| firefox.settings.services.mozilla.com/v1/ | 143.204.55.27 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.27:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 20:46:58 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9D3N6n5-qRi0AmixBBwe2Bf67aVIBnOTzHROF6VwCFubwKdwm6WJGQ==
Age: 1616
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash9955bda9c9ef64bc5700a14af0bae25e 8de7b7469e905af0374bdfcc3006bbb844f13e94 1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2844
Expires: Mon, 03 Oct 2022 22:01:18 GMT
Date: Mon, 03 Oct 2022 21:13:54 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain | 143.204.55.49 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain IP143.204.55.49:0
File typePEM certificate\012- , ASCII text Hash6113f8408c59aebe188d6af273b90743 7398873bf00f99944eaa77ad3ebc0d43c23dba6b b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sYZp6RjCtCNwRyZa7a3BxQSeepRxVBARCuj_OEQ7QE7R_jtAvOGvpQ==
age: 56727
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashea81b6edf17052c93d3dad56164937c1 e1051eb461e57b52063ccfa30db90af97a2b9bed 76d318a76bb8ca7dc86849fb0c3c7c3ff6c768612063198d90c2488085d9da52
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "76D318A76BB8CA7DC86849FB0C3C7C3FF6C768612063198D90C2488085D9DA52"
Last-Modified: Mon, 03 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21557
Expires: Tue, 04 Oct 2022 03:13:11 GMT
Date: Mon, 03 Oct 2022 21:13:54 GMT
Connection: keep-alive
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 21:13:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/img/preloader.gif | 172.67.176.72 | 200 OK | 8.9 kB |
URL HTTP/2dralig-investing.pro/img/preloader.gif IP172.67.176.72:0
File typeGIF image data, version 89a, 64 x 64\012- data Hash0b8e29b59ac34685394b179ff07f707d 4edf80def6987036c407ed3d192dda365bb87ead d645c0ce08af9538f2ee909785e6bd6fd19c314fc28f2e58435d0af82d04cd23
Analyzer | Verdict | Alert | openphish | PKN Orlen | |
GET /img/preloader.gif HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: image/gif
content-length: 8852
last-modified: Thu, 23 Dec 2021 21:36:32 GMT
etag: "2294-5d3d7082ab800"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8Zji9bA3dygJ9jIVYvAIb%2B1i6X%2FgEn%2BwL62Z%2FHF746ZB%2BgNQqTeg3N3TJUjsbKdLQPQSIUZUNtm8lQifu4ewo8sncM%2Bj5UYgGRAgtU819BgllPvb0UkORj%2BCM9ZdzDGzuswySIsxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7548af36df08b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/img/gerb.png | 172.67.176.72 | 200 OK | 13 kB |
URL HTTP/2dralig-investing.pro/img/gerb.png IP172.67.176.72:0
File typePNG image data, 379 x 333, 8-bit colormap, non-interlaced\012- data Hashc01ce32ef6a43a267b39155e4724bc53 38dd9483c3a21a4becdf6da850a1de3138855623 a7918a3c6b7280b9a6ddaf06c85437367f13ef3a936fe5ff357415441c7d6af0
Analyzer | Verdict | Alert | openphish | PKN Orlen | |
GET /img/gerb.png HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: image/png
content-length: 12969
last-modified: Thu, 23 Dec 2021 18:53:22 GMT
etag: "32a9-5d3d4c0a32c80"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMC9jGlUAF8f28iIurmWrbodA5nCFrh3hlVrZ%2FZ0ZbUTk3P2Bdgkg9Dr6qjqWOnLHrNE4zxIlOr0ZWcc5bs6Qq7CLcl7Wi1OC76brvUTc%2Fi%2ByLGGFmR0yUbTxQyjRi%2FymEbb5mFgtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7548af36df05b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/img/10.jpg | 172.67.176.72 | 200 OK | 63 kB |
