helton.pl/
85.128.207.220301 Moved Permanently 0 B IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Nov 2022 03:41:27 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Redirect-By: WordPress
Location: https://helton.pl/
Age: 246125
X-CDN-nazwa.pl-policyused: cdn=1209600
Server: Apache/2
X-CDN-nazwa.pl-location: AMS
X-CDN-nazwa.pl-age: 246125
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4988
Expires: Fri, 25 Nov 2022 05:04:35 GMT
Date: Fri, 25 Nov 2022 03:41:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5738
Cache-Control: max-age=116722
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:27 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:06:49 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16926
Expires: Fri, 25 Nov 2022 08:23:33 GMT
Date: Fri, 25 Nov 2022 03:41:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 03:19:02 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1345
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: E/RvuzRNotXf7J2BIQgAjFwJvnY7vx9DfQ+xq8ytdPwq8LljJUUPCWEmSsJsymkdITFwW0GONrk=
x-amz-request-id: AJB9DBNDT9T6VZDR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 02:43:40 GMT
age: 3467
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 03:41:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
nazwassl2sha2.ocsp-certum.com/
23.36.79.10200 OK 1.5 kB URL HTTP/1.1 nazwassl2sha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash fca022d7066c70bdfc4f24a32f249552
e4a845c340b932d1e51b9b7e95e20068895faf00
171f5259e2050c0570608c64c591d09fb9cccdd2612aa2f2aa8c5c2a841ff4f7
POST / HTTP/1.1
Host: nazwassl2sha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1505
X-Cached: MISS
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=892
Date: Fri, 25 Nov 2022 03:41:28 GMT
Connection: keep-alive
X-N: S
helton.pl/
85.128.207.220302 Found 0 B IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Fri, 25 Nov 2022 03:41:28 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://helton.pl/en/
x-redirect-by: WordPress
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: qtrans_front_language=en; expires=Sat, 25-Nov-2023 03:41:28 GMT; Max-Age=31536000; path=/
age: 0
x-cdn-nazwa.pl-policyused: app=no-cache
server: Apache/2
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 0
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 03:11:11 GMT
cache-control: public,max-age=3600
age: 1817
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5855
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:28 GMT
Last-Modified: Fri, 25 Nov 2022 02:03:53 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
helton.pl/en/
85.128.207.220200 OK 9.8 kB IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1335), with CRLF, LF line terminators
Hash ff9ef194c313b9e16bfe9320bbda7800
fb02cf060081738eb9ff4640b0a2def051f2be54
a113d635543c82b33b03e4d6ad3c2c85c3310ee040077e4bfcb72e672c0cda65
Analyzer Verdict Alert fortinet Phishing
GET /en/ HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: qtrans_front_language=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:28 GMT
content-type: text/html; charset=UTF-8
content-length: 9761
link: <https://helton.pl/en/wp-json/>; rel="https://api.w.org/", <https://helton.pl/en/wp-json/wp/v2/pages/14>; rel="alternate"; type="application/json", <https://helton.pl/en/>; rel=shortlink
x-mod-pagespeed: enabled
set-cookie: qtrans_front_language=en; expires=Sat, 25-Nov-2023 03:41:28 GMT; Max-Age=31536000; path=/
vary: Accept-Encoding
content-encoding: br
cache-control: max-age=0, no-cache
age: 0
x-cdn-nazwa.pl-policyused: app=no-cache
server: Apache/2
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 0
X-Firefox-Spdy: h2
helton.pl/wp-content/cache/autoptimize/css/A.autoptimize_9b751c11954ba1782ec07aa10b776a82.css.pagespeed.cf.7Qf-ChRSmy.css
85.128.207.220200 OK 62 kB URL HTTP/2 helton.pl/wp-content/cache/autoptimize/css/A.autoptimize_9b751c11954ba1782ec07aa10b776a82.css.pagespeed.cf.7Qf-ChRSmy.css
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash e5ecc887ba2d6cedcc830b211e5c74a2
d77e060d85bb0c778a67a6c64e3bddaeac130654
4285ba47ecdc915e743c35b0a181b2a2f77a118302691dd2247dc5f36a23babf
GET /wp-content/cache/autoptimize/css/A.autoptimize_9b751c11954ba1782ec07aa10b776a82.css.pagespeed.cf.7Qf-ChRSmy.css HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/en/
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:28 GMT
content-type: text/css
content-length: 61751
x-cdn-nazwa.pl-policyused: cdn=1209600
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 49448
x-original-content-length: 454422
accept-ranges: bytes
age: 49448
expires: Thu, 08 Dec 2022 13:57:20 GMT
etag: W/"0"
last-modified: Thu, 24 Nov 2022 13:57:20 GMT
cache-control: max-age=1209600, public
vary: Accept-Encoding
content-encoding: br
server: Apache/2
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/css/select2.min.css?ver=5.7.8
104.17.24.14200 OK 1.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/css/select2.min.css?ver=5.7.8
IP 104.17.24.14:0
File type ASCII text, with very long lines (15195)
Hash b882d7e63899a62cfb4fe9563af4245d
726e9f61ac75d59a2f95f15cdda1af77f420a2eb
387d3b1157267d3f4e539fa96c8d03291698037cdeca14ee0b6ac0a309e9f73e
GET /ajax/libs/select2/4.0.3/css/select2.min.css?ver=5.7.8 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:28 GMT
content-type: text/css; charset=utf-8
content-length: 1624
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fcb-3b5c"
last-modified: Mon, 04 May 2020 16:16:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1234890
