akcja-zakupy.link/
31.42.176.76301 Moved Permanently 320 B IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9f6aca459c35703e769116fcbc10dd42
d7e5e0267da0281a0d4b4d1f875780135141ed7e
850099e422dbd050908f0e9216338341a3bba4772ab59860e93e4b24cc829389
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 29 Nov 2022 01:41:57 GMT
Server: Apache/2.4.38 (Debian)
Location: http://www.akcja-zakupy.link/
Content-Length: 320
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10444
Expires: Tue, 29 Nov 2022 04:36:01 GMT
Date: Tue, 29 Nov 2022 01:41:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5265
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:41:57 GMT
Last-Modified: Tue, 29 Nov 2022 00:14:12 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9105
Expires: Tue, 29 Nov 2022 04:13:42 GMT
Date: Tue, 29 Nov 2022 01:41:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 01:17:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1447
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DzoroHa9kbDXyB7EpF7jFREHTLtAsvZCbpE8BwyTQUpS7SyA2EiFkTj4yu2fyt+aDWgUmovVQdI=
x-amz-request-id: SEBMYFWCDJ4G5SJM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 00:42:18 GMT
age: 3579
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.akcja-zakupy.link/
31.42.176.76301 Moved Permanently 325 B IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 42c81563c8f5a4477eaaf6a2e3edaebc
527e6c38101ecac4184a534d8d5b8b5490e08d4f
da27e2128e20efd1c3e73faea7a59892ca79f6389fa18876513cf89c796d8c04
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 29 Nov 2022 01:41:57 GMT
Server: Apache/2.4.38 (Debian)
Location: https://www.akcja-zakupy.link/
Content-Length: 325
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:41:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9d6235212299946819089df23f9a1ac1
eeb54a53a0efcfaca5e57e7411b351efd0f392fd
6a4d682d43a3b906366e74ffd2c6b6939820e5ffa1b1327824f64d2a4ce870d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A4D682D43A3B906366E74FFD2C6B6939820E5FFA1B1327824F64D2A4CE870D2"
Last-Modified: Tue, 29 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 29 Nov 2022 07:41:57 GMT
Date: Tue, 29 Nov 2022 01:41:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 01:11:12 GMT
cache-control: public,max-age=3600
age: 1845
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.akcja-zakupy.link/
31.42.176.76200 OK 17 kB IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1698), with CRLF, LF line terminators
Hash 81e0287f9d204bdbf175d57a8c32df4a
a4d678670717d801106534dffe68902b0173993c
7be89da066c4cb35f99438c90c630591e33929545f30319f3691064fe8ad8ed1
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:57 GMT
Server: Apache/2.4.38 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; path=/
bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65; expires=Thu, 28-Nov-2024 01:41:57 GMT; Max-Age=63072000; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16740
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.akcja-zakupy.link/apps/zawody/template/css/layer.css
31.42.176.76200 OK 181 B URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/template/css/layer.css
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash 1ba7631d74610fb702c61e14c3971148
b83d36945f7eb817c83fd3f1ba73be0cf677f031
8054a97245480a653612a46afe541a23332ff72bc679e323eda9f1260e7108d1
GET /apps/zawody/template/css/layer.css HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:57 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 12:59:55 GMT
ETag: "f1-5c596b75cb64d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 181
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.akcja-zakupy.link/extern/jquery/plugins/jquery.fancybox-1.3.4.pack.js
31.42.176.76200 OK 5.6 kB URL HTTP/1.1 www.akcja-zakupy.link/extern/jquery/plugins/jquery.fancybox-1.3.4.pack.js
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type ASCII text, with very long lines (752)
Hash 6e437a75ee890107ddfbbe7ad3e9df32
c52cc97c9a505a9356cf3cd18afc13a96198606a
755d3316379dd87d6b6cbb6d59035cf116b10b483295164322e7edd6e9372329
Analyzer Verdict Alert fortinet Phishing
GET /extern/jquery/plugins/jquery.fancybox-1.3.4.pack.js HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:57 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 12:58:59 GMT
ETag: "3d08-5c596b3ffda6c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5574
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/bootstrap/css/bootstrap.css
31.42.176.76200 OK 3.3 kB URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/bootstrap/css/bootstrap.css
