urlscan.io logo urlscan.io
SecurityTrails logo

www.play.pl Open in urlscan Pro
89.108.209.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://m.play.pl/
Effective URL: https://www.play.pl/start/
Submission: On October 20 via manual from CN — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 89.108.209.135, located in Poland and belongs to P4NET P4 UMTS operator in Poland, PL. The main domain is www.play.pl. The Cisco Umbrella rank of the primary domain is 862909.
TLS certificate: Issued by Entrust Certification Authority - L1M on January 12th 2023. Valid for: a year.
This is the only time www.play.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 89.108.195.33 39603 (P4NET P4 ...)
1 2 89.108.209.135 39603 (P4NET P4 ...)
1 142.250.185.138 15169 (GOOGLE)
1 142.250.186.42 15169 (GOOGLE)
2 142.250.185.131 15169 (GOOGLE)
5 5
2    89.108.195.33 (Poland)

ASN39603 (P4NET P4 UMTS operator in Poland, PL)
PTR: play.pl
m.play.pl
2    89.108.209.135 (Poland)

ASN39603 (P4NET P4 UMTS operator in Poland, PL)
PTR: user-89-108-209-135.play-internet.pl
www.play.pl
1    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
ajax.googleapis.com
1    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com
2    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
4 play.pl
m.play.pl
www.play.pl — Cisco Umbrella Rank: 862909
22 KB
2 gstatic.com
fonts.gstatic.com
22 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 405
fonts.googleapis.com — Cisco Umbrella Rank: 49
7 KB
5 3
Domain Requested by
2 fonts.gstatic.com fonts.googleapis.com
2 www.play.pl 1 redirects
2 m.play.pl 2 redirects
1 fonts.googleapis.com ajax.googleapis.com
1 ajax.googleapis.com www.play.pl
5 5

This site contains links to these domains. Also see Links.

Domain
play.google.com
apps.apple.com
Subject Issuer Validity Valid
play.pl
Entrust Certification Authority - L1M		 2023-01-12 -
2024-01-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.play.pl/start/
Frame ID: 23428FB944DAC811583DAA68868BE742
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PLAY24

Page URL History Show full URLs

  1. http://m.play.pl/ HTTP 302
    https://m.play.pl/ HTTP 301
    https://www.play.pl/start HTTP 301
    https://www.play.pl/start/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

50 kB
Transfer

114 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://m.play.pl/ HTTP 302
    https://m.play.pl/ HTTP 301
    https://www.play.pl/start HTTP 301
    https://www.play.pl/start/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.play.pl/start/
Redirect Chain
  • http://m.play.pl/
  • https://m.play.pl/
  • https://www.play.pl/start
  • https://www.play.pl/start/
45 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.play.pl/start/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.108.209.135 , Poland, ASN39603 (P4NET P4 UMTS operator in Poland, PL),
Reverse DNS
user-89-108-209-135.play-internet.pl
Software
/
Resource Hash
f495774e0a65708d82e0dc16f59d51b930e3777caa3635db28eb4944a70c3850
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
20883
Content-Security-Policy
frame-ancestors 'self';
Content-Type
text/html; charset=UTF-8
Date
Fri, 20 Oct 2023 09:43:35 GMT
Keep-Alive
timeout=3, max=2981
Last-Modified
Tue, 04 Jan 2022 14:22:38 GMT
Vary
Host,Accept-Encoding
X-Frame-Options
SAMEORIGIN

Redirect headers

Connection
Keep-Alive
Content-Length
233
Content-Security-Policy
frame-ancestors 'self';
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 20 Oct 2023 09:43:35 GMT
Keep-Alive
timeout=3, max=2994
Location
https://www.play.pl/start/
X-Frame-Options
SAMEORIGIN
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c55d116ef0e77bd77c3bf5a570cd9a33112d23193cae6885d9bd7325e0f82730

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e8510ca59c88d01de5704efbbf861ae733137a48ae83cfa851261a41dd35bf5

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2de4ac5a798d6c74e4e6cd26ff8a0612c3f5ab5c6da9e52c5e89590c41549e2

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
003b51fe56f168167e378a9a9a562cecc1200be74314dd847ca709fb520c97e8

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: www.play.pl
URL: https://www.play.pl/start/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.play.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:53:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 11:53:37 GMT
css
fonts.googleapis.com/ 		2 KB
997 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Manrope:wght@500;700&display=swap
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
3107b9d3df65ee9d0027dcc48f11ded7b028e7612d01155b55b5ac145ef6b0b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.play.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Oct 2023 09:43:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 09:43:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Oct 2023 09:43:36 GMT
xn7_YHE41ni1AdIRqAuZuw1Bx9mbZk79FN_C-bk.woff2
fonts.gstatic.com/s/manrope/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/manrope/v15/xn7_YHE41ni1AdIRqAuZuw1Bx9mbZk79FN_C-bk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Manrope:wght@500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
87b933c1d28d9192885d290d1bbef9958dbc346cf05658d5468776c6d1c99e7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.play.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:36:09 GMT
x-content-type-options
nosniff
age
54447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14136
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:22:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 18:36:09 GMT
xn7_YHE41ni1AdIRqAuZuw1Bx9mbZk79FN_M-bnBeA.woff2
fonts.gstatic.com/s/manrope/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/manrope/v15/xn7_YHE41ni1AdIRqAuZuw1Bx9mbZk79FN_M-bnBeA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Manrope:wght@500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
b1e1ff2c4726ca2df5c780ddf44f2850118c41bca1e5febfd165307d3a3e2345
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.play.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 23:17:50 GMT
x-content-type-options
nosniff
age
37546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8216
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:00:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 23:17:50 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| t object| WebFontConfig object| WebFont

2 Cookies

Domain/Path Name / Value
.m.play.pl/ Name: TS011ec8dd
Value: 0111bfdb33d4619d98b575805647f87ef6abe61ec8482d6d33d8fec3c0bd8219266b7c110573ab9d870787347f2e4c7f694c71664f
www.play.pl/ Name: TS4dea46b6027
Value: 08016493d0ab20007a831634e65ef4c2994fd2687c0e473316398467a900476185542c0f06141e1108553ff59a1130006c52acc2c05261fd0d672f747f66cd53432434f56cbb6caf1595191b1cde79d40c8e06ad247974b0499de488f3a5ed72

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN