abdoxnoni003.7m.pl Open in urlscan Pro
88.99.33.244 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kokoalets.dx.am/linkedin.html
Effective URL:
http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649f...
Submission: On February 21 via automatic, source openphish (February 21st 2020, 12:45:57 am UTC)

Summary HTTP 74 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 7 countries across 15 domains to perform 74 HTTP transactions. The main IP is 88.99.33.244, located in Germany and belongs to HETZNER-AS, DE. The main domain is abdoxnoni003.7m.pl.

This is the only time abdoxnoni003.7m.pl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DocuSign (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	185.176.43.96 185.176.43.96	44476 (ZETTA-AS) (ZETTA-AS)
1 11	88.99.33.244 88.99.33.244	24940 (HETZNER-AS) (HETZNER-AS)
2 8	116.203.159.155 116.203.159.155	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
2 14	178.32.202.244 178.32.202.244	16276 (OVH) (OVH)
3	178.32.202.249 178.32.202.249	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:c200:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
10 25	85.194.243.85 85.194.243.85	57367 (ECO-ATMAN...) (ECO-ATMAN-PL ECO-ATMAN-)
1	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
10 20	85.194.243.84 85.194.243.84	57367 (ECO-ATMAN...) (ECO-ATMAN-PL ECO-ATMAN-)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
74	16

1 185.176.43.96 (Bulgaria)

ASN44476 (ZETTA-AS, BG)

kokoalets.dx.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 88.99.33.244 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: host1.7m.pl

abdoxnoni003.7m.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 116.203.159.155 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: exmail.mkteam.pl

s.7m.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7m.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 178.32.202.244 (Poland) 2 redirects

ASN16276 (OVH, FR)

s.spolecznosci.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
spolecznosci.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.spolecznosci.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.32.202.249 (Poland)

ASN16276 (OVH, FR)

spolecznosci.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:c200:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 85.194.243.85 (Poland) 10 redirects

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: ip-5.85-194-243-80.net.old.eco.atman.pl

gpl.adocean.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.30 (Poland)

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 85.194.243.84 (Poland) 10 redirects

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: ip-4.85-194-243-80.net.old.eco.atman.pl

gpladpl.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	adocean.pl 10 redirects gpl.adocean.pl	4 KB
20	gemius.pl 10 redirects gpladpl.hit.gemius.pl	3 KB
19	7m.pl 3 redirects abdoxnoni003.7m.pl s.7m.pl 7m.pl	83 KB
14	spolecznosci.net 2 redirects s.spolecznosci.net spolecznosci.net a.spolecznosci.net	192 KB
4	consensu.org spolecznosci.mgr.consensu.org vendorlist.consensu.org	116 KB
3	google-analytics.com www.google-analytics.com	18 KB
3	doubleclick.net googleads.g.doubleclick.net
3	googlesyndication.com pagead2.googlesyndication.com	121 KB
2	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	117 B
1	adform.net adx.adform.net	466 B
1	creativecdn.com prebid-eu.creativecdn.com	203 B
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	dx.am kokoalets.dx.am	391 B
74	15

	Domain	Requested by
25	gpl.adocean.pl	10 redirects
20	gpladpl.hit.gemius.pl	10 redirects
11	abdoxnoni003.7m.pl	1 redirects abdoxnoni003.7m.pl
7	spolecznosci.net	s.spolecznosci.net spolecznosci.net
6	7m.pl	1 redirects s.7m.pl abdoxnoni003.7m.pl
5	a.spolecznosci.net	1 redirects abdoxnoni003.7m.pl spolecznosci.net
3	www.google-analytics.com
3	spolecznosci.mgr.consensu.org	spolecznosci.net spolecznosci.mgr.consensu.org
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	pagead2.googlesyndication.com	s.7m.pl pagead2.googlesyndication.com abdoxnoni003.7m.pl
2	s.spolecznosci.net	1 redirects abdoxnoni003.7m.pl
2	s.7m.pl	1 redirects abdoxnoni003.7m.pl
1	ads.pubmatic.com	spolecznosci.net
1	adx.adform.net	spolecznosci.net
1	hbopenbid.pubmatic.com	spolecznosci.net
1	prebid-eu.creativecdn.com	spolecznosci.net
1	vendorlist.consensu.org	spolecznosci.mgr.consensu.org
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	kokoalets.dx.am
74	21

This site contains no links.

Subject Issuer	Validity	Valid
s.7m.pl Let's Encrypt Authority X3	`2020-02-04` - `2020-05-04`	3 months	crt.sh
7m.pl Let's Encrypt Authority X3	`2020-01-29` - `2020-04-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.spolecznosci.net Sectigo RSA Domain Validation Secure Server CA	`2019-03-27` - `2020-03-27`	a year	crt.sh
spolecznosci.mgr.consensu.org Sectigo RSA Domain Validation Secure Server CA	`2019-09-25` - `2020-10-03`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
vendorlist.consensu.org Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
*.adocean.pl Sectigo ECC Domain Validation Secure Server CA	`2020-01-27` - `2022-02-05`	2 years	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh

This page contains 7 frames:

Primary Page: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Frame ID: 034EB8BB75A9654EE82F3F1C9B679D3D
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200219/r20190131/zrt_lookup.html
Frame ID: 9A39A1269D3609D9292AD2518FF048A5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6469407771801779&output=html&adk=1812271804&adf=3025194257&lmt=1581523412&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%26session%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1582245942376&bpp=13&bdt=420&fdt=45&idt=45&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1854890544797&frm=20&pv=2&ga_vid=508733042.1582245942&ga_sid=1582245942&ga_hid=248369437&ga_fc=0&iag=0&icsg=2720&dssz=7&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&pvsid=564990072024632&ref=http%3A%2F%2Fkokoalets.dx.am%2Flinkedin.html&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=58
Frame ID: 607598FF0EEEDF08EF1C8540FBBD1CCC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6469407771801779&output=html&h=280&slotname=7350901370&adk=3437516835&adf=2434845145&w=1200&fwrn=4&fwrnh=100&lmt=1581523412&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%26session%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1582245942390&bpp=5&bdt=434&fdt=71&idt=71&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1854890544797&frm=20&pv=1&ga_vid=508733042.1582245942&ga_sid=1582245942&ga_hid=248369437&ga_fc=0&iag=0&icsg=10912&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&pvsid=564990072024632&ref=http%3A%2F%2Fkokoalets.dx.am%2Flinkedin.html&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=1&fu=144&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NioDMr8d9g&p=http%3A//abdoxnoni003.7m.pl&dtd=78
Frame ID: 8199832A6F747B88B1B2231F420FC437
Requests: 1 HTTP requests in this frame

Frame: https://spolecznosci.mgr.consensu.org/portal.html
Frame ID: 0FB3E0040D71832608B08047FDF41190
Requests: 1 HTTP requests in this frame

Frame: https://spolecznosci.net/files/data.8.htm?Ho_abdoxnoni003.7m.pl
Frame ID: 5BDC339B9AB7617818104185C1887A00
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 97DCB7FDE851543DD2FEC6C30E7DBE54
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://kokoalets.dx.am/linkedin.html Page URL
http://abdoxnoni003.7m.pl/ndcu/home/ HTTP 302
http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0d... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

74
Requests

82 %
HTTPS

31 %
IPv6

15
Domains

21
Subdomains

16
IPs

7
Countries

559 kB
Transfer

1482 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kokoalets.dx.am/linkedin.html Page URL
http://abdoxnoni003.7m.pl/ndcu/home/ HTTP 302
http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://s.7m.pl/robot.js HTTP 301
https://s.7m.pl/robot.js

Request Chain 15

http://7m.pl/spol.js HTTP 301
https://7m.pl/spol.js

Request Chain 25

http://s.spolecznosci.net/js/core2-min.js HTTP 301
https://s.spolecznosci.net/js/core2-min.js

Request Chain 32

https://a.spolecznosci.net/pet?s=7m&x=1360%2C1359&uu=null&cpmc=true&safe=0&ut=&cb=8891706279&uq=129377942776.153430&ref=http%253A%252F%252Fabdoxnoni003.7m.pl%252Fndcu%252Fhome%252Flogin.html%253Fcmd%253Dlogin_submit%2526id%253De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%2526session%253De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&sp_gdpr=&n=0.5266099284201378&bw=1600&bh=1200 HTTP 302
https://a.spolecznosci.net/pet?s=7m&x=1360%2C1359&uu=null&cpmc=true&safe=0&ut=&cb=8891706279&uq=129377942776.153430&ref=http%253A%252F%252Fabdoxnoni003.7m.pl%252Fndcu%252Fhome%252Flogin.html%253Fcmd%253Dlogin_submit%2526id%253De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%2526session%253De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&sp_gdpr=&n=0.5266099284201378&bw=1600&bh=1200&nr=1

