urlscan.io logo urlscan.io
SecurityTrails logo

egazeta24online.pl Open in urlscan Pro
46.242.233.71  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://egazeta24online.pl/autoryzacja/mobile
Effective URL: http://egazeta24online.pl/autoryzacja/mobile/
Submission: On November 09 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 24 HTTP transactions. The main IP is 46.242.233.71, located in Poland and belongs to HOMEPL-AS, PL. The main domain is egazeta24online.pl.
This is the only time egazeta24online.pl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 4 46.242.233.71 12824 (HOMEPL-AS)
1 4 89.161.254.183 12824 (HOMEPL-AS)
7 188.40.17.96 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 138.201.161.141 24940 (HETZNER-AS)
7 138.201.161.134 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.33.221.52 29990 (ASN-APPNEX)
24 8
4    46.242.233.71 (Poland)

ASN12824 (HOMEPL-AS, PL)
PTR: cloudserver179141.home.pl
egazeta24online.pl
4    89.161.254.183 (Poland)

ASN12824 (HOMEPL-AS, PL)
PTR: cloudserver2082475.home.pl
www.licznikodwiedzin.pl
www.deszczowce.pl
7    188.40.17.96 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 4-beer.funcadr.net
adsearch.adkontekst.pl
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    138.201.161.141 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 6-beer.funcadr.net
prd-nowy-master-id-supplier.adrino.io
7    138.201.161.134 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 2-beer.funcadr.net
mir.adsearch.adkontekst.pl
prd-header-biding.adrino.io
prd-dib-logger-service.adrino.io
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
Domain Requested by
7 adsearch.adkontekst.pl www.licznikodwiedzin.pl
adsearch.adkontekst.pl
prd-header-biding.adrino.io
4 prd-dib-logger-service.adrino.io prd-header-biding.adrino.io
4 egazeta24online.pl 1 redirects egazeta24online.pl
2 prd-header-biding.adrino.io adsearch.adkontekst.pl
prd-header-biding.adrino.io
2 www.deszczowce.pl 1 redirects egazeta24online.pl
2 www.licznikodwiedzin.pl egazeta24online.pl
www.licznikodwiedzin.pl
1 ib.adnxs.com prd-header-biding.adrino.io
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.licznikodwiedzin.pl
1 mir.adsearch.adkontekst.pl adsearch.adkontekst.pl
1 prd-nowy-master-id-supplier.adrino.io 1 redirects
1 ajax.googleapis.com www.licznikodwiedzin.pl
24 12

This site contains no links.

Subject Issuer Validity Valid
*.adsearch.adkontekst.pl
nazwaSSL		 2020-11-19 -
2021-11-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.adrino.io
nazwaSSL		 2021-03-24 -
2022-03-22		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh

This page contains 4 frames:

Primary Page: http://egazeta24online.pl/autoryzacja/mobile/
Frame ID: BC021C135DB4EFC2AC5D19B0CC3A76C6
Requests: 14 HTTP requests in this frame

Frame: http://www.licznikodwiedzin.pl/cnt/cnt.php?key=157910342&minDigits=7
Frame ID: 9800FDB8EBFBCE9CD936D2D0A8246539
Requests: 4 HTTP requests in this frame

Frame: https://mir.adsearch.adkontekst.pl/_/mi17d03fa9e05595a2a17ee167553
Frame ID: 03A99712292446014D41228A3102D96B
Requests: 1 HTTP requests in this frame

Frame: http://prd-header-biding.adrino.io/js/tools.js
Frame ID: 5D49D8FF359A9CD685EBB5EE51E773F0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zaloguj siÄ™ do Facebooka | Facebook

Page URL History Show full URLs

  1. https://egazeta24online.pl/autoryzacja/mobile HTTP 301
    http://egazeta24online.pl/autoryzacja/mobile/ Page URL