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type ASCII text, with very long lines (540)
Hash e80029701bb6b79787015a75db3075ea
d740cc65f58e99ca5dfe7b1ffa58150b55cfe6c9
52ffe5467a6b3d913ace1d8f1ee7934710f5a4b846d3f80343f20c59e3c7a1b2
GET /apps/zawody/template/pd_forms/ACTION/bootstrap/css/bootstrap.css HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:57 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 20 Jan 2022 10:10:14 GMT
ETag: "3ff3-5d600b5562027-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3320
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.akcja-zakupy.link/extern/jquery/plugins/jquery-impromptu.js
31.42.176.76200 OK 2.8 kB URL HTTP/1.1 www.akcja-zakupy.link/extern/jquery/plugins/jquery-impromptu.js
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type ASCII text, with very long lines (305)
Hash 65ad443e3e1f755c4686a628b5abb9cc
e0814ac93cf4095ce36f26dd6e673ab37d89c6f8
28a331a74d94fbda711871fb1d94d135e0104f033cdadaca00dd37438f8ca356
Analyzer Verdict Alert fortinet Phishing
GET /extern/jquery/plugins/jquery-impromptu.js HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:57 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 12:58:59 GMT
ETag: "2f8b-5c596b3ff8c4b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2762
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.akcja-zakupy.link/apps/zawody/js/js.js
31.42.176.76200 OK 2.2 kB URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/js/js.js
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash 4c08772d963ff58c8113b1e4c7786945
0ea1bbf1a68d80457bc01e6abc651e56151816be
2f7c6c64fd8d3b52b0fb9599ab4fc0008db8fdab1e1c4fb109461518929e5fdb
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/js/js.js HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:57 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 13:01:30 GMT
ETag: "1d52-5c596bd00a210-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2212
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.akcja-zakupy.link/apps/zawody/js/grayscale.js
31.42.176.76200 OK 2.9 kB URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/js/grayscale.js
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash 7de6aaca375432e4e4a65270b5b6799f
0b1dd4d62217e6a63e982d2ca087532ef17081ba
cc6fdd85202d45e57e13e106092fc2baf85a0d6275ab29d329bfb57cf7c53f6f
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/js/grayscale.js HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:57 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 13:01:30 GMT
ETag: "326a-5c596bd00156d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2904
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.akcja-zakupy.link/apps/zawody/js/zawody-validation.js
31.42.176.76200 OK 236 B URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/js/zawody-validation.js
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash 85fd205d2e114e69f4cc5a526617c631
56c7bce4e72c0cce31422739d7396a4ecc6edaf4
21ecdfd03f6ad36d85627bdf5c398d8faa6fce2eb41427c1769a85ac82d6883d
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/js/zawody-validation.js HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:58 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 13:01:30 GMT
ETag: "227-5c596bd00d0f1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 236
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4498
Cache-Control: max-age=117595
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:41:58 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:21:53 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/poll.css
31.42.176.76200 OK 1.1 kB URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/poll.css
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type assembler source, ASCII text
Hash e909f06aee635f4021e7a5a6887102e6
6118d2c088a7ced6e404f8ae4b593c98616d5a7e
6a2fa3722c3b0672e21e384aaa081ac6617a1a9fee54a6e0cb4a2f658ecd47c7
GET /apps/zawody/template/pd_forms/ACTION/css/poll.css HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:58 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 20 Jan 2022 10:10:14 GMT
ETag: "10da-5d600b55600e7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1131
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/style.css?v=2
31.42.176.76200 OK 3.2 kB URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/style.css?v=2
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash b7ec3e3bf2ff0bed99b919f983fe206a
9a76c35c7b9e2c293035db5b03161faff1b4322b
b3e19e327a7345d68c5e3a2bd64cab1261437260ad0002ce9548f7c8ac133fd9
