odbierz-szanse.link/
31.42.176.76301 Moved Permanently 324 B IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6b4ede39086c6d520eb32dab8cfbe6fa
b8599c143bd61cef81ff890d2d857766502286af
bab08b68063c4c6eadaeda0362a9357c35c12f577d5c8224a6652008b0d904c8
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Dec 2022 01:41:47 GMT
Server: Apache/2.4.38 (Debian)
Location: http://www.odbierz-szanse.link/
Content-Length: 324
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13328
Expires: Thu, 01 Dec 2022 05:23:55 GMT
Date: Thu, 01 Dec 2022 01:41:47 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4192
Cache-Control: max-age=122364
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:41:47 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:41:11 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18493
Expires: Thu, 01 Dec 2022 06:50:00 GMT
Date: Thu, 01 Dec 2022 01:41:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 01:18:05 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1422
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fUo0Y6Lv6xVC+mBj40kGW0/V8VMDV/8jOuz/+iZcAtL2AwDdw/OFZyPbUrxQm1Dnnh6bz+gqjGU=
x-amz-request-id: 0ZZ07F6FP8A6CWXJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 00:45:27 GMT
age: 3380
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.odbierz-szanse.link/
31.42.176.76301 Moved Permanently 329 B IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7a97b099be7c18ceb878eea068cce16a
0e37ba2f09fe5498873636e6a97d3de3e3c19fe5
c3e9341dab401c6b2656f4133da5d3c958c47539fd42290ff3da7c95aff7d04a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Dec 2022 01:41:47 GMT
Server: Apache/2.4.38 (Debian)
Location: https://www.odbierz-szanse.link/
Content-Length: 329
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 01:41:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f046dbe3772838175e51532346ab9f73
f0dceb75b7e81e0e61d6bd8ecd0288710928722b
2535ce79ad94611bb1bd99f0577f5ead0c2ed7dd6883290bc0c4b60eca8c332a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2535CE79AD94611BB1BD99F0577F5EAD0C2ED7DD6883290BC0C4B60ECA8C332A"
Last-Modified: Tue, 29 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 01 Dec 2022 07:41:48 GMT
Date: Thu, 01 Dec 2022 01:41:48 GMT
Connection: keep-alive
www.odbierz-szanse.link/
31.42.176.76200 OK 16 kB IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1698), with CRLF, LF line terminators
Hash 0cdb28aaaff4b3b9ef4128c7c171e00d
e81ece61406839d9037a6ac263fdf8c734ccabf8
43ff1ca1005b4ab0862422172cb4b53068c62f68605da7d1c106f44b3d9ed6d5
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=ka77830636ii6neti42599r925; path=/
bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57; expires=Sat, 30-Nov-2024 01:41:48 GMT; Max-Age=63072000; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16368
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 01:08:56 GMT
cache-control: public,max-age=3600
age: 1972
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.odbierz-szanse.link/apps/zawody/template/css/layer.css
31.42.176.76200 OK 181 B URL HTTP/1.1 www.odbierz-szanse.link/apps/zawody/template/css/layer.css
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash 1ba7631d74610fb702c61e14c3971148
b83d36945f7eb817c83fd3f1ba73be0cf677f031
8054a97245480a653612a46afe541a23332ff72bc679e323eda9f1260e7108d1
GET /apps/zawody/template/css/layer.css HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 12:59:55 GMT
ETag: "f1-5c596b75cb64d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 181
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.odbierz-szanse.link/apps/zawody/js/grayscale.js
31.42.176.76200 OK 2.9 kB URL HTTP/1.1 www.odbierz-szanse.link/apps/zawody/js/grayscale.js
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash 7de6aaca375432e4e4a65270b5b6799f
0b1dd4d62217e6a63e982d2ca087532ef17081ba
cc6fdd85202d45e57e13e106092fc2baf85a0d6275ab29d329bfb57cf7c53f6f
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/js/grayscale.js HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 13:01:30 GMT
ETag: "326a-5c596bd00156d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2904
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.odbierz-szanse.link/extern/jquery/plugins/jquery-impromptu.js
31.42.176.76200 OK 2.8 kB URL HTTP/1.1 www.odbierz-szanse.link/extern/jquery/plugins/jquery-impromptu.js
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type ASCII text, with very long lines (305)
Hash 65ad443e3e1f755c4686a628b5abb9cc
e0814ac93cf4095ce36f26dd6e673ab37d89c6f8
28a331a74d94fbda711871fb1d94d135e0104f033cdadaca00dd37438f8ca356
Analyzer Verdict Alert fortinet Phishing
GET /extern/jquery/plugins/jquery-impromptu.js HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 12:58:59 GMT
ETag: "2f8b-5c596b3ff8c4b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2762
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/css/jquery.fancybox-1.3.4.css?201108192017
31.42.176.76200 OK 1.9 kB URL HTTP/1.1 www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/css/jquery.fancybox-1.3.4.css?201108192017
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash f5db610b3acc3451990c312f0e83fef7
d367d515df329bb3370d4857316d06556b108590
9ec1b98e02972d020b3e894f7232e91be3520039e8b7889da76300794ab9d828
GET /apps/zawody/template/pd_forms/IPHONE12PRO/css/jquery.fancybox-1.3.4.css?201108192017 HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 13:00:15 GMT
ETag: "24de-5c596b884e1db-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1854
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.odbierz-szanse.link/extern/jquery/plugins/jquery.fancybox-1.3.4.pack.js
31.42.176.76200 OK 5.6 kB URL HTTP/1.1 www.odbierz-szanse.link/extern/jquery/plugins/jquery.fancybox-1.3.4.pack.js
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type ASCII text, with very long lines (752)
Hash 6e437a75ee890107ddfbbe7ad3e9df32
c52cc97c9a505a9356cf3cd18afc13a96198606a
755d3316379dd87d6b6cbb6d59035cf116b10b483295164322e7edd6e9372329
Analyzer Verdict Alert fortinet Phishing
GET /extern/jquery/plugins/jquery.fancybox-1.3.4.pack.js HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 12:58:59 GMT
ETag: "3d08-5c596b3ffda6c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5574
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.odbierz-szanse.link/apps/zawody/js/js.js
31.42.176.76200 OK 2.2 kB URL HTTP/1.1 www.odbierz-szanse.link/apps/zawody/js/js.js
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash 4c08772d963ff58c8113b1e4c7786945
0ea1bbf1a68d80457bc01e6abc651e56151816be
2f7c6c64fd8d3b52b0fb9599ab4fc0008db8fdab1e1c4fb109461518929e5fdb
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/js/js.js HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 13:01:30 GMT
ETag: "1d52-5c596bd00a210-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2212
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.odbierz-szanse.link/apps/zawody/js/zawody-validation.js
31.42.176.76200 OK 236 B URL HTTP/1.1 www.odbierz-szanse.link/apps/zawody/js/zawody-validation.js
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash 85fd205d2e114e69f4cc5a526617c631
56c7bce4e72c0cce31422739d7396a4ecc6edaf4
21ecdfd03f6ad36d85627bdf5c398d8faa6fce2eb41427c1769a85ac82d6883d
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/js/zawody-validation.js HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 13:01:30 GMT
ETag: "227-5c596bd00d0f1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 236
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/bootstrap/css/bootstrap.css
31.42.176.76200 OK 3.3 kB URL HTTP/1.1 www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/bootstrap/css/bootstrap.css
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type ASCII text, with very long lines (540)
Hash e80029701bb6b79787015a75db3075ea
d740cc65f58e99ca5dfe7b1ffa58150b55cfe6c9
52ffe5467a6b3d913ace1d8f1ee7934710f5a4b846d3f80343f20c59e3c7a1b2
GET /apps/zawody/template/pd_forms/IPHONE12PRO/bootstrap/css/bootstrap.css HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 13:00:14 GMT
ETag: "3ff3-5c596b881f3c9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3320
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/css/poll.css
31.42.176.76200 OK 1.1 kB URL HTTP/1.1 www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/css/poll.css
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type assembler source, ASCII text
Hash f2531ffa12e85710d5be7c12b70faf88
9f3b0dc72a975767773d85b13776640c498ab9d2
4c73a10ddb70625ad39190d630dcbf91d97f423e529e39c43ff0ac3a0c36562c
GET /apps/zawody/template/pd_forms/IPHONE12PRO/css/poll.css HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 13:00:15 GMT
ETag: "fe6-5c596b884b2f9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1071
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.odbierz-szanse.link/apps/zawody/template/css/poll_old.css?v=2
31.42.176.76200 OK 853 B URL HTTP/1.1 www.odbierz-szanse.link/apps/zawody/template/css/poll_old.css?v=2
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash 205f21b3b502471e2abdec3504173c13
6028dbba7104f0364e7cfaa75106b95c4dea8b63
7a1069dd51f2a3839477824b09a0c6d9cb2e391f779f019594fc39e271f83278
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/template/css/poll_old.css?v=2 HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 19 May 2022 09:31:18 GMT
ETag: "990-5df5a093b6e1e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 853
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.odbierz-szanse.link/apps/zawody/template/css/jquery-ui.min.css
31.42.176.76200 OK 3.2 kB URL HTTP/1.1 www.odbierz-szanse.link/apps/zawody/template/css/jquery-ui.min.css
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type ASCII text, with very long lines (14607)
Hash 53f7adcf3773d07e3271c168a6fc6c04
0523ddf3100e5d200ef8fc76042effb791f78517
675df5a0029c1fd785b5818c1bcd39245466f049884559f029f5d03793e8b4d4
GET /apps/zawody/template/css/jquery-ui.min.css HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 12:59:55 GMT
ETag: "3e5b-5c596b75bcbe7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3167
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/css/style.css?v=2
31.42.176.76200 OK 4.1 kB URL HTTP/1.1 www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/css/style.css?v=2
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash 65aa7bf296168c16907b041c08b95a0a
5a7d715c92383d11898914cca3423ef82f42d4f9
83ed0553e2270220086f0e0518972f590ea26373e63993287a170c5a5bc3cc1b
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/template/pd_forms/IPHONE12PRO/css/style.css?v=2 HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Tue, 11 Jan 2022 09:57:38 GMT
ETag: "567d-5d54b7bbc6f8e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4054
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.odbierz-szanse.link/apps/zawody/js/jquery-ui.min.js
31.42.176.76200 OK 10 kB URL HTTP/1.1 www.odbierz-szanse.link/apps/zawody/js/jquery-ui.min.js
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type ASCII text, with very long lines (33373)
Hash 1aa2ebc583e5b8d623c60f437c3c5136
1342ab16c62b9a380c71c331c885b84fb44af22f
3a4350554bd87be86ddd289e258deb6bfd827c6324a8ce13412744c2dc75ebb0
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/js/jquery-ui.min.js HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 13:01:30 GMT
ETag: "8325-5c596bcfeec86-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10320
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.odbierz-szanse.link/apps/zawody/js/script.js
31.42.176.76200 OK 1.3 kB URL HTTP/1.1 www.odbierz-szanse.link/apps/zawody/js/script.js
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type ASCII text, with CRLF line terminators
Hash 805a77b36cc75105f445cc65518a05c2
da0c2d2410fe959af3fe28d2efe0570b15d72d36
ac65d463ccb4c9b7342095de53634a9e2cb987ac3df64fc605a13602995ae37e
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/js/script.js HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 13:01:30 GMT
ETag: "16b3-5c596bd00156d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1328
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:41:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4194
Cache-Control: max-age=117297
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:41:48 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:16:45 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f58cd30443a495eed3ec0d9827550c1
fd0f53d2acc63ae015b7b42155136ade5841ebc7
333a3cae36081ea37371e32dc9587faacfda5970daa476b3b36cd6f587ce1594
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:41:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.6.0/jquery.min.js
142.250.74.106200 OK 32 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.6.0/jquery.min.js