Request Chain 37

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 40

http://www.google-analytics.com/r/collect?v=1&_v=j81&a=248369437&t=pageview&_s=1&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%26session%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&dr=http%3A%2F%2Fkokoalets.dx.am%2Flinkedin.html&ul=en-us&de=windows-1252&dt=DocuSign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1714556639&gjid=1479529304&cid=508733042.1582245942&tid=UA-89200509-1&_gid=1817085987.1582245943&_r=1&z=1160093632 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=248369437&t=pageview&_s=1&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%26session%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&dr=http%3A%2F%2Fkokoalets.dx.am%2Flinkedin.html&ul=en-us&de=windows-1252&dt=DocuSign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1714556639&gjid=1479529304&cid=508733042.1582245942&tid=UA-89200509-1&_gid=1817085987.1582245943&_r=1&z=1160093632

Request Chain 41

http://www.google-analytics.com/collect?v=1&_v=j81&a=248369437&t=event&_s=2&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%26session%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&dr=http%3A%2F%2Fkokoalets.dx.am%2Flinkedin.html&ul=en-us&de=windows-1252&dt=DocuSign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=abdoxnoni003&ea=subdomain&_u=IAhAAEAB~&jid=&gjid=&cid=508733042.1582245942&tid=UA-89200509-1&_gid=1817085987.1582245943&z=1656216575 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j81&a=248369437&t=event&_s=2&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%26session%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&dr=http%3A%2F%2Fkokoalets.dx.am%2Flinkedin.html&ul=en-us&de=windows-1252&dt=DocuSign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=abdoxnoni003&ea=subdomain&_u=IAhAAEAB~&jid=&gjid=&cid=508733042.1582245942&tid=UA-89200509-1&_gid=1817085987.1582245943&z=1656216575

Request Chain 43

https://gpl.adocean.pl/ad.json?id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpl.adocean.pl/__/ad.json?id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0?

Request Chain 44

https://gpl.adocean.pl/ad.json?id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpl.adocean.pl/__/ad.json?id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0?

Request Chain 45

https://gpl.adocean.pl/ad.json?id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpl.adocean.pl/__/ad.json?id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0?

Request Chain 46

https://gpl.adocean.pl/ad.json?id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpl.adocean.pl/__/ad.json?id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0?

Request Chain 47

https://gpl.adocean.pl/ad.json?id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpl.adocean.pl/__/ad.json?id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0?

Request Chain 51

https://gpl.adocean.pl/__/ad.json?id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DG2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F

Request Chain 52

https://gpl.adocean.pl/__/ad.json?id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DNueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67%26gdpr_consent%3Dundefined%26gdpr%3D0%3F

Request Chain 53

https://gpl.adocean.pl/__/ad.json?id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DoSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F

Request Chain 54

https://gpl.adocean.pl/__/ad.json?id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DzRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F

Request Chain 55

https://gpl.adocean.pl/__/ad.json?id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0? HTTP 301
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F

Request Chain 56

https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DG2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DG2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F

Request Chain 57

https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DNueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DNueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67%26gdpr_consent%3Dundefined%26gdpr%3D0%3F

Request Chain 58

https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DoSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DoSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F

Request Chain 59

https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DzRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DzRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F

Request Chain 60

https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F

Request Chain 61

https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DG2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=07HReuTxv_cSU4kXfnkEVcvQxQrnmkzPP44HEb6nraT.m7&id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0?

Request Chain 62

https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DNueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=CLp8L47cQF3z9JYmBGDWSD12x8CvKIacwCknnJ6T4Gf.I7&id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0?

Request Chain 63

https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DoSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=qLnWUv8uhc5pkUcihdYv.g7ytSesjPseVThlhGKk_9r.b7&id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0?

Request Chain 64

https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DzRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=nl52M5EcRRo_gm2M1hZCoS7vtSbc662RRaMnLQK1XZb.17&id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0?

Request Chain 65

https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F HTTP 301
https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=bkQn.eye8NK5G.rQjUEC.Vzl5H4fIp47ECCrsWWLVRj.c7&id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0?

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK linkedin.html Show response
kokoalets.dx.am/ 124 B
391 B 126ms
110ms Document
text/html 185.176.43.96
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://kokoalets.dx.am/linkedin.html
Protocol: HTTP/1.1
Server: 185.176.43.96 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: a2530b2a2d3be72dbb3eee7e7fe3cf851dd871c5bb9554a5f4aebaaff09092ca

Request headers

Host: kokoalets.dx.am
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 00:45:41 GMT
Server: Apache
Last-Modified: Thu, 20 Feb 2020 19:10:00 GMT
ETag: "7c-59f06a6d16990"
Accept-Ranges: bytes
Content-Length: 124
Keep-Alive: timeout=4, max=90
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1

200
OK

Primary Request login.html Show response
abdoxnoni003.7m.pl/ndcu/home/
Redirect Chain

http://abdoxnoni003.7m.pl/ndcu/home/
http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf...

5 KB
2 KB

29ms
29ms

Document
text/html

88.99.33.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Protocol: HTTP/1.1
Server: 88.99.33.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host1.7m.pl
Software: nginx/1.15.12 /
Resource Hash: c26d24334abadd528830fc0dc6cb668d5483d195748b919c8e7c862451b11b25

Request headers

Host: abdoxnoni003.7m.pl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://kokoalets.dx.am/linkedin.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://kokoalets.dx.am/linkedin.html

Response headers

Server: nginx/1.15.12
Date: Fri, 21 Feb 2020 00:45:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 12 Feb 2020 16:03:32 GMT
ETag: "12d0-59e631d308f15-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Server: nginx/1.15.12
Date: Fri, 21 Feb 2020 00:45:41 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
location: login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417

GET
H/1.1 200
OK dsgn.png
abdoxnoni003.7m.pl/ndcu/home/img/ 7 KB
8 KB 27ms
27ms Image
image/png 88.99.33.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/img/dsgn.png
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Protocol: HTTP/1.1
Server: 88.99.33.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host1.7m.pl
Software: nginx/1.15.12 /
Resource Hash: fa2776137cbda7fb85aaa56be710f14e5d3d18e231756cfbe283a2938e7d6620

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 00:45:41 GMT
Last-Modified: Wed, 12 Feb 2020 16:03:27 GMT
Server: nginx/1.15.12
ETag: "5e4421cf-1dd3"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7635
Expires: Mon, 15 Feb 2021 00:45:41 GMT

GET
H/1.1 200
OK do_ll.png
abdoxnoni003.7m.pl/ndcu/home/img/ 5 KB
6 KB 57ms
42ms Image
image/png 88.99.33.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/img/do_ll.png
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Protocol: HTTP/1.1
Server: 88.99.33.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host1.7m.pl
Software: nginx/1.15.12 /
Resource Hash: ee3cec3c33913424b8a94f2ba811277a4aaf0a8476d61653769c5d953ddeecbd

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 00:45:42 GMT
Last-Modified: Wed, 12 Feb 2020 16:03:27 GMT
Server: nginx/1.15.12
ETag: "5e4421cf-14e8"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5352
Expires: Mon, 15 Feb 2021 00:45:42 GMT

GET
H/1.1 200
OK pl.png
abdoxnoni003.7m.pl/ndcu/home/img/ 2 KB
2 KB 55ms
41ms Image
image/png 88.99.33.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/img/pl.png
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Protocol: HTTP/1.1
Server: 88.99.33.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host1.7m.pl
Software: nginx/1.15.12 /
Resource Hash: bd4ef9821aedbe2cb59323ab96d6c55400c0fc0f56292d528a4338b4d922f47a

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 00:45:42 GMT
Last-Modified: Wed, 12 Feb 2020 16:03:30 GMT
Server: nginx/1.15.12
ETag: "5e4421d2-6a7"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1703
Expires: Mon, 15 Feb 2021 00:45:42 GMT

