/index.css
Request Chain 1
  • https://unpkg.com/element-ui/lib/index.js HTTP 302
  • https://unpkg.com/element-ui@2.15.3/lib/index.js

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
24podatnik.com/
25 KB
25 KB
Document
General
Full URL
http://24podatnik.com/
Protocol
HTTP/1.1
Server
5.61.59.102 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
98f62ae544813b7c21ba399bc4179603458f73e1e4de5cf929dad44d65600689

Request headers

Host
24podatnik.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.14.1
Date
Mon, 19 Jul 2021 10:52:54 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
index.css
unpkg.com/element-ui@2.15.3/lib/theme-chalk/
Redirect Chain
  • https://unpkg.com/element-ui/lib/theme-chalk/index.css
  • https://unpkg.com/element-ui@2.15.3/lib/theme-chalk/index.css
230 KB
36 KB
Stylesheet
General
Full URL
https://unpkg.com/element-ui@2.15.3/lib/theme-chalk/index.css
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
821af5ce65d33832ca9751d42d077a7ead4c21eee6dc52623533824fcb1d74b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 10:52:55 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
1737475
fly-request-id
01F9BDBQK173TFMKG5QE92S9FB
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"39602-RERRpAv5uKxkyqwyZ59kvuUotI8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6713672bc9ce05b3-FRA

Redirect headers

date
Mon, 19 Jul 2021 10:52:54 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FAZ68QCFWP9MNA7ZR510CDF8
server
cloudflare
age
81
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/element-ui@2.15.3/lib/theme-chalk/index.css
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6713672b995705b3-FRA
access-control-allow-origin
*
index.js
unpkg.com/element-ui@2.15.3/lib/
Redirect Chain
  • https://unpkg.com/element-ui/lib/index.js
  • https://unpkg.com/element-ui@2.15.3/lib/index.js
562 KB
144 KB
Script
General
Full URL
https://unpkg.com/element-ui@2.15.3/lib/index.js
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38554561faa143d9c39ca87e35f22c79fa72fdf9e34f090af74f59620a38e67c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 10:52:55 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
1737435
fly-request-id
01F9BDCXTHWGH0D4ZJG9NRJW49
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"8c664-1Q8qdSFG2k7nZLaO3O3H4rjfSW0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6713672bc9cc05b3-FRA

Redirect headers

date
Mon, 19 Jul 2021 10:52:54 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FAZ63CT7KPXV6V6EBT4C5SSF
server
cloudflare
age
252
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/element-ui@2.15.3/lib/index.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6713672b995a05b3-FRA
access-control-allow-origin
*
all.css
use.fontawesome.com/releases/v5.8.2/css/
54 KB
12 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.8.2/css/all.css
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f

Request headers

Origin
http://24podatnik.com
Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 10:52:55 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-request-id
YX2PQJMHZBCC1ZMP
access-control-allow-methods
GET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2
jh26AYNhjPbqnPVEdOH1t/VX7+BiTyFSsYPj0wJqS/o/FYdp/n99mJjMTlMxZG3maWayxpT2c7I=
last-modified
Wed, 30 Jun 2021 15:47:00 GMT
server
cloudflare
etag
W/"77cbad34e5ce95e70847b074e05faeab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xwe8UBqZID3W%2B6M2OH7JWKmzJpoxujnCO21aGFcOCl%2Bb85EuhjAufpZamY5BtImUNOSVraDfBpLAaJukuYHZN%2BWma6JXbRd0gpr4yd1Es7%2FLzBBJDCssAzvRKe7rH2K8X4TzZplAUUZCH8omsy%2Bh5ehc"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6713672b98b2c29f-FRA
font-awesome.css
fontawesome.com/v4.7/assets/font-awesome/css/
37 KB
7 KB
Stylesheet
General
Full URL
https://fontawesome.com/v4.7/assets/font-awesome/css/font-awesome.css
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.8 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cowboy /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 10:52:55 GMT
content-encoding
gzip
server
Cowboy
etag
"70F1D34"
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-hw
1626691975.cds053.lo4.hn,1626691975.cds064.lo4.c
content-type
text/css
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
7447
x-request-id
Fo_gG6cfgX3s0iwAAB4i
ffe176a3.js
use.fonticons.com/
10 KB
4 KB
Script
General
Full URL
https://use.fonticons.com/ffe176a3.js
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
3ef738606d51279732f54fd55112acec1da7ba9558c201243db5a2c20d2b2358

