Overview

URL otomoto-h229.net/konto.html
IP217.160.0.78
ASNIONOS SE
Location Germany
Report completed2022-09-08 10:20:00 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-07 2 otomoto-h229.net/konto.html OLX Group
PhishTank
Scan Date Severity Indicator Comment
2020-11-06 2 otomoto-h229.net/konto.html Other
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-08 2 otomoto-h229.net/noew1_files/nr-1167.js Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/cbgapi.loaded_1 Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/xgemius.js Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/analytics.js Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/gtm_003.js Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/js Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/ld.js Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/0.js Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/ninja-verticals.js Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/101.js Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/ls.js Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/gtm.js Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/lazysizes.js Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/swa62b2b625dd7a9ea682c73f400bd85ea.js Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/1b78e6526b228c7bc3ea91ff2c80b7 Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/a Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/apiclient.js Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/tags.html Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/installWidgets.js Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/swd954431da7c77598e479bd469c5b9f8c.js Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/tags_data/a.txt Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/iframe.html Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/lsset.html Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/lsget.html Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/iframe_data/3233175361-idpiframe.js Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/cbgapi.loaded_0 Phishing
2022-09-08 2 otomoto-h229.net/noew1_files/gtm_002.js Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (27)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-08 05:16:49 UTC 143.204.55.110
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-08 05:41:25 UTC 52.13.69.101
mnemonic passive DNS sslwidget.criteo.com (1) 1723 2012-05-31 02:43:28 UTC 2022-09-08 05:02:25 UTC 178.250.2.151
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-08 04:47:56 UTC 34.117.237.239
mnemonic passive DNS creativecdn.com (3) 201462 2012-06-18 13:42:08 UTC 2022-09-08 05:19:09 UTC 185.184.8.90
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-09-08 05:10:10 UTC 104.18.32.68
mnemonic passive DNS dnacdn.net (2) 3760 2019-09-02 15:07:45 UTC 2022-09-08 06:00:23 UTC 178.250.0.157
mnemonic passive DNS gem.gbc.criteo.com (1) 6039 2019-02-06 06:21:41 UTC 2022-09-08 05:02:24 UTC 178.250.6.136
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-09-08 04:49:00 UTC 23.36.76.226
mnemonic passive DNS ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2022-09-08 06:16:46 UTC 93.184.220.29
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-08 04:58:42 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS accounts.google.com (1) 81 2016-09-05 09:39:47 UTC 2022-09-08 05:12:41 UTC 216.58.207.237
mnemonic passive DNS otomotopl-statics.akamaized.net (7) 0 2017-01-30 06:40:21 UTC 2022-08-14 19:22:51 UTC 23.36.76.170 Domain (akamaized.net) ranked at: 280
mnemonic passive DNS apis.google.com (2) 105 2013-05-30 23:17:44 UTC 2022-09-08 05:11:35 UTC 142.250.74.174
mnemonic passive DNS laquesis.akamaized.net (1) 926520 2018-04-30 07:51:17 UTC 2022-09-05 08:04:58 UTC 23.36.76.106
mnemonic passive DNS gum.criteo.com (1) 381 2015-01-22 10:58:57 UTC 2022-09-08 05:33:15 UTC 178.250.0.157
mnemonic passive DNS ninja.akamaized.net (2) 200255 2018-03-08 05:45:01 UTC 2022-09-07 16:52:33 UTC 23.36.76.113
mnemonic passive DNS ocsp.pki.goog (8) 175 2017-06-14 07:23:31 UTC 2022-09-08 04:58:43 UTC 142.250.74.3
mnemonic passive DNS js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-09-08 05:01:16 UTC 151.101.86.137
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-08 08:49:30 UTC 34.120.237.76
mnemonic passive DNS www.googletagmanager.com (2) 75 2012-12-25 14:52:06 UTC 2022-09-08 04:58:26 UTC 142.250.74.72
mnemonic passive DNS bam.nr-data.net (1) 630 2015-02-10 00:06:27 UTC 2022-09-08 04:58:38 UTC 162.247.241.14
mnemonic passive DNS otomoto-h229.net (31) 0 2021-01-21 01:22:38 UTC 2022-09-08 07:23:39 UTC 217.160.0.78 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-08 05:13:30 UTC 143.204.55.36
mnemonic passive DNS tracking.olx-st.com (3) 29064 2012-07-21 09:39:48 UTC 2022-09-08 04:42:55 UTC 52.59.167.32
mnemonic passive DNS ls.hit.gemius.pl (4) 12361 2014-08-05 12:47:01 UTC 2022-09-08 04:46:28 UTC 146.59.30.100
mnemonic passive DNS olx.hit.gemius.pl (6) 141133 2014-07-30 15:21:47 UTC 2022-09-06 06:42:41 UTC 185.11.128.202


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 217.160.0.78

Date UQ / IDS / BL URL IP
2022-10-10 21:43:43 +0000
0 - 0 - 4 iesliciniocoin.es/tmp/cs.html?email=c.farhat@ (...) 217.160.0.78
2022-10-02 12:03:01 +0000
0 - 0 - 29 iesliciniocoin.es/tmp/ms.html?email=lesley.li (...) 217.160.0.78
2022-09-26 19:52:21 +0000
0 - 0 - 12 link-lkw-mobile.de/pkw/fahrzeuge.details/1601 (...) 217.160.0.78
2022-09-26 09:34:39 +0000
0 - 0 - 15 link-lkw-mobile.de/pkw/fahrzeuge.details/1601 (...) 217.160.0.78
2022-09-24 12:51:23 +0000
0 - 0 - 12 link-lkw-mobile.de/pkw/dealer-admin/166402344 (...) 217.160.0.78

Last 5 reports on ASN: IONOS SE

Date UQ / IDS / BL URL IP
2022-12-03 22:27:31 +0000
0 - 0 - 40 kings-afro-coiffure.com/ 217.160.0.49
2022-12-03 22:16:58 +0000
0 - 0 - 2 beta.medi-buy.de/mailster/1904/33ddc8ab3ef8c6 (...) 217.160.0.82
2022-12-03 22:16:10 +0000
0 - 0 - 2 beta.medi-buy.de/mailster/1904/e1621df3f4d734 (...) 217.160.0.82
2022-12-03 22:15:40 +0000
0 - 0 - 2 beta.medi-buy.de/mailster/1876/4c679791f0a260 (...) 217.160.0.82
2022-12-03 20:38:02 +0000
0 - 0 - 1 jugueteriasnikki.es/ 82.223.216.249

Last 1 reports on domain: otomoto-h229.net

Date UQ / IDS / BL URL IP
2022-09-08 10:20:00 +0000
0 - 0 - 29 otomoto-h229.net/konto.html 217.160.0.78

Last 1 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-09-10 21:02:24 +0000
0 - 0 - 32 otomoto3452.com/konto.html 217.160.0.77


JavaScript

Executed Scripts (53)


Executed Evals (2)

#1 JavaScript::Eval (size: 0, repeated: 1) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                    

#2 JavaScript::Eval (size: 69, repeated: 1) - SHA256: 7b36c813f29446b9ad5e8876875878d4ce4d871ddccbb77e136ea9bea28718ab

                                        (function() {
    var a = window.trackingData.pageView.platform;
    return a
})();
                                    

