otomoto-h229.net/konto.html
200 OK 27 kB URL HTTP/1.1 otomoto-h229.net/konto.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (21032), with CRLF line terminators
Hash 5c0e40058d1a8573e96c1545307931f5
ed8eeb64d1b844051a73623878dd6cee5f3d3df8
36e0eef6aced131b894d0e32f9e529df866fe3696871f2c9edd47a5e07f9efe7
Analyzer Verdict Alert openphish OLX Group
phishtank Other
GET /konto.html HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:54 GMT
ETag: W/"15828-5b252b86391b4"
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5404
Expires: Thu, 08 Sep 2022 11:49:53 GMT
Date: Thu, 08 Sep 2022 10:19:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 08 Sep 2022 09:47:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MtFxFyje55CgLFhwy3RYG6oy5sD4j88tI15M9lUrfeeqb26qCxM2FA==
Age: 1964
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fUZjLmJO2arSUft0UvLSveYruhyTCwbDK-oKBxkNwQhxFyX1Xnlj0Q==
age: 23595
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 10:19:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
otomoto-h229.net/noew1_files/nr-1167.js
200 OK 27 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/nr-1167.js
IP
File type ASCII text, with very long lines (26895), with no line terminators
Hash 8155781ab74e51eee2ead2c1d5902e63
5679a128ce2702f782c9f3f46d16d95c387b52ee
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/nr-1167.js HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 26895
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:02 GMT
ETag: "690f-5b252b8e3221a"
Accept-Ranges: bytes
otomoto-h229.net/noew1_files/cbgapi.loaded_1
200 OK 71 B URL HTTP/1.1 otomoto-h229.net/noew1_files/cbgapi.loaded_1
IP
Hash f3a349d99360409257b2f912ac603548
5aad49f0eb81b99a60f5f46613d6dd252b820b78
586a4abfe9225dbb5521b32799d3b346da9e997452fec205a0812a360dd470ab
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/cbgapi.loaded_1 HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Length: 71
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:58 GMT
ETag: "47-5b252b8accfca"
Accept-Ranges: bytes
otomoto-h229.net/noew1_files/xgemius.js
200 OK 33 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/xgemius.js
IP
File type ASCII text, with very long lines (417)
Hash 844aa4942299da63bc28284eee265ac1
88f71bae39b1ea9d9b65bafe91ca03524b116280
b1bfa4673dda9238c9f8c2bea0d0fa11ec6a9257193579ab78379d781ba0499b
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/xgemius.js HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 33314
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:04 GMT
ETag: "8222-5b252b9048504"
Accept-Ranges: bytes
otomoto-h229.net/noew1_files/analytics.js
200 OK 45 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash af5c617d36e28d19710b882a6824e213
39a22dc66ee4d211631f701d349bd3eb7ee20824
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/analytics.js HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 45229
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:57 GMT
ETag: "b0ad-5b252b8962ae3"
Accept-Ranges: bytes
otomoto-h229.net/noew1_files/gtm_003.js
200 OK 59 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/gtm_003.js
IP
File type ASCII text, with very long lines (1577)
Hash a75170e39e70aa50a1c76bbd035ee00b
d255b3071a1f837e0fbe9ea7d310f9ae3c99eaf0
459bcca10c06ace78d5bf5792e8ecdef84c97c9fedfd821bd550285abc4fc26d
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/gtm_003.js HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 58808
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:59 GMT
ETag: "e5b8-5b252b8bb27ae"
Accept-Ranges: bytes
otomoto-h229.net/noew1_files/js
200 OK 62 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/js
IP
File type ASCII text, with very long lines (1577)
Hash 6c1ed487a02d5b110ae61cd1a5bb59ff
0cf76ab069f59b29b4adffd561ca5ecf131cb2af
64afe9f576d40536f37478a46d239bf180e0ffc7ffac6e2e56c9354027546ee7
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/js HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Length: 62069
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:00 GMT
ETag: "f275-5b252b8c80892"
Accept-Ranges: bytes
otomoto-h229.net/noew1_files/ld.js
200 OK 30 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/ld.js
IP
File type C source, ASCII text, with very long lines (30003), with no line terminators
Hash 9f51c9838bbcc941788939f89f527d5f
2e5c071d37b30d50a7e710549a4e04922aa42ed8
6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/ld.js HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 30003
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:01 GMT
ETag: "7533-5b252b8cf2cb4"
Accept-Ranges: bytes
otomoto-h229.net/noew1_files/0.js
200 OK 15 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/0.js
IP
File type ASCII text, with very long lines (15066), with no line terminators
Hash 74b9f05059e2deee24cfdb15e742de64
28e42b48868ff5f33003d270dffd8c9cc795ac27
31dea38d3fec6c8fb53033148d29ae72c2f930a4d6b540faa08d08ff1f5c75c8
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/0.js HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 15066
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:56 GMT
ETag: "3ada-5b252b882e15e"
Accept-Ranges: bytes
otomoto-h229.net/noew1_files/ninja-verticals.js
200 OK 78 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/ninja-verticals.js
IP
File type ASCII text, with very long lines (4203)
Hash d020031f748fb912f98b89b116af7c38
da6079e8e165c05add369331151839c508a7bfef
2a165e111a55e4fe5331d6b980d4385827cd29ac98d6fb6dab68b0b24be09d00
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/ninja-verticals.js HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 77822
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:02 GMT
ETag: "12ffe-5b252b8dc2cd8"
Accept-Ranges: bytes
otomoto-h229.net/noew1_files/101.js
200 OK 3.2 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/101.js
IP
File type Unicode text, UTF-8 text, with very long lines (3232), with no line terminators
Hash d21e935d9f5a624e5cf6ff5c36ff814a
d3e6fb976a34880920fea0182324610e7c5f3fef
7f1997e8aa8098327fb69fd12c7db0b227d3912add10899f86b0913bfd152cd5
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/101.js HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 3238
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:56 GMT
ETag: "ca6-5b252b880be7d"
Accept-Ranges: bytes
otomoto-h229.net/noew1_files/ls.js
200 OK 1.5 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/ls.js
IP
File type ASCII text, with very long lines (1440)
Hash e737ab7d29207894c9f577e0192446ba
530a7530115f73dc6f0fd9176cf48722b5cfed3d
3c4f9b79cea8fc2ebce92d79f8cea8927e4dad174aac6b9c4caf0c52f7618ec3
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/ls.js HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1466
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:01 GMT
ETag: "5ba-5b252b8d4ba96"
Accept-Ranges: bytes
otomoto-h229.net/noew1_files/gtm.js
200 OK 367 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/gtm.js
IP
File type ASCII text, with very long lines (3520)
Size 367 kB (367127 bytes)
Hash fcebf508c1e1b4d54f56d53b55c296cf
ba2b007167dd7faaab782f821ff713e05a89ce74
70ce1d0b3e36a94b2f7410abd69fa9268c659c1ffae2597eef9154ac440990a8
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/gtm.js HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 367127
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:59 GMT
ETag: "59a17-5b252b8b4038c"
Accept-Ranges: bytes
otomoto-h229.net/noew1_files/lazysizes.js
200 OK 6.7 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/lazysizes.js
IP
File type ASCII text, with very long lines (6649)
Hash c3dbff3d1d3f89c95e23035cc21443c8
02b20f3caed641d992aee96f46ef9d72cf6ee131
abc339d2b76c962291530a8a96f2e9f1ad824e862606b29c3fd54b7663ef0f64
