pay.bm.pl Open in urlscan Pro
195.187.130.220  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request W947UBKB Show response pay.bm.pl/droplabs/continue/AYENJW5B1P/	7 KB 3 KB	309ms 86ms	Document text/html	195.187.130.220 NASK-COMMERCIAL
General Check archive.org Show headers Download Go to Full URL https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.187.130.220 , Poland, ASN8308 (NASK-COMMERCIAL, PL), Reverse DNS h220.blue.pl Software / Resource Hash 02bbe0dcde13a3952cbe3465da9db32f6a735a53e8cf07c39f56ce7926a764ee Security Headers Name Value Content-Security-Policy connect-src 'self' https://error.blue.pl https://piwik.blue.pl https://play.google.com https://www.google-analytics.com https://sandbox.secure.checkout.visa.com https://secure.checkout.visa.com https://thm.visa.com https://bluelead.blue.pl wss://wtn.bm.pl https://wtn.bm.pl; report-uri https://error.blue.pl/api/144/security/?sentry_key=dfeeb5be9555424aac6b718b63a21baa&sentry_environment=prod X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Wed, 24 Nov 2021 09:17:41 GMT Content-Type text/html; charset=UTF-8 Content-Length 2375 Cache-Control private, no-cache, no-store, must-revalidate Content-Security-Policy connect-src 'self' https://error.blue.pl https://piwik.blue.pl https://play.google.com https://www.google-analytics.com https://sandbox.secure.checkout.visa.com https://secure.checkout.visa.com https://thm.visa.com https://bluelead.blue.pl wss://wtn.bm.pl https://wtn.bm.pl; report-uri https://error.blue.pl/api/144/security/?sentry_key=dfeeb5be9555424aac6b718b63a21baa&sentry_environment=prod Referrer-Policy no-referrer-when-downgrade, same-origin X-Frame-Options DENY X-XSS-Protection 1; mode=block Vary Accept-Encoding Content-Encoding gzip Expires Wed, 24 Nov 2021 09:17:42 GMT Pragma no-cache
GET H/1.1	200 OK	styles.css pay.bm.pl/v/20211121215945/css/	269 KB 124 KB	76ms 76ms	Stylesheet text/css	195.187.130.220 NASK-COMMERCIAL
General Check archive.org Show headers Download Go to Full URL https://pay.bm.pl/v/20211121215945/css/styles.css Requested by Host: pay.bm.pl URL: https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.187.130.220 , Poland, ASN8308 (NASK-COMMERCIAL, PL), Reverse DNS h220.blue.pl Software / Resource Hash aa830204db6e1e9d0c54bea4242922e63d8219fc7d6dcb6a0fe6336770f1f35a Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Wed, 24 Nov 2021 09:17:41 GMT Content-Encoding gzip Last-Modified Thu, 04 Nov 2021 10:08:14 GMT Vary Accept-Encoding Content-Type text/css Cache-Control private, no-cache, no-store, must-revalidate Accept-Ranges bytes Content-Length 126548 Expires Sat, 25 Dec 2021 13:04:21 GMT
GET H/1.1	200 OK	style.css pay.bm.pl/v/20211121215945/bundles/webpaybm/css/payment/	145 B 467 B	110ms 39ms	Stylesheet text/css	195.187.130.220 NASK-COMMERCIAL
General Check archive.org Show headers Download Go to Full URL https://pay.bm.pl/v/20211121215945/bundles/webpaybm/css/payment/style.css Requested by Host: pay.bm.pl URL: https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.187.130.220 , Poland, ASN8308 (NASK-COMMERCIAL, PL), Reverse DNS h220.blue.pl Software / Resource Hash 340b35b0e96ed45d030428b84f815d8f08c5b2e454b503d6c0e20395d49238ea Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Wed, 24 Nov 2021 09:17:41 GMT Content-Encoding gzip Last-Modified Thu, 04 Nov 2021 10:08:14 GMT Vary Accept-Encoding Content-Type text/css Cache-Control private, no-cache, no-store, must-revalidate Accept-Ranges bytes Content-Length 132 Expires Sat, 25 Dec 2021 13:04:21 GMT
GET H/1.1	200 OK	bundle.min.js Show response pay.bm.pl/v/20211121215945/bundles/webpaybm/js/common/	58 KB 18 KB	143ms 71ms	Script application/javascript	195.187.130.220 NASK-COMMERCIAL