expires: Wed, 15 Nov 2023 03:41:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKqf%2F%2BJB3ASkObHV7A%2FJIg7kuSzdZ%2FuBHcOeO%2BQrrgu2oNvSITY4wyi7w5bJ57LrxICtaai2lI23jg5ZmFLBtM0eC0mgDaSdB0IFyvc43idcbQZ%2BI4j%2BeUqvSvILC%2BO7%2Bf0kLY0G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76f75e6e28840b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/js/select2.full.min.js?ver=5.7.8
104.17.24.14200 OK 18 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/js/select2.full.min.js?ver=5.7.8
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (32091)
Hash 5b80148bc86779f2ddbf672b4ef74269
cb267fb61f77875abca7b020307754333ee65b1f
83b9976079487acc85d79e12b80da00befc64a73dcc34966efcac6758a50c106
GET /ajax/libs/select2/4.0.3/js/select2.full.min.js?ver=5.7.8 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 17507
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fcb-124fd"
last-modified: Mon, 04 May 2020 16:16:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7983593
expires: Wed, 15 Nov 2023 03:41:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zkk%2BsE9%2FO68wdkKhhe1hN5dVgyp7%2BoWBEksXe25ZG4zfG3p%2BjwPQ9RiBXdnNssJF6BYrFWAEcnWCITt%2FyEUZeXrF%2B2ypiPnwE2IgF0VVKAc2dwONI3BGsixkwkGg6uBgqHgeoPT2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76f75e6e38890b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.7.1/slick.min.css?ver=5.7.8
104.17.24.14200 OK 394 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.7.1/slick.min.css?ver=5.7.8
IP 104.17.24.14:0
File type ASCII text, with very long lines (1327)
Hash 50d05d35119a9bd8cf777402bb4789a0
fd03f42f191f21580b72dc3e474e9b7503a82555
a8daf82dae80ef2b347046c449acf73de160cc273a70cb74ed4cb71597a69bfc
GET /ajax/libs/slick-carousel/1.7.1/slick.min.css?ver=5.7.8 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:28 GMT
content-type: text/css; charset=utf-8
content-length: 394
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-559"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 12391219
expires: Wed, 15 Nov 2023 03:41:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HK6hmvtm8kUrgnvaqG%2BOoxwMNDk2gL5MqOxD3BzicUnPM%2B%2F1V52WoUbPCe2DIsgB%2BPmdF1S%2BZFuTKI5eIRZ3%2B6lzwQ%2F3tTqNGMvhxxLNQuf4aP2SVsWN1b6EfIGqBIo4a26GOQJx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76f75e6e488c0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
helton.pl/wp-content/themes/helton/dist/js/all.min.js?ver=1.0.2
85.128.207.220200 OK 72 kB URL HTTP/2 helton.pl/wp-content/themes/helton/dist/js/all.min.js?ver=1.0.2
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type ASCII text, with very long lines (65536), with no line terminators
Hash efbd5d26ed52a7b324ad14c3b569acf1
cf144aaa1bb1d773da8ff68048d806f5026f27ee
f7924bf843752e9cbaa69758f55f251c90ab502c43a3f5a06f2681f22fd07fee
GET /wp-content/themes/helton/dist/js/all.min.js?ver=1.0.2 HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/en/
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:28 GMT
content-type: application/javascript
content-length: 71852
last-modified: Thu, 05 Jul 2018 10:44:43 GMT
etag: "3c189-5703e3c28d6ed"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cache-control: max-age=1209600
age: 112495
x-cdn-nazwa.pl-policyused: cdn=1209600
server: Apache/2
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 112495
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/js/i18n/pl.js?ver=5.7.8
104.17.24.14200 OK 447 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/js/i18n/pl.js?ver=5.7.8
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (828)
Hash 2b2af1b83f4edb87e829f372d786843b
6e186818f76bd20e30dbe70a667ce2ab2222eb89
2e410928f1c03dee07cb39b13a38fa5073fbbf7c90f1b4da5a9f91c7b16adcae
GET /ajax/libs/select2/4.0.3/js/i18n/pl.js?ver=5.7.8 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 447
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fcb-39d"
last-modified: Mon, 04 May 2020 16:16:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 728967
expires: Wed, 15 Nov 2023 03:41:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7scsl8aFUG1tzbT8jOB2XqR9bqRCpyLJUpxAqBQknYv3HFPhxEazChKLocm2oisNV0kmNJoE3MAt%2FLV7TDd3QYFE9Gz4tvT%2FDBTfbDn6E%2BQ6ZKbCP0mrmG19sBRDH9IcF5MW%2FED%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76f75e6e488e0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.7.1/slick.min.js?ver=5.7.8
104.17.24.14200 OK 9.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.7.1/slick.min.js?ver=5.7.8
IP 104.17.24.14:0
File type ASCII text, with very long lines (42634)
Hash f7982ac53b4d7cb072bb218fdc7f88c2
750ac19b006ce317ff44753b8e055a74ca173629
aac45b3bbf0108c47c96e2a992cf8a98ae6edba1ffd851b49809287426289bb6
GET /ajax/libs/slick-carousel/1.7.1/slick.min.js?ver=5.7.8 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 9216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-a68b"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 725112
expires: Wed, 15 Nov 2023 03:41:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N18leA2W5u9OCCzHEXKHWnLAosuI1vGEPPRdT1BEgD1Z9licgOQZYWPPQ4qEzmrZh51IErqDmmhQObWdt1CGHIyEPgWhQufQqfvsgTKVOGYgheQWrhIkaatCtydmw0fzUX0CjsFn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76f75e6e58910b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
helton.pl/wp-content/themes/helton/dist/img/logo-vertical.svg
85.128.207.220200 OK 17 kB URL HTTP/2 helton.pl/wp-content/themes/helton/dist/img/logo-vertical.svg
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (17415), with no line terminators
Hash 6aa36a0088e699dbbda431c5de2a40a5
930fb85ddc15ca0eb8f532ea2f1ee8ea256898fa