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 10:52:55 GMT
content-encoding
gzip
last-modified
Tue, 05 Dec 2017 18:10:56 GMT
etag
"4c533e98f529da022cc353b588510c5f"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw
1626691975.cds034.lo4.hn,1626691975.cds069.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60, private, must-revalidate
accept-ranges
bytes
content-length
4086
jquery.validate.min.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.13.1/
21 KB
7 KB
Script
General
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.validate/1.13.1/jquery.validate.min.js
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lha/8D04) /
Resource Hash
f0f5373ad203101ea91bf826c5a7ef8f7cd74887f06bad2cb9277a504503b9e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 10:52:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4605642
x-cache
HIT
content-length
6792
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:42:30 GMT
server
ECAcc (lha/8D04)
etag
"0b7a471d033d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.1/
91 KB
32 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 10:30:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32984
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 10:30:34 GMT
formToWizard.js
24podatnik.com/
2 KB
3 KB
Script
General
Full URL
http://24podatnik.com/formToWizard.js
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
HTTP/1.1
Server
5.61.59.102 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
f885548906cde30850a05f8d3d40996e8535d5eafb4d787da4646d9dbd403a60

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
24podatnik.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://24podatnik.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Jul 2021 10:52:55 GMT
Last-Modified
Thu, 15 Jul 2021 16:43:30 GMT
Server
nginx/1.14.1
ETag
"60f065b2-966"
Content-Type
application/javascript; charset=UTF-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2406
awesome.css
24podatnik.com/
30 KB
30 KB
Stylesheet
General
Full URL
http://24podatnik.com/awesome.css
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
HTTP/1.1
Server
5.61.59.102 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
36fbde1e457c14479c2af08ec92981840eb08cc5515cbccd3465b17c96da9632

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
24podatnik.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://24podatnik.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Jul 2021 10:52:55 GMT
Last-Modified
Tue, 06 Jul 2021 07:59:10 GMT
Server
nginx/1.14.1
ETag
"60e40d4e-78c0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30912
Logo_30-lecie_BOS.svg
www.bosbank.pl/__data/assets/file/0010/32122/
6 KB
3 KB
Image
General
Full URL
https://www.bosbank.pl/__data/assets/file/0010/32122/Logo_30-lecie_BOS.svg
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.58.104.15 , Poland, ASN35139 (SQUIZ, PL),
Reverse DNS
bos.squiz.pl
Software
Squiz /
Resource Hash
bbe3cd4413334af534ea292eec342c8b5f5df8ea37fe01f97ef825eedfdc4ad4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Jul 2021 10:52:55 GMT
Via
1.1 bos-web01.squiz.pl
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-Cache
MISS from bos-web01.squiz.pl
Connection
keep-alive
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
X-Request-ID
7afe6837-6c1c-4333-89da-162bc97e2a3d
Last-Modified
Fri, 08 Jan 2021 10:24:30 GMT
Server
Squiz
ETag
W/"5ff832de-1686"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
stale-if-error=2592000, max-age=2592000
Expires
Wed, 18 Aug 2021 10:52:55 GMT
logo-default.png
cdn-pays.bnpparibas.com/wp-content/themes/bnpparibasworld/assets/img/
19 KB
19 KB
Image
General
Full URL
https://cdn-pays.bnpparibas.com/wp-content/themes/bnpparibasworld/assets/img/logo-default.png
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:294::2a52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e50c4204469f6a59549d785c3da3b0f196edde016dd59fe968785b9f826593bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Jul 2021 10:52:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Jul 2015 05:03:39 GMT
Content-Type
image/png
Cache-Control
max-age=75841
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18953
Expires
Tue, 20 Jul 2021 07:56:56 GMT
logo-bank-int.gif
24podatnik.com/Payments/PlusBank/index_files/
2 KB
3 KB
Image
General
Full URL
https://24podatnik.com/Payments/PlusBank/index_files/logo-bank-int.gif
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.61.59.102 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
101575dcb5e3b4f560d62ea6b878a7060c16178eb5e0a43775c950b6088f121d