URL HTTP/2dralig-investing.pro/img/10.jpg IP172.67.176.72:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x480, components 3\012- data Hashf58b369f911e4b2a5c16a570aef3a3fb bff053ff5ecfeeb900fbffa50bf8b6088c8f250e e65fc22431e2850a96d4b5541a860d594c5dcbfa91797de2d5d80987dbff936e
Analyzer | Verdict | Alert | openphish | PKN Orlen | |
GET /img/10.jpg HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: image/jpeg
content-length: 63184
last-modified: Thu, 23 Dec 2021 18:53:22 GMT
etag: "f6d0-5d3d4c0a32c80"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSmMFbjX8Aa7bxndJI282KcPUqqWy%2FEMti4C7CsnvMhnJPcryywf9ndYHMqhcNKnvjUpjBIAhUtt6SycmMa1rUmNijTFXNZDdu%2BgE9nGxY%2BxI%2FwL4ESyCg4aQU%2BSlel9lCH5%2FgLPHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7548af36df0ab512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/img/16.jpg | 172.67.176.72 | 200 OK | 44 kB |
URL HTTP/2dralig-investing.pro/img/16.jpg IP172.67.176.72:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x400, components 3\012- data Hash8e3992ed3be0609bc141711f1695f5c1 49a1f9f21cd81e159a974e6763ca73dc86c9f297 1759d5850efea5db3758093b531da11f9651ced2720178f6ec0e809198be1a25
Analyzer | Verdict | Alert | openphish | PKN Orlen | |
GET /img/16.jpg HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: image/jpeg
content-length: 44155
last-modified: Thu, 23 Dec 2021 18:53:24 GMT
etag: "ac7b-5d3d4c0c1b100"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AiWlJlyvMSy%2BlUfEuCEfiuvWW%2BDljdqxwE0cE34M2%2F9uSX9k0jeSzv7Sl4XSBIJKn9SLv5QgzMxWpnaB7a7WLo1EUiZBWK6xAIAg58ZhbqMtL9dYuykqf5VeiqYB5upWIHSWWHmgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7548af36ff49b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/img/13.png | 172.67.176.72 | 200 OK | 198 kB |
URL HTTP/2dralig-investing.pro/img/13.png IP172.67.176.72:0
File typePNG image data, 882 x 1138, 8-bit colormap, non-interlaced\012- data Size198 kB (197949 bytes) Hashdce46cac5dd2f7d73d6b9e678e5be2f0 fdfb27ea5738bd0027a5ecb0b8e9b52e104ff462 bf6768a7e5d043ac9d9a3a51306736d5ca809b386fb6a8af26dd3bbb4d250791
Analyzer | Verdict | Alert | openphish | PKN Orlen | |
GET /img/13.png HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: image/png
content-length: 197949
last-modified: Thu, 23 Dec 2021 18:53:24 GMT
etag: "3053d-5d3d4c0c1b100"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75p9baoRs7jL6U9yD7pl4WxzGt04uh92rozTVdiG9Xm748%2FsRAZIUrOpSRprFAn1fzFBiJr8fWT4NHj%2B3GDlmJ4mGidmo6LQqrvhNBalV90ox6uuCfxLrX9hstT%2FcbjfZP5jGLqaMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7548af36ff42b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/img/12.png | 172.67.176.72 | 200 OK | 186 kB |
URL HTTP/2dralig-investing.pro/img/12.png IP172.67.176.72:0
File typePNG image data, 896 x 1142, 8-bit colormap, non-interlaced\012- data Size186 kB (185471 bytes) Hash5dd9d8194b430a83d74146a2d8f8a450 73f559cc67a225d8c2f207eb6b54c15706e8213c 970736e5687ae18a3662c0e7a49d0e3c4d9a3dda23316c4b1cd63def4ab19814
Analyzer | Verdict | Alert | openphish | PKN Orlen | |
GET /img/12.png HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: image/png
content-length: 185471
last-modified: Thu, 23 Dec 2021 18:53:22 GMT
etag: "2d47f-5d3d4c0a32c80"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uv0jPBI34vm6mf%2BCcaGIggAE9eWZAQz%2FoEPs9F6yr85OeaCcmT9wmmbt%2FjLbH8sc9xHuUapM4pBI4L4biF36nn74EHX6yOWNJZb4oNxht5oGkPW5IfXjrDrxWQlcqmoeS58puyBb6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7548af36ff40b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/img/14.png | 172.67.176.72 | 200 OK | 363 kB |
URL HTTP/2dralig-investing.pro/img/14.png IP172.67.176.72:0
File typePNG image data, 824 x 1168, 8-bit colormap, non-interlaced\012- data Size363 kB (362653 bytes) Hash6fd858aebe6b1d33acca7c056834089f 2c519c23712933c91293fb6338bd6fd27340ca59 ec2238d7bd539e3e7986fc3ae25769a5d8b10967126ba7113e62ec53f2c0e110
Analyzer | Verdict | Alert | openphish | PKN Orlen | |
GET /img/14.png HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: image/png
content-length: 362653
last-modified: Thu, 23 Dec 2021 18:53:24 GMT
etag: "5889d-5d3d4c0c1b100"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xqIEy2l%2BFTus%2B5cpDEUyoGXLnc%2FC23hDfy6dibmeiFC%2B11yAIRYj%2BYrDIcsoLArcOgT2XgI7mMHEB3eezSakHLjw1EujBGNAXjrCR517%2FXsJNNOlYDp6YEVhnDKiF1%2Fhzvh1FaEOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7548af36ff45b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/img/15.jpg | 172.67.176.72 | 200 OK | 367 kB |
URL HTTP/2dralig-investing.pro/img/15.jpg IP172.67.176.72:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1211, components 3\012- data Size367 kB (367207 bytes) Hashfe1520cac6effe62b868e75f1d554a41 ecfc9cfcac706e073913d16a31ab322f69cbaee5 ee56b6b8e23c5cc28b8553b28c2395f15d48336d7408320dd5776fff54766e66
Analyzer | Verdict | Alert | openphish | PKN Orlen | |
GET /img/15.jpg HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: image/jpeg
content-length: 367207
last-modified: Thu, 23 Dec 2021 18:53:24 GMT
etag: "59a67-5d3d4c0c1b100"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vqDVZWAPzAk2X6c5Mx6T6tNKDYRtMTiIZcMD06dSwjX8O%2FOdVspQ98iNoXenSXGMHj8zPKSfnbraTMlvz1I7%2BKYeL8JZ6yv6AhkWP78oY%2BBUQklDybTelOFVLzRT%2FMzsWGq04tsxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7548af36ff48b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/img/11.png | 172.67.176.72 | 200 OK | 378 kB |
URL HTTP/2dralig-investing.pro/img/11.png IP172.67.176.72:0
File typePNG image data, 826 x 1148, 8-bit colormap, non-interlaced\012- data Size378 kB (377476 bytes) Hashf7d5e60c725216480d12e0cd2e85a5df b18bb66ce2b4b0a88647f437b083e4c66a0309ef ad430203c79d4ff7dad5a6ee4504b960cf74340283814fefa668eaa4b71b6121
Analyzer | Verdict | Alert | openphish | PKN Orlen | |
GET /img/11.png HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: image/png
content-length: 377476
last-modified: Thu, 23 Dec 2021 18:53:22 GMT
etag: "5c284-5d3d4c0a32c80"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgKd8ymzd2Xc4IdVJT1g%2BzdG9xeQTy%2FU6JC2JhOtxEaH7Vg9XakWW0cMDE6HzD8iIQsHoW%2B%2FKrxJxNOTZ%2B0gcAV3BgMbTqgQLA6hMlIQRjsOf71cCjxp3QDXP7S7pqBlyDv8BX3S7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7548af36ff3eb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.27 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.27:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 03 Oct 2022 20:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 03 Oct 2022 21:03:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _IinwllQp9-CsKwv47y5jHaStz3JoRo2Ron7c6JBisOYMTTXmhxrgw==
Age: 2661
|
|
| dralig-investing.pro/css/video-js.css | 172.67.176.72 | 200 OK | 12 kB |
URL HTTP/2dralig-investing.pro/css/video-js.css IP172.67.176.72:0
File typeASCII text, with very long lines (5636) Hashd8425467c8e64357b93dfd2247056160 dc259cf886977ae75d0e5efe1a4831a105b699b6 d0e6209ca133d1a3eed26dab14a25c1989ccb91ebc2657f1714e101ce0e23c7c
Analyzer | Verdict | Alert | openphish | PKN Orlen | |
GET /css/video-js.css HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 21:07:40 GMT
etag: W/"9ed4-5d3d6a0ee7f00-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eU%2BYYDXxN4pS%2BZhcakLdbTeT%2BKS8fkJZ%2FD0TEWKkPwzCVEcUpWaMLGibCnyvrCY%2FoSCaWCm8t8lKNChLSgwtVwZfMLTXAmN2VMOKBdu6pmIZoAcIWBU3O0qY%2FkxHiKDVOvypvLIbIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7548af36def9b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/css/registerForm.css | 172.67.176.72 | 200 OK | 2.4 kB |
URL HTTP/2dralig-investing.pro/css/registerForm.css IP172.67.176.72:0
File typeASCII text, with CRLF line terminators Hashb19707e8f20206a1e2bf1fda01733651 10bce897359dcf04a902ad61587c100d71dada2e 10b87cecfc2b344d2209133119c9b7725de05c7b4e30c106ad4139e3ed37b9d8
Analyzer | Verdict | Alert | openphish | PKN Orlen | |
GET /css/registerForm.css HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: text/css
last-modified: Sat, 19 Mar 2022 17:45:12 GMT
etag: W/"638-5da95d334fa00-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6xU2BXDmUkxQ0ThOlhBfLSnSJnWmVGsJf2zdpGxJgGoe82CVeAE4l98plVWZLtvQSglEvgvIoHUtkzTjAQyMAls4zMxK9p6fxP6BvTlu2D9U0VFnACZvv4j7HeFT4uMP0%2Ffsb%2BXrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7548af36def7b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash321fa9a78e31dcb66601ac5890bfba73 c325580db79bde6fd00d2d0c7e3f675e4c0046bb 83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2037
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 21:13:55 GMT
Last-Modified: Mon, 03 Oct 2022 20:39:58 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
|
|
| dralig-investing.pro/css/fonts.css | 172.67.176.72 | 200 OK | 21 kB |
URL HTTP/2dralig-investing.pro/css/fonts.css IP172.67.176.72:0
File typeASCII text, with CRLF line terminators Hashfb3be0c4f108e384798071ecb1dcc596 ff04f52aa318d0cea7aaf676a485f6c255fee21d 73da0d78442dc5ff5ae8d14ea2ae45858386b3740175837985887bad52790438
Analyzer | Verdict | Alert | openphish | PKN Orlen | |
GET /css/fonts.css HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 21:06:30 GMT
etag: W/"b64-5d3d69cc26180-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCfiDtVQ9kNd1T51tUWV8Cn9MxfNvfC6RqlgN%2FUDK4KvPp96bmhX30PSB1mlKE2do%2BDlWayZO1ZRDqy%2BSrDib6cBTeJOT%2BkuYz5Zyt6XI9N%2FOh%2BaOUcRN0T0Vuy8XsCZ4y3Jkqnetg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7548af36defdb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 35.160.51.228 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.160.51.228:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LQTOZnJUickbaUyokbrTvg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8ljOgOHkWGPkN7O8UUeUufmZgvo=
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf5e503471cc78b95c0a3e75785615e5f 145b1e4d850c145a78577b5d7d4fadae9658d7a4 61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11054
Expires: Tue, 04 Oct 2022 00:18:11 GMT
Date: Mon, 03 Oct 2022 21:13:57 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf5e503471cc78b95c0a3e75785615e5f 145b1e4d850c145a78577b5d7d4fadae9658d7a4 61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11054
Expires: Tue, 04 Oct 2022 00:18:11 GMT
Date: Mon, 03 Oct 2022 21:13:57 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf5e503471cc78b95c0a3e75785615e5f 145b1e4d850c145a78577b5d7d4fadae9658d7a4 61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11054
Expires: Tue, 04 Oct 2022 00:18:11 GMT
Date: Mon, 03 Oct 2022 21:13:57 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg | 34.120.237.76 | 200 OK | 6.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash206fb65e75dbadf119512f71e0b78402 58ff0bf8ce7528b303d28bab01a80ad721705569 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 59466
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F780fc623-fddc-49c7-99c9-1dd66ce64db7.jpeg | 34.120.237.76 | 200 OK | 8.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F780fc623-fddc-49c7-99c9-1dd66ce64db7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashbfb6fbd0b91416a5a7cc7f7d0fcbf27c ced4806b7cc4d08e2c3f1c5e591184f462e86ec2 9a217da43a32c70ebd39b3076b3c14b16d8931ccebfe5d41139fa706b3b3e149
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F780fc623-fddc-49c7-99c9-1dd66ce64db7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8279
x-amzn-requestid: fed6efac-3419-4ecc-89f8-d4c3e0c22915
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWbsHpBIAMFT1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044a-5fc3bf5b7126d4a835d93e3d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7g6tucmoqeX5RFtet3L9XllP1G6fx4RWt5XqTsVvhtxZnPxV0EVpqA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 18:28:01 GMT
age: 9956
etag: "ced4806b7cc4d08e2c3f1c5e591184f462e86ec2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash36debc920b17e124779c01af9101a59e b105f7bf041365d644c98c7e11ffa75e4656d29d f518ccd094d0e187b91cfd36dfb282566c0d088ce13501157dc97c702211d938
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10839
x-amzn-requestid: 67718257-ee21-44f0-80bd-f15cea37ac5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWcKFD0IAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044d-09a45a242bf4bdfe0f4608e4;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pS33yyA441ZNn2dtNy6mVDnm-rmd_Vi_M0q9ZN2AKGMUT7l-nEuEvw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:58:18 GMT
age: 83739
etag: "b105f7bf041365d644c98c7e11ffa75e4656d29d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg | 34.120.237.76 | 200 OK | 9.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash523edd86af4757d0bc5fa5b3b8a3596a 8118ee462077c291b9d6f1402b85b55a9ceba8c2 c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BobS2JU-TqDuL8q31SVlerM15cRoMhL1oM5MkL7MVhY9RZG_Ukp5yA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 84441
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg | 34.120.237.76 | 200 OK | 8.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash721a8d8f94c3796abf021978fcdbc831 3fc3aeae907a0ce0db21753c67c1000681e48b8e cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aFBTRAsXhi4io7fSc02hftf9hRQ-J5yaBgU4Wgwijyir30xjTjdMLQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 84441
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg | 34.120.237.76 | 200 OK | 8.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6a90e53b55500427aed06efa3a9baa8c 43a66cd291d1413d7147a29b2a7b27277a443f0b 2cf5790e81140bc56b46163787f84c54a07f58e90001837624f426aafa8031c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: a7d76241-7da1-4c84-9c73-2e3a71b81b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZTMfEGHiIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63378df9-3727a65235e4dbc60cc11cf0;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 00:46:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8n1l3bN8ykztmC-wGNH_w7xASHFplZa2LvHs8psQ146XILdvEHLWgw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 16:41:17 GMT
age: 16360
etag: "43a66cd291d1413d7147a29b2a7b27277a443f0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/css/ion.rangeSlider.min.css | 172.67.176.72 | 200 OK | 0 B |
URL HTTP/2dralig-investing.pro/css/ion.rangeSlider.min.css IP172.67.176.72:0
Analyzer | Verdict | Alert | openphish | PKN Orlen | |
GET /css/ion.rangeSlider.min.css HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 21:07:22 GMT
etag: W/"2b4c-5d3d69fdbd680-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQREekNCt9g%2F4qEQL9EggBnewLaxMpZy%2BX021MywP11rQL6rcAFFQmf0HWxB7jpNhcNORaTxfLBbtRoz3yHZnz86XQbvKfRQsBRfCRrcGlJX6iPRElCGH3Ymg7Hj8OAvQLz1q1S5lA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7548af36cef3b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/css/jquery.fancybox.min.css | 172.67.176.72 | 200 OK | 0 B |
URL HTTP/2dralig-investing.pro/css/jquery.fancybox.min.css IP172.67.176.72:0
Analyzer | Verdict | Alert | openphish | PKN Orlen | |
GET /css/jquery.fancybox.min.css HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 21:07:28 GMT
etag: W/"31fb-5d3d6a0376400-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTq%2Bcig63M7AT%2FJ2T%2BE6S3ONZcD8y%2Fu4JPjg4kn0hu2V1GVppUT3lcZ6JBLTU0rWACF8KqVlfeE5o%2Blp9xFYtMoYeqb3eG9VE9o%2BUTgnasX1aQEjPKIscI1LSc442uPqhbZXP9wDAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7548af36cef4b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/js/intlTelInput.js | 172.67.176.72 | 200 OK | 0 B |
URL HTTP/2dralig-investing.pro/js/intlTelInput.js IP172.67.176.72:0
Analyzer | Verdict | Alert | openphish | PKN Orlen | | fortinet | Phishing | |
GET /js/intlTelInput.js HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 21:13:06 GMT
etag: W/"15fcd-5d3d6b45cdc80-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIkzUZb3lQd68lbGEgj7xzXXUg%2FDFckZMUY2G1bCwQ4pMbGHrvNkoG7KIK6MdTH18POjkdFkAsNboztouipF4Fy9YJCFadc5pfpf4dzs3KFNv4dF2KvwWcgCfwyYqxBf3jeHcjanOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7548af370f67b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/img/9.svg | 172.67.176.72 | 200 OK | 0 B |
URL HTTP/2dralig-investing.pro/img/9.svg IP172.67.176.72:0
Analyzer | Verdict | Alert | openphish | PKN Orlen | | fortinet | Phishing | |
GET /img/9.svg HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: image/svg+xml
last-modified: Thu, 23 Dec 2021 21:36:32 GMT
etag: W/"70a-5d3d7082ab800-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCMXvQwnOTs3c%2BdC2e1Nml9IirmwRHx4dgpBpZjrxy4YMEqm4CfZEcKYZNbmU7Kt4x5lf%2B8wH5p0LaBVe5BQP0PZH9WF%2Bfd6qHmIqkXx6L%2FGMZXRUTk7PSEwnj8wyMLhE0%2Fp9QxUFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7548af36df00b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/js/registerForm.js | 172.67.176.72 | 200 OK | 0 B |
URL HTTP/2dralig-investing.pro/js/registerForm.js IP172.67.176.72:0
Analyzer | Verdict | Alert | openphish | PKN Orlen | | fortinet | Phishing | |
GET /js/registerForm.js HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 22:01:34 GMT
etag: W/"23f9-5d3d761b16b80-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQ824GBx%2FmI6asBJvmIe7Rvq5xZmZmTGnQdX%2F%2Bp5XCJUVnwZ7FU%2F3vwl78kbDd5gygelvXbkbMepXKDzWbXQFaWDIQACnOIBO1LUXP7H4vWkUJTvbHoZakXOepKv4NyUOWKfbai6kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7548af370f6bb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/video.mp4 | 172.67.176.72 | 206 Partial Content | 0 B |
URL HTTP/2dralig-investing.pro/video.mp4 IP172.67.176.72:0
Analyzer | Verdict | Alert | openphish | PKN Orlen | | fortinet | Phishing | |
GET /video.mp4 HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: video/mp4
content-length: 8596641
last-modified: Thu, 23 Dec 2021 21:36:42 GMT
etag: "832ca1-5d3d708c34e80"
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-8596640/8596641
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFgIcPa%2FRMJB2lCBz%2FNkr2DnAtKDjUafZRYrKUh%2FHMOqwnrDXolyJpoeDJw%2F6i8PZuS9sl8W5bhw1AKqKb%2BqcUKUUTGwCxm5nXm3vojL4%2BVsZVOHNx91%2Bff7cu%2F7BNXY0fxxYjXmUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7548af36ff3db512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/css/slick.css | 172.67.176.72 | 200 OK | 0 B |
URL HTTP/2dralig-investing.pro/css/slick.css IP172.67.176.72:0
Analyzer | Verdict | Alert | openphish | PKN Orlen | |
GET /css/slick.css HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 21:07:14 GMT
etag: W/"6f0-5d3d69f61c480-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzWmUtDn38RqA8R5waRqZcj1vCbbjUyyX610R0AstiUSqxzUDSd%2BleLGGssrisPjPKD%2F54e0UUI3RRrDthEoNK0KAEKzRgXodcHfkzbWXZ4yonggP5DTXmJF2r3XUahCBR4bzG7QsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7548af36ceebb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/js/utils.js | 172.67.176.72 | 200 OK | 0 B |
URL HTTP/2dralig-investing.pro/js/utils.js IP172.67.176.72:0
Analyzer | Verdict | Alert | openphish | PKN Orlen | | fortinet | Phishing | |
GET /js/utils.js HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 21:15:12 GMT
etag: W/"3c1cb-5d3d6bbdf7800-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWkGAIdOUlP%2FXjf121IMwsbneJB8S7y88KxL7OBKTRJ6OEOiYHb9RtHV17AGfIQP50MbpFgAlhLKD7QvT4CpW1NdMPiDNWYlL4djbYBLUr9tLPqeFoeXxiJf1ivm46s1SUtsT7pslQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7548af3accb3b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/js/jquery.min.js | 172.67.176.72 | 200 OK | 0 B |
URL HTTP/2dralig-investing.pro/js/jquery.min.js IP172.67.176.72:0
Analyzer | Verdict | Alert | openphish | PKN Orlen | | fortinet | Phishing | |
GET /js/jquery.min.js HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 21:10:10 GMT
etag: W/"15853-5d3d6a9df5080-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lD8Vs6C97%2Fhm0xOqAq7cDbXa8KDeA0ZRObsqam%2FumlBaJ9bM6otvlNISsc%2BRY4scCvO%2BRY%2FxDFTmXefRNr7QW%2FEA%2BpYdIxI%2FUozux6wDM87tEq32JfxS1i3SxQ2eRPF2il6XMbMu1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7548af36ff4ab512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/css/app.css?v3.1 | 172.67.176.72 | 200 OK | 0 B |
URL HTTP/2dralig-investing.pro/css/app.css?v3.1 IP172.67.176.72:0
GET /css/app.css?v3.1 HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 21:06:52 GMT
etag: W/"cefd0-5d3d69e121300-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4GDUMGyUcq7nW2%2B9%2FLYhA8F27VURlwUFKtpSOYC0L74yELOVbCbuJu3W1X%2F%2FxXz4k7n92Mz0YkFHmbGzTxkaIE7UwUd4OioPpITH1HCR%2BFzqmaD2WI61wkYE%2BNrTkbS0kn7C3GaGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7548af36cee8b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/js/video.js | 172.67.176.72 | 200 OK | 0 B |