e326c283ea15927d8e69fb94ffe7323f868cde5e203e68ce82b4b7ad3f4a676b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/helton/dist/img/logo-vertical.svg HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/en/
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:28 GMT
content-type: image/svg+xml
content-length: 17415
last-modified: Wed, 11 Oct 2017 07:32:54 GMT
etag: "4407-55b406e914c7f"
accept-ranges: bytes
cache-control: max-age=1209600
age: 655696
x-cdn-nazwa.pl-policyused: cdn=1209600
server: Apache/2
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 655696
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
helton.pl/wp-content/themes/helton/dist/img/ok-mes.png
85.128.207.220200 OK 280 B URL HTTP/2 helton.pl/wp-content/themes/helton/dist/img/ok-mes.png
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type PNG image data, 22 x 18, 8-bit colormap, interlaced\012- data
Hash 087798f1cd93d5734b2e8b91df17f63c
8435b0d4241a43e8d60c2bf26194f37a1e5f6b34
28ad4531bfa88482a723e1e64b82dd03365805044f69efde8f1d02c35886b241
GET /wp-content/themes/helton/dist/img/ok-mes.png HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/en/
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:28 GMT
content-type: image/png
content-length: 280
x-cdn-nazwa.pl-policyused: cdn=1209600
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 408715
last-modified: Wed, 11 Oct 2017 07:32:56 GMT
etag: "118-55b406eacddc1"
accept-ranges: bytes
cache-control: max-age=1209600
age: 408715
x-content-type-options: nosniff
server: Apache/2
X-Firefox-Spdy: h2
helton.pl/wp-content/themes/helton/dist/img/err-mes.png
85.128.207.220200 OK 519 B URL HTTP/2 helton.pl/wp-content/themes/helton/dist/img/err-mes.png
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type PNG image data, 19 x 19, 8-bit colormap, interlaced\012- data
Hash 3b620ef2114f0019a31d788aebe4f8d5
52095c2e7e928412aba28b0a7ab4f87ac30d2e91
b14a3ceb61d9033a0301c9998114b6dfc68fe22439680b76d459d2e346127010
GET /wp-content/themes/helton/dist/img/err-mes.png HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/en/
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:28 GMT
content-type: image/png
content-length: 519
x-cdn-nazwa.pl-policyused: cdn=1209600
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 408715
last-modified: Wed, 11 Oct 2017 07:32:51 GMT
etag: "207-55b406e668116"
accept-ranges: bytes
cache-control: max-age=1209600
age: 408715
x-content-type-options: nosniff
server: Apache/2
X-Firefox-Spdy: h2
helton.pl/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
85.128.207.220200 OK 33 kB URL HTTP/2 helton.pl/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type Unicode text, UTF-8 text, with very long lines (34729), with NEL line terminators
Hash 1ff5d74c7b9fa57511c6e0e768d626f1
7eee04b13ca67402ec974f5d29e635086a0ecd00
42e4ea7651649b3604691fcf70b22564c54e65d3aac81d48b6434301b3646b71
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/en/
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:28 GMT
content-type: application/javascript
content-length: 32644
last-modified: Wed, 12 May 2021 14:05:23 GMT
etag: "183ee-5c22280795b08"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cache-control: max-age=1209600
age: 112495
x-cdn-nazwa.pl-policyused: cdn=1209600
server: Apache/2
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 112495
X-Firefox-Spdy: h2
helton.pl/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
85.128.207.220200 OK 3.8 kB URL HTTP/2 helton.pl/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type ASCII text, with very long lines (13485), with no line terminators
Hash e2bd61819aacc8047f23cafe794af042
7a9f917854f5f30e843ef008517a08d41eaa2605
23f7e75acd1c8ef1f09184b5b7c63f41acc589659042a7bc428be0a1c63dcf84
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1 HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/en/
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:28 GMT
content-type: application/javascript
content-length: 3779
last-modified: Wed, 12 May 2021 14:06:57 GMT
etag: "34ad-5c222860baa10"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cache-control: max-age=1209600
age: 112495
x-cdn-nazwa.pl-policyused: cdn=1209600
server: Apache/2
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 112495
X-Firefox-Spdy: h2
helton.pl/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.1
85.128.207.220200 OK 1.4 kB URL HTTP/2 helton.pl/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.1
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type ASCII text, with very long lines (4106), with no line terminators
Hash 4342cdfcaae2509042571842bdffd475
f6dcdbf0db276b19977b995fabdbe3e2dd9ae4a1
f8bfa61d6e15811e2ab2d3bd15bfbb7c4916055eeab3d7643f76d61ad2e801d4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.1 HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/en/
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:28 GMT
content-type: application/javascript
content-length: 1406
last-modified: Wed, 12 May 2021 14:06:57 GMT
etag: "100a-5c222860da59d"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cache-control: max-age=1209600
age: 54230
x-cdn-nazwa.pl-policyused: cdn=1209600
server: Apache/2
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 54230
X-Firefox-Spdy: h2
helton.pl/wp-includes/js/wp-embed.min.js?ver=5.7.8
85.128.207.220200 OK 663 B URL HTTP/2 helton.pl/wp-includes/js/wp-embed.min.js?ver=5.7.8
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type ASCII text, with very long lines (1391)
Hash 631d0bea986295ecf82f4054d7c38081
5c9567262181c9ab4ef00ebe558cebfcb7466bad
d2654b0293e67fe80ca9e510470f1f4bb2c7fcc9e4740d082c80dbee5eb3bcc2