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Jul 2021 10:52:55 GMT
Last-Modified
Thu, 08 Jul 2021 12:11:36 GMT
Server
nginx/1.14.1
ETag
"60e6eb78-942"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2370
logo.jpg
www.bph.pl/pl/wp-content/themes/bph/images/
21 KB
21 KB
Image
General
Full URL
https://www.bph.pl/pl/wp-content/themes/bph/images/logo.jpg
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.38.249.42 , Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS
n249h42.sprintdatacenter.net
Software
nginx /
Resource Hash
f22f8e5b1f159a1b26eb2056a1167050e0f03aeba5e827d984db26942440a8d9

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 10:52:55 GMT
last-modified
Fri, 28 Oct 2016 17:09:23 GMT
server
nginx
accept-ranges
bytes
etag
"58138643-5381"
content-length
21377
content-type
image/jpeg
citi-logo-lg.png
www.citibank.pl/images/layout/
25 KB
25 KB
Image
General
Full URL
https://www.citibank.pl/images/layout/citi-logo-lg.png
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.236.174 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-236-174.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c7c7377ae14b678e4230100cc6e89a49c9ffd3e9f67e11b359dda8879e41192c

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Jul 2021 10:52:55 GMT
Last-Modified
Fri, 02 Jun 2017 10:43:15 GMT
P3P
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
25301
logo.png
www.eurobank.com.cy/Eurobank/media/Images/
9 KB
10 KB
Image
General
Full URL
https://www.eurobank.com.cy/Eurobank/media/Images/logo.png
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.200.21.16 , Greece, ASN15439 (EUROBANK-EFG, GR),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
48bfc8022d0c70d5acca510882fb297a846036c07cf6f8cfb78c2ce4a39d3480
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Jul 2021 10:52:53 GMT
Last-Modified
Mon, 02 Dec 2019 08:45:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0c2dbcceca8d51:0"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
9478
logo.png
gbsbank.pl/template/rwd/dev/images/
29 KB
29 KB
Image
General
Full URL
https://gbsbank.pl/template/rwd/dev/images/logo.png
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.43.119.114 , Poland, ASN31229 (PL-BEYOND-AS, PL),
Reverse DNS
srv114.trol.pl
Software
Apache /
Resource Hash
0dad831c0fec5ea0c2cb39671e212d06c2c5dbe7f46cac0732ec22af970bb2e9

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Jul 2021 10:52:55 GMT
Last-Modified
Thu, 06 Aug 2020 17:17:53 GMT
Server
Apache
ETag
"744d-5ac38ab2e0f6e"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
29773
Expires
Wed, 18 Aug 2021 10:52:55 GMT
logo.png
www.ideabank.by/ib/img/
2 KB
3 KB
Image
General
Full URL
https://www.ideabank.by/ib/img/logo.png
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:7d80:1:7::115:12a Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
26cb794d2d392241612d9466299983347cf926bd08db05e9072d6cce40832546