General Check archive.org Show headers Download Go to Full URL https://pay.bm.pl/v/20211121215945/bundles/webpaybm/js/common/bundle.min.js Requested by Host: pay.bm.pl URL: https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.187.130.220 , Poland, ASN8308 (NASK-COMMERCIAL, PL), Reverse DNS h220.blue.pl Software / Resource Hash 4ce77a45249855fbcb3520a4d78194efa6eb5bb50808faf00eea5b6064777b79 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Wed, 24 Nov 2021 09:17:41 GMT Content-Encoding gzip Last-Modified Thu, 04 Nov 2021 10:08:14 GMT Vary Accept-Encoding Content-Type application/javascript Cache-Control private, no-cache, no-store, must-revalidate Accept-Ranges bytes Content-Length 18462 Expires Wed, 24 Nov 2021 09:17:42 GMT
GET H/1.1	200 OK	scripts.js Show response pay.bm.pl/v/20211121215945/js/	254 KB 78 KB	122ms 50ms	Script application/javascript	195.187.130.220 NASK-COMMERCIAL
General Check archive.org Show headers Download Go to Full URL https://pay.bm.pl/v/20211121215945/js/scripts.js Requested by Host: pay.bm.pl URL: https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.187.130.220 , Poland, ASN8308 (NASK-COMMERCIAL, PL), Reverse DNS h220.blue.pl Software / Resource Hash e46a22be5349d1bb058cabbc217d266037f24afab38ecd7bf03de2bdd4bf987c Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Wed, 24 Nov 2021 09:17:41 GMT Content-Encoding gzip Last-Modified Thu, 04 Nov 2021 10:08:14 GMT Vary Accept-Encoding Content-Type application/javascript Cache-Control private, no-cache, no-store, must-revalidate Accept-Ranges bytes Content-Length 79826 Expires Wed, 24 Nov 2021 09:17:42 GMT
GET H/1.1	200 OK	de.js Show response pay.bm.pl/js/translations/	38 KB 9 KB	111ms 40ms	Script application/javascript	195.187.130.220 NASK-COMMERCIAL
General Check archive.org Show headers Download Go to Full URL https://pay.bm.pl/js/translations/de.js Requested by Host: pay.bm.pl URL: https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.187.130.220 , Poland, ASN8308 (NASK-COMMERCIAL, PL), Reverse DNS h220.blue.pl Software / Resource Hash a95694163b40658dbceaaa9bd7f0070da87ac0074e812f7a5d05d74242ff015f Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Wed, 24 Nov 2021 09:17:41 GMT Content-Encoding gzip Last-Modified Thu, 04 Nov 2021 10:08:14 GMT Vary Accept-Encoding Content-Type application/javascript Cache-Control private, no-cache, no-store, must-revalidate Accept-Ranges bytes Content-Length 9031 Expires Wed, 24 Nov 2021 09:17:42 GMT
GET H/1.1	200 OK	init.js Show response pay.bm.pl/v/20211121215945/js/	36 KB 10 KB	145ms 74ms	Script application/javascript	195.187.130.220 NASK-COMMERCIAL
General Check archive.org Show headers Download Go to Full URL https://pay.bm.pl/v/20211121215945/js/init.js Requested by Host: pay.bm.pl URL: https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.187.130.220 , Poland, ASN8308 (NASK-COMMERCIAL, PL), Reverse DNS h220.blue.pl Software / Resource Hash 54cc00ab8e58f9334961dd5d50046f78f2784213a9e823520d1dd4d401d1f88e Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Wed, 24 Nov 2021 09:17:41 GMT Content-Encoding gzip Last-Modified Thu, 04 Nov 2021 10:08:14 GMT Vary Accept-Encoding Content-Type application/javascript Cache-Control private, no-cache, no-store, must-revalidate Accept-Ranges bytes Content-Length 9436 Expires Wed, 24 Nov 2021 09:17:42 GMT
GET H/1.1	200 OK	bluemediaLogo.png pay.bm.pl/v/20211121215945/bundles/webpaybm/images/payment/	5 KB 6 KB	52ms 51ms	Image image/png	195.187.130.220 NASK-COMMERCIAL
