faktgwalt24.eu Open in urlscan Pro
46.242.233.96  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response faktgwalt24.eu/weryfikacja/mobile/	7 KB 3 KB	157ms 41ms	Document text/html	46.242.233.96 HOMEPL-AS
General Check archive.org Show headers Download Go to Full URL https://faktgwalt24.eu/weryfikacja/mobile/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 46.242.233.96 , Poland, ASN12824 (HOMEPL-AS, PL), Reverse DNS cloudserver179166.home.pl Software Apache / Resource Hash 54f102d1d1b4bd8c53e8284c699634f98ff0470723a7053fbb80cff9a8ec0ac5 Request headers :method GET :authority faktgwalt24.eu :scheme https :path /weryfikacja/mobile/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Tue, 12 May 2020 00:37:33 GMT content-type text/html server Apache last-modified Mon, 11 May 2020 13:54:33 GMT etag W/"1aab-5a55fafc5b840" content-encoding gzip
GET H2	200	style.css faktgwalt24.eu/weryfikacja/mobile/	11 KB 3 KB	41ms 41ms	Stylesheet text/css	46.242.233.96 HOMEPL-AS
General Check archive.org Show headers Download Go to Full URL https://faktgwalt24.eu/weryfikacja/mobile/style.css Requested by Host: faktgwalt24.eu URL: https://faktgwalt24.eu/weryfikacja/mobile/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 46.242.233.96 , Poland, ASN12824 (HOMEPL-AS, PL), Reverse DNS cloudserver179166.home.pl Software Apache / Resource Hash 5b795bdf7c24fe02623b68b85c8549449b382c3640bccc878eac24ef85d281e6 Request headers Referer https://faktgwalt24.eu/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Tue, 12 May 2020 00:37:33 GMT content-encoding gzip last-modified Mon, 11 May 2020 13:54:33 GMT server Apache etag W/"2abb-5a55fafc5b840" content-type text/css
GET H2	200	fb.png faktgwalt24.eu/weryfikacja/mobile/	2 KB 3 KB	42ms 42ms	Image image/png	46.242.233.96 HOMEPL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://faktgwalt24.eu/weryfikacja/mobile/fb.png Requested by Host: faktgwalt24.eu URL: https://faktgwalt24.eu/weryfikacja/mobile/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 46.242.233.96 , Poland, ASN12824 (HOMEPL-AS, PL), Reverse DNS cloudserver179166.home.pl Software Apache / Resource Hash 48660be52c0b2dbbabc71f51863a28341d3ca0f1b11bfd131e1aceef6aedbaf9 Request headers Referer https://faktgwalt24.eu/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 12 May 2020 00:37:33 GMT last-modified Mon, 11 May 2020 13:54:32 GMT server Apache etag "9a8-5a55fafb67600" content-type image/png status 200 accept-ranges bytes content-length 2472
GET H2	200	start.php Show response www.licznikodwiedzin.pl/cnt/	2 KB 1 KB	181ms 39ms	Script text/html	89.161.254.183 HOMEPL-AS
General Check archive.org Show headers Download Go to Full URL https://www.licznikodwiedzin.pl/cnt/start.php?key=157910342 Requested by Host: faktgwalt24.eu URL: https://faktgwalt24.eu/weryfikacja/mobile/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.161.254.183 , Poland, ASN12824 (HOMEPL-AS, PL), Reverse DNS cloudserver2082475.home.pl Software IdeaWebServer/0.83.415 / Resource Hash c5d15cbcc683069c646ec02c46e679d52e522fb54177e9ad6c2fc218d7983b7e Request headers Referer https://faktgwalt24.eu/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Tue, 12 May 2020 00:37:33 GMT content-encoding gzip server IdeaWebServer/0.83.415 content-type text/html
GET H2	200	cnt.php www.licznikodwiedzin.pl/cnt/ Frame 793C	0 0	40ms 40ms	Document text/html	89.161.254.183 HOMEPL-AS
General Check archive.org Show headers Download Go to Full URL https://www.licznikodwiedzin.pl/cnt/cnt.php?key=157910342&minDigits=7 Requested by Host: www.licznikodwiedzin.pl URL: https://www.licznikodwiedzin.pl/cnt/start.php?key=157910342 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.161.254.183 , Poland, ASN12824 (HOMEPL-AS, PL), Reverse DNS cloudserver2082475.home.pl Software IdeaWebServer/0.83.415 / Resource Hash Request headers :method GET :authority www.licznikodwiedzin.pl :scheme https :path /cnt/cnt.php?key=157910342&minDigits=7 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://faktgwalt24.eu/weryfikacja/mobile/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://faktgwalt24.eu/weryfikacja/mobile/ Response headers status 200 date Tue, 12 May 2020 00:37:33 GMT content-type text/html p3p CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM" server IdeaWebServer/0.83.415 set-cookie daily_157910342=1; expires=Wed, 13-May-2020 00:37:33 GMT; path=/ content-encoding gzip
