kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
49.12.127.90200 OK 1.9 kB URL HTTP/1.1 kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
IP 49.12.127.90:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 1c56d0fd29e23cda5fc0b6376fc4be8d
67e2fbda331cd900288d11f56dbf6b7a0bcb4825
6f206547c46e9b605f80be17b0b47fef98b41c1db835f26430897986f7c4129a
Analyzer Verdict Alert fortinet Phishing
GET /-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: langCookie=en
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:16:32 GMT
ETag: W/"63d12bb0-20c4"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Cache: MISS
X-Cache-Type: DYNAMIC
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7223
Expires: Wed, 25 Jan 2023 15:18:06 GMT
Date: Wed, 25 Jan 2023 13:17:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7112
Expires: Wed, 25 Jan 2023 15:16:15 GMT
Date: Wed, 25 Jan 2023 13:17:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 12:35:12 GMT
content-type: application/json
age: 2551
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8202
Expires: Wed, 25 Jan 2023 15:34:25 GMT
Date: Wed, 25 Jan 2023 13:17:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5AN3a9dQ5UxVzk/IDLlpkFDr5y82wiRAQVWFQGfbekuruXMFt+NQyr2TrXWe7u141DNVJLBDX1A=
x-amz-request-id: 8YZYN8VZF78D8NAK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 12:48:34 GMT
age: 1750
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
142.250.74.42200 OK 33 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32072)
Hash d38e2944bbc9ae54b8947a2bd0b9a932
782a825679b248d38979c2d7ecae257873344437
65a0917567cb7037612cf420629873f2f3594d2e741aaadf90d893d07d8f5fdd
GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kolagenspa.pl/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 32954
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 20 Jan 2023 10:24:00 GMT
Expires: Sat, 20 Jan 2024 10:24:00 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 442424
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:17:44 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.5.1.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.5.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65451)
Hash 3700d0b271343804b9b9aa1c13efa521
3d6b03dbd74872ca3dfbb0529f6c80943788f918
fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://kolagenspa.pl
Connection: keep-alive
Referer: http://kolagenspa.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 13:17:44 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CIj0xJ4GEoYBCiQwNGRmYzdmMi01MDcyLTQ4ZDMtOTk4MS01NzMyNDBjYmEwNTEQ+OiCoKvU+wIaBgj418SeBiIMOTEuOTAuNDIuMTU0KI9hMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiQ2ZjY4NmZlZS02NGQ5LTRlMDUtYjI2OC1lMGJhNjMxNWRlOWIYn/EBIhgIAhIUY2RzMjA4LnNrMS5od2Nkbi5uZXQ=.BC3/Hs3kVxKA0h6cK4+Tl/KXKY6fgS1+qclalVgSjnc=
x-hw: 1674652664.dop216.sk1.t,1674652664.cds023.sk1.hn,1674652664.cds208.sk1.c
X-Firefox-Spdy: h2
kolagenspa.pl/-/dist/js.cookie.js
49.12.127.90200 OK 1.4 kB URL HTTP/1.1 kolagenspa.pl/-/dist/js.cookie.js
IP 49.12.127.90:0
ASN #24940 Hetzner Online GmbH
Hash f63feb15779788114f62dfeb2f0396bd
fe401a591daaf69f78588ce2cd798636bcca4ca2
3eaf67280345f7c5862b82151bb96052591607ee2fc11538f3bed2fd4395a497
Analyzer Verdict Alert fortinet Phishing
GET /-/dist/js.cookie.js HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: W/"62df206a-d60"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:44 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Content-Encoding: gzip
kolagenspa.pl/-/dist/jquery-lang.js
49.12.127.90200 OK 7.1 kB URL HTTP/1.1 kolagenspa.pl/-/dist/jquery-lang.js
IP 49.12.127.90:0
ASN #24940 Hetzner Online GmbH
Hash e7d1fa0ef393b02cdd68f877b4dc05f3
5edbcb0f875108195952f0160f8708bf18bfd5b0
d04ca054fbfd8b91bcd1009844823f75ea3349c7039001e7a5889b6663c3b052
Analyzer Verdict Alert fortinet Phishing
GET /-/dist/jquery-lang.js HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: W/"62df206a-6c2d"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:44 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Content-Encoding: gzip
kolagenspa.pl/-/dist/dhl.css
49.12.127.90200 OK 319 kB URL HTTP/1.1 kolagenspa.pl/-/dist/dhl.css
IP 49.12.127.90:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (1148), with CRLF line terminators
Size 319 kB (318583 bytes)
Hash 0a0250e67c185591cddbebd477b1af54
33ee3440e00ac57ee2a9fc25e63da251853c846e
690c39cbff99b2f2c28763c2163528a7de0e21c452eee6d0ad758b86fc1860b0
GET /-/dist/dhl.css HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: W/"62df206a-15b189"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:44 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Content-Encoding: gzip
kolagenspa.pl/-/dist/favicon.ico
49.12.127.90200 OK 1.2 kB URL HTTP/1.1 kolagenspa.pl/-/dist/favicon.ico
IP 49.12.127.90:0
ASN #24940 Hetzner Online GmbH
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash d8106bf3a1d00ab43b01e6e3c92500eb
202b5e8654ab1b28351378293bca3b9d844cc29b
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /-/dist/favicon.ico HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: image/x-icon
Content-Length: 1150
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: "62df206a-47e"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:44 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: IMG
X-Cache: HIT
Accept-Ranges: bytes
kolagenspa.pl/-/dist/load.php
49.12.127.90200 OK 1.1 kB URL HTTP/1.1 kolagenspa.pl/-/dist/load.php
IP 49.12.127.90:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash 77b90fd494aa8b614d7a1554295e8f5e
c645d07af0386dfd359682c7f85e374ebaa2e97c
3a5bddf13989d83372c977fe4d90c54e75b5a4ece10919c2729b1a0177435031
Analyzer Verdict Alert fortinet Phishing
GET /-/dist/load.php HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Cache: BYPASS
X-Cache-Type: DYNAMIC
X-Cache-Skip: PHP
Content-Encoding: gzip
kolagenspa.pl/-/dist/DHL_head.html
49.12.127.90200 OK 3.0 kB URL HTTP/1.1 kolagenspa.pl/-/dist/DHL_head.html
IP 49.12.127.90:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1836)
Hash 6eae2ea3d527377837da9c072578630d
e9b9bb457ad6685baf06f60eb8906d3a4f13ba03
1de83611e924d841c9b2cd0a52ba708927a19ec14255531fd9748706a937bfe6
Analyzer Verdict Alert fortinet Phishing
GET /-/dist/DHL_head.html HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: W/"62df206a-28fc"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Cache: HIT
X-Cache-Type: DYNAMIC
Content-Encoding: gzip
kolagenspa.pl/-/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff
49.12.127.90200 OK 41 kB URL HTTP/1.1 kolagenspa.pl/-/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff
IP 49.12.127.90:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 41084, version 1.66\012- data
Hash 03f859bf58e4d37841070de34be7d978
3436d4fa17e7ee470c3d62b08787cfa7de408408
5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /-/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kolagenspa.pl/-/dist/dhl.css
Cookie: langCookie=en
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: application/font-woff
Content-Length: 41084
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: "62df206a-a07c"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:44 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Accept-Ranges: bytes
kolagenspa.pl/-/dist/DHL_footer.html
49.12.127.90200 OK 6.0 kB URL HTTP/1.1 kolagenspa.pl/-/dist/DHL_footer.html
IP 49.12.127.90:0
ASN #24940 Hetzner Online GmbH
File type exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (2591)
Hash d74f1109d9cb755adf4cab2b7ad84ba7
ae77be93fac856e7cd14cae276e4641ef59d3004
812dfa91ca4c799aae1f4bfdaafc666eeec719f53c2c398b7a43306dbaba5c0c
Analyzer Verdict Alert fortinet Phishing
GET /-/dist/DHL_footer.html HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: W/"62df206a-3977"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Cache: HIT
X-Cache-Type: DYNAMIC
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 12:41:40 GMT
age: 2164
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
kolagenspa.pl/-/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff
49.12.127.90200 OK 9.3 kB URL HTTP/1.1 kolagenspa.pl/-/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff
IP 49.12.127.90:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 9316, version 1.0\012- data
Hash 9355df62a665ef9249036bbccad8c54c
6b7779a10187a1a7473f604fbe3db96350868c6a
6d051536af97fbd33fae0683a1b6ce3749757ab43c8ee8c89295755fd4595807
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /-/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kolagenspa.pl/-/dist/dhl.css
Cookie: langCookie=en
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: application/font-woff
Content-Length: 9316
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: "62df206a-2464"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:44 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Accept-Ranges: bytes
kolagenspa.pl/-/dist/langpack/en.json
49.12.127.90200 OK 514 B URL HTTP/1.1 kolagenspa.pl/-/dist/langpack/en.json
IP 49.12.127.90:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash e5111c3d242107acc93f71f9c9182079
c648da6b0a6c4f9b89dbee1027cf9a7be36217ca
86f9abd216bc64ead1404975e2b6132aebc42ebd106e5be0f660b7e5852051a3
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /-/dist/langpack/en.json HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: application/json
Content-Length: 514
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: "62df206a-202"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Cache: HIT
X-Cache-Type: DYNAMIC
Accept-Ranges: bytes
kolagenspa.pl/-/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff
49.12.127.90200 OK 41 kB URL HTTP/1.1 kolagenspa.pl/-/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff
IP 49.12.127.90:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 41328, version 1.66\012- data
Hash e39bd2e2657ce5dd6f9c33df18529233
6db81ebb91bfa67cef8f2f870f03046150568799
19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /-/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kolagenspa.pl/-/dist/dhl.css
Cookie: langCookie=en
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: application/font-woff
Content-Length: 41328
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: "62df206a-a170"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:44 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Accept-Ranges: bytes
kolagenspa.pl/-/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff
49.12.127.90200 OK 44 kB URL HTTP/1.1 kolagenspa.pl/-/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff
IP 49.12.127.90:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 44260, version 1.66\012- data
Hash 4a350e02a03ac62e72e9ea575b31ce84
d47b03b96b6e7034a1473a293bb594e597a41dc2
87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /-/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kolagenspa.pl/-/dist/dhl.css
Cookie: langCookie=en
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: application/font-woff
Content-Length: 44260
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: "62df206a-ace4"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:44 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Accept-Ranges: bytes
ipinfo.io/country
34.117.59.81302 Found 72 B IP 34.117.59.81:0
File type ASCII text, with no line terminators
Hash b79f12127b13f3298b65130f55033eea
0c5df3d4734c5d754f78df4dd08f329ce38ab901
76d7f55bf215f2132f41391f47b4efd048f7c3b61db2b650e2a0a9b4a02d79f0
GET /country HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://kolagenspa.pl/
Origin: http://kolagenspa.pl
Connection: keep-alive
HTTP/1.1 302 Found
access-control-allow-origin: *
location: https://ipinfo.io/country
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
date: Wed, 25 Jan 2023 13:17:44 GMT
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
transfer-encoding: chunked
Via: 1.1 google
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20222
Expires: Wed, 25 Jan 2023 18:54:46 GMT
Date: Wed, 25 Jan 2023 13:17:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7bc0a650ef5be91ff42a7206d1d94503
64a7b935e28069ee19ce2848acd5e6e4803a4a9a
514d21b235dec24f0d0386b302550db68d4b2bd024034231f1617b93b87b8ae8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "514D21B235DEC24F0D0386B302550DB68D4B2BD024034231F1617B93B87B8AE8"
Last-Modified: Mon, 23 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4789
Expires: Wed, 25 Jan 2023 14:37:33 GMT
Date: Wed, 25 Jan 2023 13:17:44 GMT
Connection: keep-alive
push.services.mozilla.com/
35.80.120.72101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.80.120.72:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4kikWequeSXJ6zJRYsq5YQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TD4lsBWBjDbdn30U668wHIv7BjE=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8189