General Check archive.org Show headers Download Go to Show image Full URL https://pay.bm.pl/v/20211121215945/bundles/webpaybm/images/payment/bluemediaLogo.png Requested by Host: pay.bm.pl URL: https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.187.130.220 , Poland, ASN8308 (NASK-COMMERCIAL, PL), Reverse DNS h220.blue.pl Software / Resource Hash fd9f41b82c102332fc05519ac355b9d783c50b2b9ed1fa49aca273c611fc7ac1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Wed, 24 Nov 2021 09:17:41 GMT Last-Modified Thu, 04 Nov 2021 10:07:50 GMT Content-Type image/png Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 5598 Expires Sat, 25 Dec 2021 13:04:21 GMT
GET H/1.1	200 OK	bluemediaLogoOld.png pay.bm.pl/v/20211121215945/bundles/webpaybm/images/payment/	1 KB 2 KB	81ms 81ms	Image image/png	195.187.130.220 NASK-COMMERCIAL
General Check archive.org Show headers Download Go to Show image Full URL https://pay.bm.pl/v/20211121215945/bundles/webpaybm/images/payment/bluemediaLogoOld.png Requested by Host: pay.bm.pl URL: https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.187.130.220 , Poland, ASN8308 (NASK-COMMERCIAL, PL), Reverse DNS h220.blue.pl Software / Resource Hash fedc5d43a0b0764f1716cb8f39e81f672ecbb969db63c55c7d344f6d17ba020b Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Wed, 24 Nov 2021 09:17:41 GMT Last-Modified Thu, 04 Nov 2021 10:07:50 GMT Content-Type image/png Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 1451 Expires Sat, 25 Dec 2021 13:04:21 GMT
GET H/1.1	200 OK	overflowProblem.png pay.bm.pl/v/20211121215945/bundles/webpaybm/images/common/	2 KB 2 KB	52ms 52ms	Image image/png	195.187.130.220 NASK-COMMERCIAL
General Check archive.org Show headers Download Go to Show image Full URL https://pay.bm.pl/v/20211121215945/bundles/webpaybm/images/common/overflowProblem.png Requested by Host: pay.bm.pl URL: https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.187.130.220 , Poland, ASN8308 (NASK-COMMERCIAL, PL), Reverse DNS h220.blue.pl Software / Resource Hash d87a40d241767fd5d9ce9c80dc1ed9066b4852fac9d1213fd6cee050581dd73b Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Wed, 24 Nov 2021 09:17:41 GMT Last-Modified Thu, 04 Nov 2021 10:07:50 GMT Content-Type image/png Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 1714 Expires Sat, 25 Dec 2021 13:04:21 GMT
GET H2	200	matomo.js Show response piwik.blue.pl/	159 KB 47 KB	173ms 56ms	Script application/javascript	34.250.25.219 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://piwik.blue.pl/matomo.js Requested by Host: pay.bm.pl URL: https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.250.25.219 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-25-219.eu-west-1.compute.amazonaws.com Software Apache/2.4.51 (Debian) / Resource Hash cfe06fe1a8934abbe698f5e7ab8debc75fb95530c2046dc4d24e2edfa192c384 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 24 Nov 2021 09:17:41 GMT content-encoding gzip last-modified Wed, 17 Nov 2021 11:32:45 GMT server Apache/2.4.51 (Debian) etag "27a90-5d0fa66a264aa-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 47539
GET DATA	200 OK	truncated /	231 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash be7ec45dfcdd8c4f077e3b52f6ea042389122fea8a1199560d03eb1538ff0d3e Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	bluemedia_logo.png pay.bm.pl/v/20211121215945/bundles/webpaybm/images/redirect/	1 KB 2 KB	39ms 38ms	Image image/png	195.187.130.220 NASK-COMMERCIAL
General Check archive.org Show headers Download Go to Show image Full URL https://pay.bm.pl/v/20211121215945/bundles/webpaybm/images/redirect/bluemedia_logo.png Requested by Host: pay.bm.pl URL: https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.187.130.220 , Poland, ASN8308 (NASK-COMMERCIAL, PL), Reverse DNS h220.blue.pl Software / Resource Hash fedc5d43a0b0764f1716cb8f39e81f672ecbb969db63c55c7d344f6d17ba020b Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Wed, 24 Nov 2021 09:17:41 GMT Last-Modified Thu, 04 Nov 2021 10:07:50 GMT Content-Type image/png Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 1451 Expires Sat, 25 Dec 2021 13:04:21 GMT