Page Statistics

24
Requests

67 %
HTTPS

33 %
IPv6

9
Domains

12
Subdomains

8
IPs

3
Countries

304 kB
Transfer

963 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://egazeta24online.pl/autoryzacja/mobile HTTP 301
    http://egazeta24online.pl/autoryzacja/mobile/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://www.deszczowce.pl/app/webroot/img/bannery/adkontekst/xx.gif HTTP 301
  • https://www.deszczowce.pl/app/webroot/img/bannery/adkontekst/xx.gif
Request Chain 7
  • https://prd-nowy-master-id-supplier.adrino.io/?redirect=https://mir.adsearch.adkontekst.pl/_/__masterId__ HTTP 302
  • https://mir.adsearch.adkontekst.pl/_/mi17d03fa9e05595a2a17ee167553

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
egazeta24online.pl/autoryzacja/mobile/
Redirect Chain
  • https://egazeta24online.pl/autoryzacja/mobile
  • http://egazeta24online.pl/autoryzacja/mobile/
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://egazeta24online.pl/autoryzacja/mobile/
Protocol
HTTP/1.1
Server
46.242.233.71 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver179141.home.pl
Software
Apache /
Resource Hash
cba8892428ef82da6f4b31845e6b1908b7fcfcc0416bcafbc6c21c495735dd93

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 09 Nov 2021 09:14:55 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
Apache
Last-Modified
Mon, 08 Nov 2021 15:46:24 GMT
ETag
W/"1934-5d048e5223400"
Content-Encoding
gzip

Redirect headers

date
Tue, 09 Nov 2021 09:14:55 GMT
content-type
text/html; charset=iso-8859-1
content-length
253
location
http://egazeta24online.pl/autoryzacja/mobile/
server
Apache
style.css
egazeta24online.pl/autoryzacja/mobile/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://egazeta24online.pl/autoryzacja/mobile/style.css
Requested by
Host: egazeta24online.pl
URL: http://egazeta24online.pl/autoryzacja/mobile/
Protocol
HTTP/1.1
Server
46.242.233.71 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver179141.home.pl
Software
Apache /
Resource Hash
6c3878e3dca2962d9bfd126d3d6b75b8b6e6c4980b445a502cdc97c38c4a9ed2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://egazeta24online.pl/autoryzacja/mobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 09:14:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Nov 2021 15:46:24 GMT
Server
Apache
ETag
W/"2091-5d048e5223400"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
fb.png
egazeta24online.pl/autoryzacja/mobile/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://egazeta24online.pl/autoryzacja/mobile/fb.png
Requested by
Host: egazeta24online.pl
URL: http://egazeta24online.pl/autoryzacja/mobile/
Protocol
HTTP/1.1
Server
46.242.233.71 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver179141.home.pl
Software
Apache /
Resource Hash
b6dc7bf9e7743b739be67e1ff9a8577b1f822e701c9594d592e3f79adaae2365

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://egazeta24online.pl/autoryzacja/mobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 09:14:55 GMT
Last-Modified
Mon, 08 Nov 2021 15:46:24 GMT
Server
Apache
ETag
"c3a-5d048e5223400"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3130
start.php
www.licznikodwiedzin.pl/cnt/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.licznikodwiedzin.pl/cnt/start.php?key=157910342
Requested by
Host: egazeta24online.pl
URL: http://egazeta24online.pl/autoryzacja/mobile/
Protocol
HTTP/1.1
Server
89.161.254.183 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082475.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash
c5d15cbcc683069c646ec02c46e679d52e522fb54177e9ad6c2fc218d7983b7e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://egazeta24online.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 09:14:55 GMT
Content-Encoding
gzip
Server
IdeaWebServer/3.0.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
cnt.php
www.licznikodwiedzin.pl/cnt/ Frame 9800 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.licznikodwiedzin.pl/cnt/cnt.php?key=157910342&minDigits=7
Requested by
Host: www.licznikodwiedzin.pl
URL: http://www.licznikodwiedzin.pl/cnt/start.php?key=157910342
Protocol
HTTP/1.1
Server
89.161.254.183 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082475.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash
322e20a0c5fbee197695b562a36ca63e1fa13fb8900f24f3af70ae73f5887f77

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://egazeta24online.pl/

Response headers

Date
Tue, 09 Nov 2021 09:14:55 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Server
IdeaWebServer/3.0.0
Content-Encoding
gzip
/
adsearch.adkontekst.pl/_/ads2/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=0777479e274c03f3865ef57852a7c607
Requested by
Host: www.licznikodwiedzin.pl
URL: http://www.licznikodwiedzin.pl/cnt/start.php?key=157910342
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.17.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
4-beer.funcadr.net
Software
nginx /
Resource Hash
05c16c50cc6f9fffa1e83596bfdef102605cd49f6e1c6ed4adc9e2511dba6199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://egazeta24online.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 09:14:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Content-Language
de-DE
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
application/javascript;charset=ISO-8859-1
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-Application-Context
dispatcher-service-tao:dispatcher-run:8532
Expires
0
xx.gif
www.deszczowce.pl/app/webroot/img/bannery/adkontekst/
Redirect Chain
  • http://www.deszczowce.pl/app/webroot/img/bannery/adkontekst/xx.gif
  • https://www.deszczowce.pl/app/webroot/img/bannery/adkontekst/xx.gif
836 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deszczowce.pl/app/webroot/img/bannery/adkontekst/xx.gif
Requested by
Host: egazeta24online.pl
URL: http://egazeta24online.pl/autoryzacja/mobile/
Protocol
H2
Server
89.161.254.183 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver2082475.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash
038f95f1b5770bd0f9a3e0b63fd15aefc33f15194ee9aabbea57aea9c48b0010

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://egazeta24online.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:14:55 GMT
expires
Tue, 21 Dec 2021 01:14:56 GMT
last-modified
Thu, 04 Oct 2018 02:40:25 GMT
server
IdeaWebServer/3.0.0
content-length
836
content-type
image/gif

Redirect headers

Date
Tue, 09 Nov 2021 09:14:55 GMT
Last-Modified
Thu, 04 Oct 2018 02:40:25 GMT
Server
IdeaWebServer/3.0.0
Content-Type
text/html
Location
https://www.deszczowce.pl/app/webroot/img/bannery/adkontekst/xx.gif
Connection
keep-alive
Content-Length
615
Expires
Tue, 21 Dec 2021 01:14:56 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 9800 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: www.licznikodwiedzin.pl
URL: http://www.licznikodwiedzin.pl/cnt/cnt.php?key=157910342&minDigits=7
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.licznikodwiedzin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 08:56:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
1115
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
33018
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="hosted-libraries-pushers"
Expires
Wed, 09 Nov 2022 08:56:20 GMT
mi17d03fa9e05595a2a17ee167553
mir.adsearch.adkontekst.pl/_/ Frame 03A9
Redirect Chain
  • https://prd-nowy-master-id-supplier.adrino.io/?redirect=https://mir.adsearch.adkontekst.pl/_/__masterId__
  • https://mir.adsearch.adkontekst.pl/_/mi17d03fa9e05595a2a17ee167553
0
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mir.adsearch.adkontekst.pl/_/mi17d03fa9e05595a2a17ee167553
Requested by
Host: adsearch.adkontekst.pl
URL: https://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=0777479e274c03f3865ef57852a7c607
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.161.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
2-beer.funcadr.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://egazeta24online.pl/

Response headers

Server
nginx
Date
Tue, 09 Nov 2021 09:14:55 GMT
Content-Length
0
Connection
keep-alive
Vary
Origin
Access-Control-Max-Age
3600
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN

Redirect headers

Server
nginx
Date
Tue, 09 Nov 2021 09:14:55 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Origin
Access-Control-Max-Age
3600
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
Location
https://mir.adsearch.adkontekst.pl/_/mi17d03fa9e05595a2a17ee167553
status
adsearch.adkontekst.pl/_/cmp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adsearch.adkontekst.pl/_/cmp/status?own=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.17.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
4-beer.funcadr.net
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://egazeta24online.pl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 09 Nov 2021 09:14:55 GMT
Content-Length
0
Connection
keep-alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Pragma
no-cache
Expires
0
X-Application-Context
dispatcher-service-tao:dispatcher-run:8532
Access-Control-Allow-Origin
http://egazeta24online.pl
Vary
Origin
Access-Control-Allow-Methods
POST
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
status
adsearch.adkontekst.pl/_/cmp/ 		2 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsearch.adkontekst.pl/_/cmp/status?own=false
Requested by
Host: adsearch.adkontekst.pl
URL: https://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=0777479e274c03f3865ef57852a7c607
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.17.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
4-beer.funcadr.net
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://egazeta24online.pl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 09:14:55 GMT
X-Content-Type-Options
nosniff
Server
nginx
Vary
Origin
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
http://egazeta24online.pl
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
X-XSS-Protection
1; mode=block
X-Application-Context
dispatcher-service-tao:dispatcher-run:8532
Expires
0
js
www.googletagmanager.com/gtag/ Frame 9800 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-603609-35
Requested by
Host: www.licznikodwiedzin.pl
URL: http://www.licznikodwiedzin.pl/cnt/cnt.php?key=157910342&minDigits=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c1de00c1541b2e9b0b86d2049c71024c7c7ea32a84fb5dd633a9282c8710de8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.licznikodwiedzin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:14:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36366
x-xss-protection
0
expires
Tue, 09 Nov 2021 09:14:56 GMT
analytics.js
www.google-analytics.com/ Frame 9800 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-603609-35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.licznikodwiedzin.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4462
date
Tue, 09 Nov 2021 08:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 09 Nov 2021 10:00:34 GMT
0777479e274c03f3865ef57852a7c607
prd-header-biding.adrino.io/units/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prd-header-biding.adrino.io/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=4.532374100719425&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false
Requested by
Host: adsearch.adkontekst.pl
URL: https://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=0777479e274c03f3865ef57852a7c607
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.161.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
2-beer.funcadr.net
Software
nginx /
Resource Hash
1d0911bc7b7cc2032de5647522ab5584456fa7634f2e3f71cb8ff0860807199f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://egazeta24online.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 09:14:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
DENY
Content-Language
de-DE
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/javascript;charset=ISO-8859-1
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-Application-Context
header-bidding-service
Expires
0
tools.js
prd-header-biding.adrino.io/js/ Frame 5D49 		187 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://prd-header-biding.adrino.io/js/tools.js
Requested by
Host: prd-header-biding.adrino.io
URL: https://prd-header-biding.adrino.io/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=4.532374100719425&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false
Protocol
HTTP/1.1
Server
138.201.161.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
2-beer.funcadr.net
Software
nginx /
Resource Hash
8b4b3bce52beeb04b918dcfea17f634fd3e571ce7f34dd8cf1f71b1b3c8d7f8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://egazeta24online.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 09:14:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Jun 2021 10:45:22 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
X-Application-Context
header-bidding-service
prebid
ib.adnxs.com/ut/v3/ Frame 5D49 		138 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: prd-header-biding.adrino.io
URL: http://prd-header-biding.adrino.io/js/tools.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://egazeta24online.pl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 09:14:58 GMT
X-Proxy-Origin
194.36.108.19; 194.36.108.19; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6ba2169a-7953-4d57-b5bc-f3648933c974
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://egazeta24online.pl
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dibs
prd-dib-logger-service.adrino.io/loggers/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prd-dib-logger-service.adrino.io/loggers/dibs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.161.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
2-beer.funcadr.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://egazeta24online.pl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 09 Nov 2021 09:14:58 GMT
Content-Length
0
Connection
keep-alive
X-Application-Context
dib-logger-service
Access-Control-Allow-Origin
http://egazeta24online.pl
Vary
Origin
Access-Control-Allow-Methods
POST
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
times
prd-dib-logger-service.adrino.io/loggers/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prd-dib-logger-service.adrino.io/loggers/times
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.161.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
2-beer.funcadr.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://egazeta24online.pl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 09 Nov 2021 09:14:58 GMT
Content-Length
0
Connection
keep-alive
X-Application-Context
dib-logger-service
Access-Control-Allow-Origin
http://egazeta24online.pl
Vary
Origin
Access-Control-Allow-Methods
POST
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
/
adsearch.adkontekst.pl/_/ads2/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsearch.adkontekst.pl/_/ads2/?strict=true&QAPS_AKPL=0777479e274c03f3865ef57852a7c607&dispatched=true&useBehavioralTargeting=true
Requested by
Host: prd-header-biding.adrino.io
URL: https://prd-header-biding.adrino.io/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=4.532374100719425&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.17.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
4-beer.funcadr.net
Software
nginx /
Resource Hash
fdb2a37bb58c93c40b76b372766fb3bea6c78e1141fc92afc886e99459c6d15d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://egazeta24online.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 09:14:58 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=UTF-8
dibs
prd-dib-logger-service.adrino.io/loggers/ 		2 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-dib-logger-service.adrino.io/loggers/dibs
Requested by
Host: prd-header-biding.adrino.io
URL: https://prd-header-biding.adrino.io/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=4.532374100719425&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.161.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
2-beer.funcadr.net
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://egazeta24online.pl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Tue, 09 Nov 2021 09:14:58 GMT
Server
nginx
Vary
Origin
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
http://egazeta24online.pl
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
X-Application-Context
dib-logger-service
times
prd-dib-logger-service.adrino.io/loggers/ 		2 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-dib-logger-service.adrino.io/loggers/times
Requested by
Host: prd-header-biding.adrino.io
URL: https://prd-header-biding.adrino.io/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=4.532374100719425&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.161.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
2-beer.funcadr.net
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://egazeta24online.pl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Tue, 09 Nov 2021 09:14:58 GMT
Server
nginx
Vary
Origin
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
http://egazeta24online.pl
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
X-Application-Context
dib-logger-service
/
adsearch.adkontekst.pl/quad/spliter/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsearch.adkontekst.pl/quad/spliter/?prefix=akon&prid=0&caid=0&plh=0777479e274c03f3865ef57852a7c607&plid=0&namespace=qa_akon&nc=1636449298061&qss=true&nc2=544648505&dispatched=false&adblock=false&useBehavioralTargeting=true&type=K1&ref=http%3A%2F%2Fegazeta24online.pl%2Fautoryzacja%2Fmobile%2F
Requested by
Host: adsearch.adkontekst.pl
URL: https://adsearch.adkontekst.pl/_/ads2/?strict=true&QAPS_AKPL=0777479e274c03f3865ef57852a7c607&dispatched=true&useBehavioralTargeting=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.17.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
4-beer.funcadr.net
Software
nginx /
Resource Hash
8e01606605dbb5906ed0f2901c1d5b9cbeb37dd163201ed4718e7d1a14bde5e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://egazeta24online.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 09:14:58 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CUR OUR NOR"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
/
adsearch.adkontekst.pl/_/both/ 		456 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsearch.adkontekst.pl/_/both/?prefix=akon&namespace=qa_akon&nc=0&browser=safari&dispatched=false&adblock=false
Requested by
Host: adsearch.adkontekst.pl
URL: https://adsearch.adkontekst.pl/_/ads2/?strict=true&QAPS_AKPL=0777479e274c03f3865ef57852a7c607&dispatched=true&useBehavioralTargeting=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.17.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
4-beer.funcadr.net
Software
nginx /
Resource Hash
e628bdd2cc7b7cbb642ddef9b12280e13e2eadaf97f53f272de6b0b007ae1dac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://egazeta24online.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 09:14:58 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=UTF-8
/
adsearch.adkontekst.pl/quad/spliter/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsearch.adkontekst.pl/quad/spliter/?prid=944&caid=103713&nc=1636449298160&cc=3&form=507626:3:Q1:R1:G1:S1:V1:A3;&content=_512+facebooka+_256+zaloguj+_128+znasz+znajomymi+zaczac+udostepniac+rzeczy+rozne+rodzina+ludzmi+laczyc&qnr=0&without=&extra=&w=160&h=600&qss=true&flash=false&iid=1970238300098876&prefix=akon&namespace=qa_akon&type=2&dispatched=true&useBehavioralTargeting=true&ref=http%3A%2F%2Fegazeta24online.pl%2Fautoryzacja%2Fmobile%2F
Requested by
Host: adsearch.adkontekst.pl
URL: https://adsearch.adkontekst.pl/_/ads2/?strict=true&QAPS_AKPL=0777479e274c03f3865ef57852a7c607&dispatched=true&useBehavioralTargeting=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.17.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
4-beer.funcadr.net
Software
nginx /
Resource Hash
092014922b732f68cfeb6aab0f8e0969df67f5b4e7b345dda504c16f4763c162