GET
H/1.1 200
OK d2.png
abdoxnoni003.7m.pl/ndcu/home/img/ 921 B
1 KB 57ms
42ms Image
image/png 88.99.33.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/img/d2.png
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Protocol: HTTP/1.1
Server: 88.99.33.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host1.7m.pl
Software: nginx/1.15.12 /
Resource Hash: e923ccc327cca82406d93806b3b542703d1c3c9324e808d2257b0a4b72186972

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 00:45:42 GMT
Last-Modified: Wed, 12 Feb 2020 16:03:26 GMT
Server: nginx/1.15.12
ETag: "5e4421ce-399"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 921
Expires: Mon, 15 Feb 2021 00:45:42 GMT

GET
H/1.1 200
OK s_seee.png
abdoxnoni003.7m.pl/ndcu/home/img/ 2 KB
2 KB 59ms
30ms Image
image/png 88.99.33.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/img/s_seee.png
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Protocol: HTTP/1.1
Server: 88.99.33.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host1.7m.pl
Software: nginx/1.15.12 /
Resource Hash: 341dc8a2f05f363511ccd444d63a96a8879b330eda50fabb581e1776751aa38d

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 00:45:42 GMT
Last-Modified: Wed, 12 Feb 2020 16:03:31 GMT
Server: nginx/1.15.12
ETag: "5e4421d3-793"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1939
Expires: Mon, 15 Feb 2021 00:45:42 GMT

GET
H/1.1 200
OK spr.png
abdoxnoni003.7m.pl/ndcu/home/img/ 4 KB
4 KB 88ms
27ms Image
image/png 88.99.33.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/img/spr.png
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Protocol: HTTP/1.1
Server: 88.99.33.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host1.7m.pl
Software: nginx/1.15.12 /
Resource Hash: 2c851b274e54497e6290ce4e37686a435dfe7aa9a6f5380db0fdf5ae00481746

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 00:45:42 GMT
Last-Modified: Wed, 12 Feb 2020 16:03:30 GMT
Server: nginx/1.15.12
ETag: "5e4421d2-e53"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3667
Expires: Mon, 15 Feb 2021 00:45:42 GMT

GET
H/1.1 200
OK gm.png
abdoxnoni003.7m.pl/ndcu/home/img/ 2 KB
2 KB 29ms
28ms Image
image/png 88.99.33.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/img/gm.png
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Protocol: HTTP/1.1
Server: 88.99.33.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host1.7m.pl
Software: nginx/1.15.12 /
Resource Hash: 4ecd1784399d6be5b0b70e1ccbdeaf187a6c7a16b6d55c13f57da78950bc185a

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 00:45:42 GMT
Last-Modified: Wed, 12 Feb 2020 16:03:29 GMT
Server: nginx/1.15.12
ETag: "5e4421d1-827"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2087
Expires: Mon, 15 Feb 2021 00:45:42 GMT

GET
H/1.1 200
OK f.png
abdoxnoni003.7m.pl/ndcu/home/img/ 4 KB
4 KB 53ms
43ms Image
image/png 88.99.33.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/img/f.png
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Protocol: HTTP/1.1
Server: 88.99.33.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host1.7m.pl
Software: nginx/1.15.12 /
Resource Hash: b2acef3a315eaf0ea1680dd487286e1ec570dce5d3d9b5679ff9bf6954c9ebaf

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 00:45:42 GMT
Last-Modified: Wed, 12 Feb 2020 16:03:28 GMT
Server: nginx/1.15.12
ETag: "5e4421d0-1044"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4164
Expires: Mon, 15 Feb 2021 00:45:42 GMT

GET
H/1.1

200
OK

robot.js Show response
s.7m.pl/
Redirect Chain

http://s.7m.pl/robot.js
https://s.7m.pl/robot.js

31 KB
9 KB

86ms
27ms

Script
application/javascript

116.203.159.155
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.7m.pl/robot.js
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.203.159.155 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: exmail.mkteam.pl
Software: Apache/2.4.25 (Debian) /
Resource Hash: d0785de04d9ec05c1e05e34de27e6c95e489cb2c2ae06a666bcd1434bf8432da

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 00:45:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Jan 2020 14:32:01 GMT
Server: Apache/2.4.25 (Debian)
ETag: "7c23-59c56ce035a40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

Redirect headers

Location: https://s.7m.pl/robot.js
Date: Fri, 21 Feb 2020 00:45:42 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 305
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK c.png
abdoxnoni003.7m.pl/ndcu/home/img/ 38 KB
39 KB 47ms
40ms Image
image/png 88.99.33.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://abdoxnoni003.7m.pl/ndcu/home/img/c.png
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Protocol: HTTP/1.1
Server: 88.99.33.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host1.7m.pl
Software: nginx/1.15.12 /
Resource Hash: 5197981709a0e557654773c547d615ee9b7b7c61350419299fa445d56ea2f1cf

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 00:45:42 GMT
Last-Modified: Wed, 12 Feb 2020 16:03:26 GMT
Server: nginx/1.15.12
ETag: "5e4421ce-990e"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39182
Expires: Mon, 15 Feb 2021 00:45:42 GMT

GET
H/1.1 200
OK stats.php Show response
7m.pl/ 4 B
711 B 106ms
47ms XHR
text/html 116.203.159.155
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://7m.pl/stats.php?name=abdoxnoni003
Requested by: Host: s.7m.pl
URL: https://s.7m.pl/robot.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.203.159.155 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: exmail.mkteam.pl
Software: Apache/2.4.25 (Debian) /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Origin: http://abdoxnoni003.7m.pl
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 00:45:42 GMT
Content-Encoding: gzip
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1000
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 24
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK ads.php Show response
7m.pl/ 2 KB
1 KB 80ms
79ms XHR
text/html 116.203.159.155
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://7m.pl/ads.php?lang=other&name=abdoxnoni003&mobile=0&page_url=http://abdoxnoni003.7m.pl/ndcu/home/login.html
Requested by: Host: s.7m.pl
URL: https://s.7m.pl/robot.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.203.159.155 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: exmail.mkteam.pl
Software: Apache/2.4.25 (Debian) /
Resource Hash: 27a030175a0086b383b118548c3d7adb6dfbfb6c5c117e16d78587ee1dd04511

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Origin: http://abdoxnoni003.7m.pl
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 00:45:42 GMT
Content-Encoding: gzip
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1000
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 576
Keep-Alive: timeout=5, max=99
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 106 KB
38 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: s.7m.pl
URL: https://s.7m.pl/robot.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f45f18d03a86160ad8d6ab087295590235d2febb9c0ad69f8617d74d60212db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 00:45:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 13912970936825324044
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 38661
X-XSS-Protection: 0
Expires: Fri, 21 Feb 2020 00:45:42 GMT

GET
H/1.1 200
OK popunder.php Show response
7m.pl/ 15 B
721 B 28ms
28ms XHR
text/html 116.203.159.155
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://7m.pl/popunder.php?id=80&name=abdoxnoni003
Requested by: Host: s.7m.pl
URL: https://s.7m.pl/robot.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.203.159.155 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: exmail.mkteam.pl
Software: Apache/2.4.25 (Debian) /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Origin: http://abdoxnoni003.7m.pl
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 00:45:42 GMT
Content-Encoding: gzip
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1000
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 35
Keep-Alive: timeout=5, max=98
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

spol.js Show response
7m.pl/
Redirect Chain

http://7m.pl/spol.js
https://7m.pl/spol.js

320 B
916 B

82ms
27ms

Script
application/javascript

116.203.159.155
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://7m.pl/spol.js
Requested by: Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.203.159.155 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: exmail.mkteam.pl
Software: Apache/2.4.25 (Debian) /
Resource Hash: 9b677d2f74f92eed0928c975533c29908595fc60529fc4ce2278887ed792f089

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 00:45:42 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 1000
Connection: Keep-Alive
Content-Length: 252
Keep-Alive: timeout=5, max=100
Last-Modified: Thu, 01 Aug 2019 13:11:15 GMT
Server: Apache/2.4.25 (Debian)
ETag: "140-58f0df9fe2ed9-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Expires: Sat, 20 Feb 2021 00:45:42 GMT