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 10:52:55 GMT
last-modified
Mon, 18 Jan 2021 09:04:17 GMT
server
nginx
etag
"60054f11-9fe"
content-type
image/png
cache-control
max-age=8380800
accept-ranges
bytes
content-length
2558
expires
Sun, 24 Oct 2021 10:52:55 GMT
inteligo-logo.png
inteligo.pl/static/_front/_inteligo/img/layout/
3 KB
3 KB
Image
General
Full URL
https://inteligo.pl/static/_front/_inteligo/img/layout/inteligo-logo.png
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.225.10 , Poland, ASN21344 (INTELIGO, PL),
Reverse DNS
inteligo.pl
Software
CERN httpd /
Resource Hash
66b937c17f3439959fb92444d1ff099b20da9af7428535385267e60b9daadb1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Mon, 19 Jul 2021 10:52:55 GMT
Last-Modified
Wed, 08 Aug 2018 12:48:46 GMT
Server
CERN httpd
ETag
"5b6ae6ae-bb0"
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
max-age=604800, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2992
Expires
Mon, 26 Jul 2021 10:40:47 GMT
mbank-logo-ind.gif
www.mbank.pl/images/logos/
2 KB
7 KB
Image
General
Full URL
https://www.mbank.pl/images/logos/mbank-logo-ind.gif
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.41.230.87 , Poland, ASN16167 (BREBANK-MBANK-MULTIBANK-AS ul. Piotrkowska 148150, PL),
Reverse DNS
www.mbank.pl
Software
Apache /
Resource Hash
4fc7b01f80c6af105d03f0c4406f2b44d7008beb40ec73da50d7a6fe5b1dd673
Security Headers
Name Value
Content-Security-Policy base-uri https://www.mbank.pl; report-uri https://www.csp.mbank.pl; default-src 'none'; manifest-src 'self'; upgrade-insecure-requests; block-all-mixed-content; script-src 'report-sample' 'self' 'unsafe-eval' 'unsafe-inline' https://ad.doubleclick.net https://cdn.ampproject.org https://cdn.skp.mbank.pl https://cdn.syndication.twimg.com https://connect.facebook.net https://ghmpl.hit.gemius.pl https://googleads.g.doubleclick.net https://maps.googleapis.com https://optimize.google.com https://platform.twitter.com https://r.skp.mbank.pl https://s.ytimg.com https://ssl.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com https://tpc.googlesyndication.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://www.mbank.pl https://www.youtube.com; style-src 'report-sample' 'self' 'unsafe-inline' https://cdn.ampproject.org https://cdn.skp.mbank.pl https://fonts.googleapis.com https://fonts.gstatic.com https://optimize.google.com https://platform.twitter.com https://tagmanager.google.com https://ton.twimg.com https://www.mbank.pl; img-src 'report-sample' 'self' data: https://*.fls.doubleclick.net https://abs.twimg.com https://ad.doubleclick.net https://adservice.google.com https://cdn.ampproject.org https://cdn.skp.mbank.pl https://cm.g.doubleclick.net https://csi.gstatic.com https://ghmpl.hit.gemius.pl https://googleads.g.doubleclick.net https://i.ytimg.com https://khms0.googleapis.com https://khms1.googleapis.com https://maps.googleapis.com https://maps.gstatic.com https://marketing.tr.netsalesmedia.pl https://optimize.google.com https://pbs.twimg.com https://platform.twitter.com https://redirect.skp.mbank.pl https://s.ytimg.com https://ssl.google-analytics.com https://ssl.gstatic.com https://stats.g.doubleclick.net https://syndication.twitter.com https://tagmanager.google.com https://ton.twimg.com https://www.facebook.com https://www.google-analytics.com https://www.google.be https://www.google.ch https://www.google.co.uk https://www.google.com https://www.google.com.ua https://www.google.cz https://www.google.de https://www.google.dk https://www.google.es https://www.google.fr https://www.google.hr https://www.google.ie https://www.google.it https://www.google.nl https://www.google.no https://www.google.pl https://www.google.se https://www.google.sk https://www.googleadservices.com https://www.googletagmanager.com https://www.gstatic.com https://www.mbank.pl; font-src 'report-sample' 'self' https://fonts.gstatic.com https://www.mbank.pl; connect-src 'report-sample' 'self' https://ad.doubleclick.net https://adservice.google.com https://api.skp.mbank.pl https://cdn.ampproject.org https://cm.g.doubleclick.net https://form.axaubezpieczenia.pl https://ghmpl.hit.gemius.pl https://lp.skp.mbank.pl https://r.skp.mbank.pl https://redirect.skp.mbank.pl https://search.interconsystems.pl https://stats.g.doubleclick.net https://syndication.twitter.com https://tagmanager.google.com https://tracker.skp.mbank.pl https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.pl https://www.googletagmanager.com https://www.mbank.pl wss://api.skp.mbank.pl wss://r.skp.mbank.pl; media-src 'report-sample' 'self' data: https://cdn.skp.mbank.pl https://www.mbank.pl; object-src 'report-sample' 'self' https://www.mbank.pl https://www.youtube.com; frame-src 'report-sample' 'self' https://*.fls.doubleclick.net https://bid.g.doubleclick.net https://form.mbank.pl https://optimize.google.com https://platform.twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://www.facebook.com https://www.googletagmanager.com https://www.mbank.pl https://www.youtube.com; child-src 'report-sample' 'self' https://*.fls.doubleclick.net https://bid.g.doubleclick.net https://form.mbank.pl https://tagmanager.google.com https://www.facebook.com https://www.googletagmanager.com https://www.mbank.pl https://www.youtube.com; form-action 'report-sample' 'self' https://form.mbank.com.pl https://form.mbank.pl https://www.mbank.pl; frame-ancestors 'report-sample' 'self' https://www.mbank.pl;