IP 142.250.74.106:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65171)
Hash 12b75ff20159e7c092978f63de8ef7bf
e8608278978129a7ada1d0e55e31559ac1686418
63ac57453f834518218a5fc37597af4922156d7a80b414ba37b53ebafe6ff9a3
GET /ajax/libs/jquery/1.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31755
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 07:17:02 GMT
expires: Wed, 29 Nov 2023 07:17:02 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 152686
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:41:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.odbierz-szanse.link/apps/zawody/template/images/images/main_preloader.gif
31.42.176.76200 OK 6.7 kB URL HTTP/1.1 www.odbierz-szanse.link/apps/zawody/template/images/images/main_preloader.gif
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type GIF image data, version 89a, 64 x 64\012- data
Hash 1da45519428297bcfc57c20dea048fa0
3663552f3ca880be8aef0028c11c967f8e1306ed
632e59ba64e2ab65fd7d0f1cb0cbdd2be45b7e459f3a270c58445e13d1b493e0
GET /apps/zawody/template/images/images/main_preloader.gif HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 12:59:55 GMT
ETag: "1a00-5c596b75e8b18"
Accept-Ranges: bytes
Content-Length: 6656
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/images/sticker.png
31.42.176.76200 OK 9.8 kB URL HTTP/1.1 www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/images/sticker.png
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type PNG image data, 275 x 263, 8-bit colormap, non-interlaced\012- data
Hash 22c59b3549733ec53ec2be0ef7b069b9
b088aea2947461828d8a08dc5a2a59e2854964a7
5c59e3d32648fbffa895924b92f909963621219386d9cbb1849d26b285715588
GET /apps/zawody/template/pd_forms/IPHONE12PRO/images/sticker.png HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 13:00:14 GMT
ETag: "262d-5c596b881f3c9"
Accept-Ranges: bytes
Content-Length: 9773
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.google.com/recaptcha/api.js?render=6LfXNz4aAAAAAPLK7OHWVAQZGJc7HSZ4ti6vEsH2
142.250.74.132200 OK 584 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LfXNz4aAAAAAPLK7OHWVAQZGJc7HSZ4ti6vEsH2
IP 142.250.74.132:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 53b1bbee62851026579ddc3f6ded13fd
e57d218ffa74b9405306bbc0b8227f334a163d4c
bc48c39eec475e34c00c27833e02c289fb43da074dd2bfb059d6bab1a9290a17
GET /recaptcha/api.js?render=6LfXNz4aAAAAAPLK7OHWVAQZGJc7HSZ4ti6vEsH2 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 01 Dec 2022 01:41:48 GMT
date: Thu, 01 Dec 2022 01:41:48 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-38057940-18
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-38057940-18
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 2062acec8abc29ab65793c842ff25a3b
0bfd068677d4fefc53b88b0d7f316639c1e949b7
bc1007b43f60a07c476359117d53eaabf3a348806ddf80bc92c59eebfbac1440
GET /gtag/js?id=UA-38057940-18 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 01:41:48 GMT
expires: Thu, 01 Dec 2022 01:41:48 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43583
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:41:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:41:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:41:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/css/fonts/zona_pro_semibold_thefontsmaster.com-webfont.woff2
31.42.176.76200 OK 18 kB URL HTTP/1.1 www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/css/fonts/zona_pro_semibold_thefontsmaster.com-webfont.woff2
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type Web Open Font Format (Version 2), TrueType, length 17604, version 1.393\012- data
Hash 5c5ff28f61ce80636156bbf44c325e74
6e078e199de7faba9d8a821be86f5fe5b3f4ebcb
571fb3effab87d09691862791526f90aab386c181a27bf01fc523c106db5a175
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/template/pd_forms/IPHONE12PRO/css/fonts/zona_pro_semibold_thefontsmaster.com-webfont.woff2 HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/css/style.css?v=2
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 13:00:15 GMT
ETag: "44c4-5c596b884b2f9"
Accept-Ranges: bytes
Content-Length: 17604
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/css/fonts/zona_pro_regular_thefontsmaster.com-webfont.woff2