Redirect headers

Location: https://7m.pl/spol.js
Date: Fri, 21 Feb 2020 00:45:42 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 300
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK popunder.php Show response
7m.pl/ 15 B
721 B 29ms
29ms XHR
text/html 116.203.159.155
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://7m.pl/popunder.php?id=79&name=abdoxnoni003
Requested by: Host: s.7m.pl
URL: https://s.7m.pl/robot.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.203.159.155 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: exmail.mkteam.pl
Software: Apache/2.4.25 (Debian) /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Origin: http://abdoxnoni003.7m.pl
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 00:45:42 GMT
Content-Encoding: gzip
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1000
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 35
Keep-Alive: timeout=5, max=97
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=abdoxnoni003.7m.pl

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 00:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=abdoxnoni003.7m.pl

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 00:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200219/r20190131/ 221 KB
83 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200219/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a450a92da271041893a519c9b9e1050b2229f74eb83ca5346e76203456d3691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 00:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84526
x-xss-protection: 0
server: cafe
etag: 16542440073614270090
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Feb 2020 00:45:42 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200219/r20190131/ Frame 9A39 0
0 5ms
5ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200219/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200219/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 19 Feb 2020 21:29:28 GMT
expires: Wed, 04 Mar 2020 21:29:28 GMT
content-type: text/html; charset=UTF-8
etag: 3560819023258359450
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4495
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 98174
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
415 B 13ms
13ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=165&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20All%20ins%20elements%20in%20the%20DOM%20with%20class%3Dadsbygoogle%20already%20have%20ads%20in%20them.%0Aat%20Gk%20(http%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A190%3A346)%0Aat%20Dk%20(adsbygoogle.js%3A186%3A8)%0Aat%20adsbygoogle.js%3A184%3A43%0Aat%20kf.l.da%20(adsbygoogle.js%3A49%3A290)%0Aat%20wf%20(adsbygoogle.js%3A57%3A409)%0Aat%20Ck%20(adsbygoogle.js%3A184%3A25)%0Aat%20Jk%20(adsbygoogle.js%3A196%3A141)%0Aat%20kf.l.da%20(adsbygoogle.js%3A49%3A88)%0Aat%20wf%20(adsbygoogle.js%3A57%3A409)%0Aat%20Ik%20(adsbygoogle.js%3A190%3A470)&shv=r20200219&url=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%26session%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417

Requested by

Host: abdoxnoni003.7m.pl
URL: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 00:45:42 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6075 0
0 46ms
46ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6469407771801779&output=html&adk=1812271804&adf=3025194257&lmt=1581523412&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%26session%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1582245942376&bpp=13&bdt=420&fdt=45&idt=45&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1854890544797&frm=20&pv=2&ga_vid=508733042.1582245942&ga_sid=1582245942&ga_hid=248369437&ga_fc=0&iag=0&icsg=2720&dssz=7&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&pvsid=564990072024632&ref=http%3A%2F%2Fkokoalets.dx.am%2Flinkedin.html&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=58

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200219/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6469407771801779&output=html&adk=1812271804&adf=3025194257&lmt=1581523412&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%26session%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1582245942376&bpp=13&bdt=420&fdt=45&idt=45&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1854890544797&frm=20&pv=2&ga_vid=508733042.1582245942&ga_sid=1582245942&ga_hid=248369437&ga_fc=0&iag=0&icsg=2720&dssz=7&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&pvsid=564990072024632&ref=http%3A%2F%2Fkokoalets.dx.am%2Flinkedin.html&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=58
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 Feb 2020 00:45:42 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-Feb-2020 01:00:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 21 Feb 2020 00:45:42 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200219/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

753def12fae8722bef366a340b5ab7c34a15c8cd8432cdddb30d8f91ab987b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 00:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582122122802407"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27674
x-xss-protection: 0
expires: Fri, 21 Feb 2020 00:45:42 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8199 0
0 77ms
77ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6469407771801779&output=html&h=280&slotname=7350901370&adk=3437516835&adf=2434845145&w=1200&fwrn=4&fwrnh=100&lmt=1581523412&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%26session%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1582245942390&bpp=5&bdt=434&fdt=71&idt=71&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1854890544797&frm=20&pv=1&ga_vid=508733042.1582245942&ga_sid=1582245942&ga_hid=248369437&ga_fc=0&iag=0&icsg=10912&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&pvsid=564990072024632&ref=http%3A%2F%2Fkokoalets.dx.am%2Flinkedin.html&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=1&fu=144&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NioDMr8d9g&p=http%3A//abdoxnoni003.7m.pl&dtd=78

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200219/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6469407771801779&output=html&h=280&slotname=7350901370&adk=3437516835&adf=2434845145&w=1200&fwrn=4&fwrnh=100&lmt=1581523412&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%26session%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1582245942390&bpp=5&bdt=434&fdt=71&idt=71&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1854890544797&frm=20&pv=1&ga_vid=508733042.1582245942&ga_sid=1582245942&ga_hid=248369437&ga_fc=0&iag=0&icsg=10912&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&pvsid=564990072024632&ref=http%3A%2F%2Fkokoalets.dx.am%2Flinkedin.html&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=1&fu=144&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NioDMr8d9g&p=http%3A//abdoxnoni003.7m.pl&dtd=78
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 Feb 2020 00:45:42 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-Feb-2020 01:00:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 21 Feb 2020 00:45:42 GMT
cache-control: private

GET
H2

200

core2-min.js Show response
s.spolecznosci.net/js/
Redirect Chain

http://s.spolecznosci.net/js/core2-min.js
https://s.spolecznosci.net/js/core2-min.js

25 KB
11 KB

88ms
30ms

Script
application/javascript

178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://s.spolecznosci.net/js/core2-min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

65133d2077bdb7b45f20d92dde144a80c0e2312e111ebf7ea0236d65e2bd472e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Feb 2020 00:45:42 GMT
content-encoding: gzip
last-modified: Thu, 20 Feb 2020 14:37:08 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=600, public
strict-transport-security: max-age=31536000
expires: Fri, 21 Feb 2020 00:55:42 GMT

Redirect headers

Location: https://s.spolecznosci.net/js/core2-min.js
Content-length: 0

GET
H2 200 app.js Show response
spolecznosci.net/js/modules/ 147 KB
47 KB 30ms
29ms Script
application/javascript 178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/app.js?h=00f574584c1bdae0a404

Requested by

Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

1439f70a511b9c4328a20ec7d09f2c0cb794b518b1edcdfed3c772c72ca8f81a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 00:45:42 GMT
content-encoding: gzip
last-modified: Thu, 20 Feb 2020 14:37:08 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Sat, 20 Feb 2021 00:45:42 GMT

GET
H2 200 a.js Show response
spolecznosci.net/js/modules/ 62 KB
13 KB 33ms
33ms Script
application/javascript 178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/a.js?h=335bd021dc37458c2550

Requested by

Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

298a8f846e4a60aa4a03e3093962ad4989f4703d97140d6bdcbc56aebe276b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 00:45:42 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 09:48:42 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Sat, 20 Feb 2021 00:45:42 GMT

GET
H2 200 au.js Show response
spolecznosci.net/js/modules/ 10 KB
3 KB 35ms
35ms Script
application/javascript 178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/au.js?h=5368b097ebef1cfa8b61

Requested by

Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

734a3541dd4f031be8e7998e1619a86bc7639b0ca9eb4c8b9f35b9dd8b51840a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 00:45:42 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 12:33:21 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Sat, 20 Feb 2021 00:45:42 GMT

GET
H2 200 pp.js Show response
spolecznosci.net/js/modules/ 2 KB
1 KB 29ms
29ms Script
application/javascript 178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/pp.js?h=0df2b519d716682247be

Requested by

Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cb8e6e032f82e188378cb4d4c158b5d50902115e10a81677fdbc0b8c9595222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 00:45:42 GMT
content-encoding: gzip
last-modified: Wed, 18 Dec 2019 11:40:56 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Sat, 20 Feb 2021 00:45:42 GMT

GET
H2 200 cmp.stable.min.js Show response
spolecznosci.mgr.consensu.org/js/ 26 KB
10 KB 113ms
28ms Script
application/javascript 178.32.202.249
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.mgr.consensu.org/js/cmp.stable.min.js

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/app.js?h=00f574584c1bdae0a404

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.249 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

a85812b9308ea7c1ce319c4c852315cd8e097b882e8ed99c34d50f7584896b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 00:45:42 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 08:49:57 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600, public
strict-transport-security: max-age=31536000
expires: Fri, 21 Feb 2020 01:45:42 GMT

GET
H2 200 pr.js Show response
spolecznosci.net/js/modules/ 2 KB
1 KB 29ms
29ms Script
application/javascript 178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/pr.js?h=d285afbfc97f61dac48a

Requested by

Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

db02c64c7a42bc5eb593ee5865bd6574eca89452407b377f95c45756621c2dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 00:45:42 GMT
content-encoding: gzip
last-modified: Wed, 18 Dec 2019 11:40:56 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Sat, 20 Feb 2021 00:45:42 GMT

GET
H2

200

pet Show response
a.spolecznosci.net/
Redirect Chain

https://a.spolecznosci.net/pet?s=7m&x=1360%2C1359&uu=null&cpmc=true&safe=0&ut=&cb=8891706279&uq=129377942776.153430&ref=http%253A%252F%252Fabdoxnoni003.7m.pl%252Fndcu%252Fhome%252Flogin.html%253Fcm...
https://a.spolecznosci.net/pet?s=7m&x=1360%2C1359&uu=null&cpmc=true&safe=0&ut=&cb=8891706279&uq=129377942776.153430&ref=http%253A%252F%252Fabdoxnoni003.7m.pl%252Fndcu%252Fhome%252Flogin.html%253Fcm...