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Jul 2021 10:52:55 GMT
Strict-Transport-Security
max-age=15552000
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
max-age=604800, public
Feature-Policy
fullscreen *; midi 'none'
X-Content-Type-Options
nosniff
Content-Security-Policy
base-uri https://www.mbank.pl; report-uri https://www.csp.mbank.pl; default-src 'none'; manifest-src 'self'; upgrade-insecure-requests; block-all-mixed-content; script-src 'report-sample' 'self' 'unsafe-eval' 'unsafe-inline' https://ad.doubleclick.net https://cdn.ampproject.org https://cdn.skp.mbank.pl https://cdn.syndication.twimg.com https://connect.facebook.net https://ghmpl.hit.gemius.pl https://googleads.g.doubleclick.net https://maps.googleapis.com https://optimize.google.com https://platform.twitter.com https://r.skp.mbank.pl https://s.ytimg.com https://ssl.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com https://tpc.googlesyndication.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://www.mbank.pl https://www.youtube.com; style-src 'report-sample' 'self' 'unsafe-inline' https://cdn.ampproject.org https://cdn.skp.mbank.pl https://fonts.googleapis.com https://fonts.gstatic.com https://optimize.google.com https://platform.twitter.com https://tagmanager.google.com https://ton.twimg.com https://www.mbank.pl; img-src 'report-sample' 'self' data: https://*.fls.doubleclick.net https://abs.twimg.com https://ad.doubleclick.net https://adservice.google.com https://cdn.ampproject.org https://cdn.skp.mbank.pl https://cm.g.doubleclick.net https://csi.gstatic.com https://ghmpl.hit.gemius.pl https://googleads.g.doubleclick.net https://i.ytimg.com https://khms0.googleapis.com https://khms1.googleapis.com https://maps.googleapis.com https://maps.gstatic.com https://marketing.tr.netsalesmedia.pl https://optimize.google.com https://pbs.twimg.com https://platform.twitter.com https://redirect.skp.mbank.pl https://s.ytimg.com https://ssl.google-analytics.com https://ssl.gstatic.com https://stats.g.doubleclick.net https://syndication.twitter.com https://tagmanager.google.com https://ton.twimg.com https://www.facebook.com https://www.google-analytics.com https://www.google.be https://www.google.ch https://www.google.co.uk https://www.google.com https://www.google.com.ua https://www.google.cz https://www.google.de https://www.google.dk https://www.google.es https://www.google.fr https://www.google.hr https://www.google.ie https://www.google.it https://www.google.nl https://www.google.no https://www.google.pl https://www.google.se https://www.google.sk https://www.googleadservices.com https://www.googletagmanager.com https://www.gstatic.com https://www.mbank.pl; font-src 'report-sample' 'self' https://fonts.gstatic.com https://www.mbank.pl; connect-src 'report-sample' 'self' https://ad.doubleclick.net https://adservice.google.com https://api.skp.mbank.pl https://cdn.ampproject.org https://cm.g.doubleclick.net https://form.axaubezpieczenia.pl https://ghmpl.hit.gemius.pl https://lp.skp.mbank.pl https://r.skp.mbank.pl https://redirect.skp.mbank.pl https://search.interconsystems.pl https://stats.g.doubleclick.net https://syndication.twitter.com https://tagmanager.google.com https://tracker.skp.mbank.pl https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.pl https://www.googletagmanager.com https://www.mbank.pl wss://api.skp.mbank.pl wss://r.skp.mbank.pl; media-src 'report-sample' 'self' data: https://cdn.skp.mbank.pl https://www.mbank.pl; object-src 'report-sample' 'self' https://www.mbank.pl https://www.youtube.com; frame-src 'report-sample' 'self' https://*.fls.doubleclick.net https://bid.g.doubleclick.net https://form.mbank.pl https://optimize.google.com https://platform.twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://www.facebook.com https://www.googletagmanager.com https://www.mbank.pl https://www.youtube.com; child-src 'report-sample' 'self' https://*.fls.doubleclick.net https://bid.g.doubleclick.net https://form.mbank.pl https://tagmanager.google.com https://www.facebook.com https://www.googletagmanager.com https://www.mbank.pl https://www.youtube.com; form-action 'report-sample' 'self' https://form.mbank.com.pl https://form.mbank.pl https://www.mbank.pl; frame-ancestors 'report-sample' 'self' https://www.mbank.pl;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2227
X-XSS-Protection
1; mode=block
nestbank-logo.png
nestbank.pl/NestBank/media/NestBank/Struktura%20serwisu/
7 KB
9 KB
Image
General
Full URL
https://nestbank.pl/NestBank/media/NestBank/Struktura%20serwisu/nestbank-logo.png
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.105.248.157 Lodz, Poland, ASN196999 (NESTBANK, PL),
Reverse DNS
rev-193.105.248.157.fmbank.pl
Software
/
Resource Hash
698d4de529adea7d1ee84768978697137241c37d2943478ba63ee27123fbc6c2