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/template/pd_forms/ACTION/css/style.css?v=2 HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:58 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 20 Jan 2022 10:10:14 GMT
ETag: "3a72-5d600b5604225-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3249
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.akcja-zakupy.link/apps/zawody/template/css/poll_old.css?v=2
31.42.176.76200 OK 853 B URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/template/css/poll_old.css?v=2
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash 205f21b3b502471e2abdec3504173c13
6028dbba7104f0364e7cfaa75106b95c4dea8b63
7a1069dd51f2a3839477824b09a0c6d9cb2e391f779f019594fc39e271f83278
GET /apps/zawody/template/css/poll_old.css?v=2 HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:58 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 19 May 2022 09:31:18 GMT
ETag: "990-5df5a093b6e1e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 853
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.akcja-zakupy.link/apps/zawody/template/css/jquery-ui.min.css
31.42.176.76200 OK 3.2 kB URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/template/css/jquery-ui.min.css
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type ASCII text, with very long lines (14607)
Hash 53f7adcf3773d07e3271c168a6fc6c04
0523ddf3100e5d200ef8fc76042effb791f78517
675df5a0029c1fd785b5818c1bcd39245466f049884559f029f5d03793e8b4d4
GET /apps/zawody/template/css/jquery-ui.min.css HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:58 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 12:59:55 GMT
ETag: "3e5b-5c596b75bcbe7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3167
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.akcja-zakupy.link/apps/zawody/js/jquery-ui.min.js
31.42.176.76200 OK 10 kB URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/js/jquery-ui.min.js
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type ASCII text, with very long lines (33373)
Hash 1aa2ebc583e5b8d623c60f437c3c5136
1342ab16c62b9a380c71c331c885b84fb44af22f
3a4350554bd87be86ddd289e258deb6bfd827c6324a8ce13412744c2dc75ebb0
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/js/jquery-ui.min.js HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:58 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 13:01:30 GMT
ETag: "8325-5c596bcfeec86-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10320
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 03ad9fc0b00b5df3165dc2fb1e3b0a3e
f8243335a8bc24d989bddd346048a055e1d0bdeb
366b28d491f7fd632e31c1ce97f939555f7dcee14bb6875737ed2d3e96fa32ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.akcja-zakupy.link/apps/zawody/js/script.js
31.42.176.76200 OK 1.3 kB URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/js/script.js
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type ASCII text, with CRLF line terminators
Hash 805a77b36cc75105f445cc65518a05c2
da0c2d2410fe959af3fe28d2efe0570b15d72d36
ac65d463ccb4c9b7342095de53634a9e2cb987ac3df64fc605a13602995ae37e
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/js/script.js HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:58 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 13:01:30 GMT
ETag: "16b3-5c596bd00156d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1328
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ajax.googleapis.com/ajax/libs/jquery/1.6.0/jquery.min.js
216.58.207.202200 OK 32 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.6.0/jquery.min.js
IP 216.58.207.202:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65171)
Hash 12b75ff20159e7c092978f63de8ef7bf
e8608278978129a7ada1d0e55e31559ac1686418
63ac57453f834518218a5fc37597af4922156d7a80b414ba37b53ebafe6ff9a3
GET /ajax/libs/jquery/1.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31755
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 07:16:27 GMT
expires: Wed, 22 Nov 2023 07:16:27 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 584731
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/blinks.css
31.42.176.76200 OK 281 B URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/blinks.css
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type ASCII text, with CRLF line terminators
Hash deb6a97da1c23439c6671d9285037687
afea12be1f0de70293d489512c5a0d9bb5742c1d
73591c7759d9a941c1ab3937a5ec7b8b452d2c2567d97a676439a985d1037075
GET /apps/zawody/template/pd_forms/ACTION/css/blinks.css HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/style.css?v=2
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:58 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 20 Jan 2022 10:10:14 GMT