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/lazysizes.js HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 6675
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:01 GMT
ETag: "1a13-5b252b8ce6194"
Accept-Ranges: bytes
otomoto-h229.net/noew1_files/icon.css
200 OK 564 B URL HTTP/1.1 otomoto-h229.net/noew1_files/icon.css
IP
Hash 239a9c4789fc3de02785ec2c6a2b4f8d
54d0097490ca71bcd70be97156e7f1c3dac7aada
8130aacc55a18283a09d04e5bda0d6bc375bfc9e50eadb7f22dfb0c3dde909ae
GET /noew1_files/icon.css HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 564
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:59 GMT
ETag: "234-5b252b8bb27ae"
Accept-Ranges: bytes
otomoto-h229.net/noew1_files/sw795893650b29f47c9dd24d398b724a9a.css
200 OK 754 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/sw795893650b29f47c9dd24d398b724a9a.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 754 kB (754424 bytes)
Hash 795893650b29f47c9dd24d398b724a9a
a9b8fea5dfdd066da0ffbbb2160e641a50f5558c
25381ed370bf3951ee7e6474ecef678e5a383d256fed6c268c4512a37f9457d8
GET /noew1_files/sw795893650b29f47c9dd24d398b724a9a.css HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 754424
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:03 GMT
ETag: "b82f8-5b252b8edefbd"
Accept-Ranges: bytes
otomoto-h229.net/noew1_files/swa62b2b625dd7a9ea682c73f400bd85ea.js
200 OK 17 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/swa62b2b625dd7a9ea682c73f400bd85ea.js
IP
File type Unicode text, UTF-8 text, with very long lines (16021)
Hash a62b2b625dd7a9ea682c73f400bd85ea
5defaa605b6543fbb2eed8a388428c0ca09d0cec
cec56d2f4809cdd10af4232f03fafc8ab1514d99c413b7229ed9cca556215f16
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/swa62b2b625dd7a9ea682c73f400bd85ea.js HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 16971
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:03 GMT
ETag: "424b-5b252b8f254be"
Accept-Ranges: bytes
otomoto-h229.net/noew1_files/1b78e6526b228c7bc3ea91ff2c80b7
200 OK 66 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/1b78e6526b228c7bc3ea91ff2c80b7
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 93e3090f4a1ac38fc394a901ba3136b9
17c8b1d598a83d82c125bf701f5ff79ad0d63ffc
8bd5e5729a3fb989a0bcb99fd966df11e1c44198c447712fa4136996e2b28c0a
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/1b78e6526b228c7bc3ea91ff2c80b7 HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Length: 66005
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:56 GMT
ETag: "101d5-5b252b8884fff"
Accept-Ranges: bytes
otomoto-h229.net/noew1_files/a
200 OK 991 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/a
IP
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size 991 kB (990588 bytes)
Hash e3e65004e05a29de079a92975f615620
c41fe80bb82829e65f7f73b0543f84cdb808e1a4
e6bffaeab277263ebf995fdc275635ae1fdcab2b8587c8c0eb66d887fcd93f38
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/a HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Length: 990588
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:58 GMT
ETag: "f1d7c-5b252b8a8d829"
Accept-Ranges: bytes
otomoto-h229.net/noew1_files/apiclient.js
200 OK 13 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/apiclient.js
IP
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (5746)
Hash 968793add5cc7de2bcf72e05b98f8e5c
b45858fece9e411108d79c7fba0d5bcc8f233647
0ba6e04ebc66bf6c7ba82a4e31d709596579d87edca1be61f14aad495c8d236f
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/apiclient.js HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 12953
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:57 GMT
ETag: "3299-5b252b89c4565"
Accept-Ranges: bytes
otomoto-h229.net/noew1_files/otomoto-footer.png
200 OK 13 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/otomoto-footer.png
IP
File type PNG image data, 1600 x 148, 2-bit colormap, non-interlaced\012- data
Hash 9a57eeb46ceb1114bdf2450c779637e1
faf475ea148f7ad6bbaa1c61254568aa3363ab96
b80b5cc16774187a06119b2d7a898718e0b00402b9d2ec4ce14b5eb163025768
GET /noew1_files/otomoto-footer.png HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 13372
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:02 GMT
ETag: "343c-5b252b8e95bdc"
Accept-Ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 08 Sep 2022 09:38:18 GMT
Expires: Thu, 08 Sep 2022 10:06:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: o2P8fPHwUuRjvplzVdKTS7S8Pc2M-Y9jA58tLMM5aeJHn1MawhG_Pg==
Age: 2492
otomoto-h229.net/noew1_files/tags.html
200 OK 144 B URL HTTP/1.1 otomoto-h229.net/noew1_files/tags.html
IP
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ba081cfd8d0360b37944dca9de39ebbc
6321c62d8d525d0903b19d91208fa975a66dfb45
70af5e92b2ec0e55df6ad38c7323d1721416fbac1ad69b502e00fabec5b9d684
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/tags.html HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:50 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:03 GMT
ETag: W/"9c-5b252b8f85000"
Content-Encoding: gzip
ninja.akamaized.net/ninja-verticals.js
301 Moved Permanently 0 B URL HTTP/1.1 ninja.akamaized.net/ninja-verticals.js
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ninja-verticals.js HTTP/1.1
Host: ninja.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/
HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://ninja.akamaized.net/ninja-verticals.js
Cache-Control: max-age=0
Expires: Thu, 08 Sep 2022 10:19:50 GMT
Date: Thu, 08 Sep 2022 10:19:50 GMT
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
creativecdn.com/tags?id=pr_H2B0uP1rY2pmNOj01qlP&id2=pr_H2B0uP1rY2pmNOj01qlP_custom_split_4
302 Found 0 B URL HTTP/1.1 creativecdn.com/tags?id=pr_H2B0uP1rY2pmNOj01qlP&id2=pr_H2B0uP1rY2pmNOj01qlP_custom_split_4
IP
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tags?id=pr_H2B0uP1rY2pmNOj01qlP&id2=pr_H2B0uP1rY2pmNOj01qlP_custom_split_4 HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Thu, 08 Sep 2022 10:19:50 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin
location: https://creativecdn.com/tags?id=pr_H2B0uP1rY2pmNOj01qlP&id2=pr_H2B0uP1rY2pmNOj01qlP_custom_split_4
content-length: 0
otomoto-h229.net/noew1_files/installWidgets.js
200 OK 208 B URL HTTP/1.1 otomoto-h229.net/noew1_files/installWidgets.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 7ab97a30a6b847742a95683119cc3025
ca8aa686dee9daa8342bb79072f7116bd9a351fa
e834a3fe66a5cf75848dd635ce96cff29ade6f28d07d4166db422c0772c44e6c
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/installWidgets.js HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 249524
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:00 GMT
ETag: "3ceb4-5b252b8c84712"
Accept-Ranges: bytes
otomotopl-statics.akamaized.net/packed/img/2f44f0016d6e529ae50a79a63682193c72.png
400 Bad Request 208 B URL HTTP/1.0 otomotopl-statics.akamaized.net/packed/img/2f44f0016d6e529ae50a79a63682193c72.png
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 7191112432797da81aa69f47921fd467
0060f503ed3f3e7bfbcb077c92610104a3507f00
47007f00cdbda91c45ce26d730180d4f6fb132db55001ea295143808aa44e78b
GET /packed/img/2f44f0016d6e529ae50a79a63682193c72.png HTTP/1.1
Host: otomotopl-statics.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.0 400 Bad Request
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 208
Expires: Thu, 08 Sep 2022 10:19:50 GMT
Date: Thu, 08 Sep 2022 10:19:50 GMT
Connection: close
otomotopl-statics.akamaized.net/packed/font/2f1bb805446b880e7e63cae7ab00433f15.svg
400 Bad Request 208 B URL HTTP/1.0 otomotopl-statics.akamaized.net/packed/font/2f1bb805446b880e7e63cae7ab00433f15.svg
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 655fc9ad66df435109795ae0627c8c81
1a2c7a8c3707c826f94d7ae56c99a757b621a68d
63aa7921fffdb201b7583067f60fe79edc819cfda8907115f49a2b67dda0a12f
GET /packed/font/2f1bb805446b880e7e63cae7ab00433f15.svg HTTP/1.1
Host: otomotopl-statics.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.0 400 Bad Request
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 208
Expires: Thu, 08 Sep 2022 10:19:50 GMT
Date: Thu, 08 Sep 2022 10:19:50 GMT
Connection: close
otomotopl-statics.akamaized.net/naspersclassifieds-regional/verticals-cars-atlas-web-otomotopl/static/fonts/atlas-cars-icons.woff?k8nh67
400 Bad Request 389 B URL HTTP/1.0 otomotopl-statics.akamaized.net/naspersclassifieds-regional/verticals-cars-atlas-web-otomotopl/static/fonts/atlas-cars-icons.woff?k8nh67
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 740f5ca240b065b42c3da87e2ed672cc
c026adc09097d92403d3c4641ed5a3fd17cb3227
3322b9dbd5dae252dfe2fa7cb3a4b251591162d8babaab470a26663eee71df0f
GET /naspersclassifieds-regional/verticals-cars-atlas-web-otomotopl/static/fonts/atlas-cars-icons.woff?k8nh67 HTTP/1.1
Host: otomotopl-statics.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://otomoto-h229.net
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.0 400 Bad Request
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 389
Expires: Thu, 08 Sep 2022 10:19:50 GMT
Date: Thu, 08 Sep 2022 10:19:50 GMT
Connection: close
otomotopl-statics.akamaized.net/packed/img/2f6bd36a158dc9bd150580abd768c8c401.png
400 Bad Request 208 B URL HTTP/1.0 otomotopl-statics.akamaized.net/packed/img/2f6bd36a158dc9bd150580abd768c8c401.png
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 8ffe256d48933f72f1bacb1160a61042
a418efaec0491609a1e76d39c3402515dd3ac355
415afee6530b003277d72bbe5481fb975583619f44b9ddf31df8676453dc59e4
GET /packed/img/2f6bd36a158dc9bd150580abd768c8c401.png HTTP/1.1
Host: otomotopl-statics.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.0 400 Bad Request
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 208
Expires: Thu, 08 Sep 2022 10:19:50 GMT
Date: Thu, 08 Sep 2022 10:19:50 GMT
Connection: close
otomoto-h229.net/noew1_files/swd954431da7c77598e479bd469c5b9f8c.js
200 OK 208 B URL HTTP/1.1 otomoto-h229.net/noew1_files/swd954431da7c77598e479bd469c5b9f8c.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c29a2c0340f4793a909a30743dc59a33
8b3a37219f5ba30c75488098ae910c41eefc8b3a
00b9cd9c1a7136bdbda33f80440439e807c873da66ec399f7be24c8c46e34912
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/swd954431da7c77598e479bd469c5b9f8c.js HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 751069
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:04 GMT
ETag: "b75dd-5b252b900db83"
Accept-Ranges: bytes
otomotopl-statics.akamaized.net/packed/img/2f120da7e15fd94dded44729064885f0e4.png
400 Bad Request 208 B URL HTTP/1.0 otomotopl-statics.akamaized.net/packed/img/2f120da7e15fd94dded44729064885f0e4.png
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 3c3f9dd4e300a3abca2df14f18af87dd
d9cbcb11a1ca313d4f6568682731c06fd4f1db0d
9bd06e2e12471f7b9a29c14fa7f4293939fe62d9c98fbcb4ccc8c4a86411f9d8
GET /packed/img/2f120da7e15fd94dded44729064885f0e4.png HTTP/1.1
Host: otomotopl-statics.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.0 400 Bad Request
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 208
Expires: Thu, 08 Sep 2022 10:19:50 GMT
Date: Thu, 08 Sep 2022 10:19:50 GMT
Connection: close
ocsp.digicert.com/
200 OK 471 B IP
Hash 15570b2189ca527f6c0df98a9ea59fc6
38f7712b0afe4f353f6225aa86e93496252c7ee6
0bd305bfc3e2e781066975218e9502ce425ceb3b69fab5927ae656ff58700895
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6096
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 10:19:50 GMT
Last-Modified: Thu, 08 Sep 2022 08:38:14 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
otomotopl-statics.akamaized.net/packed/img/2fbce5be505460dc152d94e96497a18922.png
400 Bad Request 208 B URL HTTP/1.0 otomotopl-statics.akamaized.net/packed/img/2fbce5be505460dc152d94e96497a18922.png
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 1e155d71d875a846ba1c904a48593ef8
46e8cfa539739c5736bd8b64406e12a6c49a3828
5e13256cb3c39b90ef1c1232cdae490e69475dd673bed453a0d7d8e6d9219202
GET /packed/img/2fbce5be505460dc152d94e96497a18922.png HTTP/1.1
Host: otomotopl-statics.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.0 400 Bad Request
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 208
Expires: Thu, 08 Sep 2022 10:19:50 GMT
Date: Thu, 08 Sep 2022 10:19:50 GMT
Connection: close
ocsp.digicert.com/
200 OK 471 B IP
Hash 042105f89c8d64b470d84e052cd412d1
a26c7e2559b3760ea2765b16a3f8d1be27f5dcf4
fadb8cdd22f4d7773d5c20d576f6400ab25e20e1efe3e3fe50d2ae39ca6f2725
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4867
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 10:19:50 GMT
Last-Modified: Thu, 08 Sep 2022 08:58:43 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtm.js?id=GTM-K4DX4C6
302 Found 251 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-K4DX4C6
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1ed32d713bd1c106edc3c77dfe2e84cc
59b84bbcbf5d9ece8928f5274f8fac2c5c83daee
6fcf3b061cfd93eaf0becf5c71d0e2f9b33676e2c2540599dd67790c22807033
GET /gtm.js?id=GTM-K4DX4C6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-K4DX4C6
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 08 Sep 2022 10:19:50 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 251
X-XSS-Protection: 0
creativecdn.com/tags?id=pr_H2B0uP1rY2pmNOj01qlP&id2=pr_H2B0uP1rY2pmNOj01qlP_custom_split_4
302 Found 0 B URL HTTP/2 creativecdn.com/tags?id=pr_H2B0uP1rY2pmNOj01qlP&id2=pr_H2B0uP1rY2pmNOj01qlP_custom_split_4
IP
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tags?id=pr_H2B0uP1rY2pmNOj01qlP&id2=pr_H2B0uP1rY2pmNOj01qlP_custom_split_4 HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otomoto-h229.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Sep 2022 10:19:50 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=9LVjVrX1frtGz6CtPQe8;Path=/;Domain=.creativecdn.com;Expires=Fri, 08-Sep-2023 10:19:50 GMT;Max-Age=31536000;Secure;SameSite=None
ts=1662632390;Path=/;Domain=.creativecdn.com;Expires=Fri, 08-Sep-2023 10:19:50 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://creativecdn.com/tags?id=pr_H2B0uP1rY2pmNOj01qlP&id2=pr_H2B0uP1rY2pmNOj01qlP_custom_split_4&tc=1
content-length: 0
X-Firefox-Spdy: h2
otomoto-h229.net/noew1_files/tags_data/a.txt
404 Not Found 172 B URL HTTP/1.1 otomoto-h229.net/noew1_files/tags_data/a.txt
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e796f37d7bd470e2eabc2644b62b73af
2c7fa79ac161e6bfbc0b1b55a21ec2ad27c14fee
a82d2ea26e678d94a5b295b0243f250a9be994357d60633feff72d1e90a2b788
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/tags_data/a.txt HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/noew1_files/tags.html
Cookie: _gcl_au=1.1.1592884863.1662632383
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:50 GMT
Server: Apache
Content-Encoding: gzip
creativecdn.com/tags?id=pr_H2B0uP1rY2pmNOj01qlP&id2=pr_H2B0uP1rY2pmNOj01qlP_custom_split_4&tc=1
204 No Content 0 B URL HTTP/2 creativecdn.com/tags?id=pr_H2B0uP1rY2pmNOj01qlP&id2=pr_H2B0uP1rY2pmNOj01qlP_custom_split_4&tc=1
IP
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tags?id=pr_H2B0uP1rY2pmNOj01qlP&id2=pr_H2B0uP1rY2pmNOj01qlP_custom_split_4&tc=1 HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otomoto-h229.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
X-Firefox-Spdy: h2
tracking.olx-st.com/h/v2/v-otomoto-web?sl=1831c9cd0fcx2b18d293&s=1831c9cd0fcx2b18d293&cl=1&c=1&cC=PL&bR=otomoto&rE=v&eN=login_page&tN=p&language=pl_PL&platform=desktop&event_type=pv&user_status=unlogged&cat_l1_id=29&cat_l1_name=cars&testgroup=4&RTBCookieSplit=4&cP=konto&mv=1.0.100&host=otomoto-h229.net&ivd=olx-pl_organic&t=1662632382717&js=1
200 OK 35 B URL HTTP/1.1 tracking.olx-st.com/h/v2/v-otomoto-web?sl=1831c9cd0fcx2b18d293&s=1831c9cd0fcx2b18d293&cl=1&c=1&cC=PL&bR=otomoto&rE=v&eN=login_page&tN=p&language=pl_PL&platform=desktop&event_type=pv&user_status=unlogged&cat_l1_id=29&cat_l1_name=cars&testgroup=4&RTBCookieSplit=4&cP=konto&mv=1.0.100&host=otomoto-h229.net&ivd=olx-pl_organic&t=1662632382717&js=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /h/v2/v-otomoto-web?sl=1831c9cd0fcx2b18d293&s=1831c9cd0fcx2b18d293&cl=1&c=1&cC=PL&bR=otomoto&rE=v&eN=login_page&tN=p&language=pl_PL&platform=desktop&event_type=pv&user_status=unlogged&cat_l1_id=29&cat_l1_name=cars&testgroup=4&RTBCookieSplit=4&cP=konto&mv=1.0.100&host=otomoto-h229.net&ivd=olx-pl_organic&t=1662632382717&js=1 HTTP/1.1
Host: tracking.olx-st.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 10:19:50 GMT
Content-Type: image/gif;charset=ISO-8859-1
Content-Length: 35
Connection: keep-alive
x-olx-hydra-ver: hydra-e5fa7f3
Set-Cookie: onap=1831c9cd0fcx2b18d293-1-1831c9cd0fcx2b18d293-1-1662634190-1831c9ceed5xd928871e-olx-pl_organic_1662632390_1665224390;Path=/h;Expires=Sat, 07-Sep-2024 10:19:50 GMT;SameSite=None;Secure
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Expires: Wed, 19 Apr 2000 03:14:15 GMT
Pragma: no-cache
otomoto-h229.net/noew1_files/iframe.html
200 OK 314 B URL HTTP/1.1 otomoto-h229.net/noew1_files/iframe.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (475), with CRLF line terminators
Hash 27cfbbde6486252188fe430eac4e7de6
fe909e8a1462f81ed69d0b9d7051f18aefcc0ed8
95bde1ddd9341e7679b26298374d55a6077f84c211ae61bac0e137f1b079d30b
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/iframe.html HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
Cookie: _gcl_au=1.1.1592884863.1662632383
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:50 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:00 GMT
ETag: W/"1ec-5b252b8c0f410"
Content-Encoding: gzip
otomoto-h229.net/noew1_files/lsset.html
200 OK 1.9 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/lsset.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1254), with CRLF line terminators
Hash 2b41d2f2815cc18687fb3acb6174cee3
f75e417e6922100b2f3b14ff60fc7dae8955b309
031536ace1dfda717c91aa1b499b6b68f059f396c51b180239626d078677e312
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/lsset.html HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
Cookie: _gcl_au=1.1.1592884863.1662632383
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:50 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:01 GMT
ETag: W/"be8-5b252b8db1398"
Content-Encoding: gzip
otomoto-h229.net/noew1_files/lsget.html
200 OK 2.7 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/lsget.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1255), with CRLF line terminators
Hash 850ee2ceb11ddd17f452e0c7b831deba
350548fbb1565bf20c97132b8e3283c335fe2ccd
b243f8192e7603f4e0026a060a07827f29b02055a822deb0e2726ef4be79093f
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/lsget.html HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
Cookie: _gcl_au=1.1.1592884863.1662632383
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:50 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:01 GMT
ETag: W/"1671-5b252b8d585b6"
Content-Encoding: gzip
otomoto-h229.net/noew1_files/iframe_data/3233175361-idpiframe.js
200 OK 76 kB URL HTTP/1.1 otomoto-h229.net/noew1_files/iframe_data/3233175361-idpiframe.js
IP
File type ASCII text, with very long lines (1845)
Hash 85eb2c8e174b4d7dcf620819d762a41a
7e772acae7adc4203b7cb5e22633985af7495f98
85dc58c88d3cb99170459e95e30a95d2f3533492b21824c7daec5ae4898d2888
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/iframe_data/3233175361-idpiframe.js HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/noew1_files/iframe.html
Cookie: _gcl_au=1.1.1592884863.1662632383
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 75531
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:50 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:54:06 GMT
ETag: "1270b-5b252b91d9aeb"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash de50d39318f58f490483c86aecd38e4c
f92177f493cb7bab9c5ce67f6b41f9214920907d
8bca037d0d46ddd72b4c1bbfc2829f96bc9e7bfb28724af3010f1441d14b7180
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 10:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 312 B IP
Hash 9cd086032c0984ff0dea264839c49221
6b491faae2feeb6c940571621f58b10aa0bf4073
0f17869a314b02450a7983cc94392f75a7ad24c185827652aefd648715051dbc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1365
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 10:19:50 GMT
Last-Modified: Thu, 08 Sep 2022 09:57:05 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 312
ls.hit.gemius.pl/lsget.html
200 OK 2.7 kB URL HTTP/1.1 ls.hit.gemius.pl/lsget.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1253)
Hash 4ed8a9d31f54b01cd20a770c855aa34d
88280845a833c4eefae2c5da303bd82705a8f333
b60b820e04a50ae52f6a105869ad6cb1b412f37e1713a07b2734aac7ca7a6a90
GET /lsget.html HTTP/1.1
Host: ls.hit.gemius.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 10:19:50 GMT
Expires: Sat, 08 Oct 2022 10:19:50 GMT
Server: GHC
Accept-Ranges: none
Cache-Control: private, max-age=2592000
Last-Modified: Mon, 16 Jul 2012 10:03:40 GMT
ETag: PRIVATE7520710249
Vary: Accept-Encoding,Origin,User-Agent
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Type: text/html;charset=utf-8
Content-Length: 2721
Content-Encoding: gzip
www.googletagmanager.com/gtm.js?id=GTM-K4DX4C6
200 OK 94 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K4DX4C6
IP
File type ASCII text, with very long lines (40540)
Hash 3590bd4fbf27a104582b3d7adf7eb804
87f12b3a934a11c311f797834cb0876b3f147125
bd66e02936b8b1d5884bc7188a91089c21947ef5b82a8b82518ce46557b9115f
GET /gtm.js?id=GTM-K4DX4C6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otomoto-h229.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Sep 2022 10:19:50 GMT
expires: Thu, 08 Sep 2022 10:19:50 GMT
cache-control: private, max-age=900
last-modified: Thu, 08 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94137
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash de50d39318f58f490483c86aecd38e4c
f92177f493cb7bab9c5ce67f6b41f9214920907d
8bca037d0d46ddd72b4c1bbfc2829f96bc9e7bfb28724af3010f1441d14b7180
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 10:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 280 B IP
Hash 4fa81072c282649d066d69227ddcf6f8
7b83363ab8bdabdc8f34b893e4fdf66b00975a02
f35e10ebcd644f1199b1ce754b8d732cf1e84f646ee39f7e870e0282ec4de6f8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 10:19:50 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 08:55:33 GMT
Expires: Wed, 14 Sep 2022 08:55:32 GMT
Etag: "7b83363ab8bdabdc8f34b893e4fdf66b00975a02"
Cache-Control: max-age=512741,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7476f2b989eab51d-OSL
ls.hit.gemius.pl/lsget.html?mode=new
200 OK 2.7 kB URL HTTP/2 ls.hit.gemius.pl/lsget.html?mode=new
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1253)
Hash a6f56928b1882a8f6d93edc699ab150f
fcdbfe0b2337d09b0df1d042e4f3d39089a7a1e4
31fe94eafa0f0303d9d8095a70bd140853ad9b97ffc381461c49fa27074e6271
GET /lsget.html?mode=new HTTP/1.1
Host: ls.hit.gemius.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 10:19:50 GMT
expires: Sat, 08 Oct 2022 10:19:50 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2719
content-encoding: gzip
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PB/sx8IdBsVbPsvg3HhLkw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cm9ut2CyRahJ6BGp3GgZIx8XlUw=
ls.hit.gemius.pl/lsset.html
200 OK 1.9 kB URL HTTP/2 ls.hit.gemius.pl/lsset.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1256)
Hash 4a4ab92dd5e247b2bd21f946599ba60c
08eaadd6f2a1765a474ec77b6ef8f254b7caffdb
889eb4d6d195183d4b03675471cefdc87fe05bbafb66ea58202b9c5d8f9d084a
GET /lsset.html HTTP/1.1
Host: ls.hit.gemius.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 10:19:50 GMT
expires: Sat, 08 Oct 2022 10:19:50 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 1862
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash bd1c830a78bd170915961afbce59a403
bf9ab6cfbe268ab4a91a565d37d4faf2246eaf8b
ad97c448d499add95ead110376781240df654da6beb9ed8d492152c8159eca6a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6453
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 10:19:50 GMT
Last-Modified: Thu, 08 Sep 2022 08:32:17 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 313
otomotopl-statics.akamaized.net/naspersclassifieds-regional/verticals-cars-atlas-web-otomotopl/static/img/favicon.ico?v=4
400 Bad Request 369 B URL HTTP/1.0 otomotopl-statics.akamaized.net/naspersclassifieds-regional/verticals-cars-atlas-web-otomotopl/static/img/favicon.ico?v=4
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash b782881269c92f4175d8e1c1522049fe
347f98a11302a25fa0db352da81157bb5496fa6e
570bb4575fbf961aa19ec19ea0fde584211d70409d5ce625a614a37733462279
GET /naspersclassifieds-regional/verticals-cars-atlas-web-otomotopl/static/img/favicon.ico?v=4 HTTP/1.1
Host: otomotopl-statics.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.0 400 Bad Request
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 369
Expires: Thu, 08 Sep 2022 10:19:50 GMT
Date: Thu, 08 Sep 2022 10:19:50 GMT
Connection: close
ocsp.sectigo.com/
200 OK 280 B IP
Hash 4fa81072c282649d066d69227ddcf6f8
7b83363ab8bdabdc8f34b893e4fdf66b00975a02
f35e10ebcd644f1199b1ce754b8d732cf1e84f646ee39f7e870e0282ec4de6f8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 10:19:50 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 08:55:33 GMT
Expires: Wed, 14 Sep 2022 08:55:32 GMT
Etag: "7b83363ab8bdabdc8f34b893e4fdf66b00975a02"
Cache-Control: max-age=512741,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7476f2b989b50b31-OSL
dnacdn.net/dna
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 10:19:50 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=E9ivGl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJzdXhtTWhDdGZyU2xDSWdocG95S1JvMUZXQ25oUkp3bDRLZjg3QyUyRlQlMkI5; expires=Tue, 03 Oct 2023 10:19:50 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 234340
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c6c161f446fd8347ea1645ec346dcf2f
9dd774c15d53b10f6b15b54f3a02a42e26689926
bcdccd81313effa3f6b1bba0dcde9705f0e8649b91b1e05243c401ffc5d92f8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 10:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c6c161f446fd8347ea1645ec346dcf2f
9dd774c15d53b10f6b15b54f3a02a42e26689926
bcdccd81313effa3f6b1bba0dcde9705f0e8649b91b1e05243c401ffc5d92f8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 10:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ls.hit.gemius.pl/lsget.html
200 OK 2.7 kB URL HTTP/2 ls.hit.gemius.pl/lsget.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1260)
Hash 6304abbd073ba0b23f298834b5dff733
4f2337a92b22a4bba4e5244f32277792385a52dd
f24b973c86af0ea4ce4e3c47d42b8f05d6c67a972b1fc5d472ebf8776132c539
GET /lsget.html HTTP/1.1
Host: ls.hit.gemius.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 10:19:50 GMT
expires: Sat, 08 Oct 2022 10:19:50 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2719
content-encoding: gzip
X-Firefox-Spdy: h2
olx.hit.gemius.pl/fpdata.js?href=otomoto-h229.net
301 Moved Permanently 0 B URL HTTP/1.1 olx.hit.gemius.pl/fpdata.js?href=otomoto-h229.net
IP
ASN #50599 Data Space Sp. z o.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fpdata.js?href=otomoto-h229.net HTTP/1.1
Host: olx.hit.gemius.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/
HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Sep 2022 10:19:50 GMT
Expires: Wed, 07 Sep 2022 10:19:50 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Location: https://olx.hit.gemius.pl/_sslredir/fpdata.js?href=otomoto-h229.net
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0
apis.google.com/js/api:client.js
200 OK 5.6 kB URL HTTP/2 apis.google.com/js/api:client.js
IP
File type ASCII text, with very long lines (2046)
Hash 317eaac95e560fcd85884c7a761571da
5b62a9a9fafa8993bb19479ec0fc42eb4b09d387
41df2b017ccddba4ebaf4ab4da7d811ca81fef441c81ee50e7765c8df8710b25
GET /js/api:client.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 5571
date: Thu, 08 Sep 2022 10:19:50 GMT
expires: Thu, 08 Sep 2022 10:19:50 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "8e9a8c23509d82b5"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 312 B IP
Hash d258bf43e8aaddb31dbf53377ce1ff3d
38d08711c7ee94bd26d2a9b044073913fd5ec232
b115cde90ea2a19f47edd13a0a99105ad6ac617bbe41f67fe7c592c13618ddea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6044
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 10:19:50 GMT
Last-Modified: Thu, 08 Sep 2022 08:39:06 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
200 OK 312 B IP
Hash d258bf43e8aaddb31dbf53377ce1ff3d
38d08711c7ee94bd26d2a9b044073913fd5ec232
b115cde90ea2a19f47edd13a0a99105ad6ac617bbe41f67fe7c592c13618ddea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6044
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 10:19:50 GMT
Last-Modified: Thu, 08 Sep 2022 08:39:06 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 312
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.JKCQ2Hvuo0E.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ/cb=gapi.loaded_0
200 OK 101 kB URL HTTP/2 apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.JKCQ2Hvuo0E.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ/cb=gapi.loaded_0
IP
File type ASCII text, with very long lines (760)
Size 101 kB (101217 bytes)
Hash ec74ba957017dfff5001e93cf753a223
0cf58ae3c01deebed9abb43e4a94d098d822c80e
c32b8568ff4a07a68bcf0527c82924dca41eea956af7f452db1d8473f77c9055
GET /_/scs/apps-static/_/js/k=oz.gapi.en_US.JKCQ2Hvuo0E.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ/cb=gapi.loaded_0 HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 101217
date: Thu, 08 Sep 2022 10:19:50 GMT
expires: Fri, 08 Sep 2023 10:19:50 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Wed, 15 Jan 2020 20:40:07 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
olx.hit.gemius.pl/xgemius.js
200 OK 16 kB URL HTTP/1.1 olx.hit.gemius.pl/xgemius.js
IP
ASN #50599 Data Space Sp. z o.o.
File type ASCII text, with very long lines (417)
Hash b2751ff94e358004008e83bd148a201c
d87dbb27e47d49b9e96ee578549504f8e62aafb0
fcbe6f6be124105249dbf4507e6fba73264e2b1b02bbaf9acd0203683a4fc9e2
GET /xgemius.js HTTP/1.1
Host: olx.hit.gemius.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 10:19:50 GMT
Expires: Thu, 08 Sep 2022 22:19:50 GMT
Server: GHC
Accept-Ranges: none
Cache-Control: max-age=43200
Last-Modified: Wed, 07 Sep 2022 10:13:48 GMT
Vary: Accept-Encoding,Origin
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Type: application/x-javascript
Content-Length: 15915
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 721eb245d022db7af3e30ad4e6b94226
4a53b4e9ad119295498594089826bddea4d0b9a6
6f350e89f4e7a0cea74c003493ea950c768ffcbea234bcf68a818b60842a2f3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 10:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ninja.akamaized.net/ninja-verticals.js
200 OK 29 kB URL HTTP/2 ninja.akamaized.net/ninja-verticals.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (577)
Hash f6e9d6f7a345865785f820ff73381620
cb331271284907463f4aa2fdd0077452ac037b0f
01675bfadde2ac452704aab27715d98107bd41927080053b4398db2d8b77ef8d
GET /ninja-verticals.js HTTP/1.1
Host: ninja.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otomoto-h229.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: QyVRYvEvR8X1p9dxPQCVz+4Zz1jbgAO3kvYMRwyA29AWddLG3OIycxBzc4OosZGlr35iaJIpjo0=
x-amz-request-id: J3ZRPZFETCZQ19R2
last-modified: Wed, 07 Sep 2022 15:05:48 GMT
etag: "4b56d987cb53221d332dc53d51191925"
x-amz-version-id: zRgPXiaNfHZhxiQBOaQdnmXdGIEtpbmS
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=900, s-maxage=1800
expires: Thu, 08 Sep 2022 10:34:51 GMT
date: Thu, 08 Sep 2022 10:19:51 GMT
content-length: 29102
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
laquesis.akamaized.net/assign?sl=1831c9cd0fcx2b18d293&cc=PL&ch=w&br=otomoto
200 OK 1.1 kB URL HTTP/2 laquesis.akamaized.net/assign?sl=1831c9cd0fcx2b18d293&cc=PL&ch=w&br=otomoto
IP
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with very long lines (1127), with no line terminators
Hash 2383fc9dc8f9b8894bf38a76175f39db
1417f6248ab46f9d294055b360117d2c4b0cd89f
21df92411d4115f780d4c091cb4741451f2024976d0237bd6fd4c417c34daea5
GET /assign?sl=1831c9cd0fcx2b18d293&cc=PL&ch=w&br=otomoto HTTP/1.1
Host: laquesis.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://otomoto-h229.net
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 1127
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 08 Sep 2022 10:19:51 GMT
date: Thu, 08 Sep 2022 10:19:51 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3b01a4e1b6e61ede809b68f3b0f21803
f2756ddd77a39e3cd0be033bfefe493b943c65ba
e1f45a9ed2fefd1cd157f7ee4d04c18f5a3c653718b75a65204ab1ba6045247f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 10:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tracking.olx-st.com/h/v2/v-otomoto-web?sl=1831c9cd503x3f9673ad&s=1831c9cd503x3f9673ad&cl=1&c=1&cC=PL&bR=otomoto&rE=v&eN=test_assignment&tN=e&language=pl_PL&platform=desktop&event_type=pv&user_status=unlogged&cat_l1_id=29&cat_l1_name=cars&testgroup=4&RTBCookieSplit=4&test_definition=%5B%22cars-27613%2Ca%22%2C%22cars-31060%2Ca%22%2C%22cars-31762%2Ca%22%2C%22cars-31852%2Ca%22%2C%22cars-32036%2Ca%22%2C%22cars-32037%2Ca%22%2C%22cars-32229%2Ca%22%2C%22cars-32904%2Cb%22%2C%22cars-32937%2Cb%22%2C%22cars-32996%2Ca%22%2C%22cars-33059%2Cb%22%2C%22cars-33070%2Ca%22%2C%22cars-33096%2Cb%22%2C%22cars-33477%2Ca%22%2C%22cars-33478%2Cb%22%2C%22cars-33522%2Ca%22%2C%22cars-33562%2Ca%22%2C%22cars-34160%2Cb%22%2C%22cars-34184%2Ca%22%2C%22cars-34351%2Cb%22%2C%22cars-34761%2Ca%22%2C%22cars-34786%2Ca%22%2C%22cars-35777%2Ca%22%2C%22cars-35818%2Cb%22%2C%22cars-35984%2Cc%22%5D&cP=konto&mv=1.0.100&host=otomoto-h229.net&ivd=olx-pl_organic&t=1662632383747&js=1
200 OK 35 B URL HTTP/1.1 tracking.olx-st.com/h/v2/v-otomoto-web?sl=1831c9cd503x3f9673ad&s=1831c9cd503x3f9673ad&cl=1&c=1&cC=PL&bR=otomoto&rE=v&eN=test_assignment&tN=e&language=pl_PL&platform=desktop&event_type=pv&user_status=unlogged&cat_l1_id=29&cat_l1_name=cars&testgroup=4&RTBCookieSplit=4&test_definition=%5B%22cars-27613%2Ca%22%2C%22cars-31060%2Ca%22%2C%22cars-31762%2Ca%22%2C%22cars-31852%2Ca%22%2C%22cars-32036%2Ca%22%2C%22cars-32037%2Ca%22%2C%22cars-32229%2Ca%22%2C%22cars-32904%2Cb%22%2C%22cars-32937%2Cb%22%2C%22cars-32996%2Ca%22%2C%22cars-33059%2Cb%22%2C%22cars-33070%2Ca%22%2C%22cars-33096%2Cb%22%2C%22cars-33477%2Ca%22%2C%22cars-33478%2Cb%22%2C%22cars-33522%2Ca%22%2C%22cars-33562%2Ca%22%2C%22cars-34160%2Cb%22%2C%22cars-34184%2Ca%22%2C%22cars-34351%2Cb%22%2C%22cars-34761%2Ca%22%2C%22cars-34786%2Ca%22%2C%22cars-35777%2Ca%22%2C%22cars-35818%2Cb%22%2C%22cars-35984%2Cc%22%5D&cP=konto&mv=1.0.100&host=otomoto-h229.net&ivd=olx-pl_organic&t=1662632383747&js=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /h/v2/v-otomoto-web?sl=1831c9cd503x3f9673ad&s=1831c9cd503x3f9673ad&cl=1&c=1&cC=PL&bR=otomoto&rE=v&eN=test_assignment&tN=e&language=pl_PL&platform=desktop&event_type=pv&user_status=unlogged&cat_l1_id=29&cat_l1_name=cars&testgroup=4&RTBCookieSplit=4&test_definition=%5B%22cars-27613%2Ca%22%2C%22cars-31060%2Ca%22%2C%22cars-31762%2Ca%22%2C%22cars-31852%2Ca%22%2C%22cars-32036%2Ca%22%2C%22cars-32037%2Ca%22%2C%22cars-32229%2Ca%22%2C%22cars-32904%2Cb%22%2C%22cars-32937%2Cb%22%2C%22cars-32996%2Ca%22%2C%22cars-33059%2Cb%22%2C%22cars-33070%2Ca%22%2C%22cars-33096%2Cb%22%2C%22cars-33477%2Ca%22%2C%22cars-33478%2Cb%22%2C%22cars-33522%2Ca%22%2C%22cars-33562%2Ca%22%2C%22cars-34160%2Cb%22%2C%22cars-34184%2Ca%22%2C%22cars-34351%2Cb%22%2C%22cars-34761%2Ca%22%2C%22cars-34786%2Ca%22%2C%22cars-35777%2Ca%22%2C%22cars-35818%2Cb%22%2C%22cars-35984%2Cc%22%5D&cP=konto&mv=1.0.100&host=otomoto-h229.net&ivd=olx-pl_organic&t=1662632383747&js=1 HTTP/1.1
Host: tracking.olx-st.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 10:19:51 GMT
Content-Type: image/gif;charset=ISO-8859-1
Content-Length: 35
Connection: keep-alive
x-olx-hydra-ver: hydra-e5fa7f3
Set-Cookie: onap=1831c9cd503x3f9673ad-1-1831c9cd503x3f9673ad-1-1662634191-1831c9cf282x541e36f1-olx-pl_organic_1662632391_1665224391;Path=/h;Expires=Sat, 07-Sep-2024 10:19:51 GMT;SameSite=None;Secure
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Expires: Wed, 19 Apr 2000 03:14:15 GMT
Pragma: no-cache
tracking.olx-st.com/h/v2/v-otomoto-web?sl=1831c9cd505x2e514c58&s=1831c9cd505x2e514c58&cl=1&c=1&cC=PL&bR=otomoto&rE=v&eN=flag_assignment&tN=e&language=pl_PL&platform=desktop&event_type=pv&user_status=unlogged&cat_l1_id=29&cat_l1_name=cars&testgroup=4&RTBCookieSplit=4&flag_definition=%5B%22euads-2750%22%5D&cP=konto&mv=1.0.100&host=otomoto-h229.net&ivd=olx-pl_organic&t=1662632383750&js=1
200 OK 35 B URL HTTP/1.1 tracking.olx-st.com/h/v2/v-otomoto-web?sl=1831c9cd505x2e514c58&s=1831c9cd505x2e514c58&cl=1&c=1&cC=PL&bR=otomoto&rE=v&eN=flag_assignment&tN=e&language=pl_PL&platform=desktop&event_type=pv&user_status=unlogged&cat_l1_id=29&cat_l1_name=cars&testgroup=4&RTBCookieSplit=4&flag_definition=%5B%22euads-2750%22%5D&cP=konto&mv=1.0.100&host=otomoto-h229.net&ivd=olx-pl_organic&t=1662632383750&js=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /h/v2/v-otomoto-web?sl=1831c9cd505x2e514c58&s=1831c9cd505x2e514c58&cl=1&c=1&cC=PL&bR=otomoto&rE=v&eN=flag_assignment&tN=e&language=pl_PL&platform=desktop&event_type=pv&user_status=unlogged&cat_l1_id=29&cat_l1_name=cars&testgroup=4&RTBCookieSplit=4&flag_definition=%5B%22euads-2750%22%5D&cP=konto&mv=1.0.100&host=otomoto-h229.net&ivd=olx-pl_organic&t=1662632383750&js=1 HTTP/1.1
Host: tracking.olx-st.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 10:19:51 GMT
Content-Type: image/gif;charset=ISO-8859-1
Content-Length: 35
Connection: keep-alive
x-olx-hydra-ver: hydra-e5fa7f3
Set-Cookie: onap=1831c9cd505x2e514c58-1-1831c9cd505x2e514c58-1-1662634191-1831c9cf29cx131ebded-olx-pl_organic_1662632391_1665224391;Path=/h;Expires=Sat, 07-Sep-2024 10:19:51 GMT;SameSite=None;Secure
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Expires: Wed, 19 Apr 2000 03:14:15 GMT
Pragma: no-cache
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 10:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.GG-Ggjrq5aE.es5.O/d=1/rs=AOaEmlGz2ImcM87xCQJBm9w21x76L2RsZA/m=base
200 OK 35 kB URL HTTP/2 www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.GG-Ggjrq5aE.es5.O/d=1/rs=AOaEmlGz2ImcM87xCQJBm9w21x76L2RsZA/m=base
IP
File type ASCII text, with very long lines (868)
Hash 424b937f079afb0cba28562b77ef535b
ed37e7647ac147b51005e5012442abe720ec5ee9
faae2feaa18be4b0bac6823e4729af093eac5455e37409428540098198db800a
GET /_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.GG-Ggjrq5aE.es5.O/d=1/rs=AOaEmlGz2ImcM87xCQJBm9w21x76L2RsZA/m=base HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-length: 34824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 00:13:44 GMT
expires: Wed, 06 Sep 2023 00:13:44 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sat, 27 Aug 2022 01:41:42 GMT
content-type: text/javascript; charset=UTF-8
age: 209167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
olx.hit.gemius.pl/_sslredir/fpdata.js?href=otomoto-h229.net
200 OK 285 B URL HTTP/2 olx.hit.gemius.pl/_sslredir/fpdata.js?href=otomoto-h229.net
IP
ASN #50599 Data Space Sp. z o.o.
Hash 98c30b78aa09bf6fc85c52b9d0d112c4
817245cf91dd2d3a662bd779dc1c9fb629829a18
5d29fd922136c49e9c892834dca8c9ee0758d0e50da0ce4fb537e1d58422233a
GET /_sslredir/fpdata.js?href=otomoto-h229.net HTTP/1.1
Host: olx.hit.gemius.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otomoto-h229.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 10:19:51 GMT
expires: Sat, 08 Oct 2022 10:19:51 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 285
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 10:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
olx.hit.gemius.pl/_1662632383922/rexdot.js?l=100&id=1wA64edYL8OQRSzbOqfRLrbu7OkY4sSgxVmVCOuHpYn.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fotomoto-h229.net%2Fkonto.html&ref=&screen=1280x1024r1000&col=24&window=1280x939<ime=233&lsdata=-SETERR&fpdata=9Qks4eBOJljnuxXff2RNL4dL5_oKiY4asz1D93L119n.s7|1662632391&vis=1
301 Moved Permanently 0 B URL HTTP/1.1 olx.hit.gemius.pl/_1662632383922/rexdot.js?l=100&id=1wA64edYL8OQRSzbOqfRLrbu7OkY4sSgxVmVCOuHpYn.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fotomoto-h229.net%2Fkonto.html&ref=&screen=1280x1024r1000&col=24&window=1280x939<ime=233&lsdata=-SETERR&fpdata=9Qks4eBOJljnuxXff2RNL4dL5_oKiY4asz1D93L119n.s7|1662632391&vis=1
IP
ASN #50599 Data Space Sp. z o.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_1662632383922/rexdot.js?l=100&id=1wA64edYL8OQRSzbOqfRLrbu7OkY4sSgxVmVCOuHpYn.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fotomoto-h229.net%2Fkonto.html&ref=&screen=1280x1024r1000&col=24&window=1280x939<ime=233&lsdata=-SETERR&fpdata=9Qks4eBOJljnuxXff2RNL4dL5_oKiY4asz1D93L119n.s7|1662632391&vis=1 HTTP/1.1
Host: olx.hit.gemius.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/
HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Sep 2022 10:19:51 GMT
Expires: Wed, 07 Sep 2022 10:19:51 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Location: https://olx.hit.gemius.pl/_sslredir/_1662632383922/rexdot.js?l=100&id=1wA64edYL8OQRSzbOqfRLrbu7OkY4sSgxVmVCOuHpYn.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fotomoto-h229.net%2Fkonto.html&ref=&screen=1280x1024r1000&col=24&window=1280x939<ime=233&lsdata=-SETERR&fpdata=9Qks4eBOJljnuxXff2RNL4dL5_oKiY4asz1D93L119n.s7|1662632391&vis=1
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0
olx.hit.gemius.pl/_sslredir/_1662632383922/rexdot.js?l=100&id=1wA64edYL8OQRSzbOqfRLrbu7OkY4sSgxVmVCOuHpYn.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fotomoto-h229.net%2Fkonto.html&ref=&screen=1280x1024r1000&col=24&window=1280x939<ime=233&lsdata=-SETERR&fpdata=9Qks4eBOJljnuxXff2RNL4dL5_oKiY4asz1D93L119n.s7|1662632391&vis=1
301 Moved Permanently 0 B URL HTTP/2 olx.hit.gemius.pl/_sslredir/_1662632383922/rexdot.js?l=100&id=1wA64edYL8OQRSzbOqfRLrbu7OkY4sSgxVmVCOuHpYn.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fotomoto-h229.net%2Fkonto.html&ref=&screen=1280x1024r1000&col=24&window=1280x939<ime=233&lsdata=-SETERR&fpdata=9Qks4eBOJljnuxXff2RNL4dL5_oKiY4asz1D93L119n.s7|1662632391&vis=1
IP
ASN #50599 Data Space Sp. z o.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_sslredir/_1662632383922/rexdot.js?l=100&id=1wA64edYL8OQRSzbOqfRLrbu7OkY4sSgxVmVCOuHpYn.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fotomoto-h229.net%2Fkonto.html&ref=&screen=1280x1024r1000&col=24&window=1280x939<ime=233&lsdata=-SETERR&fpdata=9Qks4eBOJljnuxXff2RNL4dL5_oKiY4asz1D93L119n.s7|1662632391&vis=1 HTTP/1.1
Host: olx.hit.gemius.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otomoto-h229.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 08 Sep 2022 10:19:51 GMT
expires: Wed, 07 Sep 2022 10:19:51 GMT
server: GHC
accept-ranges: none
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: Gtest=KlGqYMaGQMGG1LAMNt95rXXissGMXP8cERbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Thu, 15 Sep 2022 10:19:51 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_sslredir/_1662632383922/rexdot.js?l=100&id=1wA64edYL8OQRSzbOqfRLrbu7OkY4sSgxVmVCOuHpYn.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fotomoto-h229.net%2Fkonto.html&ref=&screen=1280x1024r1000&col=24&window=1280x939<ime=233&lsdata=-SETERR&fpdata=9Qks4eBOJljnuxXff2RNL4dL5_oKiY4asz1D93L119n.s7|1662632391&vis=1
content-length: 0
X-Firefox-Spdy: h2
olx.hit.gemius.pl/__/_sslredir/_1662632383922/rexdot.js?l=100&id=1wA64edYL8OQRSzbOqfRLrbu7OkY4sSgxVmVCOuHpYn.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fotomoto-h229.net%2Fkonto.html&ref=&screen=1280x1024r1000&col=24&window=1280x939<ime=233&lsdata=-SETERR&fpdata=9Qks4eBOJljnuxXff2RNL4dL5_oKiY4asz1D93L119n.s7|1662632391&vis=1
200 OK 167 B URL HTTP/2 olx.hit.gemius.pl/__/_sslredir/_1662632383922/rexdot.js?l=100&id=1wA64edYL8OQRSzbOqfRLrbu7OkY4sSgxVmVCOuHpYn.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fotomoto-h229.net%2Fkonto.html&ref=&screen=1280x1024r1000&col=24&window=1280x939<ime=233&lsdata=-SETERR&fpdata=9Qks4eBOJljnuxXff2RNL4dL5_oKiY4asz1D93L119n.s7|1662632391&vis=1
IP
ASN #50599 Data Space Sp. z o.o.
Hash d56414e8741bb2cb60fc68bff1ee471d
f08d51c898d02cbe4742d82f4affb57669455129
4d1837f2a0a57f77e533696a8423617ded92974d0c8475e6935ef21dbbe3ce7a
GET /__/_sslredir/_1662632383922/rexdot.js?l=100&id=1wA64edYL8OQRSzbOqfRLrbu7OkY4sSgxVmVCOuHpYn.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fotomoto-h229.net%2Fkonto.html&ref=&screen=1280x1024r1000&col=24&window=1280x939<ime=233&lsdata=-SETERR&fpdata=9Qks4eBOJljnuxXff2RNL4dL5_oKiY4asz1D93L119n.s7|1662632391&vis=1 HTTP/1.1
Host: olx.hit.gemius.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otomoto-h229.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 10:19:51 GMT
expires: Wed, 07 Sep 2022 10:19:51 GMT
server: GHC
accept-ranges: none
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: Gtest=KlxPwRXGQMQGE28mAxs5rXXissGMXP8cERbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Thu, 15 Sep 2022 10:19:51 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 167
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-1167.min.js
200 OK 10 kB URL HTTP/2 js-agent.newrelic.com/nr-1167.min.js
IP
File type ASCII text, with very long lines (26895), with no line terminators
Hash 2475af80a5beb58a3e3a97c4184c9e3f
cbea1268312d005145a84d52c3e377c8ad8cc633
f4b7678a0e6380207322e69fa89295c2d4fcd240554e6d3ebc1d537fee5402a4
GET /nr-1167.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: duwk5/9ckcOP/HF89l6qi5VKNFQtyqLHChgZ9jTu+TWxp1baPzH9sKks+LwJ/+5Kj/IgKbgTLJ4=
x-amz-request-id: S1GA00MHJD9Y1NQA
last-modified: Fri, 07 Feb 2020 23:39:55 GMT
etag: "8155781ab74e51eee2ead2c1d5902e63"
x-amz-version-id: null
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Sep 2022 10:19:51 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 10
x-timer: S1662632392.765236,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 10178
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9081
Expires: Thu, 08 Sep 2022 12:51:12 GMT
Date: Thu, 08 Sep 2022 10:19:51 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9081
Expires: Thu, 08 Sep 2022 12:51:12 GMT
Date: Thu, 08 Sep 2022 10:19:51 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9081
Expires: Thu, 08 Sep 2022 12:51:12 GMT
Date: Thu, 08 Sep 2022 10:19:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd38a7ac-451e-4dae-8707-f68a3c27ee4e.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd38a7ac-451e-4dae-8707-f68a3c27ee4e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ccc1d45458086694a8221a8a6c6aa3b
b8f1359214f21be812390a6cca80b8e84c26a403
461503caa5ec14c1214bdc19795e47b8c1c3c5be1b21f0f29e923e5191e93846
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd38a7ac-451e-4dae-8707-f68a3c27ee4e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8693
x-amzn-requestid: aae6e4f7-9b0a-49da-b2f1-58b625609942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgFokoAMFbwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-27854a575dea22e1035454e3;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PKD1-NMnB_gBWmi4tmCDLib4ROvVwI4hrOL7CHtoMXEEGgYNYiAsTw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:48:35 GMT
etag: "b8f1359214f21be812390a6cca80b8e84c26a403"
content-type: image/jpeg
age: 45076
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffde48022-9b21-4eb3-b8b7-e4fcb208d624.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffde48022-9b21-4eb3-b8b7-e4fcb208d624.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 036db462684c81e3906433a0d2929eb8
7bcd0b99c0fb6d9ead1dd6878377f5a582bde20d
a252f30f9239f6a343b23c9d3e1d1b7460c5ee5a592d3372bf124760baa6e657
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffde48022-9b21-4eb3-b8b7-e4fcb208d624.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8246
x-amzn-requestid: d1a11f7f-22b7-4fc1-b33d-402e5bc3af33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgEx4oAMF-pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-7305dd7653fe38c9445e02a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: INlZ1UklE6G7_1AYLBLEjbENrWoRgkYHLiL4w_QVx7tRA3jepd_eXQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:48:35 GMT
etag: "7bcd0b99c0fb6d9ead1dd6878377f5a582bde20d"
content-type: image/jpeg
age: 45076
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca5b5d4ac26d97b5729a30ecdc688bc
3e633bc6c4ab9adfe84899e5209d73bef1d097eb
2c8275d1819d933f86df9685b76aea030842ba5a341c59ea88ffd2da99a5a3d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7885
x-amzn-requestid: 305dc6b7-eb3d-40ad-af89-8b60be935637
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThE3DIAMFRtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-7c0b58644e26de7f27c5b388;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ry2D03udnweYHan_7KhC9IDhT01g9_73G40Fa10BdIX21tgK0Cgjiw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:48:35 GMT
etag: "3e633bc6c4ab9adfe84899e5209d73bef1d097eb"
content-type: image/jpeg
age: 45076
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6df26b-97aa-461c-9f22-c5c9496b5701.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6df26b-97aa-461c-9f22-c5c9496b5701.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24e43bc53a0b047911cff00ad4b72320
f6ef30b5df0e634c3a3f607d751e738e55a276c9
7e1406b2101c912e72f37f0257128574079e618c1af83e360acb3f29b4d44d89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6df26b-97aa-461c-9f22-c5c9496b5701.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8705
x-amzn-requestid: ccc5b695-35b5-49fd-b938-296a88a78ab8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgFOiIAMFaXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-12e809c767cdbba61492187c;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: iN3jcMCQ8paYD_O9gQLAswM-ITb0oY8CYmbnMDwpwS-7hPLis5TGSg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:03:47 GMT
age: 44164
etag: "f6ef30b5df0e634c3a3f607d751e738e55a276c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 05:34:36 GMT
age: 17115
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a07d553b6441514870ed7e9e989a29a7
98c145b9326d1e6036fa9089d87a25232dd45b0b
373a586b596016baeb8de98022207c25af24c099c06077edbdfd837cffc31a0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7492
x-amzn-requestid: 2c5e9ff3-c7a4-4a8f-96bf-74f0ca5d9137
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9dOHguIAMFjGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f87-70dbe6532b1a241e6dbe729e;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 6mfdlMHJozdykr4faiijvUuJPXVrJGU_n0MxJgCrZ-uWWdejGYfiAQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 020978022b22df6352245f09cfbc410c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:33:06 GMT
age: 42405
etag: "98c145b9326d1e6036fa9089d87a25232dd45b0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bam.nr-data.net/1/03c2d95870?a=27030240&v=1167.2a4546b&to=NgBUMhdWVhdWUBIPDQ9KdRMWQ1cJGFcDFQkVCkZJBFRbC0JdEkkLDwFTHg%3D%3D&rst=2818&ref=http://otomoto-h229.net/konto.html&ap=46&be=647&fe=2716&dc=1409&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662632381443,%22n%22:0,%22f%22:-5,%22dn%22:-5,%22dne%22:-3,%22c%22:-3,%22ce%22:33,%22rq%22:124,%22rp%22:169,%22rpe%22:214,%22dl%22:410,%22di%22:1400,%22ds%22:1409,%22de%22:1437,%22dc%22:2715,%22l%22:2715,%22le%22:2717%7D,%22navigation%22:%7B%7D%7D&fcp=1227&at=GkdXRF9MRRk%3D&jsonp=NREUM.setToken
200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/03c2d95870?a=27030240&v=1167.2a4546b&to=NgBUMhdWVhdWUBIPDQ9KdRMWQ1cJGFcDFQkVCkZJBFRbC0JdEkkLDwFTHg%3D%3D&rst=2818&ref=http://otomoto-h229.net/konto.html&ap=46&be=647&fe=2716&dc=1409&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662632381443,%22n%22:0,%22f%22:-5,%22dn%22:-5,%22dne%22:-3,%22c%22:-3,%22ce%22:33,%22rq%22:124,%22rp%22:169,%22rpe%22:214,%22dl%22:410,%22di%22:1400,%22ds%22:1409,%22de%22:1437,%22dc%22:2715,%22l%22:2715,%22le%22:2717%7D,%22navigation%22:%7B%7D%7D&fcp=1227&at=GkdXRF9MRRk%3D&jsonp=NREUM.setToken
IP
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/03c2d95870?a=27030240&v=1167.2a4546b&to=NgBUMhdWVhdWUBIPDQ9KdRMWQ1cJGFcDFQkVCkZJBFRbC0JdEkkLDwFTHg%3D%3D&rst=2818&ref=http://otomoto-h229.net/konto.html&ap=46&be=647&fe=2716&dc=1409&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662632381443,%22n%22:0,%22f%22:-5,%22dn%22:-5,%22dne%22:-3,%22c%22:-3,%22ce%22:33,%22rq%22:124,%22rp%22:169,%22rpe%22:214,%22dl%22:410,%22di%22:1400,%22ds%22:1409,%22de%22:1437,%22dc%22:2715,%22l%22:2715,%22le%22:2717%7D,%22navigation%22:%7B%7D%7D&fcp=1227&at=GkdXRF9MRRk%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 10:19:52 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7476f2c0f829b515-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=52eb0dce1a85761c; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
dnacdn.net/dna
200 OK 0 B IP
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=E9ivGl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJzdXhtTWhDdGZyU2xDSWdocG95S1JvMUZXQ25oUkp3bDRLZjg3QyUyRlQlMkI5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Sep 2022 10:19:50 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=g5LVzF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJzdXhtTWhDdGZyU2xDSWdocG95S1N6YmRsbnJ1cU15YlU3cVpKOFRZNkQ; expires=Tue, 03 Oct 2023 10:19:50 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 277017
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
accounts.google.com/o/oauth2/iframe
200 OK 0 B URL HTTP/2 accounts.google.com/o/oauth2/iframe
IP
GET /o/oauth2/iframe HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Sep 2022 10:19:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-embedder-policy: require-corp
report-to: {"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
cross-origin-opener-policy: same-origin; report-to="IdpIFrameHttp"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-y0QDTux2IR23Bi0CvSooMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
otomoto-h229.net/noew1_files/cbgapi.loaded_0
200 OK 0 B URL HTTP/1.1 otomoto-h229.net/noew1_files/cbgapi.loaded_0
IP
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/cbgapi.loaded_0 HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Length: 296211
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:58 GMT
ETag: "48513-5b252b8a6e428"
Accept-Ranges: bytes
gum.criteo.com/syncframe?topUrl=otomoto-h229.net
200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?topUrl=otomoto-h229.net
IP
GET /syncframe?topUrl=otomoto-h229.net HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 10:19:49 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=279e1a06-1f5e-41f0-a30f-d4f096fa67b0; expires=Tue, 03 Oct 2023 10:19:49 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 679109
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
otomoto-h229.net/noew1_files/gtm_002.js
200 OK 0 B URL HTTP/1.1 otomoto-h229.net/noew1_files/gtm_002.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /noew1_files/gtm_002.js HTTP/1.1
Host: otomoto-h229.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otomoto-h229.net/konto.html
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 295982
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 08 Sep 2022 10:19:49 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2020 08:53:59 GMT
ETag: "4842e-5b252b8b55b4c"
Accept-Ranges: bytes
gem.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 10:19:50 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 153197
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
sslwidget.criteo.com/event?a=10828&v=5.5.0&p0=e%3Dexd%26ci%3D%26site_type%3Dd&p1=e%3Ddis&adce=1&tld=otomoto-h229.net&dtycbr=50244
200 OK 0 B URL HTTP/2 sslwidget.criteo.com/event?a=10828&v=5.5.0&p0=e%3Dexd%26ci%3D%26site_type%3Dd&p1=e%3Ddis&adce=1&tld=otomoto-h229.net&dtycbr=50244
IP
GET /event?a=10828&v=5.5.0&p0=e%3Dexd%26ci%3D%26site_type%3Dd&p1=e%3Ddis&adce=1&tld=otomoto-h229.net&dtycbr=50244 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otomoto-h229.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 10:19:50 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 6595986
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
217.160.0.78
34.117.237.239
23.36.76.170
151.101.86.137
178.250.0.157
93.184.220.29
104.18.32.68
185.11.128.202
185.184.8.90