urlscan.io logo urlscan.io
SecurityTrails logo

ekonto24.bslososinadolna.pl Open in urlscan Pro
193.27.205.136  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ekonto24.bslososinadolna.pl/
Effective URL: https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
Submission: On January 25 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 193.27.205.136, located in Poland and belongs to Centrum Przetwarzania Danych Asseco Poland S.A., PL. The main domain is ekonto24.bslososinadolna.pl.
TLS certificate: Issued by Certum Extended Validation CA SHA2 on January 27th 2021. Valid for: a year.
This is the only time ekonto24.bslososinadolna.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 193.27.205.136 21123 (Centrum P...)
16 2
Apex Domain
Subdomains		 Transfer
16 bslososinadolna.pl
ekonto24.bslososinadolna.pl
2 MB
16 1
Domain Requested by
16 ekonto24.bslososinadolna.pl 1 redirects ekonto24.bslososinadolna.pl
16 1

This site contains links to these domains. Also see Links.

Domain
zbp.pl
Subject Issuer Validity Valid
ekonto24.bslososinadolna.pl
Certum Extended Validation CA SHA2		 2021-01-27 -
2022-01-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
Frame ID: 11924A5C5D9359F86D846EA54DB492E7
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bankowość Internetowa

Page URL History Show full URLs

  1. https://ekonto24.bslososinadolna.pl/ HTTP 302
    https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html Page URL

Page Statistics

16
Requests

94 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1799 kB
Transfer

5144 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ekonto24.bslososinadolna.pl/ HTTP 302
    https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://ekonto24.bslososinadolna.pl/frontend-web/ HTTP 302
  • https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request auth.html
ekonto24.bslososinadolna.pl/frontend-web/app/
Redirect Chain
  • https://ekonto24.bslososinadolna.pl/
  • https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
193.27.205.136 , Poland, ASN21123 (Centrum Przetwarzania Danych Asseco Poland S.A., PL),
Reverse DNS
ebp.cui.pl
Software
nginx /
Resource Hash
7cccdf25639d7dc7597ffac136eb09c824cd4840ff097dcdf96e1970d68cf66f
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Tue, 25 Jan 2022 14:38:53 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Pragma
no-cache
Expires
0
Content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
vary
accept-encoding
Content-Encoding
gzip
Content-Language
de-DE
X-Proxy-Cache
MISS
Strict-Transport-Security
max-age=31536000 ; includeSubDomains