GET H/1.1	200 OK	redirect.gif pay.bm.pl/v/20211121215945/bundles/webpaybm/images/common/	2 KB 3 KB	61ms 61ms	Image image/gif	195.187.130.220 NASK-COMMERCIAL
General Check archive.org Show headers Download Go to Show image Full URL https://pay.bm.pl/v/20211121215945/bundles/webpaybm/images/common/redirect.gif Requested by Host: pay.bm.pl URL: https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.187.130.220 , Poland, ASN8308 (NASK-COMMERCIAL, PL), Reverse DNS h220.blue.pl Software / Resource Hash 55a6a3037855c0b493c17b8476b5796bef2d5c629259fdc9a56ae70173a20948 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Wed, 24 Nov 2021 09:17:41 GMT Last-Modified Thu, 04 Nov 2021 10:07:50 GMT Content-Type image/gif Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 2488 Expires Sat, 25 Dec 2021 13:04:21 GMT
POST H/1.1	406 Not Acceptable	continue Show response pay.bm.pl/api/	1 KB 2 KB	342ms 342ms	XHR text/html	195.187.130.220 NASK-COMMERCIAL
General Check archive.org Show headers Download Go to Full URL https://pay.bm.pl/api/continue Requested by Host: pay.bm.pl URL: https://pay.bm.pl/v/20211121215945/bundles/webpaybm/js/common/bundle.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.187.130.220 , Poland, ASN8308 (NASK-COMMERCIAL, PL), Reverse DNS h220.blue.pl Software / Resource Hash 60d4e4b640aeace0911245b99662a4cc9c737bf021f9e0bd1eb06745adbd35a7 Security Headers Name Value Content-Security-Policy connect-src 'self' https://error.blue.pl https://piwik.blue.pl https://play.google.com https://www.google-analytics.com https://sandbox.secure.checkout.visa.com https://secure.checkout.visa.com https://thm.visa.com https://bluelead.blue.pl wss://wtn.bm.pl https://wtn.bm.pl; report-uri https://error.blue.pl/api/144/security/?sentry_key=dfeeb5be9555424aac6b718b63a21baa&sentry_environment=prod X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept */* Referer https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB X-Requested-With XMLHttpRequest X-ARI c789a5fbb6f9d9927d0d0417d19a351b86fcf39ec8c1705737c9e29bdc7d0dc2 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Pragma no-cache Content-Security-Policy connect-src 'self' https://error.blue.pl https://piwik.blue.pl https://play.google.com https://www.google-analytics.com https://sandbox.secure.checkout.visa.com https://secure.checkout.visa.com https://thm.visa.com https://bluelead.blue.pl wss://wtn.bm.pl https://wtn.bm.pl; report-uri https://error.blue.pl/api/144/security/?sentry_key=dfeeb5be9555424aac6b718b63a21baa&sentry_environment=prod Referrer-Policy no-referrer-when-downgrade, same-origin Date Wed, 24 Nov 2021 09:17:41 GMT X-Frame-Options DENY Content-Type text/html; charset=UTF-8 Charset UTF-8 Cache-Control private, no-cache, no-store, must-revalidate Content-Length 1236 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	doubletwo_studios_-_xxiicentarregular-webfont.woff pay.bm.pl/v/20211121215945/bundles/webpaybm/fonts/	27 KB 27 KB	46ms 46ms	Font application/font-woff	195.187.130.220 NASK-COMMERCIAL