GET H/1.1	200	/ Show response adsearch.adkontekst.pl/_/ads2/	23 KB 7 KB	88ms 37ms	Script application/javascript	188.40.17.96 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=0777479e274c03f3865ef57852a7c607 Requested by Host: www.licznikodwiedzin.pl URL: https://www.licznikodwiedzin.pl/cnt/start.php?key=157910342 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.17.96 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 4-beer.funcadr.net Software nginx / Resource Hash d27a9dd068189a819c4e524676d6546db56e737c7182513a3d23df84cbe7b65e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://faktgwalt24.eu/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 May 2020 00:37:34 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Language en-US Cache-Control no-cache, no-store, max-age=0, must-revalidate Transfer-Encoding chunked Connection keep-alive Content-Type application/javascript;charset=UTF-8 Vary Accept-Encoding X-XSS-Protection 1; mode=block X-Application-Context dispatcher-service-tao:dispatcher-run:8532 Expires 0
GET H2	200	xx.gif www.deszczowce.pl/app/webroot/img/bannery/adkontekst/	836 B 992 B	236ms 50ms	Image image/gif	89.161.254.183 HOMEPL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.deszczowce.pl/app/webroot/img/bannery/adkontekst/xx.gif Requested by Host: faktgwalt24.eu URL: https://faktgwalt24.eu/weryfikacja/mobile/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.161.254.183 , Poland, ASN12824 (HOMEPL-AS, PL), Reverse DNS cloudserver2082475.home.pl Software IdeaWebServer/0.83.415 / Resource Hash 038f95f1b5770bd0f9a3e0b63fd15aefc33f15194ee9aabbea57aea9c48b0010 Request headers Referer https://faktgwalt24.eu/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Tue, 12 May 2020 00:37:34 GMT last-modified Thu, 04 Oct 2018 02:40:25 GMT server IdeaWebServer/0.83.415 content-type image/gif content-length 836 expires Mon, 22 Jun 2020 16:37:35 GMT
POST H/1.1	200	status Show response adsearch.adkontekst.pl/_/cmp/	2 B 510 B	25ms 25ms	XHR text/plain	188.40.17.96 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://adsearch.adkontekst.pl/_/cmp/status?own=false Requested by Host: adsearch.adkontekst.pl URL: https://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=0777479e274c03f3865ef57852a7c607 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.17.96 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 4-beer.funcadr.net Software nginx / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://faktgwalt24.eu/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers Pragma no-cache Date Tue, 12 May 2020 00:37:34 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin https://faktgwalt24.eu Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Vary Origin Content-Length 2 X-XSS-Protection 1; mode=block X-Application-Context dispatcher-service-tao:dispatcher-run:8532 Expires 0
GET H/1.1	200 OK	0777479e274c03f3865ef57852a7c607 Show response prd-header-biding.vda.netsprint.pl/units/	9 KB 4 KB	96ms 44ms	Script text/javascript	136.243.169.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://prd-header-biding.vda.netsprint.pl/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=5.413533834586466&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false Requested by Host: adsearch.adkontekst.pl URL: https://adsearch.adkontekst.pl/_/ads2/?QAPS_AKPL=0777479e274c03f3865ef57852a7c607 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.169.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 3-beer.funcadr.net Software nginx / Resource Hash 53cac09c7309ff4e1d3953ae0a2a2d4061ba1037a57916450cf16bcca2cefeb2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://faktgwalt24.eu/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 May 2020 00:37:36 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Vary Accept-Encoding Content-Language en-US Cache-Control no-cache, no-store, max-age=0, must-revalidate Transfer-Encoding chunked Connection keep-alive Content-Type text/javascript;charset=UTF-8 X-Xss-Protection 1; mode=block X-Application-Context header-bidding-service Expires 0