Expires: Wed, 25 Jan 2023 15:34:15 GMT
Date: Wed, 25 Jan 2023 13:17:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8189
Expires: Wed, 25 Jan 2023 15:34:15 GMT
Date: Wed, 25 Jan 2023 13:17:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8189
Expires: Wed, 25 Jan 2023 15:34:15 GMT
Date: Wed, 25 Jan 2023 13:17:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:14:35 GMT
age: 28991
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d10114508bd40d76f497fc5b9c064350
c9b86b2b27063e0a58b0f237d451f9cf05b2122d
a156bd21bee2fca1d82940fb172a695044321ed432786ae100a7baf3b5e12b3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8252
x-amzn-requestid: a5a39d22-de0e-4b2e-b3e2-aad1d0090881
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqtiHo7oAMFdCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f0-0cd78ff23e91baf668276053;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s8JWGyQ0pTWcaGk0n2PQOpAhjKLuNlbI4wCZAidzoBR5RQreO2rh9g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:15:35 GMT
age: 28931
etag: "c9b86b2b27063e0a58b0f237d451f9cf05b2122d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13891ffe8a0cc240be63b7945e4b7688
958b50e9e7e5e02882d55612a5d6d2402e225390
1570d69731ba13051454a048ac85bde7c1de8e39dea0fd78e7e5c3f2be122cb6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9650
x-amzn-requestid: 3b968ee5-c941-4305-9f06-01e646deef15
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH88wEUmoAMFerw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca851-061f65177f36420a4685f372;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xfiiS5M5j8iYKMyopaVqwYV6KKB1VIWT_yQbEKZ9G1wuq2QUEyDBpA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 03:10:29 GMT
age: 36437
etag: "958b50e9e7e5e02882d55612a5d6d2402e225390"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d76c1b1126a3e1b51dcca652cb6727b
b199a381ccac4628f2bfa626b44c71954713ca98
3a34f2b7f79cb925c73d2c17197418004e4acf63a6eb69e471320069978f8282
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10921
x-amzn-requestid: 7b8849e6-b52d-4165-b456-b200ddbb993b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqtkGThIAMFb7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f0-1ed4803112d97956419b299e;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FUbNMfYy8ci6d78p6LCu0Gxs3jw824ZzVp6drAbl8HCDBpghlZFP7g==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:57:09 GMT
age: 19237
etag: "b199a381ccac4628f2bfa626b44c71954713ca98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b0cb327-c176-43cd-8ce3-7ed2a48e697f.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b0cb327-c176-43cd-8ce3-7ed2a48e697f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 69bdfbe73749ef39d9b9662b547ba853
ee2c14f82ea1e653b993fda0839a32943c5d9f86
21fa51ce61c1dfdc30c28371940f5dfc83127a691e34299ebab70c4bf0d19231
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b0cb327-c176-43cd-8ce3-7ed2a48e697f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8806
x-amzn-requestid: 5c8a6463-049f-46c6-8595-3230efee793c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-nQkHAPIAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8ec03-332914233e5138ce025afa75;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 07:06:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uw4NZEIk19HZdoUWc1pSpw36gfopSWCC98z11IWLMiXuffloJH-LNg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 13:56:29 GMT
age: 84077
etag: "ee2c14f82ea1e653b993fda0839a32943c5d9f86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 21:59:15 GMT
age: 55111
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kolagenspa.pl/-/dist/DHL_info.html
49.12.127.90200 OK 2.7 kB URL HTTP/1.1 kolagenspa.pl/-/dist/DHL_info.html
IP 49.12.127.90:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (353)
Hash 640f4d138fc8db6efeedee76b633376d
79dadb33266a46eabd30ffaa313853b07c12eefd
668e00569f10630b4904dfc6da4924d1b63fac20e8dd85cc892338743581da15
Analyzer Verdict Alert fortinet Phishing
GET /-/dist/DHL_info.html HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 18:13:46 GMT
ETag: W/"63791cda-275e"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Cache: HIT
X-Cache-Type: DYNAMIC
Content-Encoding: gzip
kolagenspa.pl/-/dist/floating-label.js
49.12.127.90200 OK 1.0 kB URL HTTP/1.1 kolagenspa.pl/-/dist/floating-label.js
IP 49.12.127.90:0
ASN #24940 Hetzner Online GmbH
Hash 0dc6a430d218a2556df67796ee07ecb3
91559283ac1943434f4099e60371b7004ae6acf1
771521c1cbb1e03aec9bcc702e29e1e11b910de11941be0e3b5ebab62235606f
Analyzer Verdict Alert fortinet Phishing
GET /-/dist/floating-label.js HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: W/"62df206a-d24"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:46 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Content-Encoding: gzip
kolagenspa.pl/-/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff
49.12.127.90200 OK 41 kB URL HTTP/1.1 kolagenspa.pl/-/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff
IP 49.12.127.90:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 41352, version 1.66\012- data
Hash 4e23ecf085132857bdb54b4da7373151
a50215c22a591536b21e509100d1707c6886ffd6
b033eff45e6e8ecd5c5bccd8ef9a96c4dc37325adc64c5aed8b1d909b24c4eb4
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /-/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kolagenspa.pl/-/dist/dhl.css
Cookie: langCookie=en
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:46 GMT
Content-Type: application/font-woff
Content-Length: 41352
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: "62df206a-a188"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:46 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Accept-Ranges: bytes
kolagenspa.pl/-/dist/jquery.validate.min.js
49.12.127.90200 OK 7.9 kB URL HTTP/1.1 kolagenspa.pl/-/dist/jquery.validate.min.js
IP 49.12.127.90:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (24237)
Hash 0b2eb7800347f7fe6e93ae5bb7a229a6
d723f627fad289633b3bd8d235b1481254bbdafe
f7e3fcc30e34ff9d6f9de6cc9d764f9135eb8f294e8d3da3e590e02d5b262ea2
Analyzer Verdict Alert fortinet Phishing
GET /-/dist/jquery.validate.min.js HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: W/"62df206a-5f38"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:46 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Content-Encoding: gzip
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
104.16.88.20301 Moved Permanently 0 B URL HTTP/1.1 cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP 104.16.88.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kolagenspa.pl/
HTTP/1.1 301 Moved Permanently
Date: Wed, 25 Jan 2023 13:17:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 25 Jan 2023 14:17:46 GMT
Location: https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5wOiHaN7KPDwXBr9HakV5UjXwFNObkUft%2BfMJP3QaYgh9qzNn8EeT3IkdQJ2wtAJB0sLAfzAJV2wexCbAaCxOdurdE0ct1q55w1unwMo%2BwbK3UxeKi0P8%2FjoNQu%2Fm%2BhuYU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78f14a7e3cdb0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b226d41e0973c031bbe091a9cf4336f6
82ebea6d2007429d274309da9643952ea2f6f701
685eb673d1f1a1d93851d8efc7aa56caeee50c388a8653de9c952cd720541688
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4611
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:17:46 GMT
Last-Modified: Wed, 25 Jan 2023 12:00:55 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b226d41e0973c031bbe091a9cf4336f6
82ebea6d2007429d274309da9643952ea2f6f701
685eb673d1f1a1d93851d8efc7aa56caeee50c388a8653de9c952cd720541688
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4611
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:17:46 GMT
Last-Modified: Wed, 25 Jan 2023 12:00:55 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
104.16.88.20200 OK 0 B URL HTTP/2 cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP 104.16.88.20:0
GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kolagenspa.pl/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 13:17:46 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.16.1
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
x-served-by: cache-fra19173-FRA, cache-yyz4521-YYZ
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 546084
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ydYhpQWVInitq4k7RTAN48MHVEpWD86h8nKQB3K972RiE9N36QOExjX4cFDES4yXEQa1e%2B7F7aAe56thMMOzGzrsGryGEjJqy2W8f%2F7O33vgKHt8HmjB1Wnqp%2BxSnjwWkM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f14a7e8d83b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2