5 KB
2 KB

38ms
37ms

Script
text/plain

178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/pet?s=7m&x=1360%2C1359&uu=null&cpmc=true&safe=0&ut=&cb=8891706279&uq=129377942776.153430&ref=http%253A%252F%252Fabdoxnoni003.7m.pl%252Fndcu%252Fhome%252Flogin.html%253Fcmd%253Dlogin_submit%2526id%253De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%2526session%253De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&sp_gdpr=&n=0.5266099284201378&bw=1600&bh=1200&nr=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

33de82a1f5e35e09870effc3ecb4591ea38599d0f96e256ee4fe3fbd87a8bad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Feb 2020 00:45:42 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: text/plain; charset=utf-8
status: 200
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 21 Feb 2020 00:45:42 GMT
server: nginx
access-control-allow-origin: *
location: /pet?s=7m&x=1360%2C1359&uu=null&cpmc=true&safe=0&ut=&cb=8891706279&uq=129377942776.153430&ref=http%253A%252F%252Fabdoxnoni003.7m.pl%252Fndcu%252Fhome%252Flogin.html%253Fcmd%253Dlogin_submit%2526id%253De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%2526session%253De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&sp_gdpr=&n=0.5266099284201378&bw=1600&bh=1200&nr=1
x-cache: MISS
status: 302
strict-transport-security: max-age=31536000
content-length: 0

GET
H2 200 hb.js Show response
spolecznosci.net/js/modules/ 295 KB
112 KB 31ms
31ms Script
application/javascript 178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/js/modules/hb.js?h=0a15597b077211b33bcf

Requested by

Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

737c9565c55fdce0a1009d929db45769203288c131f647a6b961a48a57d80a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 00:45:42 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:06:46 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000
expires: Sat, 20 Feb 2021 00:45:42 GMT

GET
H2 200 cmp.min.js Show response
spolecznosci.mgr.consensu.org/js/ 266 KB
88 KB 30ms
30ms Script
application/javascript 178.32.202.249
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.mgr.consensu.org/js/cmp.min.js

Requested by

Host: spolecznosci.mgr.consensu.org
URL: https://spolecznosci.mgr.consensu.org/js/cmp.stable.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.249 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

2dd97813ce32d152904345d0f0d98f5a001faa5d14ebe80e59663dd05c39a4cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 00:45:42 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 08:49:57 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600, public
strict-transport-security: max-age=31536000
expires: Fri, 21 Feb 2020 01:45:42 GMT

GET
H2 200 currencies Show response
a.spolecznosci.net/ 123 B
362 B 86ms
29ms XHR
text/plain 178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/currencies

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=0a15597b077211b33bcf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

6516e7a4331379111505f2b970c74d776864e2271158d8f9bd2a5efc1213c226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Origin: http://abdoxnoni003.7m.pl
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Feb 2020 00:45:43 GMT
server: nginx
status: 200
strict-transport-security: max-age=31536000
x-cache: HIT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=43200
content-length: 123
expires: Fri, 21 Feb 2020 11:05:18 GMT

GET
H2 200 portal.html
spolecznosci.mgr.consensu.org/ Frame 0FB3 0
0 28ms
28ms Document
text/html 178.32.202.249
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.mgr.consensu.org/portal.html

Requested by

Host: spolecznosci.mgr.consensu.org
URL: https://spolecznosci.mgr.consensu.org/js/cmp.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.249 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: spolecznosci.mgr.consensu.org
:scheme: https
:path: /portal.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417

Response headers

status: 200
server: nginx
date: Fri, 21 Feb 2020 00:45:43 GMT
content-type: text/html
content-length: 126
last-modified: Thu, 29 Nov 2018 11:19:31 GMT
accept-ranges: bytes
strict-transport-security: max-age=31536000

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

44 KB
18 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3433
date: Thu, 20 Feb 2020 23:48:30 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Fri, 21 Feb 2020 01:48:30 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 200 data.8.htm
spolecznosci.net/files/ Frame 5BDC 0
0 30ms
30ms Document
text/html 178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://spolecznosci.net/files/data.8.htm?Ho_abdoxnoni003.7m.pl

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/app.js?h=00f574584c1bdae0a404

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: spolecznosci.net
:scheme: https
:path: /files/data.8.htm?Ho_abdoxnoni003.7m.pl
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: v=1582245942.843
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417

Response headers

status: 200
server: nginx
date: Fri, 21 Feb 2020 00:45:43 GMT
content-type: text/html
last-modified: Tue, 14 Jan 2020 12:33:21 GMT
vary: Accept-Encoding
expires: Sat, 20 Feb 2021 00:45:43 GMT
cache-control: max-age=31536000 public
content-encoding: gzip
strict-transport-security: max-age=31536000

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 93 KB
17 KB 7ms
7ms Fetch
application/json 2600:9000:2057:c200:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: spolecznosci.mgr.consensu.org
URL: https://spolecznosci.mgr.consensu.org/js/cmp.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:c200:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4370188e3b8f3641ad43ef72bfa9e8bc5e519da306984c328fc1885d621c470

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Origin: http://abdoxnoni003.7m.pl
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Feb 2020 00:32:40 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 784
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 20 Feb 2020 16:00:54 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: L0crZbDtq.lFwCMFonQA4ZA5hP.DwxFe
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA6-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: GFbO1h1Cwd8WT5kNG_9rW8MDGjuIrhu4S94u2G0MGGW4q7mTgpRIrw==

GET
H2

200

collect
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j81&a=248369437&t=pageview&_s=1&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3De0dafe79945655841bf649fbf1...
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=248369437&t=pageview&_s=1&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3De0dafe79945655841bf649fbf...

35 B
101 B

13ms
13ms

Image
image/gif

2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=248369437&t=pageview&_s=1&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%26session%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&dr=http%3A%2F%2Fkokoalets.dx.am%2Flinkedin.html&ul=en-us&de=windows-1252&dt=DocuSign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1714556639&gjid=1479529304&cid=508733042.1582245942&tid=UA-89200509-1&_gid=1817085987.1582245943&_r=1&z=1160093632

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/collect?v=1&_v=j81&a=248369437&t=pageview&_s=1&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%26session%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&dr=http%3A%2F%2Fkokoalets.dx.am%2Flinkedin.html&ul=en-us&de=windows-1252&dt=DocuSign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1714556639&gjid=1479529304&cid=508733042.1582245942&tid=UA-89200509-1&_gid=1817085987.1582245943&_r=1&z=1160093632
Non-Authoritative-Reason: HSTS

GET
H2

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j81&a=248369437&t=event&_s=2&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3De0dafe79945655841bf649fbf17d541...
https://www.google-analytics.com/collect?v=1&_v=j81&a=248369437&t=event&_s=2&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3De0dafe79945655841bf649fbf17d54...

35 B
100 B

5ms
5ms

Image
image/gif

2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=248369437&t=event&_s=2&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%26session%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&dr=http%3A%2F%2Fkokoalets.dx.am%2Flinkedin.html&ul=en-us&de=windows-1252&dt=DocuSign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=abdoxnoni003&ea=subdomain&_u=IAhAAEAB~&jid=&gjid=&cid=508733042.1582245942&tid=UA-89200509-1&_gid=1817085987.1582245943&z=1656216575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Jan 2020 05:06:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1798765
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j81&a=248369437&t=event&_s=2&dl=http%3A%2F%2Fabdoxnoni003.7m.pl%2Fndcu%2Fhome%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%26session%3De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&dr=http%3A%2F%2Fkokoalets.dx.am%2Flinkedin.html&ul=en-us&de=windows-1252&dt=DocuSign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=abdoxnoni003&ea=subdomain&_u=IAhAAEAB~&jid=&gjid=&cid=508733042.1582245942&tid=UA-89200509-1&_gid=1817085987.1582245943&z=1656216575
Non-Authoritative-Reason: HSTS

GET
H2 200 /
a.spolecznosci.net/av/320050/123/ 35 B
241 B 36ms
36ms Image
image/gif 178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.spolecznosci.net/av/320050/123/?a=abdoxnoni003.7m.pl_ShowPopup

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 00:45:43 GMT
server: nginx
strict-transport-security: max-age=31536000
x-cache: MISS
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

301

ad.json Show response
gpl.adocean.pl/__/
Redirect Chain

https://gpl.adocean.pl/ad.json?id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0?
https://gpl.adocean.pl/__/ad.json?id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0?

0
-1 B

178ms
42ms

XHR

85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/ad.json?id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GAD
access-control-allow-origin: http://abdoxnoni003.7m.pl
location: /__/ad.json?id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0?
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
vary: Origin
server: GAD
status: 301
location: /__/ad.json?id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: http://abdoxnoni003.7m.pl
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

GET
H2

301

ad.json Show response
gpl.adocean.pl/__/
Redirect Chain

https://gpl.adocean.pl/ad.json?id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0?
https://gpl.adocean.pl/__/ad.json?id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0?

0
-1 B

206ms
70ms

XHR

85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/ad.json?id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GAD
access-control-allow-origin: http://abdoxnoni003.7m.pl
location: /__/ad.json?id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0?
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
vary: Origin
server: GAD
status: 301
location: /__/ad.json?id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: http://abdoxnoni003.7m.pl
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

GET
H2

301

ad.json Show response
gpl.adocean.pl/__/
Redirect Chain

https://gpl.adocean.pl/ad.json?id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0?
https://gpl.adocean.pl/__/ad.json?id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0?

0
-1 B

206ms
70ms

XHR

85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/ad.json?id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GAD
access-control-allow-origin: http://abdoxnoni003.7m.pl
location: /__/ad.json?id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0?
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
vary: Origin
server: GAD
status: 301
location: /__/ad.json?id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: http://abdoxnoni003.7m.pl
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

GET
H2

301

ad.json Show response
gpl.adocean.pl/__/
Redirect Chain

https://gpl.adocean.pl/ad.json?id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0?
https://gpl.adocean.pl/__/ad.json?id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0?

0
-1 B

206ms
70ms

XHR

85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/ad.json?id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GAD
access-control-allow-origin: http://abdoxnoni003.7m.pl
location: /__/ad.json?id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0?
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
vary: Origin
server: GAD
status: 301
location: /__/ad.json?id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: http://abdoxnoni003.7m.pl
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

GET
H2

301

ad.json Show response
gpl.adocean.pl/__/
Redirect Chain

https://gpl.adocean.pl/ad.json?id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0?
https://gpl.adocean.pl/__/ad.json?id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0?

0
-1 B

206ms
70ms

XHR

85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/ad.json?id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GAD
access-control-allow-origin: http://abdoxnoni003.7m.pl
location: /__/ad.json?id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0?
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
vary: Origin
server: GAD
status: 301
location: /__/ad.json?id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: http://abdoxnoni003.7m.pl
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
203 B 57ms
19ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=0a15597b077211b33bcf
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Origin: http://abdoxnoni003.7m.pl
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 21 Feb 2020 00:45:44 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://abdoxnoni003.7m.pl
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 93ms
55ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=0a15597b077211b33bcf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Origin: http://abdoxnoni003.7m.pl
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 21 Feb 2020 00:45:44 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: http://abdoxnoni003.7m.pl

GET
H2 200 / Show response
adx.adform.net/adx/ 20 B
466 B 178ms
113ms XHR
application/json 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTQ4MjE3NiZ0cmFuc2FjdGlvbklkPWM1ZWFlYmU3LTYyNTQtNDJkNy1iMjdiLTFjYmFmOTg3OTgzOCZyY3VyPVBMTg%3D%3D&bWlkPTQ4MjE3NyZ0cmFuc2FjdGlvbklkPTA3NWE3NzU0LWUzZjUtNGUyMC05ZjQ0LTEyYWMzMGQ3OTg5YSZyY3VyPVBMTg%3D%3D&bWlkPTQ4MjE3NCZ0cmFuc2FjdGlvbklkPTQzYzVjNjdmLWYwNDMtNDU1OC04ZmMxLTExNjMwOWM3NTQ4YiZyY3VyPVBMTg%3D%3D&bWlkPTQ4MjE3NSZ0cmFuc2FjdGlvbklkPWI2ZWY3NWNmLTJkYmItNDhmMi1iNDhkLWI2OGJkNDVlODI4OCZyY3VyPVBMTg%3D%3D&pt=gross&stid=717c2aae-12d8-4fc0-99e6-bedb48539e8c&fd=1

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=0a15597b077211b33bcf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c83c7670c31d4127fb493e87ba84436b9ac70c4ef71614027252eb671350d7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Origin: http://abdoxnoni003.7m.pl
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://abdoxnoni003.7m.pl
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 20
expires: -1

GET
H2

301

redataredir Show response
gpladpl.hit.gemius.pl/
Redirect Chain

https://gpl.adocean.pl/__/ad.json?id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0?
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DG2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7%26gdpr_cons...

0
-1 B

70ms
70ms

XHR

85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DG2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GAD
access-control-allow-origin: http://abdoxnoni003.7m.pl
location: https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DG2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
vary: Origin
server: GAD
status: 301
location: https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DG2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: http://abdoxnoni003.7m.pl
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

GET
H2

301

redataredir Show response
gpladpl.hit.gemius.pl/
Redirect Chain

https://gpl.adocean.pl/__/ad.json?id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0?
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DNueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67%26gdpr_cons...

0
-1 B

43ms
42ms

XHR

85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DNueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GAD
access-control-allow-origin: http://abdoxnoni003.7m.pl
location: https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DNueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
vary: Origin
server: GAD
status: 301
location: https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DNueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: http://abdoxnoni003.7m.pl
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

GET
H2

301

redataredir Show response
gpladpl.hit.gemius.pl/
Redirect Chain

https://gpl.adocean.pl/__/ad.json?id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0?
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DoSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7%26gdpr_cons...

0
-1 B

42ms
42ms

XHR

85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DoSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GAD
access-control-allow-origin: http://abdoxnoni003.7m.pl
location: https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DoSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
vary: Origin
server: GAD
status: 301
location: https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DoSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: http://abdoxnoni003.7m.pl
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

GET
H2

301

redataredir Show response
gpladpl.hit.gemius.pl/
Redirect Chain

https://gpl.adocean.pl/__/ad.json?id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0?
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DzRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7%26gdpr_cons...

0
-1 B

70ms
70ms

XHR

85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DzRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GAD
access-control-allow-origin: http://abdoxnoni003.7m.pl
location: https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DzRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
vary: Origin
server: GAD
status: 301
location: https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DzRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: http://abdoxnoni003.7m.pl
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

GET
H2

301

redataredir Show response
gpladpl.hit.gemius.pl/
Redirect Chain

https://gpl.adocean.pl/__/ad.json?id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0?
https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7%26gdpr_cons...

0
-1 B

70ms
70ms

XHR

85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GAD
access-control-allow-origin: http://abdoxnoni003.7m.pl
location: https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
vary: Origin
server: GAD
status: 301
location: https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: http://abdoxnoni003.7m.pl
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

GET
H2

301

redataredir Show response
gpladpl.hit.gemius.pl/__/
Redirect Chain

https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DG2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7%26gdpr_cons...
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DG2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7%26gdpr_c...

0
-1 B

173ms
42ms

XHR

85.194.243.84
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DG2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.84 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-4.85-194-243-80.net.old.eco.atman.pl
Software: GHC /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
access-control-allow-origin: null
location: /__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DG2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
status: 301
location: /__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DG2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

GET
H2

301

redataredir Show response
gpladpl.hit.gemius.pl/__/
Redirect Chain

https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DNueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67%26gdpr_cons...
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DNueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67%26gdpr_c...