Redirect headers

Server
nginx
Date
Tue, 25 Jan 2022 14:38:53 GMT
Content-Length
0
Location
https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html#/login
Connection
keep-alive
Cache-Controls
no-cache, no-store, must-revalidate, max-age=0
Pragma
no-cache
Expires
0
Content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
X-Proxy-Cache
MISS
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
e828dffc.es6-shim.min.js
ekonto24.bslososinadolna.pl/frontend-web/app/ 		56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ekonto24.bslososinadolna.pl/frontend-web/app/e828dffc.es6-shim.min.js
Requested by
Host: ekonto24.bslososinadolna.pl
URL: https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
193.27.205.136 , Poland, ASN21123 (Centrum Przetwarzania Danych Asseco Poland S.A., PL),
Reverse DNS
ebp.cui.pl
Software
nginx /
Resource Hash
4832bbe65456bc617309752e6f7775d43293fed69671368e4d5a89a6f3640f9f
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:38:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Disposition
inline; filename="e828dffc.es6-shim.min.js"
Connection
keep-alive
vary
accept-encoding
X-XSS-Protection
1; mode=block
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
public, max-age=5184000
Content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
X-Proxy-Cache
HIT
Expires
Mon, 14 Feb 2022 06:45:44 GMT
eeb8da89.authentication.js
ekonto24.bslososinadolna.pl/frontend-web/app/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ekonto24.bslososinadolna.pl/frontend-web/app/eeb8da89.authentication.js
Requested by
Host: ekonto24.bslososinadolna.pl
URL: https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
193.27.205.136 , Poland, ASN21123 (Centrum Przetwarzania Danych Asseco Poland S.A., PL),
Reverse DNS
ebp.cui.pl
Software
nginx /
Resource Hash
0836ae8007fd940d0e2dd62dabca88559f34622a5c3964c4d53429054d4fb791
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:38:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Disposition
inline; filename="eeb8da89.authentication.js"
Connection
keep-alive
vary
accept-encoding
X-XSS-Protection
1; mode=block
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
public, max-age=5184000
Content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
X-Proxy-Cache
HIT
Expires
Sun, 13 Feb 2022 23:51:52 GMT
d8411979.2.chunk.js
ekonto24.bslososinadolna.pl/frontend-web/app/ 		3 MB
887 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ekonto24.bslososinadolna.pl/frontend-web/app/d8411979.2.chunk.js
Requested by
Host: ekonto24.bslososinadolna.pl
URL: https://ekonto24.bslososinadolna.pl/frontend-web/app/eeb8da89.authentication.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
193.27.205.136 , Poland, ASN21123 (Centrum Przetwarzania Danych Asseco Poland S.A., PL),
Reverse DNS
ebp.cui.pl
Software
nginx /
Resource Hash
205510d1f60cd6762713f7e5d26b9d5416c666de12d9e0264ed126c2941c5a55
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:38:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Disposition
inline; filename="d8411979.2.chunk.js"
Connection
keep-alive
vary
accept-encoding
X-XSS-Protection
1; mode=block
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
public, max-age=5184000
Content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
X-Proxy-Cache
HIT
Expires
Sun, 13 Feb 2022 23:51:52 GMT
9b6a2ca9.1.chunk.js
ekonto24.bslososinadolna.pl/frontend-web/app/ 		785 KB
481 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ekonto24.bslososinadolna.pl/frontend-web/app/9b6a2ca9.1.chunk.js
Requested by
Host: ekonto24.bslososinadolna.pl
URL: https://ekonto24.bslososinadolna.pl/frontend-web/app/eeb8da89.authentication.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
193.27.205.136 , Poland, ASN21123 (Centrum Przetwarzania Danych Asseco Poland S.A., PL),
Reverse DNS
ebp.cui.pl
Software
nginx /
Resource Hash
b663ec6319b4f10b4e553025f7229266b9c3e524e17ad9a3a818314307d30245
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:38:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Disposition
inline; filename="9b6a2ca9.1.chunk.js"
Connection
keep-alive
vary
accept-encoding
X-XSS-Protection
1; mode=block
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
public, max-age=5184000
Content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
X-Proxy-Cache
HIT
Expires
Sun, 13 Feb 2022 23:51:52 GMT
j_spring_security_check
ekonto24.bslososinadolna.pl/frontend-web/app/ 		280 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekonto24.bslososinadolna.pl/frontend-web/app/j_spring_security_check
Requested by
Host: ekonto24.bslososinadolna.pl
URL: https://ekonto24.bslososinadolna.pl/frontend-web/app/d8411979.2.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
193.27.205.136 , Poland, ASN21123 (Centrum Przetwarzania Danych Asseco Poland S.A., PL),
Reverse DNS
ebp.cui.pl
Software
nginx /
Resource Hash
e05cb41a68f4d33d262d276b645404c3c54ecead10be0e853156a509600cf8a4
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
X-XSRF-TOKEN
5ddebe6c-062a-49b1-bc50-1e11333ad3c9
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:38:54 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
application/json
Cache-Controls
no-cache, no-store, must-revalidate, max-age=0
Content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Connection
keep-alive
Content-Length
280
X-XSS-Protection
1; mode=block