GET H/1.1	200 OK	tools.js Show response prd-header-biding.vda.netsprint.pl/js/ Frame DA7D	186 KB 59 KB	45ms 44ms	Script application/javascript	136.243.169.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://prd-header-biding.vda.netsprint.pl/js/tools.js Requested by Host: prd-header-biding.vda.netsprint.pl URL: https://prd-header-biding.vda.netsprint.pl/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=5.413533834586466&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.169.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 3-beer.funcadr.net Software nginx / Resource Hash fb1bddda0518b2b9969441cdbdae6404ad3916fa51999581b0099645c35b5758 Request headers Referer https://faktgwalt24.eu/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 12 May 2020 00:37:36 GMT Content-Encoding gzip Last-Modified Tue, 07 Apr 2020 12:27:43 GMT Server nginx Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=300 Transfer-Encoding chunked Connection keep-alive Accept-Ranges bytes X-Application-Context header-bidding-service
POST H/1.1	200 OK	prebid ib.adnxs.com/ut/v3/ Frame DA7D	19 B 0	71ms 24ms	XHR application/json	37.252.172.249 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: prd-header-biding.vda.netsprint.pl URL: https://prd-header-biding.vda.netsprint.pl/js/tools.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.13.4 / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://faktgwalt24.eu/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Tue, 12 May 2020 00:37:38 GMT X-Proxy-Origin 185.217.171.12; 185.217.171.12; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.238:80 AN-X-Request-Uuid 4971b4e8-ee2f-4fb6-9b5d-9d62615609bd Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://faktgwalt24.eu Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	/ Show response adsearch.adkontekst.pl/_/ads2/	7 KB 2 KB	26ms 26ms	Script text/javascript	188.40.17.96 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://adsearch.adkontekst.pl/_/ads2/?strict=true&QAPS_AKPL=0777479e274c03f3865ef57852a7c607&dispatched=true&useBehavioralTargeting=true Requested by Host: prd-header-biding.vda.netsprint.pl URL: https://prd-header-biding.vda.netsprint.pl/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=5.413533834586466&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.17.96 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 4-beer.funcadr.net Software nginx / Resource Hash fdb2a37bb58c93c40b76b372766fb3bea6c78e1141fc92afc886e99459c6d15d Request headers Referer https://faktgwalt24.eu/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 12 May 2020 00:37:36 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type text/javascript; charset=UTF-8
POST H/1.1	200 OK	dibs Show response prd-dib-logger-service.vda.netsprint.pl/loggers/	2 B 306 B	26ms 26ms	XHR text/plain	138.201.137.155 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://prd-dib-logger-service.vda.netsprint.pl/loggers/dibs Requested by Host: prd-header-biding.vda.netsprint.pl URL: https://prd-header-biding.vda.netsprint.pl/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=5.413533834586466&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.201.137.155 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 6-beer.funcadr.net Software nginx / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://faktgwalt24.eu/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers Date Tue, 12 May 2020 00:37:36 GMT Server nginx Vary Origin Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin https://faktgwalt24.eu Access-Control-Allow-Credentials true Connection keep-alive Content-Length 2 X-Application-Context dib-logger-service
POST H/1.1	200 OK	times Show response prd-dib-logger-service.vda.netsprint.pl/loggers/	2 B 306 B	27ms 27ms	XHR text/plain	138.201.137.155 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://prd-dib-logger-service.vda.netsprint.pl/loggers/times Requested by Host: prd-header-biding.vda.netsprint.pl URL: https://prd-header-biding.vda.netsprint.pl/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=5.413533834586466&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.201.137.155 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 6-beer.funcadr.net Software nginx / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://faktgwalt24.eu/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers Date Tue, 12 May 2020 00:37:36 GMT Server nginx Vary Origin Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin https://faktgwalt24.eu Access-Control-Allow-Credentials true Connection keep-alive Content-Length 2 X-Application-Context dib-logger-service