31.42.176.76200 OK 17 kB URL HTTP/1.1 www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/css/fonts/zona_pro_regular_thefontsmaster.com-webfont.woff2
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type Web Open Font Format (Version 2), TrueType, length 17092, version 1.0\012- data
Hash 65f45343306b599e6f5fe3dba8f2e967
9697d1b33bbb2aea712064114108e030e459acd3
af50dca6debcad36ea37332a8887e80eea8cf5704271371bdb2fb47798284164
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/template/pd_forms/IPHONE12PRO/css/fonts/zona_pro_regular_thefontsmaster.com-webfont.woff2 HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/css/style.css?v=2
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 13:00:15 GMT
ETag: "42c4-5c596b884b2f9"
Accept-Ranges: bytes
Content-Length: 17092
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2
www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/css/fonts/zona_pro_extrabold_thefontsmaster.com-webfont.woff2
31.42.176.76200 OK 17 kB URL HTTP/1.1 www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/css/fonts/zona_pro_extrabold_thefontsmaster.com-webfont.woff2
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type Web Open Font Format (Version 2), TrueType, length 16868, version 1.0\012- data
Hash 3f6adf0bb39bb5e037925212ed810c21
f78e5b840a5781af62c886e582c9c6a9f4602cd0
f67d4b40c30ee55ac559d76090286aa24c14d9d37218bc8a7ad9852a5a8522f0
Analyzer Verdict Alert fortinet Phishing
GET /apps/zawody/template/pd_forms/IPHONE12PRO/css/fonts/zona_pro_extrabold_thefontsmaster.com-webfont.woff2 HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/css/style.css?v=2
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 13:00:15 GMT
ETag: "41e4-5c596b884a359"
Accept-Ranges: bytes
Content-Length: 16868
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/images/bg.jpg
31.42.176.76200 OK 160 kB URL HTTP/1.1 www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/images/bg.jpg
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x560, components 3\012- data
Size 160 kB (160032 bytes)
Hash afe7bb01cb7f6282d3ce4ab6e6f07737
036ad5205d64b5d64549209169e434266ec18afb
66d384ab4ff0083dddb61adbbbf56a9da7206b4d1ed9b6a4ef2b55f17a519abc
GET /apps/zawody/template/pd_forms/IPHONE12PRO/images/bg.jpg HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/css/style.css?v=2
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Fri, 25 Jun 2021 13:00:14 GMT
ETag: "27120-5c596b8837a72"
Accept-Ranges: bytes
Content-Length: 160032
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
push.services.mozilla.com/
34.215.94.42101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.94.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BhU5efuRhqUY0MfIsFsjHA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: upQ6vBXnj7ca91PUa4vJ+BT+Kdc=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1601a7c8a96ebe5b2af6fe1abcb6b90b
fb19f5121052f37c9cef4640791964583618560c
893364204eb010f01c891762b80db20df137be75ecb85fa4e22dbc68143b53fb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5442
Cache-Control: max-age=156731
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:41:48 GMT
Etag: "6387b255-1d7"
Expires: Fri, 02 Dec 2022 21:13:59 GMT
Last-Modified: Wed, 30 Nov 2022 19:43:17 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/images/favico.png
31.42.176.76404 Not Found 0 B URL HTTP/1.0 www.odbierz-szanse.link/apps/zawody/template/pd_forms/IPHONE12PRO/images/favico.png
IP 31.42.176.76:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apps/zawody/template/pd_forms/IPHONE12PRO/images/favico.png HTTP/1.1
Host: www.odbierz-szanse.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Cookie: PHPSESSID=ka77830636ii6neti42599r925; bq_tr_usr_ident=4985b11641a05908ad8202cca83e7a57
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.0 404 Not Found
Date: Thu, 01 Dec 2022 01:41:48 GMT
Server: Apache/2.4.38 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:41:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ij1L7QKChuLYZfB7hh5i8zwTbNGLAitTic1eTuifzqfjROzYefXH8FqKB1GDDepwKW1RG786vSxYFvZeZx2akg==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Thu, 01 Dec 2022 01:41:48 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1601a7c8a96ebe5b2af6fe1abcb6b90b