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://egazeta24online.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 09:14:58 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CUR OUR NOR"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| __updateOrientation function| getInternetExplorerVersion number| ver number| deszczowcepl_rand boolean| deszczowcepl_ad boolean| deszczowcepl_attempt string| placementHash string| emissionArea object| nshbParams object| requiredAgreementsNshb boolean| enableJsDebug object| jsServerLoggerScript string| viewName string| ajaxLoggerDibLoggerUrl string| nsEmiterSource string| mobile string| adblock string| polyfillUrl string| gamWtgPrebidScriptUrl boolean| cookieMatchingNeeded string| cookieMatchingUrl object| requiredAgreements number| agreements_cmpMaxWaitForScriptAttempts number| agreements_cmpExistsWaitForCallbackMs number| agreements_cmpWaitForScriptMs function| addBehavioralParam function| onAfterAgreements function| executeEmiter string| frameTypeNotInFrame string| frameTypeFriendly string| frameTypeUnfriendly boolean| iframeCheckerEnabled string| dibLoggerUrl boolean| duplicatorCheckerEnabled string| duplicatorCheckerLoggerUrl object| ns_vda object| adElement string| objectName object| 0777479e274c03f3865ef57852a7c607Oc9dd4964 boolean| 0777479e274c03f3865ef57852a7c607 object| ns_global_vars object| qa_akon object| __gwt_activeModules object| gummiTarget