Executed Writes (0)



HTTP Transactions (101)


Request Response
                                        
                                            GET /konto.html HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:54 GMT
ETag: W/"15828-5b252b86391b4"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (21032), with CRLF line terminators
Size:   26724
Md5:    5c0e40058d1a8573e96c1545307931f5
Sha1:   ed8eeb64d1b844051a73623878dd6cee5f3d3df8
Sha256: 36e0eef6aced131b894d0e32f9e529df866fe3696871f2c9edd47a5e07f9efe7

Alerts:
  Blocklists:
    - openphish: OLX Group
    - phishtank: Other
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5404
Expires: Thu, 08 Sep 2022 11:49:53 GMT
Date: Thu, 08 Sep 2022 10:19:49 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 08 Sep 2022 09:47:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MtFxFyje55CgLFhwy3RYG6oy5sD4j88tI15M9lUrfeeqb26qCxM2FA==
Age: 1964


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fUZjLmJO2arSUft0UvLSveYruhyTCwbDK-oKBxkNwQhxFyX1Xnlj0Q==
age: 23595
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 08 Sep 2022 10:19:49 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /noew1_files/nr-1167.js HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 26895
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:02 GMT
ETag: "690f-5b252b8e3221a"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (26895), with no line terminators
Size:   26895
Md5:    8155781ab74e51eee2ead2c1d5902e63
Sha1:   5679a128ce2702f782c9f3f46d16d95c387b52ee
Sha256: f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/cbgapi.loaded_1 HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
                                        
Content-Length: 71
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:58 GMT
ETag: "47-5b252b8accfca"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   71
Md5:    f3a349d99360409257b2f912ac603548
Sha1:   5aad49f0eb81b99a60f5f46613d6dd252b820b78
Sha256: 586a4abfe9225dbb5521b32799d3b346da9e997452fec205a0812a360dd470ab

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/xgemius.js HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 33314
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:04 GMT
ETag: "8222-5b252b9048504"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (417)
Size:   33314
Md5:    844aa4942299da63bc28284eee265ac1
Sha1:   88f71bae39b1ea9d9b65bafe91ca03524b116280
Sha256: b1bfa4673dda9238c9f8c2bea0d0fa11ec6a9257193579ab78379d781ba0499b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/analytics.js HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 45229
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:57 GMT
ETag: "b0ad-5b252b8962ae3"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   45229
Md5:    af5c617d36e28d19710b882a6824e213
Sha1:   39a22dc66ee4d211631f701d349bd3eb7ee20824
Sha256: eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/gtm_003.js HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 58808
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:59 GMT
ETag: "e5b8-5b252b8bb27ae"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (1577)
Size:   58808
Md5:    a75170e39e70aa50a1c76bbd035ee00b
Sha1:   d255b3071a1f837e0fbe9ea7d310f9ae3c99eaf0
Sha256: 459bcca10c06ace78d5bf5792e8ecdef84c97c9fedfd821bd550285abc4fc26d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/js HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
                                        
Content-Length: 62069
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:00 GMT
ETag: "f275-5b252b8c80892"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (1577)
Size:   62069
Md5:    6c1ed487a02d5b110ae61cd1a5bb59ff
Sha1:   0cf76ab069f59b29b4adffd561ca5ecf131cb2af
Sha256: 64afe9f576d40536f37478a46d239bf180e0ffc7ffac6e2e56c9354027546ee7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/ld.js HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 30003
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:01 GMT
ETag: "7533-5b252b8cf2cb4"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (30003), with no line terminators
Size:   30003
Md5:    9f51c9838bbcc941788939f89f527d5f
Sha1:   2e5c071d37b30d50a7e710549a4e04922aa42ed8
Sha256: 6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/0.js HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 15066
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:56 GMT
ETag: "3ada-5b252b882e15e"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (15066), with no line terminators
Size:   15066
Md5:    74b9f05059e2deee24cfdb15e742de64
Sha1:   28e42b48868ff5f33003d270dffd8c9cc795ac27
Sha256: 31dea38d3fec6c8fb53033148d29ae72c2f930a4d6b540faa08d08ff1f5c75c8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/ninja-verticals.js HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 77822
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:02 GMT
ETag: "12ffe-5b252b8dc2cd8"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (4203)
Size:   77822
Md5:    d020031f748fb912f98b89b116af7c38
Sha1:   da6079e8e165c05add369331151839c508a7bfef
Sha256: 2a165e111a55e4fe5331d6b980d4385827cd29ac98d6fb6dab68b0b24be09d00

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/101.js HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 3238
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:56 GMT
ETag: "ca6-5b252b880be7d"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (3232), with no line terminators
Size:   3238
Md5:    d21e935d9f5a624e5cf6ff5c36ff814a
Sha1:   d3e6fb976a34880920fea0182324610e7c5f3fef
Sha256: 7f1997e8aa8098327fb69fd12c7db0b227d3912add10899f86b0913bfd152cd5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/ls.js HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 1466
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:01 GMT
ETag: "5ba-5b252b8d4ba96"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (1440)
Size:   1466
Md5:    e737ab7d29207894c9f577e0192446ba
Sha1:   530a7530115f73dc6f0fd9176cf48722b5cfed3d
Sha256: 3c4f9b79cea8fc2ebce92d79f8cea8927e4dad174aac6b9c4caf0c52f7618ec3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/gtm.js HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 367127
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:59 GMT
ETag: "59a17-5b252b8b4038c"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (3520)
Size:   367127
Md5:    fcebf508c1e1b4d54f56d53b55c296cf
Sha1:   ba2b007167dd7faaab782f821ff713e05a89ce74
Sha256: 70ce1d0b3e36a94b2f7410abd69fa9268c659c1ffae2597eef9154ac440990a8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/lazysizes.js HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 6675
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:01 GMT
ETag: "1a13-5b252b8ce6194"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (6649)
Size:   6675
Md5:    c3dbff3d1d3f89c95e23035cc21443c8
Sha1:   02b20f3caed641d992aee96f46ef9d72cf6ee131
Sha256: abc339d2b76c962291530a8a96f2e9f1ad824e862606b29c3fd54b7663ef0f64

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/icon.css HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 564
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:59 GMT
ETag: "234-5b252b8bb27ae"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   564
Md5:    239a9c4789fc3de02785ec2c6a2b4f8d
Sha1:   54d0097490ca71bcd70be97156e7f1c3dac7aada
Sha256: 8130aacc55a18283a09d04e5bda0d6bc375bfc9e50eadb7f22dfb0c3dde909ae
                                        
                                            GET /noew1_files/sw795893650b29f47c9dd24d398b724a9a.css HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 754424
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:03 GMT
ETag: "b82f8-5b252b8edefbd"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   754424
Md5:    795893650b29f47c9dd24d398b724a9a
Sha1:   a9b8fea5dfdd066da0ffbbb2160e641a50f5558c
Sha256: 25381ed370bf3951ee7e6474ecef678e5a383d256fed6c268c4512a37f9457d8
                                        
                                            GET /noew1_files/swa62b2b625dd7a9ea682c73f400bd85ea.js HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 16971
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:03 GMT
ETag: "424b-5b252b8f254be"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (16021)
Size:   16971
Md5:    a62b2b625dd7a9ea682c73f400bd85ea
Sha1:   5defaa605b6543fbb2eed8a388428c0ca09d0cec
Sha256: cec56d2f4809cdd10af4232f03fafc8ab1514d99c413b7229ed9cca556215f16

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/1b78e6526b228c7bc3ea91ff2c80b7 HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
                                        
Content-Length: 66005
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:56 GMT
ETag: "101d5-5b252b8884fff"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   66005
Md5:    93e3090f4a1ac38fc394a901ba3136b9
Sha1:   17c8b1d598a83d82c125bf701f5ff79ad0d63ffc
Sha256: 8bd5e5729a3fb989a0bcb99fd966df11e1c44198c447712fa4136996e2b28c0a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/a HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
                                        
Content-Length: 990588
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:58 GMT
ETag: "f1d7c-5b252b8a8d829"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size:   990588
Md5:    e3e65004e05a29de079a92975f615620
Sha1:   c41fe80bb82829e65f7f73b0543f84cdb808e1a4
Sha256: e6bffaeab277263ebf995fdc275635ae1fdcab2b8587c8c0eb66d887fcd93f38

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/apiclient.js HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 12953
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:57 GMT
ETag: "3299-5b252b89c4565"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text\012- exported SGML document, ASCII text, with very long lines (5746)
Size:   12953
Md5:    968793add5cc7de2bcf72e05b98f8e5c
Sha1:   b45858fece9e411108d79c7fba0d5bcc8f233647
Sha256: 0ba6e04ebc66bf6c7ba82a4e31d709596579d87edca1be61f14aad495c8d236f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/otomoto-footer.png HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 13372
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:02 GMT
ETag: "343c-5b252b8e95bdc"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 1600 x 148, 2-bit colormap, non-interlaced\012- data
Size:   13372
Md5:    9a57eeb46ceb1114bdf2450c779637e1
Sha1:   faf475ea148f7ad6bbaa1c61254568aa3363ab96
Sha256: b80b5cc16774187a06119b2d7a898718e0b00402b9d2ec4ce14b5eb163025768
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 08 Sep 2022 09:38:18 GMT
Expires: Thu, 08 Sep 2022 10:06:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: o2P8fPHwUuRjvplzVdKTS7S8Pc2M-Y9jA58tLMM5aeJHn1MawhG_Pg==
Age: 2492


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /noew1_files/tags.html HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
Upgrade-Insecure-Requests: 1

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:50 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:03 GMT
ETag: W/"9c-5b252b8f85000"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   144
Md5:    ba081cfd8d0360b37944dca9de39ebbc
Sha1:   6321c62d8d525d0903b19d91208fa975a66dfb45
Sha256: 70af5e92b2ec0e55df6ad38c7323d1721416fbac1ad69b502e00fabec5b9d684

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ninja-verticals.js HTTP/1.1 
Host: ninja.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/

                                         
                                         23.36.76.113
HTTP/1.1 301 Moved Permanently
                                        
Server: AkamaiGHost
Content-Length: 0
Location: https://ninja.akamaized.net/ninja-verticals.js
Cache-Control: max-age=0
Expires: Thu, 08 Sep 2022 10:19:50 GMT
Date: Thu, 08 Sep 2022 10:19:50 GMT
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *

                                        
                                            GET /tags?id=pr_H2B0uP1rY2pmNOj01qlP&id2=pr_H2B0uP1rY2pmNOj01qlP_custom_split_4 HTTP/1.1 
Host: creativecdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/
Upgrade-Insecure-Requests: 1

                                         
                                         185.184.8.90
HTTP/1.1 302 Found
                                        
date: Thu, 08 Sep 2022 10:19:50 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin
location: https://creativecdn.com/tags?id=pr_H2B0uP1rY2pmNOj01qlP&id2=pr_H2B0uP1rY2pmNOj01qlP_custom_split_4
content-length: 0

                                        
                                            GET /noew1_files/installWidgets.js HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 249524
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:00 GMT
ETag: "3ceb4-5b252b8c84712"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   208
Md5:    7ab97a30a6b847742a95683119cc3025
Sha1:   ca8aa686dee9daa8342bb79072f7116bd9a351fa
Sha256: e834a3fe66a5cf75848dd635ce96cff29ade6f28d07d4166db422c0772c44e6c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /packed/img/2f44f0016d6e529ae50a79a63682193c72.png HTTP/1.1 
Host: otomotopl-statics.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.170
HTTP/1.0 400 Bad Request
Content-Type: text/html
                                        
Server: AkamaiGHost
Mime-Version: 1.0
Content-Length: 208
Expires: Thu, 08 Sep 2022 10:19:50 GMT
Date: Thu, 08 Sep 2022 10:19:50 GMT
Connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   208
Md5:    7191112432797da81aa69f47921fd467
Sha1:   0060f503ed3f3e7bfbcb077c92610104a3507f00
Sha256: 47007f00cdbda91c45ce26d730180d4f6fb132db55001ea295143808aa44e78b
                                        
                                            GET /packed/font/2f1bb805446b880e7e63cae7ab00433f15.svg HTTP/1.1 
Host: otomotopl-statics.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.170
HTTP/1.0 400 Bad Request
Content-Type: text/html
                                        
Server: AkamaiGHost
Mime-Version: 1.0
Content-Length: 208
Expires: Thu, 08 Sep 2022 10:19:50 GMT
Date: Thu, 08 Sep 2022 10:19:50 GMT
Connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   208
Md5:    655fc9ad66df435109795ae0627c8c81
Sha1:   1a2c7a8c3707c826f94d7ae56c99a757b621a68d
Sha256: 63aa7921fffdb201b7583067f60fe79edc819cfda8907115f49a2b67dda0a12f
                                        
                                            GET /naspersclassifieds-regional/verticals-cars-atlas-web-otomotopl/static/fonts/atlas-cars-icons.woff?k8nh67 HTTP/1.1 
Host: otomotopl-statics.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://otomoto-h229.net
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.170
HTTP/1.0 400 Bad Request
Content-Type: text/html
                                        
Server: AkamaiGHost
Mime-Version: 1.0
Content-Length: 389
Expires: Thu, 08 Sep 2022 10:19:50 GMT
Date: Thu, 08 Sep 2022 10:19:50 GMT
Connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   389
Md5:    740f5ca240b065b42c3da87e2ed672cc
Sha1:   c026adc09097d92403d3c4641ed5a3fd17cb3227
Sha256: 3322b9dbd5dae252dfe2fa7cb3a4b251591162d8babaab470a26663eee71df0f
                                        
                                            GET /packed/img/2f6bd36a158dc9bd150580abd768c8c401.png HTTP/1.1 
Host: otomotopl-statics.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.170
HTTP/1.0 400 Bad Request
Content-Type: text/html
                                        
Server: AkamaiGHost
Mime-Version: 1.0
Content-Length: 208
Expires: Thu, 08 Sep 2022 10:19:50 GMT
Date: Thu, 08 Sep 2022 10:19:50 GMT
Connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   208
Md5:    8ffe256d48933f72f1bacb1160a61042
Sha1:   a418efaec0491609a1e76d39c3402515dd3ac355
Sha256: 415afee6530b003277d72bbe5481fb975583619f44b9ddf31df8676453dc59e4
                                        
