urlscan.io logo urlscan.io
SecurityTrails logo

biuletynimm.pl Open in urlscan Pro
46.229.144.46  Public Scan

Go To Rescan Add Verdict Report
URL: https://biuletynimm.pl/de/?c=TJWT07&m=i&d=z&f=32&p=1
Submission Tags: falconsandbox
Submission: On February 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 46.229.144.46, located in Kolonia Opacz, Poland and belongs to ATMAN-ISP-AS ATM S.A., PL. The main domain is biuletynimm.pl.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on May 20th 2021. Valid for: a year.
This is the only time biuletynimm.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

aptekarzpolski_pl_2022_02_01_12_2021___nowe_rejestracje_lekow_w_ramach_procedury_centralnej_pdf(0).pdf 301 KB application/pdf
MIME: PDF document, version 1.4
Size: 301 KB (308294 bytes, 100% done)
Downloaded from: https://biuletynimm.pl/ddt/?c=TJWT07&m=i&d=z&f=32&p=1&user_hash=75f67d020a6c2c4561d1ca4670345b0a&user_hash1=1232214500

Domain & IP information

IP Address AS Autonomous System
3 46.229.144.46 15694 (ATMAN-ISP...)
3 1
Apex Domain
Subdomains		 Transfer
3 biuletynimm.pl
biuletynimm.pl
27 KB
3 1
Domain Requested by
3 biuletynimm.pl biuletynimm.pl
3 1

This site contains no links.

Subject Issuer Validity Valid
*.biuletynimm.pl
Certum Domain Validation CA SHA2		 2021-05-20 -
2022-05-20		 a year crt.sh

This page contains 1 frames:

Frame: https://biuletynimm.pl/ddt/?c=TJWT07&m=i&d=z&f=32&p=1&user_hash=75f67d020a6c2c4561d1ca4670345b0a&user_hash1=1232214500
Frame ID: 57C08D7DD5E5205843AEBD9FD2B567B8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

27 kB
Transfer

64 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
biuletynimm.pl/de/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biuletynimm.pl/de/?c=TJWT07&m=i&d=z&f=32&p=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.229.144.46 Kolonia Opacz, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
rev-46.229.144.46.atman.pl
Software
/ Express
Resource Hash
55f6845b7c52cc3207ea8c569e049e52c6a66469d13ac6ad00830c67317d65b8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

X-Powered-By
Express
Access-Control-Allow-Headers
X-Requested-With, Origin, Content-Type, Accept, Authtoken, Mobile
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
undefined
Content-Type
text/html; charset=utf-8
Content-Length
1216
ETag
W/"4c0-iRcYTuNUxZWix4wit5AUG7VLosY"
Date
Wed, 02 Feb 2022 09:10:31 GMT
X-Robots-Tag
noindex
direct_download.min.js
biuletynimm.pl/static/main/js/ 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biuletynimm.pl/static/main/js/direct_download.min.js?v=3
Requested by
Host: biuletynimm.pl
URL: https://biuletynimm.pl/de/?c=TJWT07&m=i&d=z&f=32&p=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.229.144.46 Kolonia Opacz, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
rev-46.229.144.46.atman.pl
Software
/ Express
Resource Hash
1998ff9177fe81b8860aa60f02fdbec4b183b4785852e986c071e5c00a520789

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://biuletynimm.pl/de/?c=TJWT07&m=i&d=z&f=32&p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 09:10:31 GMT
Content-Encoding
gzip
ETag
W/"fbd0-17e770c16a0"
Last-Modified
Thu, 20 Jan 2022 10:33:08 GMT
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-Robots-Tag
noindex
Access-Control-Allow-Headers
X-Requested-With, Origin, Content-Type, Accept
/
biuletynimm.pl/ddt/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://biuletynimm.pl/ddt/?c=TJWT07&m=i&d=z&f=32&p=1&user_hash=75f67d020a6c2c4561d1ca4670345b0a&user_hash1=1232214500
Requested by
Host: biuletynimm.pl
URL: https://biuletynimm.pl/static/main/js/direct_download.min.js?v=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.229.144.46 Kolonia Opacz, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
rev-46.229.144.46.atman.pl
Software
/ Express
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://biuletynimm.pl/de/?c=TJWT07&m=i&d=z&f=32&p=1

Response headers

X-Powered-By
Express
Access-Control-Allow-Headers
X-Requested-With, Origin, Content-Type, Accept, Authtoken, Mobile
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
undefined
Content-Disposition
attachment; filename="aptekarzpolski_pl_2022_02_01_12_2021___nowe_rejestracje_lekow_w_ramach_procedury_centralnej_pdf(0).pdf"
Accept-Ranges
bytes
Cache-Control
public, max-age=0
Last-Modified
Wed, 02 Feb 2022 07:36:48 GMT
ETag
W/"4b446-17eb95d5619"
Content-Type
application/pdf
Content-Length
308294
Date
Wed, 02 Feb 2022 09:10:32 GMT
X-Robots-Tag
noindex

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| IMM_REDIRECT_URL object| FingerprintJS string| fp number| fp1 function| download_redirect function| ClientJS

2 Cookies

Domain/Path Name / Value
biuletynimm.pl/ Name: IMMTRCK
Value: 587c32676a02da1f36ac58d59da60ffd125189280bb6e1ecd36770e2fbc06540e5ed6d03a7129a14f4897b9acabee1c01c0f967a2fe1d60c7fc80e68684b42d628
biuletynimm.pl/ Name: connect.sid
Value: s%3A0xZBnu35vBABNGV15trI4XnfzYQFsUgy.vPKWd4S4eIbGb03LYhfLu5pf3gM8jHPOgq3GTR1w9zM

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

biuletynimm.pl
46.229.144.46
1998ff9177fe81b8860aa60f02fdbec4b183b4785852e986c071e5c00a520789
55f6845b7c52cc3207ea8c569e049e52c6a66469d13ac6ad00830c67317d65b8