ETag: "3e8-5d600b555d206-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 281
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/zonapro.css
31.42.176.76200 OK 359 B URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/zonapro.css
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type ASCII text, with CRLF line terminators
Hash dd478c30283a3080bed7acc9f02239a7
cbe7a70b173ffde8ce4fc0992c0027369f5bc3b9
7baaa45853bb46bf068c5b02aed13f7fd70dc0bcb0ac01d37812dcddaccdb89f
GET /apps/zawody/template/pd_forms/ACTION/css/zonapro.css HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/style.css?v=2
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:58 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 20 Jan 2022 10:10:14 GMT
ETag: "d6a-5d600b55600e7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 359
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.google.com/recaptcha/api.js?render=6Le9J-AUAAAAADaAfo1VPcKkjBFhA8wYcFnQZ0Dr
142.250.74.164200 OK 584 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Le9J-AUAAAAADaAfo1VPcKkjBFhA8wYcFnQZ0Dr
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash eae53947de429f58e317194a228e088a
1383261a02c3b1a9402b5ba97f13602fd325d741
5ccd300ec1316ee1be46f094aac79243771354259b34c5647e953b91841a26a5
GET /recaptcha/api.js?render=6Le9J-AUAAAAADaAfo1VPcKkjBFhA8wYcFnQZ0Dr HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 29 Nov 2022 01:41:58 GMT
date: Tue, 29 Nov 2022 01:41:58 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/jquery.fancybox-1.3.4.css?201108192017
31.42.176.76200 OK 1.9 kB URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/jquery.fancybox-1.3.4.css?201108192017
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash f5db610b3acc3451990c312f0e83fef7
d367d515df329bb3370d4857316d06556b108590
9ec1b98e02972d020b3e894f7232e91be3520039e8b7889da76300794ab9d828
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/template/pd_forms/ACTION/css/jquery.fancybox-1.3.4.css?201108192017 HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:58 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 20 Jan 2022 10:10:14 GMT
ETag: "24de-5d600b55600e7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1854
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
54.202.70.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.202.70.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /Wnzq//MEgs+ispZ3+VHzw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +lc58J0o+vByitAqHvo83dbj1vI=
www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/images/logo.png
31.42.176.76200 OK 6.1 kB URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/images/logo.png
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type PNG image data, 394 x 74, 8-bit colormap, non-interlaced\012- data
Hash 7cdb99f3e17fa84b5c8cdab08e6f41ea
879eda3269c8dcde82e87c584eb7ea8b9bfc6318
9364e7134f27ccf41733a8d894718924715418d112e407f552a0cff54a0671f7
GET /apps/zawody/template/pd_forms/ACTION/images/logo.png HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:58 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 20 Jan 2022 10:10:14 GMT
ETag: "17ed-5d600b55dc176"
Accept-Ranges: bytes
Content-Length: 6125
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/images/label.png
31.42.176.76200 OK 3.1 kB URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/images/label.png
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type PNG image data, 297 x 46, 8-bit colormap, non-interlaced\012- data
Hash 151fd11583f6ca3743670926a7d397cb
b39c2f0f593a973dcc89273f79a12456c48895ff
1c128835e832a7fc0481b68162e6e760620265f534be5b89df4c8768a0260ad6
GET /apps/zawody/template/pd_forms/ACTION/images/label.png HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:58 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 20 Jan 2022 10:10:14 GMT
ETag: "c06-5d600b55dc176"
Accept-Ranges: bytes
Content-Length: 3078
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/fonts/zona_pro_regular_thefontsmaster.com-webfont.woff2
31.42.176.76200 OK 17 kB URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/fonts/zona_pro_regular_thefontsmaster.com-webfont.woff2
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type Web Open Font Format (Version 2), TrueType, length 17092, version 1.0\012- data
Hash 65f45343306b599e6f5fe3dba8f2e967
9697d1b33bbb2aea712064114108e030e459acd3
af50dca6debcad36ea37332a8887e80eea8cf5704271371bdb2fb47798284164
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/template/pd_forms/ACTION/css/fonts/zona_pro_regular_thefontsmaster.com-webfont.woff2 HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/zonapro.css