                                            GET /noew1_files/swd954431da7c77598e479bd469c5b9f8c.js HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 751069
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:04 GMT
ETag: "b75dd-5b252b900db83"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   208
Md5:    c29a2c0340f4793a909a30743dc59a33
Sha1:   8b3a37219f5ba30c75488098ae910c41eefc8b3a
Sha256: 00b9cd9c1a7136bdbda33f80440439e807c873da66ec399f7be24c8c46e34912

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /packed/img/2f120da7e15fd94dded44729064885f0e4.png HTTP/1.1 
Host: otomotopl-statics.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.170
HTTP/1.0 400 Bad Request
Content-Type: text/html
                                        
Server: AkamaiGHost
Mime-Version: 1.0
Content-Length: 208
Expires: Thu, 08 Sep 2022 10:19:50 GMT
Date: Thu, 08 Sep 2022 10:19:50 GMT
Connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   208
Md5:    3c3f9dd4e300a3abca2df14f18af87dd
Sha1:   d9cbcb11a1ca313d4f6568682731c06fd4f1db0d
Sha256: 9bd06e2e12471f7b9a29c14fa7f4293939fe62d9c98fbcb4ccc8c4a86411f9d8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6096
Cache-Control: 'max-age=158059'
Date: Thu, 08 Sep 2022 10:19:50 GMT
Last-Modified: Thu, 08 Sep 2022 08:38:14 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /packed/img/2fbce5be505460dc152d94e96497a18922.png HTTP/1.1 
Host: otomotopl-statics.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.170
HTTP/1.0 400 Bad Request
Content-Type: text/html
                                        
Server: AkamaiGHost
Mime-Version: 1.0
Content-Length: 208
Expires: Thu, 08 Sep 2022 10:19:50 GMT
Date: Thu, 08 Sep 2022 10:19:50 GMT
Connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   208
Md5:    1e155d71d875a846ba1c904a48593ef8
Sha1:   46e8cfa539739c5736bd8b64406e12a6c49a3828
Sha256: 5e13256cb3c39b90ef1c1232cdae490e69475dd673bed453a0d7d8e6d9219202
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4867
Cache-Control: 'max-age=158059'
Date: Thu, 08 Sep 2022 10:19:50 GMT
Last-Modified: Thu, 08 Sep 2022 08:58:43 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /gtm.js?id=GTM-K4DX4C6 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/

                                         
                                         142.250.74.72
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Location: https://www.googletagmanager.com/gtm.js?id=GTM-K4DX4C6
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 08 Sep 2022 10:19:50 GMT
Server: Google Tag Manager
Content-Length: 251
X-XSS-Protection: 0


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   251
Md5:    1ed32d713bd1c106edc3c77dfe2e84cc
Sha1:   59b84bbcbf5d9ece8928f5274f8fac2c5c83daee
Sha256: 6fcf3b061cfd93eaf0becf5c71d0e2f9b33676e2c2540599dd67790c22807033
                                        
                                            GET /tags?id=pr_H2B0uP1rY2pmNOj01qlP&id2=pr_H2B0uP1rY2pmNOj01qlP_custom_split_4 HTTP/1.1 
Host: creativecdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otomoto-h229.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.184.8.90
HTTP/2 302 Found
                                        
date: Thu, 08 Sep 2022 10:19:50 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=9LVjVrX1frtGz6CtPQe8;Path=/;Domain=.creativecdn.com;Expires=Fri, 08-Sep-2023 10:19:50 GMT;Max-Age=31536000;Secure;SameSite=None ts=1662632390;Path=/;Domain=.creativecdn.com;Expires=Fri, 08-Sep-2023 10:19:50 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://creativecdn.com/tags?id=pr_H2B0uP1rY2pmNOj01qlP&id2=pr_H2B0uP1rY2pmNOj01qlP_custom_split_4&tc=1
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /noew1_files/tags_data/a.txt HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/noew1_files/tags.html
Cookie: _gcl_au=1.1.1592884863.1662632383

                                         
                                         217.160.0.78
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:50 GMT
Server: Apache
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   172
Md5:    e796f37d7bd470e2eabc2644b62b73af
Sha1:   2c7fa79ac161e6bfbc0b1b55a21ec2ad27c14fee
Sha256: a82d2ea26e678d94a5b295b0243f250a9be994357d60633feff72d1e90a2b788

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /tags?id=pr_H2B0uP1rY2pmNOj01qlP&id2=pr_H2B0uP1rY2pmNOj01qlP_custom_split_4&tc=1 HTTP/1.1 
Host: creativecdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otomoto-h229.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.184.8.90
HTTP/2 204 No Content
                                        
X-Firefox-Spdy: h2

                                        
                                            GET /h/v2/v-otomoto-web?sl=1831c9cd0fcx2b18d293&s=1831c9cd0fcx2b18d293&cl=1&c=1&cC=PL&bR=otomoto&rE=v&eN=login_page&tN=p&language=pl_PL&platform=desktop&event_type=pv&user_status=unlogged&cat_l1_id=29&cat_l1_name=cars&testgroup=4&RTBCookieSplit=4&cP=konto&mv=1.0.100&host=otomoto-h229.net&ivd=olx-pl_organic&t=1662632382717&js=1 HTTP/1.1 
Host: tracking.olx-st.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/

                                         
                                         52.59.167.32
HTTP/1.1 200 OK
Content-Type: image/gif;charset=ISO-8859-1
                                        
Date: Thu, 08 Sep 2022 10:19:50 GMT
Content-Length: 35
Connection: keep-alive
x-olx-hydra-ver: hydra-e5fa7f3
Set-Cookie: onap=1831c9cd0fcx2b18d293-1-1831c9cd0fcx2b18d293-1-1662634190-1831c9ceed5xd928871e-olx-pl_organic_1662632390_1665224390;Path=/h;Expires=Sat, 07-Sep-2024 10:19:50 GMT;SameSite=None;Secure
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Expires: Wed, 19 Apr 2000 03:14:15 GMT
Pragma: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /noew1_files/iframe.html HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
Cookie: _gcl_au=1.1.1592884863.1662632383
Upgrade-Insecure-Requests: 1

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:50 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:00 GMT
ETag: W/"1ec-5b252b8c0f410"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (475), with CRLF line terminators
Size:   314
Md5:    27cfbbde6486252188fe430eac4e7de6
Sha1:   fe909e8a1462f81ed69d0b9d7051f18aefcc0ed8
Sha256: 95bde1ddd9341e7679b26298374d55a6077f84c211ae61bac0e137f1b079d30b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/lsset.html HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
Cookie: _gcl_au=1.1.1592884863.1662632383
Upgrade-Insecure-Requests: 1

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:50 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:01 GMT
ETag: W/"be8-5b252b8db1398"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1254), with CRLF line terminators
Size:   1871
Md5:    2b41d2f2815cc18687fb3acb6174cee3
Sha1:   f75e417e6922100b2f3b14ff60fc7dae8955b309
Sha256: 031536ace1dfda717c91aa1b499b6b68f059f396c51b180239626d078677e312