General Check archive.org Show headers Download Go to Full URL https://pay.bm.pl/v/20211121215945/bundles/webpaybm/fonts/doubletwo_studios_-_xxiicentarregular-webfont.woff Requested by Host: pay.bm.pl URL: https://pay.bm.pl/v/20211121215945/css/styles.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.187.130.220 , Poland, ASN8308 (NASK-COMMERCIAL, PL), Reverse DNS h220.blue.pl Software / Resource Hash 7d34774731318cc783794d43e4318096c931c3c112f6d98d8c28006030ef458b Request headers Referer https://pay.bm.pl/v/20211121215945/css/styles.css Origin https://pay.bm.pl Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Wed, 24 Nov 2021 09:17:41 GMT Last-Modified Thu, 04 Nov 2021 10:07:50 GMT Content-Type application/font-woff Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 27872 Expires Sat, 25 Dec 2021 13:04:21 GMT
POST H2	204	matomo.php piwik.blue.pl/	0 142 B	72ms 72ms	Ping text/plain	34.250.25.219 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://piwik.blue.pl/matomo.php?action_name=BM%20Online-Zahlung&idsite=42&rec=1&r=072739&h=9&m=17&s=41&url=https%3A%2F%2Fpay.bm.pl%2Fdroplabs%2Fcontinue%2FAYENJW5B1P%2FW947UBKB&_id=fdc71daaa99b4426&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=Z3NDHv&pf_net=223&pf_srv=87&pf_tfr=1&pf_dm1=231 Requested by Host: piwik.blue.pl URL: https://piwik.blue.pl/matomo.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.250.25.219 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-25-219.eu-west-1.compute.amazonaws.com Software Apache/2.4.51 (Debian) / PHP/7.4.25 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers access-control-allow-origin https://pay.bm.pl date Wed, 24 Nov 2021 09:17:41 GMT access-control-allow-credentials true server Apache/2.4.51 (Debian) x-powered-by PHP/7.4.25
GET H2	200	configs.php Show response piwik.blue.pl/plugins/HeatmapSessionRecording/	117 B 275 B	36ms 36ms	Script application/javascript	34.250.25.219 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://piwik.blue.pl/plugins/HeatmapSessionRecording/configs.php?idsite=42&trackerid=CsD88x&url=https%3A%2F%2Fpay.bm.pl%2Fdroplabs%2Fcontinue%2FAYENJW5B1P%2FW947UBKB Requested by Host: piwik.blue.pl URL: https://piwik.blue.pl/matomo.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.250.25.219 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-25-219.eu-west-1.compute.amazonaws.com Software Apache/2.4.51 (Debian) / PHP/7.4.25 Resource Hash 05e9f1b14a5a001ee8e0f3699a3fd227e6367dae4948a5110654fcb5d9f1f420 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 24 Nov 2021 09:17:41 GMT content-encoding gzip server Apache/2.4.51 (Debian) x-powered-by PHP/7.4.25 content-length 120 vary Accept-Encoding content-type application/javascript
POST H2	204	matomo.php piwik.blue.pl/	0 142 B	83ms 83ms	Ping text/plain	34.250.25.219 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://piwik.blue.pl/matomo.php?e_c=PayWallEvents&e_a=error&e_n=TRANSACTION_VALIDITY_TIME_OUTDATED&ca=1&idsite=42&rec=1&r=046020&h=9&m=17&s=44&url=https%3A%2F%2Fpay.bm.pl%2Fdroplabs%2Fcontinue%2FAYENJW5B1P%2FW947UBKB&_id=fdc71daaa99b4426&_idn=0&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pf_net=223&pf_srv=87&pf_tfr=1&pf_dm1=231&pf_dm2=222&pf_onl=1&pv_id=Z3NDHv Requested by Host: piwik.blue.pl URL: https://piwik.blue.pl/matomo.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.250.25.219 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-25-219.eu-west-1.compute.amazonaws.com Software Apache/2.4.51 (Debian) / PHP/7.4.25 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers access-control-allow-origin https://pay.bm.pl date Wed, 24 Nov 2021 09:17:44 GMT access-control-allow-credentials true server Apache/2.4.51 (Debian) x-powered-by PHP/7.4.25
GET H/1.1	200 OK	overflowProblem.png pay.bm.pl/v/20211121220033/bundles/webpaybm/images/common/	2 KB 2 KB	65ms 64ms	Image image/png	195.187.130.220 NASK-COMMERCIAL