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=5.7.8 HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/en/
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:28 GMT
content-type: application/javascript
content-length: 663
last-modified: Wed, 12 May 2021 14:05:23 GMT
etag: "592-5c222807d6e89"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cache-control: max-age=1209600
age: 477615
x-cdn-nazwa.pl-policyused: cdn=1209600
server: Apache/2
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 477615
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 76544babbcf6515110bd81aaee8e7e63
043497692868c67ac84cdfe70d0a484517abd1c2
a19d5958d683662375a2469d1d7e551188469b967eb6f2bae2d5e43dac51a4f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-111219410-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-111219410-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 1e3f724c98f9b02c1caea33078334e7a
3396632738d0a5c4e5759af6eb61b1acf51769e5
5b50d63dc27e3cf49148c093824536ebd568c58b03ceec3d6d7e06ac8ad0a9ca
GET /gtag/js?id=UA-111219410-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 03:41:28 GMT
expires: Fri, 25 Nov 2022 03:41:28 GMT
cache-control: private, max-age=900
last-modified: Fri, 25 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43677
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LcU45AUAAAAAHQPl1VjCZ5y6FD63tVMbBUX1mqS&ver=3.0
142.250.74.164200 OK 586 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LcU45AUAAAAAHQPl1VjCZ5y6FD63tVMbBUX1mqS&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 7a6b1732101145d0811ad834e0d91bd3
247e9bc5a4d6364713e720a402f5cc7507135090
48d8f54543899083127bc11ff9ae9e33dfc1a1186bcab9bf09bb44f8cbe984c4
GET /recaptcha/api.js?render=6LcU45AUAAAAAHQPl1VjCZ5y6FD63tVMbBUX1mqS&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 25 Nov 2022 03:41:28 GMT
date: Fri, 25 Nov 2022 03:41:28 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?key=AIzaSyBdAlIcj_4LYUY4YbbBoNApGMBCe_sOq6I&ver=5.7.8
142.250.74.10200 OK 53 kB URL HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyBdAlIcj_4LYUY4YbbBoNApGMBCe_sOq6I&ver=5.7.8
IP 142.250.74.10:0
File type ASCII text, with very long lines (2452)
Hash d4fc5cb7daa1b70005b6d3cd34081e7f
c30f189248984685440cb2665a744e500a2cba65
fc266f3bca85fce9e39c1828dfec44a485ac03fafa95264dae7f8259459b7635
GET /maps/api/js?key=AIzaSyBdAlIcj_4LYUY4YbbBoNApGMBCe_sOq6I&ver=5.7.8 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Fri, 25 Nov 2022 03:41:28 GMT
expires: Fri, 25 Nov 2022 04:11:28 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 53355
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.69.181.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.69.181.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cV25brWiH0yiEK05280ctw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sn9CNhaX0ePpYPlsVUX28eORx70=
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 193dccfc721216dc9f0d595c230a3867
20fe28b2738c01c7d61d232e05e484f54b145d1a
d5710ccf79faa3854bfb5b6f95908d3e33ab5644e90f8ba9e4d919c25449033d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:28 GMT
Etag: "637f260f-116"
Server: ECS (amb/6BB6)
Content-Length: 278
helton.pl/wp-content/themes/helton/dist/img/catalog.svg
85.128.207.220200 OK 968 B URL HTTP/2 helton.pl/wp-content/themes/helton/dist/img/catalog.svg
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c9b34934715dd53110b2c31942ec1fb7
531f1dc6d1e814f1f36e704ac393665f2580cd36
b67f8f19182e9d3eb7f95727a512bfa8c790d95ba854104e3a7f8fc279bc23c1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/helton/dist/img/catalog.svg HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/wp-content/cache/autoptimize/css/A.autoptimize_9b751c11954ba1782ec07aa10b776a82.css.pagespeed.cf.7Qf-ChRSmy.css
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:29 GMT
content-type: image/svg+xml
content-length: 968
last-modified: Wed, 11 Oct 2017 07:32:51 GMT
etag: "3c8-55b406e5ca37b"
accept-ranges: bytes
cache-control: max-age=1209600
age: 411276
x-cdn-nazwa.pl-policyused: cdn=1209600
server: Apache/2
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 411276
X-Firefox-Spdy: h2
helton.pl/wp-content/themes/helton/dist/img/fb.svg
85.128.207.220200 OK 746 B URL HTTP/2 helton.pl/wp-content/themes/helton/dist/img/fb.svg
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8b6f7588c1d79c12f1608cf3239750e5
8d6c4e5f9fe2d14ac4888ba1d5a45fbce18c6c58
930665b5b3dfc99920fb6097ea6c61d45db003b4751d68609c67424380af9cbb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/helton/dist/img/fb.svg HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/wp-content/cache/autoptimize/css/A.autoptimize_9b751c11954ba1782ec07aa10b776a82.css.pagespeed.cf.7Qf-ChRSmy.css
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:29 GMT
content-type: image/svg+xml
content-length: 746
last-modified: Wed, 11 Oct 2017 07:32:52 GMT
etag: "2ea-55b406e6bcf72"
accept-ranges: bytes
cache-control: max-age=1209600
age: 411276
x-cdn-nazwa.pl-policyused: cdn=1209600
server: Apache/2
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 411276
X-Firefox-Spdy: h2
helton.pl/wp-content/themes/helton/dist/img/instagram.svg
85.128.207.220200 OK 1.2 kB URL HTTP/2 helton.pl/wp-content/themes/helton/dist/img/instagram.svg
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6ae948fc8dd86d77fa7f204e2ff73498
46169c35439b0533218448a7e8c2528a82b31e36
a9e0c26d88ece7c7541aa37fac82864dd2b9ec267c41301c7862b244ebf5ad9d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/helton/dist/img/instagram.svg HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/wp-content/cache/autoptimize/css/A.autoptimize_9b751c11954ba1782ec07aa10b776a82.css.pagespeed.cf.7Qf-ChRSmy.css