GET H/1.1	200 OK	/ Show response adsearch.adkontekst.pl/quad/spliter/	6 KB 2 KB	26ms 26ms	Script text/javascript	188.40.17.96 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://adsearch.adkontekst.pl/quad/spliter/?prefix=akon&prid=0&caid=0&plh=0777479e274c03f3865ef57852a7c607&plid=0&namespace=qa_akon&nc=1589243856354&qss=true&nc2=631114363&dispatched=false&adblock=false&useBehavioralTargeting=true&type=K1&ref=https%3A%2F%2Ffaktgwalt24.eu%2Fweryfikacja%2Fmobile%2F Requested by Host: adsearch.adkontekst.pl URL: https://adsearch.adkontekst.pl/_/ads2/?strict=true&QAPS_AKPL=0777479e274c03f3865ef57852a7c607&dispatched=true&useBehavioralTargeting=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.17.96 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 4-beer.funcadr.net Software nginx / Resource Hash a1f73c218b9814e0f988ae10edeb60f623e1b3a163f95aab2a5cb693d625a8b2 Request headers Referer https://faktgwalt24.eu/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 May 2020 00:37:36 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked P3P CP="NOI DSP COR NID CUR OUR NOR" Cache-Control no-cache Connection keep-alive Content-Type text/javascript; charset=UTF-8
GET H/1.1	200 OK	/ Show response adsearch.adkontekst.pl/_/both/	456 KB 121 KB	40ms 40ms	Script text/javascript	188.40.17.96 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://adsearch.adkontekst.pl/_/both/?prefix=akon&namespace=qa_akon&nc=0&browser=safari&dispatched=false&adblock=false Requested by Host: adsearch.adkontekst.pl URL: https://adsearch.adkontekst.pl/_/ads2/?strict=true&QAPS_AKPL=0777479e274c03f3865ef57852a7c607&dispatched=true&useBehavioralTargeting=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.17.96 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 4-beer.funcadr.net Software nginx / Resource Hash f6c31cadf9cad64d047f05741b84b0c482321d32a4cbbab755e7a165019ca4ac Request headers Referer https://faktgwalt24.eu/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 12 May 2020 00:37:36 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type text/javascript; charset=UTF-8
GET H/1.1	200 OK	/ Show response adsearch.adkontekst.pl/quad/spliter/	3 KB 2 KB	27ms 27ms	Script text/javascript	188.40.17.96 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://adsearch.adkontekst.pl/quad/spliter/?prid=944&caid=103713&nc=1589243856509&cc=3&form=507626:3:Q1:R1:G1:S1:V1:A3;&content=_512+facebooka+_256+znasz+znajomymi+zaloguj+zaczac+witamy+udostepniac+rzeczy+rozne+rodzina+ludzmi+laczyc&qnr=0&without=&extra=&w=160&h=600&qss=true&flash=false&iid=4745302386018598&prefix=akon&namespace=qa_akon&type=2&dispatched=true&useBehavioralTargeting=true&ref=https%3A%2F%2Ffaktgwalt24.eu%2Fweryfikacja%2Fmobile%2F Requested by Host: adsearch.adkontekst.pl URL: https://adsearch.adkontekst.pl/_/ads2/?strict=true&QAPS_AKPL=0777479e274c03f3865ef57852a7c607&dispatched=true&useBehavioralTargeting=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.17.96 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 4-beer.funcadr.net Software nginx / Resource Hash 62d825a309837285182d60bc0f4778bf569c9f0e4b44c82e1ea2d4ff8ac083e6 Request headers Referer https://faktgwalt24.eu/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 May 2020 00:37:36 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked P3P CP="NOI DSP COR NID CUR OUR NOR" Cache-Control no-cache Connection keep-alive Content-Type text/javascript; charset=UTF-8
GET H/1.1	200 OK	/ adsearch.adkontekst.pl/_/getImageII/ Frame 4395	7 KB 7 KB	25ms 24ms	Image image/png	188.40.17.96 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://adsearch.adkontekst.pl/_/getImageII/?vid=34360550540&typ=imgSW&element=IMAGE&scale=1&prefix=akon&nc=1589239190920 Requested by Host: URL: gummibear.boxstatic-0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.17.96 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 4-beer.funcadr.net Software nginx / Resource Hash 45ec3538f2335d7a5bcd5336afa13497b328a3485d28aea972b2b99b80192b4f Request headers Referer https://faktgwalt24.eu/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 12 May 2020 00:37:36 GMT Content-Encoding gzip Last-modified Tue, 12 May 2020 00:29:42 GMT Server nginx Transfer-Encoding chunked Content-Type image/png Connection keep-alive Expires Thu, 11 Jun 2020 00:29:42 GMT