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/lsget.html HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
Cookie: _gcl_au=1.1.1592884863.1662632383
Upgrade-Insecure-Requests: 1

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:50 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:01 GMT
ETag: W/"1671-5b252b8d585b6"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1255), with CRLF line terminators
Size:   2741
Md5:    850ee2ceb11ddd17f452e0c7b831deba
Sha1:   350548fbb1565bf20c97132b8e3283c335fe2ccd
Sha256: b243f8192e7603f4e0026a060a07827f29b02055a822deb0e2726ef4be79093f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noew1_files/iframe_data/3233175361-idpiframe.js HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/noew1_files/iframe.html
Cookie: _gcl_au=1.1.1592884863.1662632383

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 75531
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:50 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:06 GMT
ETag: "1270b-5b252b91d9aeb"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (1845)
Size:   75531
Md5:    85eb2c8e174b4d7dcf620819d762a41a
Sha1:   7e772acae7adc4203b7cb5e22633985af7495f98
Sha256: 85dc58c88d3cb99170459e95e30a95d2f3533492b21824c7daec5ae4898d2888

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Sep 2022 10:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1365
Cache-Control: 'max-age=158059'
Date: Thu, 08 Sep 2022 10:19:50 GMT
Last-Modified: Thu, 08 Sep 2022 09:57:05 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 312

                                        
                                            GET /lsget.html HTTP/1.1 
Host: ls.hit.gemius.pl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/
Upgrade-Insecure-Requests: 1

                                         
                                         146.59.30.100
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Date: Thu, 08 Sep 2022 10:19:50 GMT
Expires: Sat, 08 Oct 2022 10:19:50 GMT
Server: GHC
Accept-Ranges: none
Cache-Control: private, max-age=2592000
Last-Modified: Mon, 16 Jul 2012 10:03:40 GMT
ETag: PRIVATE7520710249
Vary: Accept-Encoding,Origin,User-Agent
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 2721
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1253)
Size:   2721
Md5:    4ed8a9d31f54b01cd20a770c855aa34d
Sha1:   88280845a833c4eefae2c5da303bd82705a8f333
Sha256: b60b820e04a50ae52f6a105869ad6cb1b412f37e1713a07b2734aac7ca7a6a90
                                        
                                            GET /gtm.js?id=GTM-K4DX4C6 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otomoto-h229.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Sep 2022 10:19:50 GMT
expires: Thu, 08 Sep 2022 10:19:50 GMT
cache-control: private, max-age=900
last-modified: Thu, 08 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94137
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (40540)
Size:   94137
Md5:    3590bd4fbf27a104582b3d7adf7eb804
Sha1:   87f12b3a934a11c311f797834cb0876b3f147125
Sha256: bd66e02936b8b1d5884bc7188a91089c21947ef5b82a8b82518ce46557b9115f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Sep 2022 10:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Sep 2022 10:19:50 GMT
Content-Length: 280
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 08:55:33 GMT
Expires: Wed, 14 Sep 2022 08:55:32 GMT
Etag: "7b83363ab8bdabdc8f34b893e4fdf66b00975a02"
Cache-Control: max-age=512741,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7476f2b989eab51d-OSL

                                        
                                            GET /lsget.html?mode=new HTTP/1.1 
Host: ls.hit.gemius.pl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         146.59.30.100
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
date: Thu, 08 Sep 2022 10:19:50 GMT
expires: Sat, 08 Oct 2022 10:19:50 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 2719
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1253)
Size:   2719
Md5:    a6f56928b1882a8f6d93edc699ab150f
Sha1:   fcdbfe0b2337d09b0df1d042e4f3d39089a7a1e4
Sha256: 31fe94eafa0f0303d9d8095a70bd140853ad9b97ffc381461c49fa27074e6271
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PB/sx8IdBsVbPsvg3HhLkw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.13.69.101
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cm9ut2CyRahJ6BGp3GgZIx8XlUw=

                                        
                                            GET /lsset.html HTTP/1.1 
Host: ls.hit.gemius.pl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         146.59.30.100
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
date: Thu, 08 Sep 2022 10:19:50 GMT
expires: Sat, 08 Oct 2022 10:19:50 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 1862
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1256)
Size:   1862
Md5:    4a4ab92dd5e247b2bd21f946599ba60c
Sha1:   08eaadd6f2a1765a474ec77b6ef8f254b7caffdb
Sha256: 889eb4d6d195183d4b03675471cefdc87fe05bbafb66ea58202b9c5d8f9d084a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6453
Cache-Control: 'max-age=158059'
Date: Thu, 08 Sep 2022 10:19:50 GMT
Last-Modified: Thu, 08 Sep 2022 08:32:17 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /naspersclassifieds-regional/verticals-cars-atlas-web-otomotopl/static/img/favicon.ico?v=4 HTTP/1.1 
Host: otomotopl-statics.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.170
HTTP/1.0 400 Bad Request
Content-Type: text/html
                                        
Server: AkamaiGHost
Mime-Version: 1.0
Content-Length: 369
Expires: Thu, 08 Sep 2022 10:19:50 GMT
Date: Thu, 08 Sep 2022 10:19:50 GMT
Connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   369
Md5:    b782881269c92f4175d8e1c1522049fe
Sha1:   347f98a11302a25fa0db352da81157bb5496fa6e
Sha256: 570bb4575fbf961aa19ec19ea0fde584211d70409d5ce625a614a37733462279
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Sep 2022 10:19:50 GMT
Content-Length: 280
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 08:55:33 GMT
Expires: Wed, 14 Sep 2022 08:55:32 GMT
Etag: "7b83363ab8bdabdc8f34b893e4fdf66b00975a02"
Cache-Control: max-age=512741,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7476f2b989b50b31-OSL

                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.0.157
HTTP/2 200 OK
                                        
date: Thu, 08 Sep 2022 10:19:50 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=E9ivGl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJzdXhtTWhDdGZyU2xDSWdocG95S1JvMUZXQ25oUkp3bDRLZjg3QyUyRlQlMkI5; expires=Tue, 03 Oct 2023 10:19:50 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 234340
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Sep 2022 10:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Sep 2022 10:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /lsget.html HTTP/1.1 
Host: ls.hit.gemius.pl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         146.59.30.100
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
date: Thu, 08 Sep 2022 10:19:50 GMT
expires: Sat, 08 Oct 2022 10:19:50 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 2719
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1260)
Size:   2719
Md5:    6304abbd073ba0b23f298834b5dff733
Sha1:   4f2337a92b22a4bba4e5244f32277792385a52dd
Sha256: f24b973c86af0ea4ce4e3c47d42b8f05d6c67a972b1fc5d472ebf8776132c539
                                        
                                            GET /fpdata.js?href=otomoto-h229.net HTTP/1.1 
Host: olx.hit.gemius.pl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/

                                         
                                         185.11.128.202
HTTP/1.1 301 Moved Permanently
                                        
Date: Thu, 08 Sep 2022 10:19:50 GMT
Expires: Wed, 07 Sep 2022 10:19:50 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Location: https://olx.hit.gemius.pl/_sslredir/fpdata.js?href=otomoto-h229.net
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0