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:29 GMT
content-type: image/svg+xml
content-length: 1222
last-modified: Wed, 11 Oct 2017 07:32:54 GMT
etag: "4c6-55b406e893185"
accept-ranges: bytes
cache-control: max-age=1209600
age: 225347
x-cdn-nazwa.pl-policyused: cdn=1209600
server: Apache/2
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 225347
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://helton.pl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 79118
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Hash 3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://helton.pl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:57:58 GMT
expires: Tue, 21 Nov 2023 18:57:58 GMT
cache-control: public, max-age=31536000
age: 290611
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
helton.pl/wp-content/themes/helton/dist/img/bg-top-homepage.jpg
85.128.207.220200 OK 900 kB URL HTTP/2 helton.pl/wp-content/themes/helton/dist/img/bg-top-homepage.jpg
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2500x1796, components 3\012- data
Size 900 kB (899592 bytes)
Hash f5f308ad4a4aac37ada78b3737622cc9
c767dc2ce82f461b1d8749b46a5f698184a70977
1dee65b64dedb3c066cfe99e765fb26dd3a0c5383a8ddccf6878a81f63e16680
GET /wp-content/themes/helton/dist/img/bg-top-homepage.jpg HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/wp-content/cache/autoptimize/css/A.autoptimize_9b751c11954ba1782ec07aa10b776a82.css.pagespeed.cf.7Qf-ChRSmy.css
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:29 GMT
content-type: image/jpeg
content-length: 899592
last-modified: Wed, 11 Oct 2017 07:32:49 GMT
etag: "dba08-55b406e44bf8d"
accept-ranges: bytes
cache-control: max-age=1209600
age: 411276
x-cdn-nazwa.pl-policyused: cdn=1209600
server: Apache/2
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 411276
X-Firefox-Spdy: h2
helton.pl/wp-content/themes/helton/dist/img/pros-icon-1.svg
85.128.207.220200 OK 1.9 kB URL HTTP/2 helton.pl/wp-content/themes/helton/dist/img/pros-icon-1.svg
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1910), with no line terminators
Hash 29ab8ca5af3c4b9bbddcce247e56685b
54fcbbcf68a8d8857f1f992195248db1c2ef256d
d857d2d3ff8837571cd0d7c096c182177a5672ab82051854a071488735d233e6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/helton/dist/img/pros-icon-1.svg HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/wp-content/cache/autoptimize/css/A.autoptimize_9b751c11954ba1782ec07aa10b776a82.css.pagespeed.cf.7Qf-ChRSmy.css
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:29 GMT
content-type: image/svg+xml
content-length: 1910
last-modified: Wed, 11 Oct 2017 07:32:57 GMT
etag: "776-55b406ebb304d"
accept-ranges: bytes
cache-control: max-age=1209600
age: 411276
x-cdn-nazwa.pl-policyused: cdn=1209600
server: Apache/2
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 411276
X-Firefox-Spdy: h2
helton.pl/wp-content/themes/helton/dist/img/pros-icon-2.svg
85.128.207.220200 OK 4.2 kB URL HTTP/2 helton.pl/wp-content/themes/helton/dist/img/pros-icon-2.svg
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash e0a0726db2c5c26cf66aea0806d7c830
13716da13c7f859496ce77d2d77910d85e88b8a6
da834a04940c2c0f3ee86606d7507fc18387281ca2ac0d3209336714d7c4f3c4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/helton/dist/img/pros-icon-2.svg HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/wp-content/cache/autoptimize/css/A.autoptimize_9b751c11954ba1782ec07aa10b776a82.css.pagespeed.cf.7Qf-ChRSmy.css
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:29 GMT
content-type: image/svg+xml
content-length: 4174
last-modified: Wed, 11 Oct 2017 07:32:57 GMT
etag: "104e-55b406ebcb6f0"
accept-ranges: bytes
cache-control: max-age=1209600
age: 411276
x-cdn-nazwa.pl-policyused: cdn=1209600
server: Apache/2
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 411276
X-Firefox-Spdy: h2
helton.pl/wp-content/themes/helton/dist/img/pros-icon-3.svg
85.128.207.220200 OK 983 B URL HTTP/2 helton.pl/wp-content/themes/helton/dist/img/pros-icon-3.svg
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 13fb1b106fc3402389dbc87c55e6f7d2
4139095c27aab783a990ce759dc064b245985597
12e38acbb7d0dc8fa690aa8c35033aeae7a2b144bf69b825830572df82cad364
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/helton/dist/img/pros-icon-3.svg HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/wp-content/cache/autoptimize/css/A.autoptimize_9b751c11954ba1782ec07aa10b776a82.css.pagespeed.cf.7Qf-ChRSmy.css
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:29 GMT
content-type: image/svg+xml
content-length: 983
last-modified: Wed, 11 Oct 2017 07:32:57 GMT
etag: "3d7-55b406ebcad13"
accept-ranges: bytes
cache-control: max-age=1209600
age: 225347
x-cdn-nazwa.pl-policyused: cdn=1209600
server: Apache/2
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 225347
X-Firefox-Spdy: h2
helton.pl/wp-content/themes/helton/dist/img/pros-icon-4.svg
85.128.207.220200 OK 2.8 kB URL HTTP/2 helton.pl/wp-content/themes/helton/dist/img/pros-icon-4.svg
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2811), with no line terminators
Hash 5b362a1aec84c50a11f2542ef025ddb5
75d2e68511e40a932e47b4ccc2ee9368d5831f1f
3aec6b99b4483a60745dd9e07ee59700d8568064528a9765efc48fc9288eeacd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/helton/dist/img/pros-icon-4.svg HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/wp-content/cache/autoptimize/css/A.autoptimize_9b751c11954ba1782ec07aa10b776a82.css.pagespeed.cf.7Qf-ChRSmy.css
