Report - kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL

Report Overview

Submitted URL
kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
IP
49.12.127.90
ASN
#24940 Hetzner Online GmbH
Submitted
2023-01-25 13:17:54
Access
Website Title
Final URL
Tags
dhl logistics phishing
urlquery detections
Phishing - DHL

Detections

urlquery
8
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ipinfo.io	8136	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	298 B	436 B	34.117.59.81
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	65 kB	34.120.237.76
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	703 B	1.8 kB	104.16.88.20
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.1 kB	93.184.220.29
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	32 kB	69.16.175.10
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.80.120.72
kolagenspa.pl	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.2 kB	537 kB	49.12.127.90
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	308 B	34 kB	142.250.74.42
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-25	medium	kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info	Phishing
2023-01-25	medium	kolagenspa.pl/-/dist/js.cookie.js	Phishing
2023-01-25	medium	kolagenspa.pl/-/dist/jquery-lang.js	Phishing
2023-01-25	medium	kolagenspa.pl/-/dist/load.php	Phishing
2023-01-25	medium	kolagenspa.pl/-/dist/DHL_head.html	Phishing
2023-01-25	medium	kolagenspa.pl/-/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff	Phishing
2023-01-25	medium	kolagenspa.pl/-/dist/DHL_footer.html	Phishing
2023-01-25	medium	kolagenspa.pl/-/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff	Phishing
2023-01-25	medium	kolagenspa.pl/-/dist/langpack/en.json	Phishing
2023-01-25	medium	kolagenspa.pl/-/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff	Phishing
2023-01-25	medium	kolagenspa.pl/-/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff	Phishing
2023-01-25	medium	kolagenspa.pl/-/dist/DHL_info.html	Phishing
2023-01-25	medium	kolagenspa.pl/-/dist/floating-label.js	Phishing
2023-01-25	medium	kolagenspa.pl/-/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff	Phishing
2023-01-25	medium	kolagenspa.pl/-/dist/jquery.validate.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	kolagenspa.pl/-/dist/jquery-lang.js	28 kB	2023-03-07	2024-04-22
Pretty URL kolagenspa.pl/-/dist/jquery-lang.js IP 49.12.127.90 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-22 02:04:43 Times Seen478 Hash 1062fb1e2ffb1b8b6c596da423b9aef6 e0f54f2cdfce6d3861506744d6c52fbc23f612e9 67829a15eafd08a53376a78dc3574724e4bf87455bdc7b52c9b01828df272ca2 Loading...

	kolagenspa.pl/-/dist/js.cookie.js	3.4 kB	2023-03-07	2024-04-22
Pretty URL kolagenspa.pl/-/dist/js.cookie.js IP 49.12.127.90 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-22 02:04:43 Times Seen471 Hash 19d988c6d1e7cd9d601639a616dc769b 2cf3f170a083a3e4538a6f55b1064eaf737f6180 9df6e8c4bc8ea670d2f4da40a35a41772cc8857aca288a77acfa891cf1a54c36 Loading...

	kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info	5 B	2023-03-07	2024-04-25
Pretty URL kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info IP 49.12.127.90 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 19:23:03 Times Seen2675 Hash 230a091930a82c5ae47e29610ee98ceb 6376b33e5123bf09a271789a272103f957c8f38d 4dc501d66cd78903b81b1a53459d0432939728c537bbe9ffab55ab81521cb352 Loading...

	kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info	778 B	2023-03-07	2024-04-10
Pretty URL kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info IP 49.12.127.90 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-10 07:44:44 Times Seen128 Hash 198c6aab078fbe47882ab57f0e56f13f b2cd086fdbb78ee408ffc0b1d505176792d4a2bd b901c039fb4ddd13012ab75194e48008ccf2cb1f1ada41c660170b33373da61c Loading...

	kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info	3.1 kB	2023-03-08	2023-03-13
Pretty URL kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info IP 49.12.127.90 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:45:30 Last Seen2023-03-13 18:27:31 Times Seen1 Hash 3c1e49124a25bbc0fce4fcc176324835 b84f12a496345766c897e573fe78aaa633661674 8651aa8c745d6998ae2bdf1973efa0cda8a70e2c97912fd5010b91f2865bc210 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js	93 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 06:30:14 Times Seen16818 Hash e0e0559014b222245deb26b6ae8bd940 e2f3603e23711f6446f278a411d905623d65201e 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Loading...

	kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info	1.6 kB	2023-03-08	2023-03-13
Pretty URL kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info IP 49.12.127.90 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:41:43 Last Seen2023-03-13 18:29:30 Times Seen1 Hash 22e310b72da8f75fc5cc20f955b138c0 8c5386dc453baeef44dbf61234d64f91a7210a61 cd01bfa3c2476ec7e1f6a1f20959c9c359312cc6168d160f01dc7a85adeb0a0e Loading...

	kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info	24 kB	2023-03-07	2023-04-05
Pretty URL kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info IP 49.12.127.90 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-04-05 02:10:37 Times Seen48 Hash be2688fe29eb5135f6f36c94e2e53820 15364bc930a8e0f87a09b5aa645a312984a9da73 0ca6e9d89d18b037dcce799d02a32f53aca9497adba83f93ea6d8751fe2fa217 Loading...

	kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info	3.4 kB	2023-03-08	2023-08-20
Pretty URL kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info IP 49.12.127.90 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:45:30 Last Seen2023-08-20 13:48:12 Times Seen43 Hash 73ffcd92734476c597b7ad8bfe3b4a56 11d6179e589578c3cbd89101f62af30a34c15729 1ccdc89cef7482a447e0cfd73382ff1102ddad003c8c7968b1af563d299411b2 Loading...

	kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info	853 B	2023-03-08	2024-04-07
Pretty URL kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info IP 49.12.127.90 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:45:30 Last Seen2024-04-07 07:13:31 Times Seen36 Hash 5b1cf4316f4a358c268f9f55ccaa5606 9ea053d76ae95dae2951e15235b87ffdd3482365 7321000b7e8c773242514fb42c69e5817418008026408630e9c1af010c334184 Loading...

	kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info	77 B	2023-03-08	2024-04-07
Pretty URL kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info IP 49.12.127.90 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:45:30 Last Seen2024-04-07 07:13:31 Times Seen36 Hash 833a83c21583548e01472a0cf2cafa28 51727a01201debc9832493c3bcad2b8e01f961e9 70eee62555e2c1e6b8885e0f62677ad7c1e3843eae4473fc0c8cb2dfc00ac8b3 Loading...

	code.jquery.com/jquery-3.5.1.min.js	90 kB	2023-03-07	2024-04-26
Pretty URL code.jquery.com/jquery-3.5.1.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 06:58:29 Times Seen139332 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info	1.0 kB	2023-03-07	2024-04-07
Pretty URL kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info IP 49.12.127.90 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-07 07:13:32 Times Seen66 Hash 1d175bf3c30c7a41b8f0f6c60e2fcefc 1e1ac5cb8a33370b0eff734a461cf2bae98e1244 4323901acf3473e6164e79dcb144d4c5f97709819c0c572056c09174aa78dce9 Loading...

	cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js	21 kB	2023-03-07	2024-04-26
Pretty URL cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js IP 104.16.88.20 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-26 04:19:35 Times Seen5971 Hash 1022eaf388cc780bcfeb6456157adb7d 313789ca0e31b654784dbba8b0f83f364f8683b4 fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f Loading...

	kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info	9 B	2023-03-07	2024-04-26
Pretty URL kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info IP 49.12.127.90 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-26 06:23:25 Times Seen16151 Hash 5e543256c480ac577d30f76f9120eb74 d5d4cd07616a542891b7ec2d0257b3a24b69856e eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c Loading...

HTTP Transactions (43)

URL IP Response Size

kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info

49.12.127.90

200 OK

1.9 kB

URL HTTP/1.1
kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
IP
49.12.127.90:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.9 kB (1908 bytes)
Hash
1c56d0fd29e23cda5fc0b6376fc4be8d
67e2fbda331cd900288d11f56dbf6b7a0bcb4825
6f206547c46e9b605f80be17b0b47fef98b41c1db835f26430897986f7c4129a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: langCookie=en
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:16:32 GMT
ETag: W/"63d12bb0-20c4"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Cache: MISS
X-Cache-Type: DYNAMIC
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7223
Expires: Wed, 25 Jan 2023 15:18:06 GMT
Date: Wed, 25 Jan 2023 13:17:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7112
Expires: Wed, 25 Jan 2023 15:16:15 GMT
Date: Wed, 25 Jan 2023 13:17:43 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 12:35:12 GMT
content-type: application/json
age: 2551
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8202
Expires: Wed, 25 Jan 2023 15:34:25 GMT
Date: Wed, 25 Jan 2023 13:17:43 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 5AN3a9dQ5UxVzk/IDLlpkFDr5y82wiRAQVWFQGfbekuruXMFt+NQyr2TrXWe7u141DNVJLBDX1A=
x-amz-request-id: 8YZYN8VZF78D8NAK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 12:48:34 GMT
age: 1750
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