                                        
                                            GET /js/api:client.js HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 5571
date: Thu, 08 Sep 2022 10:19:50 GMT
expires: Thu, 08 Sep 2022 10:19:50 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "8e9a8c23509d82b5"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2046)
Size:   5571
Md5:    317eaac95e560fcd85884c7a761571da
Sha1:   5b62a9a9fafa8993bb19479ec0fc42eb4b09d387
Sha256: 41df2b017ccddba4ebaf4ab4da7d811ca81fef441c81ee50e7765c8df8710b25
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6044
Cache-Control: 'max-age=158059'
Date: Thu, 08 Sep 2022 10:19:50 GMT
Last-Modified: Thu, 08 Sep 2022 08:39:06 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 312

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6044
Cache-Control: 'max-age=158059'
Date: Thu, 08 Sep 2022 10:19:50 GMT
Last-Modified: Thu, 08 Sep 2022 08:39:06 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 312

                                        
                                            GET /_/scs/apps-static/_/js/k=oz.gapi.en_US.JKCQ2Hvuo0E.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ/cb=gapi.loaded_0 HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 101217
date: Thu, 08 Sep 2022 10:19:50 GMT
expires: Fri, 08 Sep 2023 10:19:50 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Wed, 15 Jan 2020 20:40:07 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (760)
Size:   101217
Md5:    ec74ba957017dfff5001e93cf753a223
Sha1:   0cf58ae3c01deebed9abb43e4a94d098d822c80e
Sha256: c32b8568ff4a07a68bcf0527c82924dca41eea956af7f452db1d8473f77c9055
                                        
                                            GET /xgemius.js HTTP/1.1 
Host: olx.hit.gemius.pl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/

                                         
                                         185.11.128.202
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Thu, 08 Sep 2022 10:19:50 GMT
Expires: Thu, 08 Sep 2022 22:19:50 GMT
Server: GHC
Accept-Ranges: none
Cache-Control: max-age=43200
Last-Modified: Wed, 07 Sep 2022 10:13:48 GMT
Vary: Accept-Encoding,Origin
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 15915
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (417)
Size:   15915
Md5:    b2751ff94e358004008e83bd148a201c
Sha1:   d87dbb27e47d49b9e96ee578549504f8e62aafb0
Sha256: fcbe6f6be124105249dbf4507e6fba73264e2b1b02bbaf9acd0203683a4fc9e2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Sep 2022 10:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ninja-verticals.js HTTP/1.1 
Host: ninja.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otomoto-h229.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.113
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: QyVRYvEvR8X1p9dxPQCVz+4Zz1jbgAO3kvYMRwyA29AWddLG3OIycxBzc4OosZGlr35iaJIpjo0=
x-amz-request-id: J3ZRPZFETCZQ19R2
last-modified: Wed, 07 Sep 2022 15:05:48 GMT
etag: "4b56d987cb53221d332dc53d51191925"
x-amz-version-id: zRgPXiaNfHZhxiQBOaQdnmXdGIEtpbmS
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=900, s-maxage=1800
expires: Thu, 08 Sep 2022 10:34:51 GMT
date: Thu, 08 Sep 2022 10:19:51 GMT
content-length: 29102
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (577)
Size:   29102
Md5:    f6e9d6f7a345865785f820ff73381620
Sha1:   cb331271284907463f4aa2fdd0077452ac037b0f
Sha256: 01675bfadde2ac452704aab27715d98107bd41927080053b4398db2d8b77ef8d
                                        
                                            GET /assign?sl=1831c9cd0fcx2b18d293&cc=PL&ch=w&br=otomoto HTTP/1.1 
Host: laquesis.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://otomoto-h229.net
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.106
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 1127
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 08 Sep 2022 10:19:51 GMT
date: Thu, 08 Sep 2022 10:19:51 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1127), with no line terminators
Size:   1127
Md5:    2383fc9dc8f9b8894bf38a76175f39db
Sha1:   1417f6248ab46f9d294055b360117d2c4b0cd89f
Sha256: 21df92411d4115f780d4c091cb4741451f2024976d0237bd6fd4c417c34daea5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Sep 2022 10:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /h/v2/v-otomoto-web?sl=1831c9cd503x3f9673ad&s=1831c9cd503x3f9673ad&cl=1&c=1&cC=PL&bR=otomoto&rE=v&eN=test_assignment&tN=e&language=pl_PL&platform=desktop&event_type=pv&user_status=unlogged&cat_l1_id=29&cat_l1_name=cars&testgroup=4&RTBCookieSplit=4&test_definition=%5B%22cars-27613%2Ca%22%2C%22cars-31060%2Ca%22%2C%22cars-31762%2Ca%22%2C%22cars-31852%2Ca%22%2C%22cars-32036%2Ca%22%2C%22cars-32037%2Ca%22%2C%22cars-32229%2Ca%22%2C%22cars-32904%2Cb%22%2C%22cars-32937%2Cb%22%2C%22cars-32996%2Ca%22%2C%22cars-33059%2Cb%22%2C%22cars-33070%2Ca%22%2C%22cars-33096%2Cb%22%2C%22cars-33477%2Ca%22%2C%22cars-33478%2Cb%22%2C%22cars-33522%2Ca%22%2C%22cars-33562%2Ca%22%2C%22cars-34160%2Cb%22%2C%22cars-34184%2Ca%22%2C%22cars-34351%2Cb%22%2C%22cars-34761%2Ca%22%2C%22cars-34786%2Ca%22%2C%22cars-35777%2Ca%22%2C%22cars-35818%2Cb%22%2C%22cars-35984%2Cc%22%5D&cP=konto&mv=1.0.100&host=otomoto-h229.net&ivd=olx-pl_organic&t=1662632383747&js=1 HTTP/1.1 
Host: tracking.olx-st.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/

                                         
                                         52.59.167.32
HTTP/1.1 200 OK
Content-Type: image/gif;charset=ISO-8859-1
                                        
Date: Thu, 08 Sep 2022 10:19:51 GMT
Content-Length: 35
Connection: keep-alive
x-olx-hydra-ver: hydra-e5fa7f3
Set-Cookie: onap=1831c9cd503x3f9673ad-1-1831c9cd503x3f9673ad-1-1662634191-1831c9cf282x541e36f1-olx-pl_organic_1662632391_1665224391;Path=/h;Expires=Sat, 07-Sep-2024 10:19:51 GMT;SameSite=None;Secure
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Expires: Wed, 19 Apr 2000 03:14:15 GMT
Pragma: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /h/v2/v-otomoto-web?sl=1831c9cd505x2e514c58&s=1831c9cd505x2e514c58&cl=1&c=1&cC=PL&bR=otomoto&rE=v&eN=flag_assignment&tN=e&language=pl_PL&platform=desktop&event_type=pv&user_status=unlogged&cat_l1_id=29&cat_l1_name=cars&testgroup=4&RTBCookieSplit=4&flag_definition=%5B%22euads-2750%22%5D&cP=konto&mv=1.0.100&host=otomoto-h229.net&ivd=olx-pl_organic&t=1662632383750&js=1 HTTP/1.1 
Host: tracking.olx-st.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/