Expires
0
2a47a29ceb33c966c8d79f8d5a5ea448.ttf
ekonto24.bslososinadolna.pl/frontend-web/app/ 		143 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ekonto24.bslososinadolna.pl/frontend-web/app/2a47a29ceb33c966c8d79f8d5a5ea448.ttf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
193.27.205.136 , Poland, ASN21123 (Centrum Przetwarzania Danych Asseco Poland S.A., PL),
Reverse DNS
ebp.cui.pl
Software
nginx /
Resource Hash
bf1a7f964eb1751f56419265ce6650e6476eea7cc6e6573fa57573dcc52b5312
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
Origin
https://ekonto24.bslososinadolna.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:38:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Disposition
inline; filename="2a47a29ceb33c966c8d79f8d5a5ea448.ttf"
Connection
keep-alive
vary
accept-encoding
X-XSS-Protection
1; mode=block
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
application/x-font-ttf
Cache-Control
max-age=86400
Content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
X-Proxy-Cache
HIT
Expires
Wed, 26 Jan 2022 14:38:54 GMT
41e8dead03fb979ecc23b8dfb0fef627.ttf
ekonto24.bslososinadolna.pl/frontend-web/app/ 		141 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ekonto24.bslososinadolna.pl/frontend-web/app/41e8dead03fb979ecc23b8dfb0fef627.ttf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
193.27.205.136 , Poland, ASN21123 (Centrum Przetwarzania Danych Asseco Poland S.A., PL),
Reverse DNS
ebp.cui.pl
Software
nginx /
Resource Hash
577dfb678b8fc1bda8ef0fabd74611675013ae08ae3b0045b8adcb1c6fa01eb9
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
Origin
https://ekonto24.bslososinadolna.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:38:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Disposition
inline; filename="41e8dead03fb979ecc23b8dfb0fef627.ttf"
Connection
keep-alive
vary
accept-encoding
X-XSS-Protection
1; mode=block
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
application/x-font-ttf
Cache-Control
max-age=86400
Content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
X-Proxy-Cache
HIT
Expires
Wed, 26 Jan 2022 14:38:54 GMT
342ba3d8ac29ac8c38d7cef8efbf2dc9.ttf
ekonto24.bslososinadolna.pl/frontend-web/app/ 		138 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ekonto24.bslososinadolna.pl/frontend-web/app/342ba3d8ac29ac8c38d7cef8efbf2dc9.ttf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
193.27.205.136 , Poland, ASN21123 (Centrum Przetwarzania Danych Asseco Poland S.A., PL),
Reverse DNS
ebp.cui.pl
Software
nginx /
Resource Hash
3d081a1e7273a2d8ff6632187a73624e639f78586a14c227a27067c2b6be8353
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
Origin
https://ekonto24.bslososinadolna.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:38:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Disposition
inline; filename="342ba3d8ac29ac8c38d7cef8efbf2dc9.ttf"
Connection
keep-alive
vary
accept-encoding
X-XSS-Protection
1; mode=block
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
application/x-font-ttf
Cache-Control
max-age=86400
Content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
X-Proxy-Cache
HIT
Expires
Wed, 26 Jan 2022 14:38:54 GMT
d7c96cc55662262a11863468164c4446.ttf
ekonto24.bslososinadolna.pl/frontend-web/app/ 		5 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ekonto24.bslososinadolna.pl/frontend-web/app/d7c96cc55662262a11863468164c4446.ttf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
193.27.205.136 , Poland, ASN21123 (Centrum Przetwarzania Danych Asseco Poland S.A., PL),
Reverse DNS
ebp.cui.pl
Software
nginx /
Resource Hash
353166badc46dbb88c6304e8f7d6ad2af790ae63a60a5581e149a6b11ad7b78f
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
Origin
https://ekonto24.bslososinadolna.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:38:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Disposition
inline; filename="d7c96cc55662262a11863468164c4446.ttf"
Connection
keep-alive
vary
accept-encoding
X-XSS-Protection
1; mode=block
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
application/x-font-ttf
Cache-Control
max-age=86400
Content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
X-Proxy-Cache
HIT
Expires
Wed, 26 Jan 2022 14:38:54 GMT
state
ekonto24.bslososinadolna.pl/frontend-web/services/webapp-service/api/serviceBreak/ 		156 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekonto24.bslososinadolna.pl/frontend-web/services/webapp-service/api/serviceBreak/state?lang=en
Requested by
Host: ekonto24.bslososinadolna.pl
URL: https://ekonto24.bslososinadolna.pl/frontend-web/app/d8411979.2.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
193.27.205.136 , Poland, ASN21123 (Centrum Przetwarzania Danych Asseco Poland S.A., PL),
Reverse DNS
ebp.cui.pl
Software
nginx /
Resource Hash
693d262f2d1a44d7283af116fd667bc131968d5eb94e0a50aee38cb56f8dfa38
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
X-XSRF-TOKEN
5ddebe6c-062a-49b1-bc50-1e11333ad3c9
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:38:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
Content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
vary
accept-encoding
X-XSS-Protection
1; mode=block
Expires
0
get_resources
ekonto24.bslososinadolna.pl/frontend-web/api/login_page_resources/get/ 		541 B
970 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekonto24.bslososinadolna.pl/frontend-web/api/login_page_resources/get/get_resources?lang=en