142.250.74.42

200 OK

33 kB

URL HTTP/1.1
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32072)
Size
33 kB (32954 bytes)
Hash
d38e2944bbc9ae54b8947a2bd0b9a932
782a825679b248d38979c2d7ecae257873344437
65a0917567cb7037612cf420629873f2f3594d2e741aaadf90d893d07d8f5fdd

HTTP Headers

GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kolagenspa.pl/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 32954
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 20 Jan 2023 10:24:00 GMT
Expires: Sat, 20 Jan 2024 10:24:00 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 442424

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:17:44 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.5.1.min.js

69.16.175.10

200 OK

31 kB

URL HTTP/2
code.jquery.com/jquery-3.5.1.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65451)
Size
31 kB (30879 bytes)
Hash
3700d0b271343804b9b9aa1c13efa521
3d6b03dbd74872ca3dfbb0529f6c80943788f918
fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e

HTTP Headers

GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://kolagenspa.pl
Connection: keep-alive
Referer: http://kolagenspa.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 25 Jan 2023 13:17:44 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CIj0xJ4GEoYBCiQwNGRmYzdmMi01MDcyLTQ4ZDMtOTk4MS01NzMyNDBjYmEwNTEQ+OiCoKvU+wIaBgj418SeBiIMOTEuOTAuNDIuMTU0KI9hMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiQ2ZjY4NmZlZS02NGQ5LTRlMDUtYjI2OC1lMGJhNjMxNWRlOWIYn/EBIhgIAhIUY2RzMjA4LnNrMS5od2Nkbi5uZXQ=.BC3/Hs3kVxKA0h6cK4+Tl/KXKY6fgS1+qclalVgSjnc=
x-hw: 1674652664.dop216.sk1.t,1674652664.cds023.sk1.hn,1674652664.cds208.sk1.c
X-Firefox-Spdy: h2

kolagenspa.pl/-/dist/js.cookie.js

49.12.127.90

200 OK

1.4 kB

URL HTTP/1.1
kolagenspa.pl/-/dist/js.cookie.js
IP
49.12.127.90:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
1.4 kB (1390 bytes)
Hash
f63feb15779788114f62dfeb2f0396bd
fe401a591daaf69f78588ce2cd798636bcca4ca2
3eaf67280345f7c5862b82151bb96052591607ee2fc11538f3bed2fd4395a497

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/dist/js.cookie.js HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: W/"62df206a-d60"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:44 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Content-Encoding: gzip

kolagenspa.pl/-/dist/jquery-lang.js

49.12.127.90

200 OK

7.1 kB

URL HTTP/1.1
kolagenspa.pl/-/dist/jquery-lang.js
IP
49.12.127.90:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
7.1 kB (7089 bytes)
Hash
e7d1fa0ef393b02cdd68f877b4dc05f3
5edbcb0f875108195952f0160f8708bf18bfd5b0
d04ca054fbfd8b91bcd1009844823f75ea3349c7039001e7a5889b6663c3b052

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/dist/jquery-lang.js HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: W/"62df206a-6c2d"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:44 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Content-Encoding: gzip

kolagenspa.pl/-/dist/dhl.css

49.12.127.90

200 OK

319 kB

URL HTTP/1.1
kolagenspa.pl/-/dist/dhl.css
IP
49.12.127.90:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (1148), with CRLF line terminators
Size
319 kB (318583 bytes)
Hash
0a0250e67c185591cddbebd477b1af54
33ee3440e00ac57ee2a9fc25e63da251853c846e
690c39cbff99b2f2c28763c2163528a7de0e21c452eee6d0ad758b86fc1860b0

HTTP Headers

GET /-/dist/dhl.css HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: W/"62df206a-15b189"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:44 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Content-Encoding: gzip

kolagenspa.pl/-/dist/favicon.ico

49.12.127.90

200 OK

1.2 kB

URL HTTP/1.1
kolagenspa.pl/-/dist/favicon.ico
IP
49.12.127.90:0
ASN
#24940 Hetzner Online GmbH

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
d8106bf3a1d00ab43b01e6e3c92500eb
202b5e8654ab1b28351378293bca3b9d844cc29b
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /-/dist/favicon.ico HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: image/x-icon
Content-Length: 1150
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: "62df206a-47e"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:44 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: IMG
X-Cache: HIT
Accept-Ranges: bytes

kolagenspa.pl/-/dist/load.php

49.12.127.90

200 OK

1.1 kB

URL HTTP/1.1
kolagenspa.pl/-/dist/load.php
IP
49.12.127.90:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text, with CRLF line terminators
Size
1.1 kB (1113 bytes)
Hash
77b90fd494aa8b614d7a1554295e8f5e
c645d07af0386dfd359682c7f85e374ebaa2e97c
3a5bddf13989d83372c977fe4d90c54e75b5a4ece10919c2729b1a0177435031

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/dist/load.php HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Cache: BYPASS
X-Cache-Type: DYNAMIC
X-Cache-Skip: PHP
Content-Encoding: gzip

kolagenspa.pl/-/dist/DHL_head.html

49.12.127.90

200 OK

3.0 kB

URL HTTP/1.1
kolagenspa.pl/-/dist/DHL_head.html
IP
49.12.127.90:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1836)
Size
3.0 kB (3022 bytes)
Hash
6eae2ea3d527377837da9c072578630d
e9b9bb457ad6685baf06f60eb8906d3a4f13ba03
1de83611e924d841c9b2cd0a52ba708927a19ec14255531fd9748706a937bfe6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/dist/DHL_head.html HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: W/"62df206a-28fc"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Cache: HIT
X-Cache-Type: DYNAMIC
Content-Encoding: gzip

kolagenspa.pl/-/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff

49.12.127.90

200 OK

41 kB

URL HTTP/1.1
kolagenspa.pl/-/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff
IP
49.12.127.90:0
ASN
#24940 Hetzner Online GmbH

File type
Web Open Font Format, TrueType, length 41084, version 1.66\012- data
Size
41 kB (41084 bytes)
Hash
03f859bf58e4d37841070de34be7d978
3436d4fa17e7ee470c3d62b08787cfa7de408408
5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
fortinet	Phishing

HTTP Headers

GET /-/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kolagenspa.pl/-/dist/dhl.css
Cookie: langCookie=en

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: application/font-woff
Content-Length: 41084
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: "62df206a-a07c"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:44 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Accept-Ranges: bytes

kolagenspa.pl/-/dist/DHL_footer.html

49.12.127.90

200 OK

6.0 kB

URL HTTP/1.1
kolagenspa.pl/-/dist/DHL_footer.html
IP
49.12.127.90:0
ASN
#24940 Hetzner Online GmbH

File type
exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (2591)
Size
6.0 kB (5977 bytes)
Hash
d74f1109d9cb755adf4cab2b7ad84ba7
ae77be93fac856e7cd14cae276e4641ef59d3004
812dfa91ca4c799aae1f4bfdaafc666eeec719f53c2c398b7a43306dbaba5c0c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/dist/DHL_footer.html HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: W/"62df206a-3977"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Cache: HIT
X-Cache-Type: DYNAMIC
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 12:41:40 GMT
age: 2164
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

kolagenspa.pl/-/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff

49.12.127.90

200 OK

9.3 kB

URL HTTP/1.1
kolagenspa.pl/-/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff
IP
49.12.127.90:0
ASN
#24940 Hetzner Online GmbH

File type
Web Open Font Format, TrueType, length 9316, version 1.0\012- data
Size
9.3 kB (9316 bytes)
Hash
9355df62a665ef9249036bbccad8c54c
6b7779a10187a1a7473f604fbe3db96350868c6a
6d051536af97fbd33fae0683a1b6ce3749757ab43c8ee8c89295755fd4595807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
fortinet	Phishing

HTTP Headers

GET /-/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kolagenspa.pl/-/dist/dhl.css
Cookie: langCookie=en

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: application/font-woff
Content-Length: 9316
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: "62df206a-2464"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:44 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Accept-Ranges: bytes

kolagenspa.pl/-/dist/langpack/en.json

49.12.127.90

200 OK

514 B

URL HTTP/1.1
kolagenspa.pl/-/dist/langpack/en.json
IP
49.12.127.90:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text
Size
514 B (514 bytes)
Hash
e5111c3d242107acc93f71f9c9182079
c648da6b0a6c4f9b89dbee1027cf9a7be36217ca
86f9abd216bc64ead1404975e2b6132aebc42ebd106e5be0f660b7e5852051a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
fortinet	Phishing

HTTP Headers

GET /-/dist/langpack/en.json HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: application/json
Content-Length: 514
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: "62df206a-202"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Cache: HIT
X-Cache-Type: DYNAMIC
Accept-Ranges: bytes

kolagenspa.pl/-/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff

49.12.127.90

200 OK

41 kB

URL HTTP/1.1
kolagenspa.pl/-/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff
IP
49.12.127.90:0
ASN
#24940 Hetzner Online GmbH

File type
Web Open Font Format, TrueType, length 41328, version 1.66\012- data
Size
41 kB (41328 bytes)
Hash
e39bd2e2657ce5dd6f9c33df18529233
6db81ebb91bfa67cef8f2f870f03046150568799
19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
fortinet	Phishing

HTTP Headers

GET /-/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kolagenspa.pl/-/dist/dhl.css
Cookie: langCookie=en

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: application/font-woff
Content-Length: 41328
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: "62df206a-a170"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:44 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Accept-Ranges: bytes

kolagenspa.pl/-/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff

49.12.127.90

200 OK

44 kB

URL HTTP/1.1
kolagenspa.pl/-/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff
IP
49.12.127.90:0
ASN
#24940 Hetzner Online GmbH

File type
Web Open Font Format, TrueType, length 44260, version 1.66\012- data
Size
44 kB (44260 bytes)
Hash
4a350e02a03ac62e72e9ea575b31ce84
d47b03b96b6e7034a1473a293bb594e597a41dc2
87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
fortinet	Phishing

HTTP Headers

GET /-/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kolagenspa.pl/-/dist/dhl.css
Cookie: langCookie=en

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:44 GMT
Content-Type: application/font-woff
Content-Length: 44260
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: "62df206a-ace4"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:44 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Accept-Ranges: bytes

ipinfo.io/country

34.117.59.81

302 Found

72 B

URL HTTP/1.1
ipinfo.io/country
IP
34.117.59.81:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
72 B (72 bytes)
Hash
b79f12127b13f3298b65130f55033eea
0c5df3d4734c5d754f78df4dd08f329ce38ab901
76d7f55bf215f2132f41391f47b4efd048f7c3b61db2b650e2a0a9b4a02d79f0

HTTP Headers

GET /country HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://kolagenspa.pl/
Origin: http://kolagenspa.pl
Connection: keep-alive

HTTP/1.1 302 Found
access-control-allow-origin: *
location: https://ipinfo.io/country
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
date: Wed, 25 Jan 2023 13:17:44 GMT
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
transfer-encoding: chunked
Via: 1.1 google

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20222
Expires: Wed, 25 Jan 2023 18:54:46 GMT
Date: Wed, 25 Jan 2023 13:17:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7bc0a650ef5be91ff42a7206d1d94503
64a7b935e28069ee19ce2848acd5e6e4803a4a9a
514d21b235dec24f0d0386b302550db68d4b2bd024034231f1617b93b87b8ae8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "514D21B235DEC24F0D0386B302550DB68D4B2BD024034231F1617B93B87B8AE8"
Last-Modified: Mon, 23 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4789
Expires: Wed, 25 Jan 2023 14:37:33 GMT
Date: Wed, 25 Jan 2023 13:17:44 GMT
Connection: keep-alive

push.services.mozilla.com/

35.80.120.72

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.80.120.72:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4kikWequeSXJ6zJRYsq5YQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TD4lsBWBjDbdn30U668wHIv7BjE=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8189
Expires: Wed, 25 Jan 2023 15:34:15 GMT
Date: Wed, 25 Jan 2023 13:17:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8189
Expires: Wed, 25 Jan 2023 15:34:15 GMT
Date: Wed, 25 Jan 2023 13:17:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8189
Expires: Wed, 25 Jan 2023 15:34:15 GMT
Date: Wed, 25 Jan 2023 13:17:46 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12758 bytes)
Hash
7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:14:35 GMT
age: 28991
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8252 bytes)
Hash
d10114508bd40d76f497fc5b9c064350
c9b86b2b27063e0a58b0f237d451f9cf05b2122d
a156bd21bee2fca1d82940fb172a695044321ed432786ae100a7baf3b5e12b3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8252
x-amzn-requestid: a5a39d22-de0e-4b2e-b3e2-aad1d0090881
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqtiHo7oAMFdCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f0-0cd78ff23e91baf668276053;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s8JWGyQ0pTWcaGk0n2PQOpAhjKLuNlbI4wCZAidzoBR5RQreO2rh9g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:15:35 GMT
age: 28931
etag: "c9b86b2b27063e0a58b0f237d451f9cf05b2122d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9650 bytes)
Hash
13891ffe8a0cc240be63b7945e4b7688
958b50e9e7e5e02882d55612a5d6d2402e225390
1570d69731ba13051454a048ac85bde7c1de8e39dea0fd78e7e5c3f2be122cb6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9650
x-amzn-requestid: 3b968ee5-c941-4305-9f06-01e646deef15
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH88wEUmoAMFerw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca851-061f65177f36420a4685f372;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xfiiS5M5j8iYKMyopaVqwYV6KKB1VIWT_yQbEKZ9G1wuq2QUEyDBpA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 03:10:29 GMT
age: 36437
etag: "958b50e9e7e5e02882d55612a5d6d2402e225390"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10921 bytes)
Hash
1d76c1b1126a3e1b51dcca652cb6727b
b199a381ccac4628f2bfa626b44c71954713ca98
3a34f2b7f79cb925c73d2c17197418004e4acf63a6eb69e471320069978f8282

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10921
x-amzn-requestid: 7b8849e6-b52d-4165-b456-b200ddbb993b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqtkGThIAMFb7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f0-1ed4803112d97956419b299e;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FUbNMfYy8ci6d78p6LCu0Gxs3jw824ZzVp6drAbl8HCDBpghlZFP7g==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:57:09 GMT
age: 19237
etag: "b199a381ccac4628f2bfa626b44c71954713ca98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b0cb327-c176-43cd-8ce3-7ed2a48e697f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8806 bytes)
Hash
69bdfbe73749ef39d9b9662b547ba853
ee2c14f82ea1e653b993fda0839a32943c5d9f86
21fa51ce61c1dfdc30c28371940f5dfc83127a691e34299ebab70c4bf0d19231

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b0cb327-c176-43cd-8ce3-7ed2a48e697f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8806
x-amzn-requestid: 5c8a6463-049f-46c6-8595-3230efee793c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-nQkHAPIAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8ec03-332914233e5138ce025afa75;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 07:06:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uw4NZEIk19HZdoUWc1pSpw36gfopSWCC98z11IWLMiXuffloJH-LNg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 13:56:29 GMT
age: 84077
etag: "ee2c14f82ea1e653b993fda0839a32943c5d9f86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8308 bytes)
Hash
91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 21:59:15 GMT
age: 55111
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

kolagenspa.pl/-/dist/DHL_info.html

49.12.127.90

200 OK

2.7 kB

URL HTTP/1.1
kolagenspa.pl/-/dist/DHL_info.html
IP
49.12.127.90:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (353)
Size
2.7 kB (2680 bytes)
Hash
640f4d138fc8db6efeedee76b633376d
79dadb33266a46eabd30ffaa313853b07c12eefd
668e00569f10630b4904dfc6da4924d1b63fac20e8dd85cc892338743581da15