0
-1 B

173ms
42ms

XHR

85.194.243.84
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DNueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.84 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-4.85-194-243-80.net.old.eco.atman.pl
Software: GHC /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
access-control-allow-origin: null
location: /__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DNueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
status: 301
location: /__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DNueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

GET
H2

301

redataredir Show response
gpladpl.hit.gemius.pl/__/
Redirect Chain

https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DoSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7%26gdpr_cons...
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DoSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7%26gdpr_c...

0
-1 B

173ms
43ms

XHR

85.194.243.84
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DoSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.84 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-4.85-194-243-80.net.old.eco.atman.pl
Software: GHC /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
access-control-allow-origin: null
location: /__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DoSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
status: 301
location: /__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DoSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

GET
H2

301

redataredir Show response
gpladpl.hit.gemius.pl/__/
Redirect Chain

https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DzRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7%26gdpr_cons...
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DzRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7%26gdpr_c...

0
-1 B

145ms
43ms

XHR

85.194.243.84
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DzRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.84 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-4.85-194-243-80.net.old.eco.atman.pl
Software: GHC /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
access-control-allow-origin: null
location: /__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DzRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
status: 301
location: /__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DzRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

GET
H2

301

redataredir Show response
gpladpl.hit.gemius.pl/__/
Redirect Chain

https://gpladpl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7%26gdpr_cons...
https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7%26gdpr_c...

0
-1 B

171ms
70ms

XHR

85.194.243.84
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.84 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-4.85-194-243-80.net.old.eco.atman.pl
Software: GHC /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
access-control-allow-origin: null
location: /__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
status: 301
location: /__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7%26gdpr_consent%3Dundefined%26gdpr%3D0%3F
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

GET
H2

301

ad.json Show response
gpl.adocean.pl/__/
Redirect Chain

https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DG2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7%26gdpr_c...
https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=07HReuTxv_cSU4kXfnkEVcvQxQrnmkzPP44HEb6nraT.m7&id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0?

0
-1 B

45ms
44ms

XHR

85.194.243.84
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=07HReuTxv_cSU4kXfnkEVcvQxQrnmkzPP44HEb6nraT.m7&id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.84 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-4.85-194-243-80.net.old.eco.atman.pl
Software: GHC /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
access-control-allow-origin: null
location: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=07HReuTxv_cSU4kXfnkEVcvQxQrnmkzPP44HEb6nraT.m7&id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
status: 301
location: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=07HReuTxv_cSU4kXfnkEVcvQxQrnmkzPP44HEb6nraT.m7&id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

GET
H2

301

ad.json Show response
gpl.adocean.pl/__/
Redirect Chain

https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DNueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67%26gdpr_c...
https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=CLp8L47cQF3z9JYmBGDWSD12x8CvKIacwCknnJ6T4Gf.I7&id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0?

0
-1 B

43ms
43ms

XHR

85.194.243.84
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=CLp8L47cQF3z9JYmBGDWSD12x8CvKIacwCknnJ6T4Gf.I7&id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.84 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-4.85-194-243-80.net.old.eco.atman.pl
Software: GHC /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
access-control-allow-origin: null
location: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=CLp8L47cQF3z9JYmBGDWSD12x8CvKIacwCknnJ6T4Gf.I7&id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
status: 301
location: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=CLp8L47cQF3z9JYmBGDWSD12x8CvKIacwCknnJ6T4Gf.I7&id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

GET
H2

301

ad.json Show response
gpl.adocean.pl/__/
Redirect Chain

https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DoSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7%26gdpr_c...
https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=qLnWUv8uhc5pkUcihdYv.g7ytSesjPseVThlhGKk_9r.b7&id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0?

0
-1 B

68ms
67ms

XHR

85.194.243.84
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=qLnWUv8uhc5pkUcihdYv.g7ytSesjPseVThlhGKk_9r.b7&id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.84 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-4.85-194-243-80.net.old.eco.atman.pl
Software: GHC /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
access-control-allow-origin: null
location: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=qLnWUv8uhc5pkUcihdYv.g7ytSesjPseVThlhGKk_9r.b7&id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
status: 301
location: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=qLnWUv8uhc5pkUcihdYv.g7ytSesjPseVThlhGKk_9r.b7&id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

GET
H2

301

ad.json Show response
gpl.adocean.pl/__/
Redirect Chain

https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DzRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7%26gdpr_c...
https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=nl52M5EcRRo_gm2M1hZCoS7vtSbc662RRaMnLQK1XZb.17&id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0?

0
-1 B

67ms
67ms

XHR

85.194.243.84
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=nl52M5EcRRo_gm2M1hZCoS7vtSbc662RRaMnLQK1XZb.17&id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.84 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-4.85-194-243-80.net.old.eco.atman.pl
Software: GHC /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
access-control-allow-origin: null
location: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=nl52M5EcRRo_gm2M1hZCoS7vtSbc662RRaMnLQK1XZb.17&id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
status: 301
location: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=nl52M5EcRRo_gm2M1hZCoS7vtSbc662RRaMnLQK1XZb.17&id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

GET
H2

301

ad.json Show response
gpl.adocean.pl/__/
Redirect Chain

https://gpladpl.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fgpl.adocean.pl%2F__%2Fad.json%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7%26gdpr_c...
https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=bkQn.eye8NK5G.rQjUEC.Vzl5H4fIp47ECCrsWWLVRj.c7&id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0?

0
-1 B

71ms
70ms

XHR

85.194.243.84
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=bkQn.eye8NK5G.rQjUEC.Vzl5H4fIp47ECCrsWWLVRj.c7&id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.84 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-4.85-194-243-80.net.old.eco.atman.pl
Software: GHC /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
access-control-allow-origin: null
location: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=bkQn.eye8NK5G.rQjUEC.Vzl5H4fIp47ECCrsWWLVRj.c7&id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 301
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:44 GMT
server: GHC
status: 301
location: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=bkQn.eye8NK5G.rQjUEC.Vzl5H4fIp47ECCrsWWLVRj.c7&id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0?
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-length: 0
expires: Thu, 20 Feb 2020 00:45:44 GMT

GET
H2 200 ad.json Show response
gpl.adocean.pl/__/ 67 B
316 B 200ms
200ms XHR
text/json 85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=07HReuTxv_cSU4kXfnkEVcvQxQrnmkzPP44HEb6nraT.m7&id=G2n1c2dWjRWkJCW7HfdnEYBqU_lPpXIJA9TfKpXlE.b.f7&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: 1df3dfe7e50f85d0aadc3ed5f3c731729e7f362091c0004671a21d9a459c1bc9

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Origin: null
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:45 GMT
server: GAD
status: 200
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-type: text/json
content-length: 67
expires: Thu, 20 Feb 2020 00:45:45 GMT

GET
H2 200 ad.json Show response
gpl.adocean.pl/__/ 67 B
254 B 205ms
205ms XHR
text/json 85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=CLp8L47cQF3z9JYmBGDWSD12x8CvKIacwCknnJ6T4Gf.I7&id=NueayaNso2kKCjJnO6botPkpDp4wDdu4Uu3bicWtxMb.67&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: 04e94d92c4fc41d43344b517f28de25bff6262c49f1de244f7508f212ea2e117

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Origin: null
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:45 GMT
server: GAD
status: 200
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-type: text/json
content-length: 67
expires: Thu, 20 Feb 2020 00:45:45 GMT

GET
H2 200 ad.json Show response
gpl.adocean.pl/__/ 67 B
255 B 181ms
180ms XHR
text/json 85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=qLnWUv8uhc5pkUcihdYv.g7ytSesjPseVThlhGKk_9r.b7&id=oSX6Fz_EQ0c0PiHAhafoNAD3cGNH.wMKVnGjQh6kJn7.g7&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: 685e86113d018a1142b54ee683975b9ea713106932bdae3b86581ddd4fa14095

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Origin: null
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:45 GMT
server: GAD
status: 200
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-type: text/json
content-length: 67
expires: Thu, 20 Feb 2020 00:45:45 GMT

GET
H2 200 ad.json Show response
gpl.adocean.pl/__/ 67 B
254 B 181ms
181ms XHR
text/json 85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=nl52M5EcRRo_gm2M1hZCoS7vtSbc662RRaMnLQK1XZb.17&id=zRYHeeOCN2zGJUtyRqY_l9i_32GIJi9G2I9xpiujXTX.c7&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: 291470b30400e59999e48de93056aebeac907ef99d55b6f2d946b8e5c5caf84b

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Origin: null
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:45 GMT
server: GAD
status: 200
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-type: text/json
content-length: 67
expires: Thu, 20 Feb 2020 00:45:45 GMT

GET
H2 200 ad.json Show response
gpl.adocean.pl/__/ 67 B
255 B 155ms
154ms XHR
text/json 85.194.243.85
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://gpl.adocean.pl/__/ad.json?hclsdata=&hcudata=bkQn.eye8NK5G.rQjUEC.Vzl5H4fIp47ECCrsWWLVRj.c7&id=3sD3vBXt1_xxqQFYOzaIc7dKgmAw6R5bzZo90tXZpNr.M7&gdpr_consent=undefined&gdpr=0?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.194.243.85 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-5.85-194-243-80.net.old.eco.atman.pl
Software: GAD /
Resource Hash: f8a7546e091e954f352342309594499209686dd4e81fd8b7cc65031c60d614b4

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Origin: null
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 00:45:45 GMT
server: GAD
status: 200
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-type: text/json
content-length: 67
expires: Thu, 20 Feb 2020 00:45:45 GMT

GET
H2 200 pet Show response
a.spolecznosci.net/ 72 B
424 B 34ms
34ms Script
text/javascript 178.32.202.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a.spolecznosci.net/pet?s=7m&x=1359%2C1360&uu=null&rtb=%7B%7D&cpmc=true&safe=0&ut=&cb=8891706279&uq=129377942776.153430&ref=http%253A%252F%252Fabdoxnoni003.7m.pl%252Fndcu%252Fhome%252Flogin.html%253Fcmd%253Dlogin_submit%2526id%253De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417%2526session%253De0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&sp_gdpr=&n=0.5530428315458116&bw=1600&bh=1200

Requested by

Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/a.js?h=335bd021dc37458c2550

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.32.202.244 , Poland, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

7863b454477badf9da555ad7fb71b942bb537baa8fe19875c9b483780338100f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 00:45:45 GMT
server: nginx
strict-transport-security: max-age=31536000
x-cache: MISS
content-type: text/javascript; charset=utf-8
status: 200
cache-control: no-cache, no-store, must-revalidate
content-length: 72
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 97DC 0
0 89ms
39ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: spolecznosci.net
URL: https://spolecznosci.net/js/modules/hb.js?h=0a15597b077211b33bcf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://abdoxnoni003.7m.pl/ndcu/home/login.html?cmd=login_submit&id=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417&session=e0dafe79945655841bf649fbf17d5417e0dafe79945655841bf649fbf17d5417

Response headers

Last-Modified: Tue, 04 Feb 2020 05:12:07 GMT
ETag: "13006b6-9f85-59db914d12ccf"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14955
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=92805
Expires: Sat, 22 Feb 2020 02:32:35 GMT
Date: Fri, 21 Feb 2020 00:45:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DocuSign (Online)

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 07:30:46	Name: test_cookie Value: CheckForPermission

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://s.7m.pl/robot.js(Line 338) Message: dalej
console-api	log	URL: https://s.7m.pl/robot.js(Line 373) Message: bottom_static
console-api	log	URL: https://s.7m.pl/robot.js(Line 700) Message: popunder

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7m.pl
a.spolecznosci.net
abdoxnoni003.7m.pl
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
googleads.g.doubleclick.net
gpl.adocean.pl
gpladpl.hit.gemius.pl
hbopenbid.pubmatic.com
kokoalets.dx.am
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
s.7m.pl
s.spolecznosci.net
spolecznosci.mgr.consensu.org
spolecznosci.net
vendorlist.consensu.org
www.google-analytics.com
www.googletagservices.com
116.203.159.155
178.32.202.244
178.32.202.249
185.176.43.96
185.184.8.30
185.64.189.112
2.18.233.180
2600:9000:2057:c200:1:af78:4c0:93a1
2a00:1450:4001:800::2002
2a00:1450:4001:818::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:824::200e
37.157.2.238
85.194.243.84
85.194.243.85
88.99.33.244
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04e94d92c4fc41d43344b517f28de25bff6262c49f1de244f7508f212ea2e117
0a450a92da271041893a519c9b9e1050b2229f74eb83ca5346e76203456d3691
1439f70a511b9c4328a20ec7d09f2c0cb794b518b1edcdfed3c772c72ca8f81a
1df3dfe7e50f85d0aadc3ed5f3c731729e7f362091c0004671a21d9a459c1bc9
27a030175a0086b383b118548c3d7adb6dfbfb6c5c117e16d78587ee1dd04511
291470b30400e59999e48de93056aebeac907ef99d55b6f2d946b8e5c5caf84b
298a8f846e4a60aa4a03e3093962ad4989f4703d97140d6bdcbc56aebe276b05
2c851b274e54497e6290ce4e37686a435dfe7aa9a6f5380db0fdf5ae00481746
2dd97813ce32d152904345d0f0d98f5a001faa5d14ebe80e59663dd05c39a4cf
33de82a1f5e35e09870effc3ecb4591ea38599d0f96e256ee4fe3fbd87a8bad6
341dc8a2f05f363511ccd444d63a96a8879b330eda50fabb581e1776751aa38d
3cb8e6e032f82e188378cb4d4c158b5d50902115e10a81677fdbc0b8c9595222
4ecd1784399d6be5b0b70e1ccbdeaf187a6c7a16b6d55c13f57da78950bc185a
5197981709a0e557654773c547d615ee9b7b7c61350419299fa445d56ea2f1cf
65133d2077bdb7b45f20d92dde144a80c0e2312e111ebf7ea0236d65e2bd472e
6516e7a4331379111505f2b970c74d776864e2271158d8f9bd2a5efc1213c226
685e86113d018a1142b54ee683975b9ea713106932bdae3b86581ddd4fa14095
734a3541dd4f031be8e7998e1619a86bc7639b0ca9eb4c8b9f35b9dd8b51840a
737c9565c55fdce0a1009d929db45769203288c131f647a6b961a48a57d80a03
753def12fae8722bef366a340b5ab7c34a15c8cd8432cdddb30d8f91ab987b96
7863b454477badf9da555ad7fb71b942bb537baa8fe19875c9b483780338100f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
9b677d2f74f92eed0928c975533c29908595fc60529fc4ce2278887ed792f089
a2530b2a2d3be72dbb3eee7e7fe3cf851dd871c5bb9554a5f4aebaaff09092ca
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4370188e3b8f3641ad43ef72bfa9e8bc5e519da306984c328fc1885d621c470
a85812b9308ea7c1ce319c4c852315cd8e097b882e8ed99c34d50f7584896b21
b2acef3a315eaf0ea1680dd487286e1ec570dce5d3d9b5679ff9bf6954c9ebaf
bd4ef9821aedbe2cb59323ab96d6c55400c0fc0f56292d528a4338b4d922f47a
c26d24334abadd528830fc0dc6cb668d5483d195748b919c8e7c862451b11b25
c83c7670c31d4127fb493e87ba84436b9ac70c4ef71614027252eb671350d7c8
d0785de04d9ec05c1e05e34de27e6c95e489cb2c2ae06a666bcd1434bf8432da
db02c64c7a42bc5eb593ee5865bd6574eca89452407b377f95c45756621c2dd2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e923ccc327cca82406d93806b3b542703d1c3c9324e808d2257b0a4b72186972
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ee3cec3c33913424b8a94f2ba811277a4aaf0a8476d61653769c5d953ddeecbd
f45f18d03a86160ad8d6ab087295590235d2febb9c0ad69f8617d74d60212db4
f8a7546e091e954f352342309594499209686dd4e81fd8b7cc65031c60d614b4
fa2776137cbda7fb85aaa56be710f14e5d3d18e231756cfbe283a2938e7d6620

abdoxnoni003.7m.pl Open in urlscan Pro 88.99.33.244 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

74 Requests

82 %HTTPS

31 %IPv6

15 Domains

21 Subdomains

16 IPs

7 Countries

559 kBTransfer

1482 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

abdoxnoni003.7m.pl Open in urlscan Pro
88.99.33.244 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

82 %
HTTPS

31 %
IPv6

15
Domains

21
Subdomains

16
IPs

7
Countries

559 kB
Transfer

1482 kB
Size

1
Cookies

74 HTTP transactions
0 data transactions