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.nestbank.pl *.doubleclick.net https://www.maptiler.com https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io *.livecall.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net *.livecall.io; font-src 'self' data: *.googleapis.com *.gstatic.com *.livecall.io; style-src 'self' 'unsafe-inline' *.livecall.io *.google.com *.gstatic.com *.googleapis.com *.livecall.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googlesyndication.com *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com *.livecall.io; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io *.livecall.io https://optimize.google.com;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.nestbank.pl *.doubleclick.net https://www.maptiler.com https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io *.livecall.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net *.livecall.io; font-src 'self' data: *.googleapis.com *.gstatic.com *.livecall.io; style-src 'self' 'unsafe-inline' *.livecall.io *.google.com *.gstatic.com *.googleapis.com *.livecall.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googlesyndication.com *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com *.livecall.io; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io *.livecall.io https://optimize.google.com;
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 13 Nov 2018 09:57:10 GMT
X-XSS-Protection
1; mode=block
ETag
"09f583e377bd41:0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET,PUT,POST
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Paging-Headers
Date
Mon, 19 Jul 2021 10:52:54 GMT
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
7552
X-Content-Type-Options
nosniff
logo_color_red_2x.ff752e7e58fa75ca59f027f7c37b0144.png
online.pocztowy.pl/images/
10 KB
11 KB
Image
General
Full URL
https://online.pocztowy.pl/images/logo_color_red_2x.ff752e7e58fa75ca59f027f7c37b0144.png
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.213.58.97 , Poland, ASN49611 (BPSA-AS, PL),
Reverse DNS
Software
/
Resource Hash
7dcebcf28d142f0464019ea3a99dd4fe3cc40ed5431359014dd05fc50d996987
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Jul 2021 10:52:55 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 02 Jul 2021 10:09:50 GMT
ETag
"2893-5c62127f2d780"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=28512000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=300
Content-Length
10387
X-XSS-Protection
1; mode=block
Expires
Tue, 14 Jun 2022 10:52:55 GMT
przelewy24_logo.svg
www.przelewy24.pl/themes/base/assets/images/
6 KB
3 KB
Image
General
Full URL
https://www.przelewy24.pl/themes/base/assets/images/przelewy24_logo.svg
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aca36e5a3f71ed008f674d64a2204dfed5a10391e57461d5ecf194f118bca0f3
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Jan 2021 08:04:17 GMT
etag
"1778-5b8c395eca240-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
date
Mon, 19 Jul 2021 10:52:55 GMT
accept-ranges
bytes
dc
DC1
content-length
2297
rbi.svg
www.rbinternational.com.pl/static/img/
21 KB
22 KB
Image
General
Full URL
https://www.rbinternational.com.pl/static/img/rbi.svg
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
195.14.4.2 , Poland, ASN39008 (EFG-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
948bcd7996b72e67c790ce04a678e28d5bdf9c5ce389dec90d6926aaab2fdf73
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Jul 2021 10:52:55 GMT
Last-Modified
Wed, 30 Sep 2020 10:33:31 GMT
Server
nginx
Connection
keep-alive
Content-Length
21847
Strict-Transport-Security
max-age=5184000
Content-Type
image/svg+xml
logo.png
wbs-bank.pl/user/img/
30 KB
30 KB
Image
General
Full URL
https://wbs-bank.pl/user/img/logo.png
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.22.28.252 , Poland, ASN197285 (SOFTNET-PL-AS, PL),
Reverse DNS
Software
Apache /
Resource Hash
7430b20334fc88fd9f69bec35f5c852b35ca5aaa1f5d7b86aab2eee1079140f4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Jul 2021 10:52:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 06 Jun 2018 06:32:01 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=60, max=1024
logo.png
www.aliorbank.pl/dam/jcr:f0edda60-0383-48b7-a21b-1aaae29d9b80/
18 KB
18 KB
Image
General
Full URL
https://www.aliorbank.pl/dam/jcr:f0edda60-0383-48b7-a21b-1aaae29d9b80/logo.png
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
195.182.52.100 , Poland, ASN47322 (ALIOR-AS, PL),
Reverse DNS
Software
Alior /
Resource Hash
242df235b3f2f5150ba60f199c6d03664e88c9d826b68565e3105ff5b141a778
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=2592000; includeSubDomains
Last-Modified
Mon, 20 Apr 2020 11:41:36 GMT
Server
Alior
Age
14
Date
Mon, 19 Jul 2021 10:52:55 GMT
X-Frame-Options
SAMEORIGIN
Content-Language
pl
Cache-Control
max-age=600, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png;charset=UTF-8
Keep-Alive
timeout=15, max=100
Content-Length
18211
X-XSS-Protection
1; mode=block
Expires
Mon, 19 Jul 2021 11:02:42 GMT
santander-red.svg
www.centrum24.pl/css/images/
5 KB
6 KB
Image
General
Full URL
https://www.centrum24.pl/css/images/santander-red.svg
Requested by
Host: 24podatnik.com
URL: http://24podatnik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.41.231.130 , Poland, ASN59977 (PL_SANTANDER_TRANSIT_AS, PL),
Reverse DNS
www.centrum24.pl
Software
/
Resource Hash
15d8a431b2696fb0062931d013ec93c8292fa011b7e0dbd6195a8433f72fce98
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains;
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Jul 2021 07:22:46 GMT
Date
Mon, 19 Jul 2021 10:52:55 GMT
X-Frame-Options
SAMEORIGIN
Content-Language
en-US
X-OneAgent-JS-Injection
true
Cache-Control
no-cache="set-cookie, set-cookie2"
Connection
Keep-Alive
Content-Type
image/svg+xml
Keep-Alive
timeout=30, max=100
Content-Length
4994
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Dec 1994 16:00:00 GMT
truncated
/
220 B
220 B
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c