GET DATA	200 OK	truncated / Frame 4395	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f8d90d1c34b2cf176ae743361793df9ee6418708d8a8b5e4a7f69cf9503ba984 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	/ adsearch.adkontekst.pl/_/getImageII/	7 KB 7 KB	46ms 24ms	Image image/png	188.40.17.96 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://adsearch.adkontekst.pl/_/getImageII/?vid=34360550540&typ=imgSW&element=IMAGE&scale=1&prefix=akon&nc=1589239190920 Requested by Host: URL: gummibear.boxstatic-0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.17.96 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS 4-beer.funcadr.net Software nginx / Resource Hash 45ec3538f2335d7a5bcd5336afa13497b328a3485d28aea972b2b99b80192b4f Request headers Referer https://faktgwalt24.eu/weryfikacja/mobile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 12 May 2020 00:37:36 GMT Content-Encoding gzip Last-modified Tue, 12 May 2020 00:27:38 GMT Server nginx Transfer-Encoding chunked Content-Type image/png Connection keep-alive Expires Thu, 11 Jun 2020 00:27:38 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| __updateOrientation function| getInternetExplorerVersion number| ver number| deszczowcepl_rand boolean| deszczowcepl_ad boolean| deszczowcepl_attempt string| placementHash string| emissionArea object| nshbParams object| requiredAgreementsNshb boolean| duplicatorCheckerEnabled string| duplicatorCheckerLoggerUrl string| frameTypeNotInFrame string| frameTypeFriendly string| frameTypeUnfriendly boolean| iframeCheckerEnabled string| dibLoggerUrl object| requiredAgreements number| agreements_cmpMaxWaitForScriptAttempts number| agreements_cmpExistsWaitForCallbackMs number| agreements_cmpWaitForScriptMs boolean| enableJsDebug object| jsServerLoggerScript string| viewName string| ajaxLoggerDibLoggerUrl string| nsEmiterSource string| mobile string| adblock string| polyfillUrl string| gamWtgPrebidScriptUrl object| $jscomp function| addBehavioralParam function| onAfterAgreements function| executeEmiter object| ns_vda object| adElement string| objectName object| 0777479e274c03f3865ef57852a7c607O77702a82 boolean| 0777479e274c03f3865ef57852a7c607 object| ns_global_vars object| qa_akon object| __gwt_activeModules object| gummiTarget

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.licznikodwiedzin.pl/	1970-01-19 09:28:50	Name: daily_157910342 Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://prd-header-biding.vda.netsprint.pl/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=5.413533834586466&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false(Line 1) Message: emCpm: 5.413533834586466
console-api	log	URL: https://prd-header-biding.vda.netsprint.pl/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=5.413533834586466&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false(Line 1) Message: currency: PLN
console-api	log	URL: https://prd-header-biding.vda.netsprint.pl/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=5.413533834586466&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false(Line 1) Message: executing emiter
console-api	log	URL: https://prd-header-biding.vda.netsprint.pl/units/0777479e274c03f3865ef57852a7c607?mobile=false&cpmValue=5.413533834586466&adTagId=QAPS_AKPL_0777479e274c03f3865ef57852a7c607&cpmCurrency=PLN&nsEmiterSource=AK&nsEmiterPlacementEmissionUrl=https%3A%2F%2Fadsearch.adkontekst.pl%2F_%2Fads2%2F%3Fstrict%3Dtrue%26QAPS_AKPL%3D0777479e274c03f3865ef57852a7c607%26dispatched%3Dtrue%26useBehavioralTargeting%3Dtrue&gdprEnable=false(Line 1) Message: [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsearch.adkontekst.pl
faktgwalt24.eu
ib.adnxs.com
prd-dib-logger-service.vda.netsprint.pl
prd-header-biding.vda.netsprint.pl
www.deszczowce.pl
www.licznikodwiedzin.pl
136.243.169.30
138.201.137.155
188.40.17.96
37.252.172.249
46.242.233.96
89.161.254.183
038f95f1b5770bd0f9a3e0b63fd15aefc33f15194ee9aabbea57aea9c48b0010
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
45ec3538f2335d7a5bcd5336afa13497b328a3485d28aea972b2b99b80192b4f
48660be52c0b2dbbabc71f51863a28341d3ca0f1b11bfd131e1aceef6aedbaf9
53cac09c7309ff4e1d3953ae0a2a2d4061ba1037a57916450cf16bcca2cefeb2
54f102d1d1b4bd8c53e8284c699634f98ff0470723a7053fbb80cff9a8ec0ac5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b795bdf7c24fe02623b68b85c8549449b382c3640bccc878eac24ef85d281e6
62d825a309837285182d60bc0f4778bf569c9f0e4b44c82e1ea2d4ff8ac083e6
a1f73c218b9814e0f988ae10edeb60f623e1b3a163f95aab2a5cb693d625a8b2
c5d15cbcc683069c646ec02c46e679d52e522fb54177e9ad6c2fc218d7983b7e
d27a9dd068189a819c4e524676d6546db56e737c7182513a3d23df84cbe7b65e
f6c31cadf9cad64d047f05741b84b0c482321d32a4cbbab755e7a165019ca4ac
f8d90d1c34b2cf176ae743361793df9ee6418708d8a8b5e4a7f69cf9503ba984
fb1bddda0518b2b9969441cdbdae6404ad3916fa51999581b0099645c35b5758
fdb2a37bb58c93c40b76b372766fb3bea6c78e1141fc92afc886e99459c6d15d