                                         
                                         52.59.167.32
HTTP/1.1 200 OK
Content-Type: image/gif;charset=ISO-8859-1
                                        
Date: Thu, 08 Sep 2022 10:19:51 GMT
Content-Length: 35
Connection: keep-alive
x-olx-hydra-ver: hydra-e5fa7f3
Set-Cookie: onap=1831c9cd505x2e514c58-1-1831c9cd505x2e514c58-1-1662634191-1831c9cf29cx131ebded-olx-pl_organic_1662632391_1665224391;Path=/h;Expires=Sat, 07-Sep-2024 10:19:51 GMT;SameSite=None;Secure
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Expires: Wed, 19 Apr 2000 03:14:15 GMT
Pragma: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Sep 2022 10:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.GG-Ggjrq5aE.es5.O/d=1/rs=AOaEmlGz2ImcM87xCQJBm9w21x76L2RsZA/m=base HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-length: 34824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 00:13:44 GMT
expires: Wed, 06 Sep 2023 00:13:44 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sat, 27 Aug 2022 01:41:42 GMT
age: 209167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (868)
Size:   34824
Md5:    424b937f079afb0cba28562b77ef535b
Sha1:   ed37e7647ac147b51005e5012442abe720ec5ee9
Sha256: faae2feaa18be4b0bac6823e4729af093eac5455e37409428540098198db800a
                                        
                                            GET /_sslredir/fpdata.js?href=otomoto-h229.net HTTP/1.1 
Host: olx.hit.gemius.pl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otomoto-h229.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.11.128.202
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Thu, 08 Sep 2022 10:19:51 GMT
expires: Sat, 08 Oct 2022 10:19:51 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 285
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   285
Md5:    98c30b78aa09bf6fc85c52b9d0d112c4
Sha1:   817245cf91dd2d3a662bd779dc1c9fb629829a18
Sha256: 5d29fd922136c49e9c892834dca8c9ee0758d0e50da0ce4fb537e1d58422233a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Sep 2022 10:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /_1662632383922/rexdot.js?l=100&id=1wA64edYL8OQRSzbOqfRLrbu7OkY4sSgxVmVCOuHpYn.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fotomoto-h229.net%2Fkonto.html&ref=&screen=1280x1024r1000&col=24&window=1280x939&ltime=233&lsdata=-SETERR&fpdata=9Qks4eBOJljnuxXff2RNL4dL5_oKiY4asz1D93L119n.s7|1662632391&vis=1 HTTP/1.1 
Host: olx.hit.gemius.pl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/

                                         
                                         185.11.128.202
HTTP/1.1 301 Moved Permanently
                                        
Date: Thu, 08 Sep 2022 10:19:51 GMT
Expires: Wed, 07 Sep 2022 10:19:51 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Location: https://olx.hit.gemius.pl/_sslredir/_1662632383922/rexdot.js?l=100&id=1wA64edYL8OQRSzbOqfRLrbu7OkY4sSgxVmVCOuHpYn.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fotomoto-h229.net%2Fkonto.html&ref=&screen=1280x1024r1000&col=24&window=1280x939&ltime=233&lsdata=-SETERR&fpdata=9Qks4eBOJljnuxXff2RNL4dL5_oKiY4asz1D93L119n.s7|1662632391&vis=1
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0

                                        
                                            GET /_sslredir/_1662632383922/rexdot.js?l=100&id=1wA64edYL8OQRSzbOqfRLrbu7OkY4sSgxVmVCOuHpYn.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fotomoto-h229.net%2Fkonto.html&ref=&screen=1280x1024r1000&col=24&window=1280x939&ltime=233&lsdata=-SETERR&fpdata=9Qks4eBOJljnuxXff2RNL4dL5_oKiY4asz1D93L119n.s7|1662632391&vis=1 HTTP/1.1 
Host: olx.hit.gemius.pl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otomoto-h229.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.11.128.202
HTTP/2 301 Moved Permanently
                                        
date: Thu, 08 Sep 2022 10:19:51 GMT
expires: Wed, 07 Sep 2022 10:19:51 GMT
server: GHC
accept-ranges: none
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: Gtest=KlGqYMaGQMGG1LAMNt95rXXissGMXP8cERbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Thu, 15 Sep 2022 10:19:51 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_sslredir/_1662632383922/rexdot.js?l=100&id=1wA64edYL8OQRSzbOqfRLrbu7OkY4sSgxVmVCOuHpYn.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fotomoto-h229.net%2Fkonto.html&ref=&screen=1280x1024r1000&col=24&window=1280x939&ltime=233&lsdata=-SETERR&fpdata=9Qks4eBOJljnuxXff2RNL4dL5_oKiY4asz1D93L119n.s7|1662632391&vis=1
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /__/_sslredir/_1662632383922/rexdot.js?l=100&id=1wA64edYL8OQRSzbOqfRLrbu7OkY4sSgxVmVCOuHpYn.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fotomoto-h229.net%2Fkonto.html&ref=&screen=1280x1024r1000&col=24&window=1280x939&ltime=233&lsdata=-SETERR&fpdata=9Qks4eBOJljnuxXff2RNL4dL5_oKiY4asz1D93L119n.s7|1662632391&vis=1 HTTP/1.1 
Host: olx.hit.gemius.pl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otomoto-h229.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.11.128.202
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Thu, 08 Sep 2022 10:19:51 GMT
expires: Wed, 07 Sep 2022 10:19:51 GMT
server: GHC
accept-ranges: none
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: Gtest=KlxPwRXGQMQGE28mAxs5rXXissGMXP8cERbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Thu, 15 Sep 2022 10:19:51 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 167
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   167
Md5:    d56414e8741bb2cb60fc68bff1ee471d
Sha1:   f08d51c898d02cbe4742d82f4affb57669455129
Sha256: 4d1837f2a0a57f77e533696a8423617ded92974d0c8475e6935ef21dbbe3ce7a
                                        