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:29 GMT
content-type: image/svg+xml
content-length: 2811
last-modified: Wed, 11 Oct 2017 07:32:57 GMT
etag: "afb-55b406ebe4491"
accept-ranges: bytes
cache-control: max-age=1209600
age: 225347
x-cdn-nazwa.pl-policyused: cdn=1209600
server: Apache/2
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 225347
X-Firefox-Spdy: h2
helton.pl/wp-content/themes/helton/dist/img/xbg-opinion.png.pagespeed.ic.ULt5_gBsGu.webp
85.128.207.220200 OK 12 kB URL HTTP/2 helton.pl/wp-content/themes/helton/dist/img/xbg-opinion.png.pagespeed.ic.ULt5_gBsGu.webp
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 50bb79fe006c1aeaa7c5b7326aa178a2
ab3254f8cab73673c3313703557ca2570f9a4869
ebe2bf8254b1c17e851ca003d689adde5afdf2e5cb267b0932a1cf664a1c9375
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/helton/dist/img/xbg-opinion.png.pagespeed.ic.ULt5_gBsGu.webp HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/wp-content/cache/autoptimize/css/A.autoptimize_9b751c11954ba1782ec07aa10b776a82.css.pagespeed.cf.7Qf-ChRSmy.css
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:29 GMT
content-type: image/webp
content-length: 11570
link: <https://helton.pl/wp-content/themes/helton/dist/img/bg-opinion.png>; rel="canonical"
x-cdn-nazwa.pl-policyused: cdn=1209600
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 49449
x-original-content-length: 11623
accept-ranges: bytes
age: 49449
expires: Thu, 08 Dec 2022 12:16:30 GMT
cache-control: max-age=1209600
etag: W/"0"
last-modified: Thu, 24 Nov 2022 12:16:30 GMT
server: Apache/2
X-Firefox-Spdy: h2
helton.pl/wp-content/themes/helton/dist/img/xbg-contact.jpg.pagespeed.ic.GdNNO6AZkv.webp
85.128.207.220200 OK 32 kB URL HTTP/2 helton.pl/wp-content/themes/helton/dist/img/xbg-contact.jpg.pagespeed.ic.GdNNO6AZkv.webp
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 706x352, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 19d34d3ba01992f4e4700c8b0fa595da
ec6ae4406a9fb71245f29841d33d4b8c90170eb0
df152abea47122b9010066ab3837d73c67f95a8e69dcc2d2509b2cf310e3cd03
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/helton/dist/img/xbg-contact.jpg.pagespeed.ic.GdNNO6AZkv.webp HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/wp-content/cache/autoptimize/css/A.autoptimize_9b751c11954ba1782ec07aa10b776a82.css.pagespeed.cf.7Qf-ChRSmy.css
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:29 GMT
content-type: image/webp
content-length: 31598
link: <https://helton.pl/wp-content/themes/helton/dist/img/bg-contact.jpg>; rel="canonical"
x-original-content-length: 50113
accept-ranges: bytes
expires: Mon, 28 Nov 2022 15:33:58 GMT
cache-control: max-age=1209600
etag: W/"0"
last-modified: Mon, 14 Nov 2022 15:33:58 GMT
age: 655675
x-cdn-nazwa.pl-policyused: app=Mon, 28 Nov 2022 15:33:58 GMT
server: Apache/2
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 655675
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
helton.pl/wp-content/themes/helton/dist/img/xfavicon.png.pagespeed.ic.r0TQORvo_U.webp
85.128.207.220200 OK 21 kB URL HTTP/2 helton.pl/wp-content/themes/helton/dist/img/xfavicon.png.pagespeed.ic.r0TQORvo_U.webp
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
File type RIFF (little-endian) data, Web/P image\012- data
Hash af44d0391be8fd4b1ecf48146722b86c
120592aaf491bc1bbfb9e3821dd1cef72906d553
0e51f219d53cabbe165248afcdb426e2252e60a604a014ac143d36bcdf89b95e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/helton/dist/img/xfavicon.png.pagespeed.ic.r0TQORvo_U.webp HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/en/
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:29 GMT
content-type: image/webp
content-length: 21126
link: <https://helton.pl/wp-content/themes/helton/dist/img/favicon.png>; rel="canonical"
x-cdn-nazwa.pl-policyused: cdn=1209600
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 730542
x-original-content-length: 24704
accept-ranges: bytes
age: 730542
expires: Thu, 24 Nov 2022 20:12:41 GMT
cache-control: max-age=1209600
etag: W/"0"
last-modified: Thu, 10 Nov 2022 20:12:41 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 25 Nov 2022 02:41:08 GMT
expires: Fri, 25 Nov 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 3621
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1760
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:29 GMT
Last-Modified: Fri, 25 Nov 2022 03:12:09 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://helton.pl
Connection: keep-alive
Referer: https://helton.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 09:43:42 GMT
expires: Fri, 24 Nov 2023 09:43:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 64667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1957)
Hash 299f6a5ae50eb925123ef07f44e9bc65
24e353e33648e9d2abc9d79ec99f0929f5300673
af6dcdeb27debaa614e86e08dafb6682c0f61be8260e0507801c4165648c4328
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 9b5049364a66e955749b6045a82974f5
etag: "3ed0139f7194831b523fbe0943d79b20"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 25 Nov 2022 03:59:47 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: KZ9qWuUOuSUSPvB/ROm8ZQ==
x-fb-debug: aJ8Vo2qPFcYjkZFeuB+9ibkDsC9vQt+KQJX+WIybTsGtMsxHyts8WfauVevzihQxMJirXUv0c8QvT3HrAHuqWw==
content-length: 1684
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 03:41:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1760
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:29 GMT
Last-Modified: Fri, 25 Nov 2022 03:12:09 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js?hash=d4ddd1429bf0e7a6a799deafff31abee