fb19f5121052f37c9cef4640791964583618560c
893364204eb010f01c891762b80db20df137be75ecb85fa4e22dbc68143b53fb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5442
Cache-Control: max-age=156731
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:41:48 GMT
Etag: "6387b255-1d7"
Expires: Fri, 02 Dec 2022 21:13:59 GMT
Last-Modified: Wed, 30 Nov 2022 19:43:17 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
216.58.211.3200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 216.58.211.3:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.odbierz-szanse.link
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 196311
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:41:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 01 Dec 2022 00:41:08 GMT
expires: Thu, 01 Dec 2022 02:41:08 GMT
cache-control: public, max-age=7200
age: 3640
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=196290621588360&ev=PageView&dl=https%3A%2F%2Fwww.odbierz-szanse.link%2F&rl=&if=false&ts=1669858907774&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669858907773.411010676&it=1669858907560&coo=false&exp=c1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=196290621588360&ev=PageView&dl=https%3A%2F%2Fwww.odbierz-szanse.link%2F&rl=&if=false&ts=1669858907774&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669858907773.411010676&it=1669858907560&coo=false&exp=c1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=196290621588360&ev=PageView&dl=https%3A%2F%2Fwww.odbierz-szanse.link%2F&rl=&if=false&ts=1669858907774&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669858907773.411010676&it=1669858907560&coo=false&exp=c1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 01 Dec 2022 01:41:49 GMT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:48:03 GMT
expires: Fri, 24 Nov 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 532426
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:40:43 GMT
expires: Fri, 24 Nov 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 550866
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:41:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-38057940-18&cid=1041834662.1669858908&jid=370273752&gjid=1095488742&_gid=1270606042.1669858908&_u=YEBAAUAAAAAAACAAI~&z=1051337023
74.125.131.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-38057940-18&cid=1041834662.1669858908&jid=370273752&gjid=1095488742&_gid=1270606042.1669858908&_u=YEBAAUAAAAAAACAAI~&z=1051337023
IP 74.125.131.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-38057940-18&cid=1041834662.1669858908&jid=370273752&gjid=1095488742&_gid=1270606042.1669858908&_u=YEBAAUAAAAAAACAAI~&z=1051337023 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.odbierz-szanse.link
Connection: keep-alive
Referer: https://www.odbierz-szanse.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.odbierz-szanse.link
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 01 Dec 2022 01:41:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:41:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10244
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Thu, 01 Dec 2022 01:41:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10244
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Thu, 01 Dec 2022 01:41:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10244
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Thu, 01 Dec 2022 01:41:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7SqHjYIAMF8xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 13:21:34 GMT
age: 44416
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9e3a9eb-bc9d-4e50-8738-e978a333d2ae.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9e3a9eb-bc9d-4e50-8738-e978a333d2ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 80e7af4c2331ee27460e67d6d84f5740
ce0321a9b4ea6b56f8d768796a16f26520654b50
a05bb542d7c711b71a7a9a857130acf888a6400f4eb32ff5df1a506a3f8591ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9e3a9eb-bc9d-4e50-8738-e978a333d2ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4542