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:58 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 20 Jan 2022 10:10:14 GMT
ETag: "42c4-5d600b555f146"
Accept-Ranges: bytes
Content-Length: 17092
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: font/woff2
www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/fonts/zona_pro_extrabold_thefontsmaster.com-webfont.woff2
31.42.176.76200 OK 17 kB URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/fonts/zona_pro_extrabold_thefontsmaster.com-webfont.woff2
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type Web Open Font Format (Version 2), TrueType, length 16868, version 1.0\012- data
Hash 3f6adf0bb39bb5e037925212ed810c21
f78e5b840a5781af62c886e582c9c6a9f4602cd0
f67d4b40c30ee55ac559d76090286aa24c14d9d37218bc8a7ad9852a5a8522f0
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/template/pd_forms/ACTION/css/fonts/zona_pro_extrabold_thefontsmaster.com-webfont.woff2 HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/zonapro.css
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:58 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 20 Jan 2022 10:10:14 GMT
ETag: "41e4-5d600b555e1a6"
Accept-Ranges: bytes
Content-Length: 16868
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/fonts/zona_pro_black_thefontsmaster.com-webfont.woff2
31.42.176.76200 OK 17 kB URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/fonts/zona_pro_black_thefontsmaster.com-webfont.woff2
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type Web Open Font Format (Version 2), TrueType, length 16920, version 1.0\012- data
Hash 70f2dfbe18c93c240c8bd005b06fe8e8
3db73b1a9a6986d7da6e0729173b2e790fd7817f
aa24101c5b8eafaa8f9cd5a06a08094cea32863714782cddf540d9888cc72eaa
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/template/pd_forms/ACTION/css/fonts/zona_pro_black_thefontsmaster.com-webfont.woff2 HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/css/zonapro.css
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:58 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 20 Jan 2022 10:10:14 GMT
ETag: "4218-5d600b555e1a6"
Accept-Ranges: bytes
Content-Length: 16920
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2
www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/images/award.png
31.42.176.76200 OK 14 kB URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/images/award.png
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type PNG image data, 465 x 211, 8-bit colormap, non-interlaced\012- data
Hash da7cec5edf38581212e3015e7ab1284a
4f7bec480d099f66f3dbea9d582384c90256dedc
a9a719bccb97ad8602c931de880c86020a9cb92c712f8d0614593aa096b97d60
GET /apps/zawody/template/pd_forms/ACTION/images/award.png HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:58 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 20 Jan 2022 10:10:14 GMT
ETag: "37ce-5d600b56022e4"
Accept-Ranges: bytes
Content-Length: 14286
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
www.akcja-zakupy.link/apps/zawody/template/images/images/main_preloader.gif
31.42.176.76200 OK 6.7 kB URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/template/images/images/main_preloader.gif
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type GIF image data, version 89a, 64 x 64\012- data
Hash 1da45519428297bcfc57c20dea048fa0
3663552f3ca880be8aef0028c11c967f8e1306ed
632e59ba64e2ab65fd7d0f1cb0cbdd2be45b7e459f3a270c58445e13d1b493e0
GET /apps/zawody/template/images/images/main_preloader.gif HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:58 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 12:59:55 GMT
ETag: "1a00-5c596b75e8b18"
Accept-Ranges: bytes
Content-Length: 6656
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif
www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/images/sticker.png
31.42.176.76200 OK 21 kB URL HTTP/1.1 www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/images/sticker.png
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type PNG image data, 359 x 360, 8-bit colormap, non-interlaced\012- data
Hash 1280fc55ca33a8ef8efe8cbbc75e11a9
ce1e57e52f25dd5d89cf400caecb9646afec6dfb
06df934a458f574d660605805b59c6969febc1cf7fcae23995313b6b46d8622b
GET /apps/zawody/template/pd_forms/ACTION/images/sticker.png HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:41:58 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 20 Jan 2022 10:10:14 GMT
ETag: "5218-5d600b56022e4"
Accept-Ranges: bytes
Content-Length: 21016
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