157.240.200.14200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=d4ddd1429bf0e7a6a799deafff31abee
IP 157.240.200.14:0
File type ASCII text, with very long lines (18530)
Hash fc17804bee02c1a98da0f46b539fc53f
a45af59a54dc3143953a261915d9ec04bd647633
729b9e283928184557a99736153cdb3ef3ca52a938bccbd93fc53ede537bb885
GET /en_US/sdk.js?hash=d4ddd1429bf0e7a6a799deafff31abee HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://helton.pl
Connection: keep-alive
Referer: https://helton.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ec974d3ba8c17a3688ea66817dc471f5
etag: "2e1b7150e509e4aca4ca4e3989a9254c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 25 Nov 2023 03:38:23 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: /BeAS+4CwamNoPRrU5/FPw==
x-fb-debug: 2ZmUeln0ICZ+A2vtlPkt13B+j/txpNgTqIMZB3bbA2smGmj+L/00lGb30UvzVbvciL8vPEfRJaoCZBxxNBvzlg==
content-length: 88357
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 03:41:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-111219410-1&cid=1854981614.1669347689&jid=24504127&gjid=1447527955&_gid=1420698929.1669347689&_u=YEBAAUAAAAAAACAAI~&z=882369163
142.250.150.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-111219410-1&cid=1854981614.1669347689&jid=24504127&gjid=1447527955&_gid=1420698929.1669347689&_u=YEBAAUAAAAAAACAAI~&z=882369163
IP 142.250.150.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-111219410-1&cid=1854981614.1669347689&jid=24504127&gjid=1447527955&_gid=1420698929.1669347689&_u=YEBAAUAAAAAAACAAI~&z=882369163 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://helton.pl
Connection: keep-alive
Referer: https://helton.pl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://helton.pl
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 25 Nov 2022 03:41:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=314101192437543&ev=PageView&dl=https%3A%2F%2Fhelton.pl%2Fen%2F&rl=&if=false&ts=1669347689192&cd[source]=wordpress&cd[version]=5.7.8&cd[pluginVersion]=1.6.0&sw=1280&sh=1024&v=2.9.89&r=stable&a=wordpress-5.7.8-1.6.0&ec=0&o=28&fbp=fb.1.1669347689191.1957544057&it=1669347689108&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=314101192437543&ev=PageView&dl=https%3A%2F%2Fhelton.pl%2Fen%2F&rl=&if=false&ts=1669347689192&cd[source]=wordpress&cd[version]=5.7.8&cd[pluginVersion]=1.6.0&sw=1280&sh=1024&v=2.9.89&r=stable&a=wordpress-5.7.8-1.6.0&ec=0&o=28&fbp=fb.1.1669347689191.1957544057&it=1669347689108&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=314101192437543&ev=PageView&dl=https%3A%2F%2Fhelton.pl%2Fen%2F&rl=&if=false&ts=1669347689192&cd[source]=wordpress&cd[version]=5.7.8&cd[pluginVersion]=1.6.0&sw=1280&sh=1024&v=2.9.89&r=stable&a=wordpress-5.7.8-1.6.0&ec=0&o=28&fbp=fb.1.1669347689191.1957544057&it=1669347689108&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Nov 2022 03:41:29 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:31:58 GMT
expires: Sun, 19 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 486571
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:46:16 GMT
expires: Fri, 24 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 21313
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4755
Expires: Fri, 25 Nov 2022 05:00:45 GMT
Date: Fri, 25 Nov 2022 03:41:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4755
Expires: Fri, 25 Nov 2022 05:00:45 GMT
Date: Fri, 25 Nov 2022 03:41:30 GMT
Connection: keep-alive
helton.pl/mod_pagespeed_beacon?url=https%3A%2F%2Fhelton.pl%2Fen%2F
85.128.207.220204 No Content 0 B URL HTTP/2 helton.pl/mod_pagespeed_beacon?url=https%3A%2F%2Fhelton.pl%2Fen%2F
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
POST /mod_pagespeed_beacon?url=https%3A%2F%2Fhelton.pl%2Fen%2F HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 51
Origin: https://helton.pl
Connection: keep-alive
Referer: https://helton.pl/en/
Cookie: qtrans_front_language=en; _ga=GA1.2.1854981614.1669347689; _gid=GA1.2.1420698929.1669347689; _gat_gtag_UA_111219410_1=1; _fbp=fb.1.1669347689191.1957544057
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Fri, 25 Nov 2022 03:41:30 GMT
cache-control: max-age=0, no-cache
x-cdn-nazwa.pl-policyused: cdn=none
server: Apache/2
x-cdn-nazwa.pl-location: AMS
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4755
Expires: Fri, 25 Nov 2022 05:00:45 GMT
Date: Fri, 25 Nov 2022 03:41:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72e29c5-d9d3-43d5-8c71-f66a22a3f112.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72e29c5-d9d3-43d5-8c71-f66a22a3f112.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9bc7c4877bfa24d0c1bbb774cd906af1
75d9a14e98ffba5a71a6f710be721b593338ffdc
b0e1d9af095632e6d75bc7606bccfb0c1903f5173696cefb7e36c3d34a98358e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72e29c5-d9d3-43d5-8c71-f66a22a3f112.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6560
x-amzn-requestid: e8956a92-d016-41a2-99b4-631a6db3b8db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: byQzsFY3IAMF9iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63772e7d-2337148b0a824d134aaab9d7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 07:04:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dU517RkLcsPSCY7GMmqqe4ommRFNpp6CVw4rYEm06u8i3e6_M3FfaQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 10:48:48 GMT
age: 60762
etag: "75d9a14e98ffba5a71a6f710be721b593338ffdc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92171fa8fbc051aefeb8ceb6072848de
377775b7c7b085efa6dd653d285ba3a52af6a549
537c4d5cc3ef2e60c3d0171ac31c1dba4ab2ff340108015787a9dd20dc76b7ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6891