URL HTTP/2dralig-investing.pro/js/video.js IP172.67.176.72:0
Analyzer | Verdict | Alert | openphish | PKN Orlen | | fortinet | Phishing | |
GET /js/video.js HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 21:12:08 GMT
etag: W/"173a58-5d3d6b0e7da00-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmqFTSZoblrnpQCw19pS2dSMYQ3%2FR8rtBbZBipFYyRzcC97W6pVZQsgTQDY9zKfHo6yTI%2BcZTa8qlHTRea24UhB%2Fx0yDqnUrw3LiZIHGuidnC7WK1b2zbqugZ0Mq8jFED6nHytRoqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7548af371f72b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/ | 172.67.176.72 | 200 OK | 0 B |
IP172.67.176.72:0
Analyzer | Verdict | Alert | openphish | PKN Orlen | | fortinet | Phishing | |
GET / HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:54 GMT
content-type: text/html
last-modified: Wed, 21 Sep 2022 13:27:04 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5e600qcNRdwvurDPapmjOUlP6jVyupwdyhAxAlPUSys%2FewSIK6nKJ8C%2F8kXNt29HgXyobkWyqZt1TVwpg9VtYm3glFDShEFuvAi%2BAbTGj1nHgIukz94%2B0zuy8DlSch4w24vjmyhZzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7548af352cecb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/css/intlTelInput.css | 172.67.176.72 | 200 OK | 0 B |
URL HTTP/2dralig-investing.pro/css/intlTelInput.css IP172.67.176.72:0
Analyzer | Verdict | Alert | openphish | PKN Orlen | |
GET /css/intlTelInput.css HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 21:07:46 GMT
etag: W/"6646-5d3d6a14a0c80-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6f4MQbDuWLfJ7M5uZy%2FqBL9WBdDHny7diJgnLxGMq1ZXSP%2FtXtBQxKFBNy9Ns5T40%2FEPYIx32tmwfsbj0xhx%2BdUpnD0YNdx8S6deAyH2wTKyh8J%2B9%2Bk0saVzV743oFvawdqbawJG1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7548af36def6b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/js/ion.rangeSlider.min.js | 172.67.176.72 | 200 OK | 0 B |
URL HTTP/2dralig-investing.pro/js/ion.rangeSlider.min.js IP172.67.176.72:0
Analyzer | Verdict | Alert | openphish | PKN Orlen | | fortinet | Phishing | |
GET /js/ion.rangeSlider.min.js HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 21:12:24 GMT
etag: W/"a0fb-5d3d6b1dbfe00-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOrSb3zgXkX06nsk7hv%2F953PBoHJ6%2BWqCZYtxlMULH4XxlOigFkYttKTX7JH3XdAP3k1CjqRtNMx2bzofbbawN0zIXSefFFwmbwBDyj0SEehZotFGEShL4YHk7aED4H7JxcrnRRrsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7548af36ff4bb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dralig-investing.pro/js/jquery.fancybox.min.js | 172.67.176.72 | 200 OK | 0 B |
URL HTTP/2dralig-investing.pro/js/jquery.fancybox.min.js IP172.67.176.72:0
Analyzer | Verdict | Alert | openphish | PKN Orlen | | fortinet | Phishing | |
GET /js/jquery.fancybox.min.js HTTP/1.1
Host: dralig-investing.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dralig-investing.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 21:13:55 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 21:12:42 GMT
etag: W/"10aa9-5d3d6b2eea680-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9nS%2B3BSWLNjROx6ipiuE6JIXxkf5vZXah%2B7javXymy5Z4u0tWwp%2BsT8h%2FQ%2B9k6UiBKN8A1dHHhcHZyRG1q0YbL7a%2BFdknf2f02rjhfi%2FYChO8Hw6rHgJchUrpd3mhdVfAdkL4lZbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7548af370f64b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|