Requested by
Host: ekonto24.bslososinadolna.pl
URL: https://ekonto24.bslososinadolna.pl/frontend-web/app/d8411979.2.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
193.27.205.136 , Poland, ASN21123 (Centrum Przetwarzania Danych Asseco Poland S.A., PL),
Reverse DNS
ebp.cui.pl
Software
nginx /
Resource Hash
cef90dc0bc94913ebe59dd5aac90add7653c315c56add0bd99fd427fdf97aabe
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
X-XSRF-TOKEN
5ddebe6c-062a-49b1-bc50-1e11333ad3c9
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:38:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
vary
accept-encoding
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
X-Proxy-Cache
MISS
Expires
0
auth.html
ekonto24.bslososinadolna.pl/frontend-web/app/
Redirect Chain
  • https://ekonto24.bslososinadolna.pl/frontend-web/
  • https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
0
0
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0cbd0833d000dbfc564bc602b4125321d6120d24faf45e5512e8a21ecacdb4d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
c23534acbeddbaadfd0ab2d2bbfdfc84.ttf
ekonto24.bslososinadolna.pl/frontend-web/app/ 		137 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ekonto24.bslososinadolna.pl/frontend-web/app/c23534acbeddbaadfd0ab2d2bbfdfc84.ttf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
193.27.205.136 , Poland, ASN21123 (Centrum Przetwarzania Danych Asseco Poland S.A., PL),
Reverse DNS
ebp.cui.pl
Software
nginx /
Resource Hash
ec26b37105adacad70aca3692f80e3dab073f06639daa80f8adcede6af60d76c
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
Origin
https://ekonto24.bslososinadolna.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:38:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Disposition
inline; filename="c23534acbeddbaadfd0ab2d2bbfdfc84.ttf"
Connection
keep-alive
vary
accept-encoding
X-XSS-Protection
1; mode=block
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
application/x-font-ttf
Cache-Control
max-age=86400
Content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
X-Proxy-Cache
HIT
Expires
Wed, 26 Jan 2022 14:38:54 GMT
single_resource
ekonto24.bslososinadolna.pl/frontend-web/api/login_page_resources/downloads/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ekonto24.bslososinadolna.pl/frontend-web/api/login_page_resources/downloads/single_resource?name=login_page_background&value=29cd61ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
193.27.205.136 , Poland, ASN21123 (Centrum Przetwarzania Danych Asseco Poland S.A., PL),
Reverse DNS
ebp.cui.pl
Software
nginx /
Resource Hash
29cd61cab9df4162f8c762ccbe4d59f2509cda50cd5782cd361e68b95a90aca9
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:38:54 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
image/png
Expires
Wed, 26 Jan 2022 14:38:54 GMT
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Content-Disposition
attachment; filename="login_page_background_29cd61ca"
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Proxy-Cache
HIT
single_resource
ekonto24.bslososinadolna.pl/frontend-web/api/login_page_resources/downloads/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ekonto24.bslososinadolna.pl/frontend-web/api/login_page_resources/downloads/single_resource?name=login_page_logo&value=aab75bc8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
193.27.205.136 , Poland, ASN21123 (Centrum Przetwarzania Danych Asseco Poland S.A., PL),
Reverse DNS
ebp.cui.pl
Software
nginx /
Resource Hash
aab75bc855f6157f00c06ec0d950f9ae0444b694c7d52f030f974335e8d94659
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:38:54 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
image/png
Expires
Wed, 26 Jan 2022 14:38:54 GMT
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Content-Disposition
attachment; filename="login_page_logo_aab75bc8"
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Proxy-Cache
HIT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ekonto24.bslososinadolna.pl
URL
https://ekonto24.bslososinadolna.pl/frontend-web/app/auth.html

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| myrem string| resourceBaseUrl boolean| isBrowserCompatible object| palette object| brand string| themeName object| main object| less object| returnExports object| webpackJsonp_name_ function| singleSpaNavigate object| authentication object| __core-js_shared__ object| angular function| _ object| Rx function| setImmediate function| clearImmediate boolean| suspendPlatformModuleBoot object| ngMaterial function| Hammer object| angulartics object| KJUR object| Hex object| Base64 function| ASN1 object| d3 object| nv function| Color function| Chart number| ng339

3 Cookies

Domain/Path Name / Value
ekonto24.bslososinadolna.pl/frontend-web Name: XSRF-TOKEN
Value: 5ddebe6c-062a-49b1-bc50-1e11333ad3c9
.ekonto24.bslososinadolna.pl/frontend-web Name: JSESSIONID
Value: ODZkZGJkMDYtMjUxOS00ZTFlLTk2NWMtZjAwYmI1MTVmNGU3
ekonto24.bslososinadolna.pl/ Name: language
Value: en

1 Console Messages

Source Level URL
Text
network error URL: https://ekonto24.bslososinadolna.pl/frontend-web/services/webapp-service/api/serviceBreak/state?lang=en
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' data:; media-src 'none'; object-src 'none'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block