                                            GET /nr-1167.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: duwk5/9ckcOP/HF89l6qi5VKNFQtyqLHChgZ9jTu+TWxp1baPzH9sKks+LwJ/+5Kj/IgKbgTLJ4=
x-amz-request-id: S1GA00MHJD9Y1NQA
last-modified: Fri, 07 Feb 2020 23:39:55 GMT
etag: "8155781ab74e51eee2ead2c1d5902e63"
x-amz-version-id: null
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Sep 2022 10:19:51 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 10
x-timer: S1662632392.765236,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 10178
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26895), with no line terminators
Size:   10178
Md5:    2475af80a5beb58a3e3a97c4184c9e3f
Sha1:   cbea1268312d005145a84d52c3e377c8ad8cc633
Sha256: f4b7678a0e6380207322e69fa89295c2d4fcd240554e6d3ebc1d537fee5402a4
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9081
Expires: Thu, 08 Sep 2022 12:51:12 GMT
Date: Thu, 08 Sep 2022 10:19:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9081
Expires: Thu, 08 Sep 2022 12:51:12 GMT
Date: Thu, 08 Sep 2022 10:19:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9081
Expires: Thu, 08 Sep 2022 12:51:12 GMT
Date: Thu, 08 Sep 2022 10:19:51 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd38a7ac-451e-4dae-8707-f68a3c27ee4e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8693
x-amzn-requestid: aae6e4f7-9b0a-49da-b2f1-58b625609942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgFokoAMFbwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-27854a575dea22e1035454e3;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PKD1-NMnB_gBWmi4tmCDLib4ROvVwI4hrOL7CHtoMXEEGgYNYiAsTw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:48:35 GMT
etag: "b8f1359214f21be812390a6cca80b8e84c26a403"
age: 45076
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8693
Md5:    7ccc1d45458086694a8221a8a6c6aa3b
Sha1:   b8f1359214f21be812390a6cca80b8e84c26a403
Sha256: 461503caa5ec14c1214bdc19795e47b8c1c3c5be1b21f0f29e923e5191e93846
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffde48022-9b21-4eb3-b8b7-e4fcb208d624.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8246
x-amzn-requestid: d1a11f7f-22b7-4fc1-b33d-402e5bc3af33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgEx4oAMF-pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-7305dd7653fe38c9445e02a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: INlZ1UklE6G7_1AYLBLEjbENrWoRgkYHLiL4w_QVx7tRA3jepd_eXQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:48:35 GMT
etag: "7bcd0b99c0fb6d9ead1dd6878377f5a582bde20d"
age: 45076
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8246
Md5:    036db462684c81e3906433a0d2929eb8
Sha1:   7bcd0b99c0fb6d9ead1dd6878377f5a582bde20d
Sha256: a252f30f9239f6a343b23c9d3e1d1b7460c5ee5a592d3372bf124760baa6e657
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7885
x-amzn-requestid: 305dc6b7-eb3d-40ad-af89-8b60be935637
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThE3DIAMFRtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-7c0b58644e26de7f27c5b388;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ry2D03udnweYHan_7KhC9IDhT01g9_73G40Fa10BdIX21tgK0Cgjiw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:48:35 GMT
etag: "3e633bc6c4ab9adfe84899e5209d73bef1d097eb"
age: 45076
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7885
Md5:    7ca5b5d4ac26d97b5729a30ecdc688bc
Sha1:   3e633bc6c4ab9adfe84899e5209d73bef1d097eb
Sha256: 2c8275d1819d933f86df9685b76aea030842ba5a341c59ea88ffd2da99a5a3d5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6df26b-97aa-461c-9f22-c5c9496b5701.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8705
x-amzn-requestid: ccc5b695-35b5-49fd-b938-296a88a78ab8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgFOiIAMFaXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-12e809c767cdbba61492187c;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: iN3jcMCQ8paYD_O9gQLAswM-ITb0oY8CYmbnMDwpwS-7hPLis5TGSg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:03:47 GMT
age: 44164
etag: "f6ef30b5df0e634c3a3f607d751e738e55a276c9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8705
Md5:    24e43bc53a0b047911cff00ad4b72320
Sha1:   f6ef30b5df0e634c3a3f607d751e738e55a276c9
Sha256: 7e1406b2101c912e72f37f0257128574079e618c1af83e360acb3f29b4d44d89
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 05:34:36 GMT
age: 17115
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6214
Md5:    f922505178de0cea92eedcfda85a9f67
Sha1:   50f1459de01174e594e03e7df4dfaa8eb1798672
Sha256: 981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7492
x-amzn-requestid: 2c5e9ff3-c7a4-4a8f-96bf-74f0ca5d9137
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9dOHguIAMFjGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f87-70dbe6532b1a241e6dbe729e;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 6mfdlMHJozdykr4faiijvUuJPXVrJGU_n0MxJgCrZ-uWWdejGYfiAQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 020978022b22df6352245f09cfbc410c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:33:06 GMT
age: 42405
etag: "98c145b9326d1e6036fa9089d87a25232dd45b0b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7492
Md5:    a07d553b6441514870ed7e9e989a29a7
Sha1:   98c145b9326d1e6036fa9089d87a25232dd45b0b
Sha256: 373a586b596016baeb8de98022207c25af24c099c06077edbdfd837cffc31a0e
                                        
                                            GET /1/03c2d95870?a=27030240&v=1167.2a4546b&to=NgBUMhdWVhdWUBIPDQ9KdRMWQ1cJGFcDFQkVCkZJBFRbC0JdEkkLDwFTHg%3D%3D&rst=2818&ref=http://otomoto-h229.net/konto.html&ap=46&be=647&fe=2716&dc=1409&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662632381443,%22n%22:0,%22f%22:-5,%22dn%22:-5,%22dne%22:-3,%22c%22:-3,%22ce%22:33,%22rq%22:124,%22rp%22:169,%22rpe%22:214,%22dl%22:410,%22di%22:1400,%22ds%22:1409,%22de%22:1437,%22dc%22:2715,%22l%22:2715,%22le%22:2717%7D,%22navigation%22:%7B%7D%7D&fcp=1227&at=GkdXRF9MRRk%3D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Thu, 08 Sep 2022 10:19:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7476f2c0f829b515-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=52eb0dce1a85761c; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   77
Md5:    f1442f5831dbbe0210da2d7a4180d6b8
Sha1:   2ade23c6c7a001c66f0c0a9a101ec152747b434e
Sha256: c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=E9ivGl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJzdXhtTWhDdGZyU2xDSWdocG95S1JvMUZXQ25oUkp3bDRLZjg3QyUyRlQlMkI5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         178.250.0.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Thu, 08 Sep 2022 10:19:50 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=g5LVzF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJzdXhtTWhDdGZyU2xDSWdocG95S1N6YmRsbnJ1cU15YlU3cVpKOFRZNkQ; expires=Tue, 03 Oct 2023 10:19:50 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 277017
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /o/oauth2/iframe HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.237
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Sep 2022 10:19:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-embedder-policy: require-corp
report-to: {"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
cross-origin-opener-policy: same-origin; report-to="IdpIFrameHttp"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-y0QDTux2IR23Bi0CvSooMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /noew1_files/cbgapi.loaded_0 HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
                                        
Content-Length: 296211
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:58 GMT
ETag: "48513-5b252b8a6e428"
Accept-Ranges: bytes


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /syncframe?topUrl=otomoto-h229.net HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         178.250.0.157
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Thu, 08 Sep 2022 10:19:49 GMT
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=279e1a06-1f5e-41f0-a30f-d4f096fa67b0; expires=Tue, 03 Oct 2023 10:19:49 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 679109
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /noew1_files/gtm_002.js HTTP/1.1 
Host: otomoto-h229.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html

                                         
                                         217.160.0.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 295982
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:59 GMT
ETag: "4842e-5b252b8b55b4c"
Accept-Ranges: bytes


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /newidsd HTTP/1.1 
Host: gem.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         178.250.6.136
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Thu, 08 Sep 2022 10:19:50 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 153197
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /event?a=10828&v=5.5.0&p0=e%3Dexd%26ci%3D%26site_type%3Dd&p1=e%3Ddis&adce=1&tld=otomoto-h229.net&dtycbr=50244 HTTP/1.1 
Host: sslwidget.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.2.151
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Thu, 08 Sep 2022 10:19:50 GMT
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 6595986
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---