Request headers

Origin
http://24podatnik.com
Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff2
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29ece7b2e689f637d125e4049a960fd9d5a5a71ead05cb4a89660221bd671038

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
woff2.css
fonticons-free-fonticons.netdna-ssl.com/kits/ffe176a3/publications/72113/
51 KB
38 KB
Stylesheet
General
Full URL
https://fonticons-free-fonticons.netdna-ssl.com/kits/ffe176a3/publications/72113/woff2.css
Requested by
Host: use.fonticons.com
URL: https://use.fonticons.com/ffe176a3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
8e28dd590a13361ffa39e68a6189eaee7e36ecd413f616e2bd5d41ea30849496

Request headers

Referer
http://24podatnik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 10:52:55 GMT
content-encoding
gzip
last-modified
Tue, 05 Dec 2017 18:10:57 GMT
server
NetDNA-cache/2.2
etag
W/"5ec277c597b562f589dd441a921e204c"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=60, private, must-revalidate
truncated
/
3 KB
3 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f315fbfd3c5415ff0b21b0c3126f385e5018dafe18fcd097ca24641150e9666

Request headers

Origin
http://24podatnik.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/
7 KB
7 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b3018154c0617dd52ae744a4e80ae9807d10ef1dd78295a2550dbca0fd700f0

Request headers

Origin
http://24podatnik.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/
8 KB
8 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57e1bbe304168c4bfc616de96f245f166605473ce38ad8da18a8c789aec8312b

Request headers

Origin
http://24podatnik.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/
6 KB
6 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6f0fa686f84f16afb515924c223afbe92f5cfc24c7d406464c152d8ee437499

Request headers

Origin
http://24podatnik.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Santander (Banking)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| FortAwesomeConfig string| woffCSSFilename string| cssFilename string| cssUrl function| $ function| jQuery undefined| current_fs undefined| next_fs undefined| previous_fs undefined| left undefined| opacity undefined| scale undefined| animating