www.googletagmanager.com/gtag/js?id=UA-38057940-18
142.250.74.168200 OK 164 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-38057940-18
IP 142.250.74.168:0
Size 164 kB (163479 bytes)
Hash dda2be7c67d9d8a4fac6b98778e5f2a7
3873c7709661e1e30ee9c21eab44170c269535ba
11bdc1b8cc019a52e2c9208a822e0f1dabeed93cad0abcc0be29f33311f4514e
GET /gtag/js?id=UA-38057940-18 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 01:41:58 GMT
expires: Tue, 29 Nov 2022 01:41:58 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43681
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/images/favico.png
31.42.176.76404 Not Found 0 B URL HTTP/1.0 www.akcja-zakupy.link/apps/zawody/template/pd_forms/ACTION/images/favico.png
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apps/zawody/template/pd_forms/ACTION/images/favico.png HTTP/1.1
Host: www.akcja-zakupy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Cookie: PHPSESSID=ppd2u4iho0v9dp2ci39cjaiav2; bq_tr_usr_ident=001dd2c23ed2aa256f11729d7e710d65
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.0 404 Not Found
Date: Tue, 29 Nov 2022 01:41:58 GMT
Server: Apache/2.4.38 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 29 Nov 2022 00:41:08 GMT
expires: Tue, 29 Nov 2022 02:41:08 GMT
cache-control: public, max-age=7200
age: 3650
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af25abbc1f9776cf78b07837dbea38a0
1883049bac2e92f8b3107f6435f00b83d8f4c117
663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3421
Cache-Control: max-age=124450
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:41:58 GMT
Etag: "6384992b-1d7"
Expires: Wed, 30 Nov 2022 12:16:08 GMT
Last-Modified: Mon, 28 Nov 2022 11:19:07 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: mV97YLZb2JFNKEoqxBGv7HNLzb0joZVUhu7mgcoMkjD2RnQUGF1K/hG2Pr2ExzROIldIFGtJxRsGWNfkEINSqg==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 2074150462
date: Tue, 29 Nov 2022 01:41:58 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=2007639869&t=pageview&_s=1&dl=https%3A%2F%2Fwww.akcja-zakupy.link%2F&ul=en-us&de=UTF-8&dt=www.akcja-zakupy.link&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1162742911&gjid=871901158&cid=1110619901.1669686118&tid=UA-38057940-18&_gid=655605746.1669686118&_r=1>m=2oub90&z=449606428
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=2007639869&t=pageview&_s=1&dl=https%3A%2F%2Fwww.akcja-zakupy.link%2F&ul=en-us&de=UTF-8&dt=www.akcja-zakupy.link&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1162742911&gjid=871901158&cid=1110619901.1669686118&tid=UA-38057940-18&_gid=655605746.1669686118&_r=1>m=2oub90&z=449606428
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j98&a=2007639869&t=pageview&_s=1&dl=https%3A%2F%2Fwww.akcja-zakupy.link%2F&ul=en-us&de=UTF-8&dt=www.akcja-zakupy.link&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1162742911&gjid=871901158&cid=1110619901.1669686118&tid=UA-38057940-18&_gid=655605746.1669686118&_r=1>m=2oub90&z=449606428 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.akcja-zakupy.link
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.akcja-zakupy.link
date: Tue, 29 Nov 2022 01:41:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af25abbc1f9776cf78b07837dbea38a0
1883049bac2e92f8b3107f6435f00b83d8f4c117
663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3421
Cache-Control: max-age=124450
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:41:58 GMT
Etag: "6384992b-1d7"
Expires: Wed, 30 Nov 2022 12:16:08 GMT
Last-Modified: Mon, 28 Nov 2022 11:19:07 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.akcja-zakupy.link
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:26:04 GMT
expires: Sun, 26 Nov 2023 21:26:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 188154
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-38057940-18&cid=1110619901.1669686118&jid=1162742911&gjid=871901158&_gid=655605746.1669686118&_u=YEBAAUAAAAAAACAAI~&z=794021269
142.250.150.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-38057940-18&cid=1110619901.1669686118&jid=1162742911&gjid=871901158&_gid=655605746.1669686118&_u=YEBAAUAAAAAAACAAI~&z=794021269
IP 142.250.150.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-38057940-18&cid=1110619901.1669686118&jid=1162742911&gjid=871901158&_gid=655605746.1669686118&_u=YEBAAUAAAAAAACAAI~&z=794021269 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.akcja-zakupy.link
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.akcja-zakupy.link
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 29 Nov 2022 01:41:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=196290621588360&ev=PageView&dl=https%3A%2F%2Fwww.akcja-zakupy.link%2F&rl=&if=false&ts=1669686118025&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669686118024.118937042&it=1669686117794&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=196290621588360&ev=PageView&dl=https%3A%2F%2Fwww.akcja-zakupy.link%2F&rl=&if=false&ts=1669686118025&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669686118024.118937042&it=1669686117794&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=196290621588360&ev=PageView&dl=https%3A%2F%2Fwww.akcja-zakupy.link%2F&rl=&if=false&ts=1669686118025&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669686118024.118937042&it=1669686117794&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akcja-zakupy.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Nov 2022 01:41:58 GMT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 12:31:58 GMT
expires: Sun, 26 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 220200
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9027
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:41:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9027
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:41:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9027
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:41:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9027
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:41:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9cd333c474420e235831d96ed881167e
5008d7344dd85ae61a598c17e7baf427def3e25d
2178a96e120661e43d8e8ed0df1fcf500caf4c58db9e1bedaf0706af0a80b286
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3944
x-amzn-requestid: 8a6732c1-72da-4a73-ba51-8533c6a01a9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNmfFgeIAMFjLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6385295c-0c807d93277bfb7f6b13c2ee;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:20 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XC26NJ0PkNhOsuvMPTd5TlY-oDOGfGoNxzzMANQRlyBWt1XZW_gUfA==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 14396
etag: "5008d7344dd85ae61a598c17e7baf427def3e25d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:40:08 GMT
age: 64911
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae2e2986caa15a90b615147f229b51ec
c6dfd277cdbd057472e6df6ad1a200f50684d442
ec3799922c38ee6394601744ff4b2c405ee44c4718a2b90c104134657f8b480b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9015
x-amzn-requestid: eb4599b5-e88a-47cd-8d1b-5839c4f7593e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnbGLToAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852962-67476fac77c8d1ee36f89ecc;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 09Pb9RMyAoRWXYfw5mxwtpl6fnHwlxDJryR4c-F3rurGKUgo-HYUOg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 14396
etag: "c6dfd277cdbd057472e6df6ad1a200f50684d442"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516776052e5e906ea9f42d25bae5cc85
be4c4d01fc67218e26a3e9d27a2f708e639c9d4b
28e70e38cfad65ad8a7a68ab1dc78747c7013a87b854fc35b163cc5765cd0570
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8460
x-amzn-requestid: 51416479-3854-4f1a-9d86-35e104c57f6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnkHuZIAMF-_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852963-180b323d4a45fa2f29f9b1fc;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3MKambAjrBl64HI6hBuOtNJi3Tj6gxtwH_lOfk0WNX15UnCrAJbNig==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:48:54 GMT
age: 13985
etag: "be4c4d01fc67218e26a3e9d27a2f708e639c9d4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cce27a1fe8c0222811a5ce0e7f89e1cb
28c165bac8cf68cd1b0763c311aece00672cb3a5
4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: c52b3092-90d2-4289-b6e0-ab99c9d4710a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPmz3EVUoAMFWUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382eb4b-39f46c89238eff696e9f2dba;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:44:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ofQEhaEiX1vE25a_1xHeab9Px9zgGpk8omlX_aHmLE1oN1aZTPzWxQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:58:57 GMT
age: 13382
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d574c4db20a68295dbd06cb08f5990b
433061bbb226048765a711deca3026ee3e52372f
8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UmhWm03jrsV8dFagrzIA0E-8eL8dykoO5kw3cYOBd172dCGqNdAX-Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 03:31:58 GMT
age: 79801
etag: "433061bbb226048765a711deca3026ee3e52372f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2