x-amzn-requestid: 6da0ae90-c3cc-4e9c-9a0e-3c72b4eb7605
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b7m2NGsvoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637aeb5a-1ed2badf0e84d40e6a052f7a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 03:07:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OTpJ5Qu_Ttq5se4SrZIAEiNVm6mqrrUq_0TmMJ4vldeuzMuCSxxUtA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 06:37:07 GMT
age: 75863
etag: "377775b7c7b085efa6dd653d285ba3a52af6a549"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1adbf0cd373a4c06caa71eac14e1286c
236199a790f16dcf96dba80b9945836b37e3c2eb
767fd66cf0751dd80b2453588f9363fac7d9637da3dc9098d25fb65699ca8c5e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6590
x-amzn-requestid: 5d8b02c4-673a-4c77-8f24-498d9b8a28ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8zGeAIAMF4HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-661ce3991caf87e8558158c3;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zrf0qGRu_c3x7ZTku1R-I-z2a_AS1vyjO4tIqja0f9XgGxwv6lWviw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "236199a790f16dcf96dba80b9945836b37e3c2eb"
content-type: image/jpeg
age: 21989
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c67bf2eb6ca2d7e2b34df1dbe8e7b36
cdacea802c72450973140387aafacae9df78b0aa
52c1b293ec45c98077953699dcc48d77d4aee2bb12f38ef21c692af9171b6db2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8275
x-amzn-requestid: 350ffdb7-723f-4dfc-95e8-e76364d1313d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xGPAoAMFbWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-10d4c566779b9b9f4bb9112d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Uj2zluKZJzwlcymflJicV2rFLgOEYzWuhZsThZPRbCwiNoYxCgbEwg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "cdacea802c72450973140387aafacae9df78b0aa"
content-type: image/jpeg
age: 21989
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 73643
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d0105e45becaf777227cac49e320321
d279a0b70061fe3d8268f1e69c515c0c4439dc80
ea9571213d9a57318cde036c108d4c973c627ce4cd225534ee246349ed4ba3a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5211
x-amzn-requestid: 706d0037-bbff-417a-9fa3-8ebbbf7b4df1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wFOToAMF12Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-01b6908212b2ab9c5caa34a0;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _FkuS0I2--xiqT4sOKa8ACg8BtI97R-bGe2UZ3o91wfqn_WgktspiQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:36:27 GMT
age: 21903
etag: "d279a0b70061fe3d8268f1e69c515c0c4439dc80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-111219410-1&cid=1854981614.1669347689&jid=24504127&_u=YEBAAUAAAAAAACAAI~&z=1559573761
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-111219410-1&cid=1854981614.1669347689&jid=24504127&_u=YEBAAUAAAAAAACAAI~&z=1559573761
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-111219410-1&cid=1854981614.1669347689&jid=24504127&_u=YEBAAUAAAAAAACAAI~&z=1559573761 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 03:41:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:41:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba7b9c131ab7e5998f25b069ba3860a0
0214fc0deecb1115766802f42cfd256e3c479490
717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
content-type: image/jpeg
age: 21995
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
app.userengage.com/widget.js
104.26.0.100404 Not Found 0 B URL HTTP/2 app.userengage.com/widget.js
IP 104.26.0.100:0
GET /widget.js HTTP/1.1
Host: app.userengage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 25 Nov 2022 03:41:29 GMT
content-type: text/html
x-frame-options: DENY
vary: Accept-Language, Cookie, Origin, Accept-Encoding
content-language: en-us
x-content-type-options: nosniff
referrer-policy: same-origin
ue-backend: wsgi-register
ue-node: uwsgi-regiser18
cf-cache-status: BYPASS
set-cookie: sessionid=lb5wi27pe9aqow8iwp6ctqfkbuve53wi; expires=Fri, 09 Dec 2022 03:41:29 GMT; HttpOnly; Max-Age=1209600; Path=/; SameSite=Lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ad6HmRwMT8VxS6muhem7JfELm8B9f6uB2M%2FlaCuIS9o2qOkdPbhljTCLHu3GfZWmMlgIpJQhbWsTE0oystgX8z3d57gbodISUTUn78rutn1YXqTbtKXvCcfN72y4rghdQ0Y5fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f75e6fbdeab51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
helton.pl/wp-content/themes/helton/dist/img/logo.svg
85.128.207.220200 OK 0 B URL HTTP/2 helton.pl/wp-content/themes/helton/dist/img/logo.svg
IP 85.128.207.220:0
ASN #15967 Nazwa.pl Sp.z.o.o.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/helton/dist/img/logo.svg HTTP/1.1
Host: helton.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/en/
Cookie: qtrans_front_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:41:28 GMT
content-type: image/svg+xml
content-length: 25018
last-modified: Wed, 11 Oct 2017 07:32:55 GMT
etag: "61ba-55b406e9783ae"
accept-ranges: bytes
cache-control: max-age=1209600
age: 655696
x-cdn-nazwa.pl-policyused: cdn=1209600
server: Apache/2
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-age: 655696
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
IP 142.250.74.10:0
GET /css?family=Open+Sans:300,400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 03:41:28 GMT
date: Fri, 25 Nov 2022 03:41:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato
IP 142.250.74.10:0
GET /css?family=Lato HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helton.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 03:41:28 GMT
date: Fri, 25 Nov 2022 03:41:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2