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

24podatnik.com
ajax.aspnetcdn.com
ajax.googleapis.com
cdn-pays.bnpparibas.com
fontawesome.com
fonticons-free-fonticons.netdna-ssl.com
gbsbank.pl
inteligo.pl
nestbank.pl
online.pocztowy.pl
unpkg.com
use.fontawesome.com
use.fonticons.com
wbs-bank.pl
www.aliorbank.pl
www.bosbank.pl
www.bph.pl
www.centrum24.pl
www.citibank.pl
www.eurobank.com.cy
www.ideabank.by
www.mbank.pl
www.przelewy24.pl
www.rbinternational.com.pl
108.161.188.228
151.139.128.11
151.139.128.8
152.199.19.160
185.38.249.42
193.105.248.157
193.109.225.10
193.22.28.252
193.41.230.87
193.41.231.130
195.14.4.2
195.182.52.100
2.16.186.193
2.58.104.15
23.45.236.174
2606:4700:3037::6815:4e07
2606:4700::6810:7eaf
2a00:1450:4001:80e::200a
2a02:26f0:6c00:294::2a52
2a0a:7d80:1:7::115:12a
5.61.59.102
91.200.21.16
91.213.58.97
92.43.119.114
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
0dad831c0fec5ea0c2cb39671e212d06c2c5dbe7f46cac0732ec22af970bb2e9
101575dcb5e3b4f560d62ea6b878a7060c16178eb5e0a43775c950b6088f121d
15d8a431b2696fb0062931d013ec93c8292fa011b7e0dbd6195a8433f72fce98
242df235b3f2f5150ba60f199c6d03664e88c9d826b68565e3105ff5b141a778
26cb794d2d392241612d9466299983347cf926bd08db05e9072d6cce40832546
29ece7b2e689f637d125e4049a960fd9d5a5a71ead05cb4a89660221bd671038
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
36fbde1e457c14479c2af08ec92981840eb08cc5515cbccd3465b17c96da9632
38554561faa143d9c39ca87e35f22c79fa72fdf9e34f090af74f59620a38e67c
3ef738606d51279732f54fd55112acec1da7ba9558c201243db5a2c20d2b2358
48bfc8022d0c70d5acca510882fb297a846036c07cf6f8cfb78c2ce4a39d3480
4b3018154c0617dd52ae744a4e80ae9807d10ef1dd78295a2550dbca0fd700f0
4fc7b01f80c6af105d03f0c4406f2b44d7008beb40ec73da50d7a6fe5b1dd673
57e1bbe304168c4bfc616de96f245f166605473ce38ad8da18a8c789aec8312b
66b937c17f3439959fb92444d1ff099b20da9af7428535385267e60b9daadb1c
698d4de529adea7d1ee84768978697137241c37d2943478ba63ee27123fbc6c2
7430b20334fc88fd9f69bec35f5c852b35ca5aaa1f5d7b86aab2eee1079140f4
7dcebcf28d142f0464019ea3a99dd4fe3cc40ed5431359014dd05fc50d996987
7f315fbfd3c5415ff0b21b0c3126f385e5018dafe18fcd097ca24641150e9666
821af5ce65d33832ca9751d42d077a7ead4c21eee6dc52623533824fcb1d74b3
8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007
8e28dd590a13361ffa39e68a6189eaee7e36ecd413f616e2bd5d41ea30849496
948bcd7996b72e67c790ce04a678e28d5bdf9c5ce389dec90d6926aaab2fdf73
98f62ae544813b7c21ba399bc4179603458f73e1e4de5cf929dad44d65600689
aca36e5a3f71ed008f674d64a2204dfed5a10391e57461d5ecf194f118bca0f3
bbe3cd4413334af534ea292eec342c8b5f5df8ea37fe01f97ef825eedfdc4ad4
c7c7377ae14b678e4230100cc6e89a49c9ffd3e9f67e11b359dda8879e41192c
d6f0fa686f84f16afb515924c223afbe92f5cfc24c7d406464c152d8ee437499
e50c4204469f6a59549d785c3da3b0f196edde016dd59fe968785b9f826593bc
f0f5373ad203101ea91bf826c5a7ef8f7cd74887f06bad2cb9277a504503b9e2
f22f8e5b1f159a1b26eb2056a1167050e0f03aeba5e827d984db26942440a8d9
f885548906cde30850a05f8d3d40996e8535d5eafb4d787da4646d9dbd403a60
fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c