x-amzn-requestid: 254467ba-82aa-4964-9e3b-04b2d79a43d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cJWiqEQhIAMFnJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63806add-2ad86b6031c6984c43f2741d;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 07:12:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mwx50AP64JGTFfqhQicr06ewtIbyi4IaM4d5kXGo1rJq7QGSsdEJqQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:11:04 GMT
age: 12646
etag: "ce0321a9b4ea6b56f8d768796a16f26520654b50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d0219e6bee2a28f003f396f872eecf0
b3d22d146c6094cb539de40a72b9c5a140802ee5
41c1b037e8e654c19f36b74cceccd1fc841cc9fb7de39ac552ab5089dc3e82db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7609
x-amzn-requestid: 1a464872-7c15-42d3-a12a-f344adf99662
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV91PHVUoAMFf4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63857687-3f77f387752222b212d6e2a5;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 03:03:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mh5slfAqC8Jrbw6WLAI_GN9oftGPLXy0W75ZvD_XBcoBukkYT9wVsQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 05:21:42 GMT
age: 73208
etag: "b3d22d146c6094cb539de40a72b9c5a140802ee5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabcce497-e838-40ff-ab98-af5f631b766f.jpeg
34.120.237.76200 OK 2.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabcce497-e838-40ff-ab98-af5f631b766f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5469e846da1e0f21cfc480f56a656a6
b3eaec75f854d22cd1dcd6aa42e37f6d0df50036
d5701207a8b6b358359ebfd85a6916af7a3abf79acba235bf7d4131b0bc2e9b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabcce497-e838-40ff-ab98-af5f631b766f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2382
x-amzn-requestid: 94ae079e-ec35-4e9c-aa30-33be1137c477
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTRYNHPeIAMFncg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6384629a-386ca2063c3991d4749e18cf;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 07:26:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6hcyQXOxk36UdAHQkayqoUCfBxaKkDk407cfakceLUQBX4PlYwd5tg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 12:36:46 GMT
age: 47104
etag: "b3eaec75f854d22cd1dcd6aa42e37f6d0df50036"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7837c610-4f38-4ecd-b984-5752ff89a1f8.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7837c610-4f38-4ecd-b984-5752ff89a1f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37004182402c955f288eb1fa8df7aef4
01a07f9a5725f608fafeced7b3d1ebdbcb776c29
c90c80dd5cadbde3fef20a9c4561b1efa47401e5f6bdf64c91246553c50204f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7837c610-4f38-4ecd-b984-5752ff89a1f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7957
x-amzn-requestid: 54f43d6b-cf41-4067-b459-6b8d98869354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV91PGgNIAMF2Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63857687-069ac54c22797a511c69a220;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 03:03:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: B4x-V_KZGERwIhr_eGik5Npj5mKN6CbI9pdrNU2I8gFCGYKQVuu3dA==
via: 1.1 6c90b631453c435bd0022caa657b67e8.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 05:38:39 GMT
age: 72191
etag: "01a07f9a5725f608fafeced7b3d1ebdbcb776c29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1fe6f5b-2658-4434-b276-36d841c8ceee.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1fe6f5b-2658-4434-b276-36d841c8ceee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42c762f71487f8e0285dd2129700f069
ec0fd74a981603e197df26c6fb79ef039f737557
8a40883d87b1e2c6e116e3cf881a8b39c987200a8556b651f78a376b3ddbaa26
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1fe6f5b-2658-4434-b276-36d841c8ceee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8124
x-amzn-requestid: fd081821-1620-4a67-910e-9cbd193d5518
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz-PE7goAMFddA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd27-58193b957b3cf34d6a85c141;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z2OTA0ICaVgKY0tCiUqLIrS4wCvlkC2qSPwRL1kbWXrtiGZdfy78Kg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:25 GMT
age: 14185
etag: "ec0fd74a981603e197df26c6fb79ef039f737557"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2