General Check archive.org Show headers Download Go to Show image Full URL https://pay.bm.pl/v/20211121220033/bundles/webpaybm/images/common/overflowProblem.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.187.130.220 , Poland, ASN8308 (NASK-COMMERCIAL, PL), Reverse DNS h220.blue.pl Software / Resource Hash d87a40d241767fd5d9ce9c80dc1ed9066b4852fac9d1213fd6cee050581dd73b Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.bm.pl/droplabs/continue/AYENJW5B1P/W947UBKB User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Wed, 24 Nov 2021 09:17:44 GMT Last-Modified Thu, 04 Nov 2021 10:07:50 GMT Content-Type image/png Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 1714 Expires Sat, 25 Dec 2021 13:04:24 GMT

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| Sentry object| __SENTRY__ object| payway1512 object| payway1513 function| removeApplePayPaymentMethod function| checkApplePaySupport object| payways function| TransactionStatusListener boolean| setCookie object| Main function| $ function| jQuery object| utf8 object| base64 object| Translator function| PiwikEvents string| redirectTitle string| redirectLogo string| redirectNewLogo string| redirectImg boolean| redirectHideInfo boolean| redirectHideArrows number| gpPaywayId number| vcPaywayId number| apPaywayId string| integratorBMVerificationServiceId string| selectedText string| sourceFrData string| sourcePayways string| sourcePbl string| sourcePg string| sourcePbi string| sourcePbc string| sourceWalletData string| sourcePsd2Data string| warningBankDisabled string| warningBankTemporaryMaintenance string| defaultFlashMessageTranslationKey string| SDK_3_1 object| payBM object| _paq object| url object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pay.bm.pl/	1969-12-31 23:59:59	Name: SFSESSID Value: kfeba4o05qbjp02vtq2fb810g1
			pay.bm.pl/	1970-01-20 08:21:40	Name: _pk_id.42.faaa Value: fdc71daaa99b4426.1637745462.
			pay.bm.pl/	1970-01-19 22:55:47	Name: _pk_ses.42.faaa Value: 1
			.bm.pl/	1970-01-20 16:26:57	Name: payBmLanguage Value: en

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pay.bm.pl/api/continue Message: Failed to load resource: the server responded with a status of 406 (Not Acceptable)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	connect-src 'self' https://error.blue.pl https://piwik.blue.pl https://play.google.com https://www.google-analytics.com https://sandbox.secure.checkout.visa.com https://secure.checkout.visa.com https://thm.visa.com https://bluelead.blue.pl wss://wtn.bm.pl https://wtn.bm.pl; report-uri https://error.blue.pl/api/144/security/?sentry_key=dfeeb5be9555424aac6b718b63a21baa&sentry_environment=prod
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pay.bm.pl
piwik.blue.pl
195.187.130.220
34.250.25.219
02bbe0dcde13a3952cbe3465da9db32f6a735a53e8cf07c39f56ce7926a764ee
05e9f1b14a5a001ee8e0f3699a3fd227e6367dae4948a5110654fcb5d9f1f420
340b35b0e96ed45d030428b84f815d8f08c5b2e454b503d6c0e20395d49238ea
4ce77a45249855fbcb3520a4d78194efa6eb5bb50808faf00eea5b6064777b79
54cc00ab8e58f9334961dd5d50046f78f2784213a9e823520d1dd4d401d1f88e
55a6a3037855c0b493c17b8476b5796bef2d5c629259fdc9a56ae70173a20948
60d4e4b640aeace0911245b99662a4cc9c737bf021f9e0bd1eb06745adbd35a7
7d34774731318cc783794d43e4318096c931c3c112f6d98d8c28006030ef458b
a95694163b40658dbceaaa9bd7f0070da87ac0074e812f7a5d05d74242ff015f
aa830204db6e1e9d0c54bea4242922e63d8219fc7d6dcb6a0fe6336770f1f35a
be7ec45dfcdd8c4f077e3b52f6ea042389122fea8a1199560d03eb1538ff0d3e
cfe06fe1a8934abbe698f5e7ab8debc75fb95530c2046dc4d24e2edfa192c384
d87a40d241767fd5d9ce9c80dc1ed9066b4852fac9d1213fd6cee050581dd73b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46a22be5349d1bb058cabbc217d266037f24afab38ecd7bf03de2bdd4bf987c
fd9f41b82c102332fc05519ac355b9d783c50b2b9ed1fa49aca273c611fc7ac1
fedc5d43a0b0764f1716cb8f39e81f672ecbb969db63c55c7d344f6d17ba020b