3 Cookies

Domain/Path Name / Value
prd-nowy-master-id-supplier.adrino.io/ Name: _9
Value: mi17d03fa9e05595a2a17ee167553
.adsearch.adkontekst.pl/ Name: _9
Value: mi17d03fa9e05595a2a17ee167553
adsearch.adkontekst.pl/ Name: CAPCOOC
Value: V1:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsearch.adkontekst.pl
ajax.googleapis.com
egazeta24online.pl
ib.adnxs.com
mir.adsearch.adkontekst.pl
prd-dib-logger-service.adrino.io
prd-header-biding.adrino.io
prd-nowy-master-id-supplier.adrino.io
www.deszczowce.pl
www.google-analytics.com
www.googletagmanager.com
www.licznikodwiedzin.pl
138.201.161.134
138.201.161.141
185.33.221.52
188.40.17.96
2a00:1450:4001:801::200a
2a00:1450:4001:810::200e
2a00:1450:4001:831::2008
46.242.233.71
89.161.254.183
038f95f1b5770bd0f9a3e0b63fd15aefc33f15194ee9aabbea57aea9c48b0010
05c16c50cc6f9fffa1e83596bfdef102605cd49f6e1c6ed4adc9e2511dba6199
092014922b732f68cfeb6aab0f8e0969df67f5b4e7b345dda504c16f4763c162
1d0911bc7b7cc2032de5647522ab5584456fa7634f2e3f71cb8ff0860807199f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
322e20a0c5fbee197695b562a36ca63e1fa13fb8900f24f3af70ae73f5887f77
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6c3878e3dca2962d9bfd126d3d6b75b8b6e6c4980b445a502cdc97c38c4a9ed2
7c1de00c1541b2e9b0b86d2049c71024c7c7ea32a84fb5dd633a9282c8710de8
8b4b3bce52beeb04b918dcfea17f634fd3e571ce7f34dd8cf1f71b1b3c8d7f8b
8e01606605dbb5906ed0f2901c1d5b9cbeb37dd163201ed4718e7d1a14bde5e4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b6dc7bf9e7743b739be67e1ff9a8577b1f822e701c9594d592e3f79adaae2365
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c5d15cbcc683069c646ec02c46e679d52e522fb54177e9ad6c2fc218d7983b7e
cba8892428ef82da6f4b31845e6b1908b7fcfcc0416bcafbc6c21c495735dd93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e628bdd2cc7b7cbb642ddef9b12280e13e2eadaf97f53f272de6b0b007ae1dac
fdb2a37bb58c93c40b76b372766fb3bea6c78e1141fc92afc886e99459c6d15d