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/dist/DHL_info.html HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 18:13:46 GMT
ETag: W/"63791cda-275e"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Cache: HIT
X-Cache-Type: DYNAMIC
Content-Encoding: gzip

kolagenspa.pl/-/dist/floating-label.js

49.12.127.90

200 OK

1.0 kB

URL HTTP/1.1
kolagenspa.pl/-/dist/floating-label.js
IP
49.12.127.90:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
1.0 kB (1013 bytes)
Hash
0dc6a430d218a2556df67796ee07ecb3
91559283ac1943434f4099e60371b7004ae6acf1
771521c1cbb1e03aec9bcc702e29e1e11b910de11941be0e3b5ebab62235606f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/dist/floating-label.js HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: W/"62df206a-d24"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:46 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Content-Encoding: gzip

kolagenspa.pl/-/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff

49.12.127.90

200 OK

41 kB

URL HTTP/1.1
kolagenspa.pl/-/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff
IP
49.12.127.90:0
ASN
#24940 Hetzner Online GmbH

File type
Web Open Font Format, TrueType, length 41352, version 1.66\012- data
Size
41 kB (41352 bytes)
Hash
4e23ecf085132857bdb54b4da7373151
a50215c22a591536b21e509100d1707c6886ffd6
b033eff45e6e8ecd5c5bccd8ef9a96c4dc37325adc64c5aed8b1d909b24c4eb4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
fortinet	Phishing

HTTP Headers

GET /-/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kolagenspa.pl/-/dist/dhl.css
Cookie: langCookie=en

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:46 GMT
Content-Type: application/font-woff
Content-Length: 41352
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: "62df206a-a188"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:46 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Accept-Ranges: bytes

kolagenspa.pl/-/dist/jquery.validate.min.js

49.12.127.90

200 OK

7.9 kB

URL HTTP/1.1
kolagenspa.pl/-/dist/jquery.validate.min.js
IP
49.12.127.90:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (24237)
Size
7.9 kB (7884 bytes)
Hash
0b2eb7800347f7fe6e93ae5bb7a229a6
d723f627fad289633b3bd8d235b1481254bbdafe
f7e3fcc30e34ff9d6f9de6cc9d764f9135eb8f294e8d3da3e590e02d5b262ea2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/dist/jquery.validate.min.js HTTP/1.1
Host: kolagenspa.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://kolagenspa.pl/-/81bbea9110478e5a49af2e8a8413f1fc/execution.html?c=DHL_info
Cookie: langCookie=en

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 13:17:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 22:59:54 GMT
ETag: W/"62df206a-5f38"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jul 2023 13:17:46 GMT
Pragma: public
Cache-Control: max-age=15552000, public
X-Cache-Type: STATIC
Vary: Accept-Encoding
X-Cache: HIT
Content-Encoding: gzip

cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

104.16.88.20

301 Moved Permanently

0 B

URL HTTP/1.1
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP
104.16.88.20:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kolagenspa.pl/

HTTP/1.1 301 Moved Permanently
Date: Wed, 25 Jan 2023 13:17:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 25 Jan 2023 14:17:46 GMT
Location: https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5wOiHaN7KPDwXBr9HakV5UjXwFNObkUft%2BfMJP3QaYgh9qzNn8EeT3IkdQJ2wtAJB0sLAfzAJV2wexCbAaCxOdurdE0ct1q55w1unwMo%2BwbK3UxeKi0P8%2FjoNQu%2Fm%2BhuYU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78f14a7e3cdb0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
b226d41e0973c031bbe091a9cf4336f6
82ebea6d2007429d274309da9643952ea2f6f701
685eb673d1f1a1d93851d8efc7aa56caeee50c388a8653de9c952cd720541688

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4611
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:17:46 GMT
Last-Modified: Wed, 25 Jan 2023 12:00:55 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
b226d41e0973c031bbe091a9cf4336f6
82ebea6d2007429d274309da9643952ea2f6f701
685eb673d1f1a1d93851d8efc7aa56caeee50c388a8653de9c952cd720541688

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4611
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:17:46 GMT
Last-Modified: Wed, 25 Jan 2023 12:00:55 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280

cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

104.16.88.20

200 OK

0 B

URL HTTP/2
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP
104.16.88.20:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kolagenspa.pl/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 25 Jan 2023 13:17:46 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.16.1
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
x-served-by: cache-fra19173-FRA, cache-yyz4521-YYZ
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 546084
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ydYhpQWVInitq4k7RTAN48MHVEpWD86h8nKQB3K972RiE9N36QOExjX4cFDES4yXEQa1e%2B7F7aAe56thMMOzGzrsGryGEjJqy2W8f%2F7O33vgKHt8HmjB1Wnqp%2BxSnjwWkM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f14a7e8d83b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML