r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4198
Expires: Wed, 22 Mar 2023 19:53:06 GMT
Date: Wed, 22 Mar 2023 18:43:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2220
Expires: Wed, 22 Mar 2023 19:20:08 GMT
Date: Wed, 22 Mar 2023 18:43:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 22 Mar 2023 18:27:30 GMT
content-type: application/json
age: 938
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5285a032a285729d3e4a546310ed052d
d370c14bbc2d168cc3703bcb6b94ea0ece26e69d
a811aac1eb89de0666a7de8d3eda1dc3affa7ce5353219211a1beee1211536b5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A811AAC1EB89DE0666A7DE8D3EDA1DC3AFFA7CE5353219211A1BEEE1211536B5"
Last-Modified: Mon, 20 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2256
Expires: Wed, 22 Mar 2023 19:20:44 GMT
Date: Wed, 22 Mar 2023 18:43:08 GMT
Connection: keep-alive
ocsp.comodoca.com/
200 OK 471 B IP
Hash 327dab654544aaf32a59d1e4d77aee3a
a53ae1a9654e1498cc3b150ce97a04a39d17f0a1
7eae98445b0ffc35e5606afa6e80f2cd876a5efe60bafd250a186449d3a6bcc6
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 18:43:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 22 Mar 2023 12:52:41 GMT
Expires: Wed, 29 Mar 2023 12:52:40 GMT
Etag: "a53ae1a9654e1498cc3b150ce97a04a39d17f0a1"
Cache-Control: max-age=583511,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac0941b2a50b505-OSL
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3DaoarITLHconnziLLSw8Y4tJds3vfS36H6TkSxP5gUPCCEz6NcPn5HS9Ajj4sVr1TYmuYWddi8=
x-amz-request-id: K8RZSRFV627A84Z2
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 22 Mar 2023 17:59:37 GMT
age: 2611
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 18:43:08 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 22 Mar 2023 18:14:33 GMT
age: 1716
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 050ca4dc2182e0a27573b0d9f32b7834
bec14dc5af0d0b32210470673511acd8db404308
b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9470
Expires: Wed, 22 Mar 2023 21:20:59 GMT
Date: Wed, 22 Mar 2023 18:43:09 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XDxBurfNSCugGqOIGP92Fw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2oYCiaVkoFioDps3mddlNubkd34=
ddcgroup.pl/
200 OK 19 kB IP
ASN #203417 LH.pl Sp. z o.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1902), with CRLF, LF line terminators
Hash 420e3be8b33b98324cafa24d6fdf9cfd
6376da5a680d7f790159bd1b5c8162c9f1e5d227
319ef722e071abd6863e34ba378db806b96fa66d850b0ff89ac0389c200e32dc
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://ddcgroup.pl/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 19363
content-type: text/html; charset=UTF-8
date: Wed, 22 Mar 2023 18:43:08 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-includes/css/dist/block-library/style.min.css?ver=5.3.14
200 OK 6.1 kB URL HTTP/2 ddcgroup.pl/wp-includes/css/dist/block-library/style.min.css?ver=5.3.14
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (41045), with no line terminators
Hash e249e51bc3661ceb614f1ad31574c939
ca981ab391193e11e93775f3c25abc452b0e3908
950b57fc13a5c515fffe9c67a69da06e9e833430253210d0cd9fe4aff93d667f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.3.14 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 11 Jun 2020 01:45:00 GMT
etag: "a055-5a7c51bcb406b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6132
content-type: text/css
date: Wed, 22 Mar 2023 18:43:09 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/contact-form-7-style/css/frontend.css?ver=3.1.8
200 OK 6.3 kB URL HTTP/2 ddcgroup.pl/wp-content/plugins/contact-form-7-style/css/frontend.css?ver=3.1.8
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (40049), with no line terminators
Hash 6d8321d6103cef4eaa0853d073a290fe
15f4cb0ce7fff4f13f6c9ea9960137b92a38267c
0b0f74aa24a9c3265c8015d535e1a4e7a2327246f8b671a8e380dffed6baad44
GET /wp-content/plugins/contact-form-7-style/css/frontend.css?ver=3.1.8 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:46:48 GMT
etag: "9c71-59b9e9c0e15b5-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6325
content-type: text/css
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/contact-form-7-style/css/responsive.css?ver=3.1.8
200 OK 1.6 kB URL HTTP/2 ddcgroup.pl/wp-content/plugins/contact-form-7-style/css/responsive.css?ver=3.1.8
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (8173), with no line terminators
Hash edae872da4c95418f2173037c19eff27
008e5d12f8158ca02fbea06639c81762a055f89b
2ebd21862aa5e2648c9b385c981eb31fc067fe74e5c4ae7449e928f35e6643ae
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7-style/css/responsive.css?ver=3.1.8 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:46:48 GMT
etag: "1fed-59b9e9c0e15b5-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1645
content-type: text/css
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
200 OK 649 B URL HTTP/2 ddcgroup.pl/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
IP
ASN #203417 LH.pl Sp. z o.o.
Hash 76aba5da6a0d822d5b7ed296888c8758
9bd4319bc86fb62d04a7593569084a978fed2793
220aff2fb7a928001bdc0e30d89b683c92c5f41f259759ca04c198a678eab56e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:46:46 GMT
etag: "66d-59b9e9bea8c0d-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 649
content-type: text/css
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.3.14
200 OK 1.3 kB URL HTTP/2 ddcgroup.pl/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.3.14
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (6191), with no line terminators
Hash 3472a0b5c80b4a1449c49358148f6d5d
10c8fc3b52daa2e57370a8b2b05323b8d276d0d6
8fd6d92e80f8021e3cc7fd9401995974f04e5af60ebc064a39e3c16c37ebc75c
GET /wp-content/plugins/cookie-notice/css/front.min.css?ver=5.3.14 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:46:49 GMT
etag: "182f-59b9e9c18144d-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1298
content-type: text/css
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/foobox-image-lightbox/free/css/foobox.free.min.css?ver=2.7.8
200 OK 3.9 kB URL HTTP/2 ddcgroup.pl/wp-content/plugins/foobox-image-lightbox/free/css/foobox.free.min.css?ver=2.7.8
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (24152), with no line terminators
Hash e539471f0a9b4377872b4d95542300ac
5a12236c49a12c4198ba5b61160fd9426b800c37
1a826ad0542be60c45dd5dfbfd7cdd592f410a71b2495c65b5aedb9c6d0cbdb3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/foobox-image-lightbox/free/css/foobox.free.min.css?ver=2.7.8 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:46:56 GMT
etag: "5e58-59b9e9c8247cc-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3935
content-type: text/css
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/templatesnext-toolkit/css/owl.carousel.css?ver=2.2.1
200 OK 528 B URL HTTP/2 ddcgroup.pl/wp-content/plugins/templatesnext-toolkit/css/owl.carousel.css?ver=2.2.1
IP
ASN #203417 LH.pl Sp. z o.o.
Hash a70757c9c5b45b8b3e693066dee5c63c
4ddc02d2eac2bb1a9ccc446ff1e19641ee8f7279
97e2ca1b06a80ecd57e1514d54bec8904727d25dc47f878b41d204c72e8535de
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/templatesnext-toolkit/css/owl.carousel.css?ver=2.2.1 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:47:13 GMT
etag: "5c4-59b9e9d8446ab-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 528
content-type: text/css
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/templatesnext-toolkit/css/owl.transitions.css?ver=1.3.2
200 OK 694 B URL HTTP/2 ddcgroup.pl/wp-content/plugins/templatesnext-toolkit/css/owl.transitions.css?ver=1.3.2
IP
ASN #203417 LH.pl Sp. z o.o.
Hash 362e4dd89f3c395772f34d1da91ec825
27bd3517a54cfaddcbc2e95efd7b352ce33053e9
eb2e7e8bf64be66d46606d962377640542f464c66945ec46790b91db68bdb06b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/templatesnext-toolkit/css/owl.transitions.css?ver=1.3.2 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:47:13 GMT
etag: "117c-59b9e9d8446ab-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 694
content-type: text/css
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/templatesnext-toolkit/css/colorbox.css?ver=1.5.14
200 OK 1.5 kB URL HTTP/2 ddcgroup.pl/wp-content/plugins/templatesnext-toolkit/css/colorbox.css?ver=1.5.14
IP
ASN #203417 LH.pl Sp. z o.o.
Hash 9df0ad7bdc2290b8c4534d2eb65d829b
e364869f70a462b988dc3fde6fd938015b2a556d
b7c105bef6b6c5ae5928699db207e1448839b6754cc73f516a4fa0ba126686a3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/templatesnext-toolkit/css/colorbox.css?ver=1.5.14 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:47:13 GMT
etag: "117a-59b9e9d8442c3-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1475
content-type: text/css
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/templatesnext-toolkit/css/animate.css?ver=3.5.1
200 OK 4.5 kB URL HTTP/2 ddcgroup.pl/wp-content/plugins/templatesnext-toolkit/css/animate.css?ver=3.5.1
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with CRLF line terminators
Hash 4402cc315c62f113e62bd81e6774c7ca
3851b7ef2bfc89e8ee4b5edf10b3ba7cadaddb55
470aef06f0f63f8e5d1f7a30598c44b4c5aa76ada582ed839ee2d8b14101a78a
GET /wp-content/plugins/templatesnext-toolkit/css/animate.css?ver=3.5.1 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:47:13 GMT
etag: "1274f-59b9e9d8442c3-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4467
content-type: text/css
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/templatesnext-toolkit/css/tx-style.css?ver=1.01
200 OK 7.1 kB URL HTTP/2 ddcgroup.pl/wp-content/plugins/templatesnext-toolkit/css/tx-style.css?ver=1.01
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (301), with CRLF line terminators
Hash f8378bf7b76f30e2e5d279df1452f206
4c853163c687603f59c493c10e32840393ab5200
95b84f255f7d1003625d5255c78c1f6b056aad446a9230bf78423b32fea9846e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/templatesnext-toolkit/css/tx-style.css?ver=1.01 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:47:13 GMT
etag: "ac6d-59b9e9d8442c3-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7083
content-type: text/css
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/themes/colormag/style.css?ver=5.3.14
200 OK 13 kB URL HTTP/2 ddcgroup.pl/wp-content/themes/colormag/style.css?ver=5.3.14
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with CRLF line terminators
Hash 88404d465d9e4167a44085049da2cad3
2dfbe7101503e8d6f2f91e0849c840a128cbd582
baf59cb4eb9c134c3d693cd11138a916a73cef6040ab0ca7a0eb8cc083f95a83
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/colormag/style.css?ver=5.3.14 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Feb 2021 16:20:31 GMT
etag: "1350b-5ba5cd96b51c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 12829
content-type: text/css
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/themes/colormag/fontawesome/css/font-awesome.css?ver=4.2.1
200 OK 7.4 kB URL HTTP/2 ddcgroup.pl/wp-content/themes/colormag/fontawesome/css/font-awesome.css?ver=4.2.1
IP
ASN #203417 LH.pl Sp. z o.o.
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash 57a8ee32de25312ab303210ef3c556a9
388f783ee7c84801442370bf8d3812213a1198f5
8bdd62fda01c7b19a4d2ee31cfb4d2fc6123a958cb23bf902c9fead7fc6a9c0d
GET /wp-content/themes/colormag/fontawesome/css/font-awesome.css?ver=4.2.1 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:51:30 GMT
etag: "9226-59b9eacdb9153-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7439
content-type: text/css
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.6.0
200 OK 113 B URL HTTP/2 ddcgroup.pl/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.6.0
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with CRLF line terminators
Hash b59ceba7283ee984e50d55b818371d96
978867e09edcb30ed77d023cb780c2a48de8dcf8
48c998d8a135558b8f4392cdb922f8f80ff9051651e9695968238117da151867
GET /wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.6.0 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 10 Mar 2017 20:26:29 GMT
etag: "e8-54a662d332740-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 113
content-type: text/css
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/contact-form-7-style/js/frontend-min.js?ver=3.1.8
200 OK 423 B URL HTTP/2 ddcgroup.pl/wp-content/plugins/contact-form-7-style/js/frontend-min.js?ver=3.1.8
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (1632), with no line terminators
Hash 4457f8b792407d129e513d4df370022e
599d78689533a56624a610cf9f22cebd7a91f14d
662c4647cda34a7c07583f1fab8b3b18f5232899544c67a17433a2ef1eba4756
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7-style/js/frontend-min.js?ver=3.1.8 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:46:48 GMT
etag: "660-59b9e9c0e216d-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 423
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
200 OK 4.0 kB URL HTTP/2 ddcgroup.pl/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 10 Mar 2017 17:08:51 GMT
etag: "2748-54a636a686ec0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4014
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-includes/js/imagesloaded.min.js?ver=3.2.0
200 OK 2.6 kB URL HTTP/2 ddcgroup.pl/wp-includes/js/imagesloaded.min.js?ver=3.2.0
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (7996)
Hash 38b694df325f3d381d4d839d33cfb59c
82c4d20653dc93197b17e84a7b1274dac4f49588
e220e69ff51b9e853e6206a7d3204c8129e175141f5dd4e93e67a72fefdaa3b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=3.2.0 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:45:48 GMT
etag: "1fb1-59b9e9879eaa9-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2551
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 06adbc463c1bafb4b79a2d2f10791ef8
30a6d093719f89764805f62102b0a07c493016a0
64000d2bedca454efa1fc2de6083ca06cb3e94b33565427ba9ac7c9345a926fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 18:43:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ddcgroup.pl/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.2.50
200 OK 1.9 kB URL HTTP/2 ddcgroup.pl/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.2.50
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (8165), with no line terminators
Hash f752c2c3f0b0abc4404a0a0c8fc1abb9
89dfae2ee8828e3e4b825fa19f4883abd862cd17
b2e9486a6836edcd2307a75e1728556f59e51bed7ab11ab2d2cce4108e500d61
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-notice/js/front.min.js?ver=1.2.50 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:46:49 GMT
etag: "1fe5-59b9e9c181835-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1873
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
200 OK 4.0 kB URL HTTP/2 ddcgroup.pl/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
IP
ASN #203417 LH.pl Sp. z o.o.
Hash 179ff7e7ba061cb009f29849fc15f071
f824ebc474c27b208137b68aa51d5d0d2b3a89e9
b889c73e9da05e33847d3ab6f1f98c172204c3e4cb2e4832863695f34e2270de
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:46:46 GMT
etag: "3868-59b9e9bea97c5-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3993
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/foobox-image-lightbox/free/js/foobox.free.min.js?ver=2.7.8
200 OK 15 kB URL HTTP/2 ddcgroup.pl/wp-content/plugins/foobox-image-lightbox/free/js/foobox.free.min.js?ver=2.7.8
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (32022), with CRLF, LF line terminators
Hash ceb4c588a4cbe3de6ac688a41bb3d07e
b998f219b055b78cb86154b49a00a70e67b61bb3
5f21b58baf0ec321284fc4674830ee837de72a79fb61b47f698317ac07c880c9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/foobox-image-lightbox/free/js/foobox.free.min.js?ver=2.7.8 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:46:56 GMT
etag: "d857-59b9e9c824f9c-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 15360
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/templatesnext-toolkit/js/jquery.colorbox-min.js?ver=1.5.14
200 OK 4.7 kB URL HTTP/2 ddcgroup.pl/wp-content/plugins/templatesnext-toolkit/js/jquery.colorbox-min.js?ver=1.5.14
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (11851)
Hash 6e2695c1597530cdcd757cee856cfa2b
f37e442a816e0f2845b4714a13cd9329820205df
9978b4b9130d2288d41c8885128c2f7621a6b081fbe1b00e9f4e4b94f77bcd72
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/templatesnext-toolkit/js/jquery.colorbox-min.js?ver=1.5.14 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:47:13 GMT
etag: "2e94-59b9e9d84db1b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4714
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-includes/js/masonry.min.js?ver=3.3.2
200 OK 8.5 kB URL HTTP/2 ddcgroup.pl/wp-includes/js/masonry.min.js?ver=3.3.2
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (28817)
Hash e76ffbc29190aeddad010bc434d36230
5d0ca611203c41695823f1e05786eea71d7bb424
0c92502affb7302571dbf04db8aea83dace8c130dadfcbeed169f406e4c42f28
GET /wp-includes/js/masonry.min.js?ver=3.3.2 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:45:47 GMT
etag: "7119-59b9e98677031-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 8524
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/templatesnext-toolkit/js/owl.carousel.min.js?ver=1.3.2
200 OK 6.5 kB URL HTTP/2 ddcgroup.pl/wp-content/plugins/templatesnext-toolkit/js/owl.carousel.min.js?ver=1.3.2
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (635)
Hash 52dcceca1a5279318db4eb1a274c2cd3
e53de7bb9b9b4c78d01871df740e153f75c8d2f0
76f7bc9e2f31513fb2903602954e5658efc5b0325748be43a0cf36338be814c3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/templatesnext-toolkit/js/owl.carousel.min.js?ver=1.3.2 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:47:13 GMT
etag: "5d52-59b9e9d84df03-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6465
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/templatesnext-toolkit/js/jquery.inview.min.js?ver=1.0.0
200 OK 767 B URL HTTP/2 ddcgroup.pl/wp-content/plugins/templatesnext-toolkit/js/jquery.inview.min.js?ver=1.0.0
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (1437)
Hash 254700a1bba929cc69f4fb19c01771d3
1b9fe97560dca242ea66fb4ebb30dfd738f576a3
d9cca9fbc5a448952ce8e1c579a39f998ae5ff72acf66794e869550a826db052
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/templatesnext-toolkit/js/jquery.inview.min.js?ver=1.0.0 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:47:13 GMT
etag: "59e-59b9e9d84df03-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 767
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/themes/colormag/js/skip-link-focus-fix.js?ver=5.3.14
200 OK 418 B URL HTTP/2 ddcgroup.pl/wp-content/themes/colormag/js/skip-link-focus-fix.js?ver=5.3.14
IP
ASN #203417 LH.pl Sp. z o.o.
Hash e6aecbfcf27d15321f23be67060dfef3
224c6f619fb59ce518f1d5de2134926677bc7e83
9b49c55582fb33fde7ba10674b1c86dab6204c222cc27a14f7c7a3dbd5095f32
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/colormag/js/skip-link-focus-fix.js?ver=5.3.14 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:51:30 GMT
etag: "2b0-59b9eacd5c8db-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 418
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/themes/colormag/js/fitvids/jquery.fitvids.js?ver=20150311
200 OK 1.3 kB URL HTTP/2 ddcgroup.pl/wp-content/themes/colormag/js/fitvids/jquery.fitvids.js?ver=20150311
IP
ASN #203417 LH.pl Sp. z o.o.
File type HTML document, ASCII text
Hash a2a9fb75a7a690e1327c440fcedde640
513ec42eb238937c124f01b0993578ddee51f284
57593148d1f2423262636e66381ace22f7f481aa9edd28f4edd64cec0ba2a2ef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/colormag/js/fitvids/jquery.fitvids.js?ver=20150311 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:51:30 GMT
etag: "d16-59b9eacd5c4f3-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1342
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
200 OK 716 B URL HTTP/2 ddcgroup.pl/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (1626)
Hash 9d85e1af0990cd88aded996881127353
f066c0f6aa1dabade0eebe90d1e65b5f38347988
ea398ed80ebce514f813d21421b487d8683d471dc0f923f67da1b59e09e29902
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 10 Mar 2017 17:08:51 GMT
etag: "71b-54a636a686ec0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 716
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/themes/colormag/js/navigation.js?ver=5.3.14
200 OK 1.1 kB URL HTTP/2 ddcgroup.pl/wp-content/themes/colormag/js/navigation.js?ver=5.3.14
IP
ASN #203417 LH.pl Sp. z o.o.
Hash aa3a629106a23534d8fa0889d06d4ee2
2f37cd895186ce91b1fe364f685c6c7f34f3af0f
95ddb2f17f06ce3caa57abe93afe5d71e2bcc903fcf1057bbba999f27e4faadb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/colormag/js/navigation.js?ver=5.3.14 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:51:30 GMT
etag: "c0b-59b9eacd5c8db-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1118
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/themes/colormag/js/magnific-popup/jquery.magnific-popup.min.js?ver=20150310
200 OK 7.3 kB URL HTTP/2 ddcgroup.pl/wp-content/themes/colormag/js/magnific-popup/jquery.magnific-popup.min.js?ver=20150310
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (20072)
Hash 2234d66b08f7ca3f55f588f3f24a66f5
01b5c40ab72c12fd018d02d388fcddec822f52a1
9169512e654d7df9cd0e6d9e492d1642772c2520d247f49ec25f8b830fa3ca8a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/colormag/js/magnific-popup/jquery.magnific-popup.min.js?ver=20150310 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:51:30 GMT
etag: "4ee9-59b9eacd5c8db-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7347
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=4.2.10
200 OK 6.3 kB URL HTTP/2 ddcgroup.pl/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=4.2.10
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (24109)
Hash 037003e2b3b613bcee638d94e05114b4
9728f2fe94bb6d954da8ded0443a766872a91a89
6e70494b99f6290213dc65b79102abe85cb31ae1985002dac38e97cbc8e5aa5a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=4.2.10 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:51:30 GMT
etag: "5e2e-59b9eacd5c8db-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6251
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-includes/js/wp-embed.min.js?ver=5.3.14
200 OK 739 B URL HTTP/2 ddcgroup.pl/wp-includes/js/wp-embed.min.js?ver=5.3.14
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (1391), with no line terminators
Hash 60d8829560031a011771efa2f39708af
a4689c3b70f773deb896eec78028e0902ef15097
a0176bd4cc53bd2e920b0dfd10f56d2a4a3820d671539414ef4b3e2b3e50b9b7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=5.3.14 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 12:55:53 GMT
etag: "56f-5c00262331cb4-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 739
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/templatesnext-toolkit/js/tx-script.js?ver=2013-07-18
200 OK 2.2 kB URL HTTP/2 ddcgroup.pl/wp-content/plugins/templatesnext-toolkit/js/tx-script.js?ver=2013-07-18
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with CRLF line terminators
Hash b4530eac14b81299a3a37845a63a0192
4a7c9852037ce28e9811e815ad6c0cadeecf2689
316373b6ab54849481b7f7ab8ceb63da3815f72f92f2fb0f42b5b82a59a76a13
GET /wp-content/plugins/templatesnext-toolkit/js/tx-script.js?ver=2013-07-18 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:47:13 GMT
etag: "232c-59b9e9d84df03-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2186
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/themes/colormag/js/colormag-custom.js?ver=5.3.14
200 OK 1.6 kB URL HTTP/2 ddcgroup.pl/wp-content/themes/colormag/js/colormag-custom.js?ver=5.3.14
IP
ASN #203417 LH.pl Sp. z o.o.
Hash bb8b8b92067f5af82ecb4347d4af41f8
332f17b5670bbeaec47430e5680ed44a0731d53e
6e1cedcd8ecf51b7b7c8fdff54a15bfb3751085222e4ac0d9c578aa0a962af89
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/colormag/js/colormag-custom.js?ver=5.3.14 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:51:30 GMT
etag: "1244-59b9eacd5c8db-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1556
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 06adbc463c1bafb4b79a2d2f10791ef8
30a6d093719f89764805f62102b0a07c493016a0
64000d2bedca454efa1fc2de6083ca06cb3e94b33565427ba9ac7c9345a926fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 18:43:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ddcgroup.pl/wp-content/plugins/lazy-loading-responsive-images/js/ls.unveilhooks.min.js?ver=5.3.14
200 OK 780 B URL HTTP/2 ddcgroup.pl/wp-content/plugins/lazy-loading-responsive-images/js/ls.unveilhooks.min.js?ver=5.3.14
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (1591)
Hash a7125bae4890569a42749a5ea41655d1
b0e2b43b41e4aba844f24c0cfd833d92ac13c5ff
8dd38e9dfbc7a38960d91fc82853a238367a23f35e8cfcadf63049cf120445ec
GET /wp-content/plugins/lazy-loading-responsive-images/js/ls.unveilhooks.min.js?ver=5.3.14 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Jan 2020 12:07:56 GMT
etag: "652-59bb3dc016641-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 780
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/facebook-conversion-pixel/pixel-cat.min.js?ver=2.4.2
200 OK 2.2 kB URL HTTP/2 ddcgroup.pl/wp-content/plugins/facebook-conversion-pixel/pixel-cat.min.js?ver=2.4.2
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (9206), with no line terminators
Hash 2d859b1b92170d7847f916488894aaad
dfbd09f4b5f4e7647bad045651ac2bad23c7af38
15c38c8a9d37b5f8cbdf067f353589bfe2f53c4d8f30cc3c993b573f8f49c479
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/facebook-conversion-pixel/pixel-cat.min.js?ver=2.4.2 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 Jan 2020 07:19:42 GMT
etag: "23f6-59ca13b556f9e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2190
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/themes/colormag/js/sticky/jquery.sticky.js?ver=20150309
200 OK 2.6 kB URL HTTP/2 ddcgroup.pl/wp-content/themes/colormag/js/sticky/jquery.sticky.js?ver=20150309
IP
ASN #203417 LH.pl Sp. z o.o.
Hash 18c22d75f6de30e742d6e91d95f82590
72ec19ce0aa5b23e69acb35f8563457cd23f6263
0ccd4f15b1cbe724da17c590f8a64aeba06d141e351ed323a035b1235ad9c19e
GET /wp-content/themes/colormag/js/sticky/jquery.sticky.js?ver=20150309 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:51:30 GMT
etag: "2705-59b9eacd5c8db-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2562
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/themes/colormag/js/magnific-popup/magnific-popup.css?ver=20150310
200 OK 1.8 kB URL HTTP/2 ddcgroup.pl/wp-content/themes/colormag/js/magnific-popup/magnific-popup.css?ver=20150310
IP
ASN #203417 LH.pl Sp. z o.o.
Hash 24d43b806e85342a40e2da6970fdfaa0
b365e6daf45244233ffac6681aa3dad08a26f2c5
dcf879e6dd283fcbef1dc4a0392fbd2ec5ea512b31a97f64ea3076fc392d784e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/colormag/js/magnific-popup/magnific-popup.css?ver=20150310 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:51:30 GMT
etag: "1b27-59b9eacd5c8db-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1816
content-type: text/css
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
200 OK 34 kB URL HTTP/2 ddcgroup.pl/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP
ASN #203417 LH.pl Sp. z o.o.
File type ASCII text, with very long lines (31997)
Hash acf54950dfb2d6981e941d733b377591
340de686aecd9e6246a32c71e7de63ed69229ceb
d97f66caea5260bc71609f0da43ac0d937ecc09253910e5dda4c9fe4dbde20fc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:45:47 GMT
etag: "17a69-59b9e9860b589-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 33776
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/uploads/2017/01/logo-DDC-GROUP-bez-ramki.jpg
200 OK 28 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/2017/01/logo-DDC-GROUP-bez-ramki.jpg
IP
ASN #203417 LH.pl Sp. z o.o.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=14, height=606, bps=182, compression=none, PhotometricIntepretation=CMYK, description=image description, orientation=upper-left, width=1107], baseline, precision 8, 150x82, components 4\012- data
Hash e1b05f452a0a3a68a44aab5a2d4060f4
8048073d1c28f1d8a8c5fd4c3773215ae28d3480
d8d1c6e1208e4ac752e4081b20a3ba577709d8d26a959bb424cce581674bf2de
GET /wp-content/uploads/2017/01/logo-DDC-GROUP-bez-ramki.jpg HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 11 Jan 2017 09:49:54 GMT
etag: "6d17-545ce85cdf480"
accept-ranges: bytes
content-length: 27927
content-type: image/jpeg
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/uploads/BANERnowy.png
200 OK 675 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/BANERnowy.png
IP
ASN #203417 LH.pl Sp. z o.o.
File type PNG image data, 3855 x 554, 8-bit/color RGBA, non-interlaced\012- data
Size 675 kB (675068 bytes)
Hash 6509fc43e84248919fed04ad984c483d
2190c1efc15124ce5da2527e63ad89d7f6e434c1
a872d39300fa25bdbbd81400c01467896503fc56ccde8b3113da3ace59b02517
GET /wp-content/uploads/BANERnowy.png HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Feb 2021 14:49:20 GMT
etag: "a4cfc-5ba97ece281b0"
accept-ranges: bytes
content-length: 675068
content-type: image/png
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0086fc6b6b52670b2d7ca51fc65d8d44
1d906db50d0373e0e3e1e85031de970218264f4d
24a9078b3b1b7b060c8e68777d0baaa3651c18cebe9107a2598f07981086f830
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 18:43:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 18:43:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 18:43:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0086fc6b6b52670b2d7ca51fc65d8d44
1d906db50d0373e0e3e1e85031de970218264f4d
24a9078b3b1b7b060c8e68777d0baaa3651c18cebe9107a2598f07981086f830
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 18:43:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ddcgroup.pl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 2279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Hash 3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ddcgroup.pl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
age: 2279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0086fc6b6b52670b2d7ca51fc65d8d44
1d906db50d0373e0e3e1e85031de970218264f4d
24a9078b3b1b7b060c8e68777d0baaa3651c18cebe9107a2598f07981086f830
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 18:43:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ddcgroup.pl/wp-content/uploads/2017/01/favicon-ddc.png
200 OK 11 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/2017/01/favicon-ddc.png
IP
ASN #203417 LH.pl Sp. z o.o.
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 669bf0be8ef348fa5988578aebd55e2a
10d3a3fb78d4cad466a14dd710124b20b07d6a2e
7bf9b8346a3e34f2eb9bcf83c45f980d70988fd4b88887b18ce431972f8f6956
GET /wp-content/uploads/2017/01/favicon-ddc.png HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 13 Jan 2017 08:25:51 GMT
etag: "2ca2-545f594e6a1c0"
accept-ranges: bytes
content-length: 11426
content-type: image/png
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 471 B URL HTTP/2 ddcgroup.pl/wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
ASN #203417 LH.pl Sp. z o.o.
Hash 6e965ba75b84abf96ca0d83da48d2fbb
4c2eb4c06cabee4d0f0606e88e9e074e2f767168
4b39bfe671df590e9c5baf75008d76f4272d8ffbafd7108e7592f8165b6806c6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ddcgroup.pl/wp-content/themes/colormag/fontawesome/css/font-awesome.css?ver=4.2.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Jan 2020 10:51:30 GMT
etag: "12d68-59b9eacdb953b"
accept-ranges: bytes
content-length: 77160
vary: Accept-Encoding,User-Agent
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash e5f5bf796d91f271e383cf1ff3ee5af4
70ead02da19095ca752d55e89a48fcdf59d44d33
247f023e282f1556e668df0033858196d682f31f659d1b53ea6dcaeff56c401a
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: l6VQcmFHDvj8zYNg/TKuxqGGoviu/Pewgl4mAgB6kwmKVKw9fwouCwGQBwRrl9yaO0GChP4hpS3Uqkg5oGpTJg==
content-length: 27907
x-fb-trip-id: 1679558926
date: Wed, 22 Mar 2023 18:43:10 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 6e965ba75b84abf96ca0d83da48d2fbb
4c2eb4c06cabee4d0f0606e88e9e074e2f767168
4b39bfe671df590e9c5baf75008d76f4272d8ffbafd7108e7592f8165b6806c6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3626
Cache-Control: max-age=160208
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 18:43:10 GMT
Etag: "641b0ce4-1d7"
Expires: Fri, 24 Mar 2023 15:13:18 GMT
Last-Modified: Wed, 22 Mar 2023 14:12:52 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
radar.cedexis.com/1/11475/radar.js
302 Moved Temporarily 154 B URL HTTP/1.1 radar.cedexis.com/1/11475/radar.js
IP
ASN #63911 NetActuate, Inc
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /1/11475/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 22 Mar 2023 18:43:10 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: /1621860284/radar.js
Expires: Wed, 22 Mar 2023 18:53:10 GMT
Cache-Control: max-age=600
Vary: User-Agent,DNT
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 26240, version 1.0\012- data
Hash 4a90976686fcbd8296c7d7fccc04c273
bcb82e93ac7ad1fa2af6a37009a200f79f4cb4e5
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ddcgroup.pl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
content-type: font/woff2
age: 2279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
radar.cedexis.com/1621860284/radar.js
200 OK 19 kB URL HTTP/1.1 radar.cedexis.com/1621860284/radar.js
IP
ASN #63911 NetActuate, Inc
File type ASCII text, with very long lines (1782)
Hash 436cfb136b0c691d66f6ea1007a2d647
e76f812ba0d3c0ccd14609c1d3fc65ba8382bde0
bf17449606d122529c1b3b1c0240339c03e6d4a81a1ebe0d366820abcf0c011f
GET /1621860284/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ddcgroup.pl/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 18:43:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 24 May 2021 12:50:45 GMT
Vary: Accept-Encoding
ETag: W/"60aba125-af61"
Expires: Wed, 05 Apr 2023 18:43:10 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip
ddcgroup.pl/wp-content/uploads/pantone-kolory-roku-2021-grafika-01-1-800x445.jpg
200 OK 40 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/pantone-kolory-roku-2021-grafika-01-1-800x445.jpg
IP
ASN #203417 LH.pl Sp. z o.o.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 800x445, components 3\012- data
Hash 7aef859fe9e0ff4a89424ee944079a76
1023c6432b316163f1658e998b196582d405df1d
4ce2e75c0a1738b1732877c70523a5a213bf08e51d9fa6c946feb8f75b314cb6
GET /wp-content/uploads/pantone-kolory-roku-2021-grafika-01-1-800x445.jpg HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Jan 2021 11:22:11 GMT
etag: "9d0e-5b9cbdda89cea"
accept-ranges: bytes
content-length: 40206
content-type: image/jpeg
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/uploads/2017/08/naklejka-na-szaf%C4%99-muzyk-392x272.jpg
200 OK 33 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/2017/08/naklejka-na-szaf%C4%99-muzyk-392x272.jpg
IP
ASN #203417 LH.pl Sp. z o.o.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 392x272, components 3\012- data
Hash 18b3b33c699fd3163962c71c76a3accc
54d36193bbaa3345637a6f238d9a0750b3e8b08e
602cff5d90c1fcb10a57ddd9105ec748591e9e4c2377f0622a5e9e17c4d19a0d
GET /wp-content/uploads/2017/08/naklejka-na-szaf%C4%99-muzyk-392x272.jpg HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 04 Aug 2017 08:17:36 GMT
etag: "8173-555e9212ea800"
accept-ranges: bytes
content-length: 33139
content-type: image/jpeg
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/uploads/2017/03/strona-modu%C5%82y-wystawowe-392x272.png
200 OK 189 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/2017/03/strona-modu%C5%82y-wystawowe-392x272.png
IP
ASN #203417 LH.pl Sp. z o.o.
File type PNG image data, 392 x 272, 8-bit/color RGBA, non-interlaced\012- data
Size 189 kB (188881 bytes)
Hash d6b990d9f31df8f832dc35fa16c33c50
f2f35a816b3ed8100c4b1a179a36a02288e12c74
b2c9661162999e290cf6035b80fa4a01b8b136b30cb0054e53311f41d927edb0
GET /wp-content/uploads/2017/03/strona-modu%C5%82y-wystawowe-392x272.png HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Mar 2017 13:04:08 GMT
etag: "2e1d1-54a37c38ce200"
accept-ranges: bytes
content-length: 188881
content-type: image/png
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/uploads/2017/03/100_0815-392x272.jpg
200 OK 24 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/2017/03/100_0815-392x272.jpg
IP
ASN #203417 LH.pl Sp. z o.o.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 392x272, components 3\012- data
Hash 035b2d735de30131d76c8e314720837d
35a7a505a238a4d1edb3fbf915b243b09866dba6
0a186e6024bdcda012c16a698a507a65b6de5e488f29e64a6bc5628050d67433
GET /wp-content/uploads/2017/03/100_0815-392x272.jpg HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Mar 2017 16:01:43 GMT
etag: "5ef4-54b53e06a87c0"
accept-ranges: bytes
content-length: 24308
content-type: image/jpeg
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5906
Expires: Wed, 22 Mar 2023 20:21:36 GMT
Date: Wed, 22 Mar 2023 18:43:10 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5906
Expires: Wed, 22 Mar 2023 20:21:36 GMT
Date: Wed, 22 Mar 2023 18:43:10 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5881
Expires: Wed, 22 Mar 2023 20:21:11 GMT
Date: Wed, 22 Mar 2023 18:43:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f0b9e85381489dcf646c251722b21d4
5f7ea91288a2170bcabdca6be296718c4191eacd
911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10480
x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJptHG7JoAMFSwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hqGFdT1Sk0IcvaNqfvjz5RsGBK-qMBcNKbK9FyZ7OoiH30hDL9ekxA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 22:09:39 GMT
age: 74011
etag: "5f7ea91288a2170bcabdca6be296718c4191eacd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2062cf7a271d4ac7a04c0a746d443e07
3343851f2128c5f1fe4302c2aa53e8ce1fb661ac
e479263c1742d2597cf8948ef059b0bc97dbb97f47bb5cafee3d4af12069d2ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10407
x-amzn-requestid: 87aba2e6-d7e8-4456-a12f-e05ac556b839
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqJhGnXIAMF1yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a23d6-2b6c3d62366f47f506ce8415;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 0o5WYZHvY_8BBGYe5Nc8R4wywGaEn5C71XI7vc_ScMv7GixtP9LyTw==
via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 22:01:15 GMT
age: 74515
etag: "3343851f2128c5f1fe4302c2aa53e8ce1fb661ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bad98da-6135-4f42-b2ae-18c876c9d5b5.jpeg
200 OK 120 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bad98da-6135-4f42-b2ae-18c876c9d5b5.jpeg
IP
File type gzip compressed data, from Unix\012- data
Size 120 kB (120153 bytes)
Hash 5eb5df7267908f61434dba5da3610ef3
2c39b10491b1870b5b5a606681f2a17ac5f96543
bc5c93a265181fdd1da29e763dea9c7f84f840c0dc32ada6848b636c61f3b771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bad98da-6135-4f42-b2ae-18c876c9d5b5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9954
x-amzn-requestid: d768546f-e640-4cdb-a089-3bb4e93a8237
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqOpFFkoAMFZNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a23f7-3fbd266a6c23aaa26ce8df54;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:39:03 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 1cygBrmAdFw7JGzw1iLe3_vTocGJd7xgLUSpAXyWsUFU70WM_fwteA==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 9825a45e2b387a61504c0c3df20048ee.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 21:44:20 GMT
age: 75530
etag: "5aa62479325a9cb5e70e4c9b8423880a7e39272a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F882a2ebf-b22a-46de-bf52-8b9a1aaa2743.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F882a2ebf-b22a-46de-bf52-8b9a1aaa2743.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aeb0d8069d746e467fecd886c0e42628
8229b537f84a7418dc67e30691e62db4cea67f0f
24705dc5b7eefd79a35323beee7c741aa041c3bf55801d13b4ffc2b202e6a394
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F882a2ebf-b22a-46de-bf52-8b9a1aaa2743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8037
x-amzn-requestid: 7a9f7bb5-d810-4831-b5d2-3eead1af864a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJprcGY1IAMFSAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-53cdee4b645ed18e1dfeb92c;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: QW8T5AGg_L1mT4fE8IHeBG9TSiGpbBJpZE2yZdBtAQMJCPV8OKK5Dw==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 ae06b19943a6bad1c1b12b79f7339498.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 21:47:59 GMT
etag: "8229b537f84a7418dc67e30691e62db4cea67f0f"
content-type: image/jpeg
age: 75311
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: dd5a8417-ddd5-469d-aa84-e880f4b84464
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CHqKFGRsoAMFTGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6419570d-3f28a7502b56eda47dd82ba7;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 07:04:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: FQwexS3AfCYYOg7T9MYj2AbSoYTII1t-c-aX4SzlwEsj0LgBWv5Now==
via: 1.1 ee6ea1e4552345de209d26f9ffb35d4a.cloudfront.net (CloudFront), 1.1 8cb7de37a1655236518810d0aabb8656.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 06:23:16 GMT
age: 44394
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 412bd6aea60211324e649d7d920601d2
a813976bda850a584b5ab94d9a70bfe0da69aca0
d36ef17fc6ab3cd4e5e43836f7df2c6fdf1781f1bac73e42c9a09e8594f797f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: 1b374321-f2df-404f-ab91-4e73d830fac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqmAEhHoAMFgRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a248c-217d81154ecfe0c44ca70432;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:41:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: akl7ASh6hPewrlTjOxORbQRIcBbIHLM9JQgMexhgsiPqc1OarfnPHw==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 21:47:59 GMT
age: 75311
etag: "a813976bda850a584b5ab94d9a70bfe0da69aca0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
i2-jehdazoyljzbstylsynbkpzxcjzpxy.init.cedexis-radar.net/i2/1/11475/j1/20/123/1679510596/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
200 Ok 571 B URL HTTP/1.1 i2-jehdazoyljzbstylsynbkpzxcjzpxy.init.cedexis-radar.net/i2/1/11475/j1/20/123/1679510596/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
IP
File type JSON data\012- , ASCII text, with very long lines (570)
Hash 245a89b04e18e0db1820d019c8bc70da
0bcb4246245329cff79798cb7f27dd711f4e667c
41609a688d532a50f63e44c8d4141143c3aa57e270af3f32bcd0d130da99d599
GET /i2/1/11475/j1/20/123/1679510596/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1 HTTP/1.1
Host: i2-jehdazoyljzbstylsynbkpzxcjzpxy.init.cedexis-radar.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ddcgroup.pl
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Server: nginx/1.10.3
Date: Wed, 22 Mar 2023 18:43:11 GMT
Content-Type: application/json
Content-Length: 571
Connection: keep-alive
Keep-Alive: timeout=1
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
ddcgroup.pl/wp-content/uploads/2017/09/folia-mro%C5%BCona-390x205.jpg
200 OK 11 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/2017/09/folia-mro%C5%BCona-390x205.jpg
IP
ASN #203417 LH.pl Sp. z o.o.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 390x205, components 3\012- data
Hash 0e4ed9bd2a9e25a4e31a5dec461dcc48
79cfa62d807dc323c953d0c2a314b10a1101d4ef
9d481646f3ceea00f20ba1d34f1cad0d8d16ffec2c8e75b84eb1c6fb99d414e9
GET /wp-content/uploads/2017/09/folia-mro%C5%BCona-390x205.jpg HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Cookie: _fbp=fb.1.1679510597047.176820545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 21 Sep 2017 14:10:36 GMT
etag: "2c53-559b3a7fdcf00"
accept-ranges: bytes
content-length: 11347
content-type: image/jpeg
date: Wed, 22 Mar 2023 18:43:11 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/uploads/2018/02/Oferta-fototapety-675x445.jpg
200 OK 46 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/2018/02/Oferta-fototapety-675x445.jpg
IP
ASN #203417 LH.pl Sp. z o.o.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 675x445, components 3\012- data
Hash 7d801232ad69a09d40eae50cd0f542fb
8c5fa7cae00a68bade5e67483d67b56c7304b410
39cf249a65a29b42e93acd9158e13bed622eea34b48da54667701a3148679946
GET /wp-content/uploads/2018/02/Oferta-fototapety-675x445.jpg HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Cookie: _fbp=fb.1.1679510597047.176820545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Feb 2018 14:35:17 GMT
etag: "b4ce-564a034353340"
accept-ranges: bytes
content-length: 46286
content-type: image/jpeg
date: Wed, 22 Mar 2023 18:43:11 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/uploads/logo.jpg
200 OK 30 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/logo.jpg
IP
ASN #203417 LH.pl Sp. z o.o.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=95, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=238], baseline, precision 8, 210x76, components 3\012- data
Hash d62b98c3c35bbd4f1c1712ab4f504a52
bd0b1080b03e03c0d7f2407d53168a7c4bb05885
a79ccce11f50536ad7bda0d91478c648f2b74e5d974694c7bc54c8dd8f43ca5e
GET /wp-content/uploads/logo.jpg HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Cookie: _fbp=fb.1.1679510597047.176820545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Jan 2020 22:26:39 GMT
etag: "73e0-59bbc80b8866b"
accept-ranges: bytes
content-length: 29664
content-type: image/jpeg
date: Wed, 22 Mar 2023 18:43:11 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/uploads/2017/09/ukryte-drzwi-130x90.jpg
200 OK 6.4 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/2017/09/ukryte-drzwi-130x90.jpg
IP
ASN #203417 LH.pl Sp. z o.o.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 130x90, components 3\012- data
Hash 6c08aaad95e529485bcda4352255b629
57f91930bb7ec93a7e0979f985a081f8e89197b3
17ca89f87dc634939671b9c822c1c48fb0267018d399399a27a779b13df68e84
GET /wp-content/uploads/2017/09/ukryte-drzwi-130x90.jpg HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Cookie: _fbp=fb.1.1679510597047.176820545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Sep 2017 08:57:19 GMT
etag: "18db-558fa3b07f9c0"
accept-ranges: bytes
content-length: 6363
content-type: image/jpeg
date: Wed, 22 Mar 2023 18:43:11 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/uploads/2017/08/wyko%C5%84czenie-bok%C3%B3w-grafik--130x90.jpg
200 OK 3.3 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/2017/08/wyko%C5%84czenie-bok%C3%B3w-grafik--130x90.jpg
IP
ASN #203417 LH.pl Sp. z o.o.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 130x90, components 3\012- data
Hash 2f4ea795949911f76020d1da45cc3ea4
601cb72678c3aad5a5895ee9381599004a3f0e28
e9ee95bfcf88aa1a03081267ce048f6f5864d3aaa413937704adb91027358c96
GET /wp-content/uploads/2017/08/wyko%C5%84czenie-bok%C3%B3w-grafik--130x90.jpg HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Cookie: _fbp=fb.1.1679510597047.176820545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Aug 2017 08:01:14 GMT
etag: "d04-55752ffcb4680"
accept-ranges: bytes
content-length: 3332
content-type: image/jpeg
date: Wed, 22 Mar 2023 18:43:11 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/uploads/2017/08/naklejki-bez-kleju-130x90.jpg
200 OK 3.5 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/2017/08/naklejki-bez-kleju-130x90.jpg
IP
ASN #203417 LH.pl Sp. z o.o.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 130x90, components 3\012- data
Hash 6e4633025e3e1a8dcde45202fd2a7b47
90bd2497134faee5360372e0585f117cc89a0349
6a816b5b405c3fb3c0abdce98087dc0db805c719a8f2779725aa29256bf319d7
GET /wp-content/uploads/2017/08/naklejki-bez-kleju-130x90.jpg HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Cookie: _fbp=fb.1.1679510597047.176820545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Aug 2017 13:43:15 GMT
etag: "dae-5567a7eafc2c0"
accept-ranges: bytes
content-length: 3502
content-type: image/jpeg
date: Wed, 22 Mar 2023 18:43:11 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/uploads/2017/08/naklejka-na-szaf%C4%99-muzyk-130x90.jpg
200 OK 5.7 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/2017/08/naklejka-na-szaf%C4%99-muzyk-130x90.jpg
IP
ASN #203417 LH.pl Sp. z o.o.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 130x90, components 3\012- data
Hash abb51d81e61fe0de2e4e78529e82e54f
4740d564af7937f3c6a3410695e5ff4efcb0f7cb
43a7332c55587814658fe983f84cb9d2b14eb0eb05a5054af8e4c0c7231486ad
GET /wp-content/uploads/2017/08/naklejka-na-szaf%C4%99-muzyk-130x90.jpg HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Cookie: _fbp=fb.1.1679510597047.176820545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 04 Aug 2017 08:17:36 GMT
etag: "1646-555e9212ea800"
accept-ranges: bytes
content-length: 5702
content-type: image/jpeg
date: Wed, 22 Mar 2023 18:43:11 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=476300819944651&ev=PageView&dl=https%3A%2F%2Fddcgroup.pl%2F&rl=&if=false&ts=1679510597047&sw=1280&sh=1024&v=2.9.99&r=stable&a=wordpress-5.3.14-1.8.0&ec=0&o=30&cs_est=true&fbp=fb.1.1679510597047.176820545&it=1679510596817&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=476300819944651&ev=PageView&dl=https%3A%2F%2Fddcgroup.pl%2F&rl=&if=false&ts=1679510597047&sw=1280&sh=1024&v=2.9.99&r=stable&a=wordpress-5.3.14-1.8.0&ec=0&o=30&cs_est=true&fbp=fb.1.1679510597047.176820545&it=1679510596817&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=476300819944651&ev=PageView&dl=https%3A%2F%2Fddcgroup.pl%2F&rl=&if=false&ts=1679510597047&sw=1280&sh=1024&v=2.9.99&r=stable&a=wordpress-5.3.14-1.8.0&ec=0&o=30&cs_est=true&fbp=fb.1.1679510597047.176820545&it=1679510596817&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 22 Mar 2023 18:43:11 GMT
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/uploads/2015/10/wypo%C5%BCyczalnia_system%C3%B3w-800x445.jpg
200 OK 50 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/2015/10/wypo%C5%BCyczalnia_system%C3%B3w-800x445.jpg
IP
ASN #203417 LH.pl Sp. z o.o.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 800x445, components 3\012- data
Hash e2d73c973e98800c4e64c6582c6b59d2
441a1f07d56a54529d5ef6f04a8fdd8a34f5f78c
b0c0c225ded4df0bf5794b8a4b7dc70400227321c52439122f055ceed97a9afd
GET /wp-content/uploads/2015/10/wypo%C5%BCyczalnia_system%C3%B3w-800x445.jpg HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Cookie: _fbp=fb.1.1679510597047.176820545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Jul 2017 12:23:32 GMT
etag: "c47f-55368d5c95900"
accept-ranges: bytes
content-length: 50303
content-type: image/jpeg
date: Wed, 22 Mar 2023 18:43:11 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/page/2
200 OK 19 kB IP
ASN #203417 LH.pl Sp. z o.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1902), with CRLF, LF line terminators
Hash 24d36d7f77e9ad1bcb47dc27b1fe04f2
38b7ec3163aec4ae73215384f6909e13306ed038
5099cbef59335efe9bfc719c1cd07c603aa612f361898a7d20b23cbe5bd6bf19
Analyzer Verdict Alert fortinet Phishing
GET /page/2 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://ddcgroup.pl/
Cookie: _fbp=fb.1.1679510597047.176820545
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
link: <https://ddcgroup.pl/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 19391
content-type: text/html; charset=UTF-8
date: Wed, 22 Mar 2023 18:43:11 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/uploads/IMG_20201202_140937-scaled-e1615209167535-390x205.jpg
200 OK 28 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/IMG_20201202_140937-scaled-e1615209167535-390x205.jpg
IP
ASN #203417 LH.pl Sp. z o.o.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 390x205, components 3\012- data
Hash 4c5981c507d7b0f8b13d981354f7e3ab
71f4b8b888997aea526678b7b48fdc1aba2cc9fb
00bef12a044169c69c0fd8709952ab527e0de3e21a03170e471ba6038cf1fa8c
GET /wp-content/uploads/IMG_20201202_140937-scaled-e1615209167535-390x205.jpg HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Cookie: _fbp=fb.1.1679510597047.176820545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Mar 2021 13:12:48 GMT
etag: "6edc-5bd0630b69791"
accept-ranges: bytes
content-length: 28380
content-type: image/jpeg
date: Wed, 22 Mar 2023 18:43:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/uploads/2017/04/reklamowe-ogrodzenia-sopot-gdansk-gdynia-390x205.png
200 OK 110 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/2017/04/reklamowe-ogrodzenia-sopot-gdansk-gdynia-390x205.png
IP
ASN #203417 LH.pl Sp. z o.o.
File type PNG image data, 390 x 205, 8-bit/color RGBA, non-interlaced\012- data
Size 110 kB (109925 bytes)
Hash 5e27e81e48e4775dad4e86a4c2e00907
716e5a9d24b4fe638a835b4b48e3aee7c104b197
cf22ff44aa69eff09641dc6db32baba18fb734c66165d6d58c694a64d7d558ca
GET /wp-content/uploads/2017/04/reklamowe-ogrodzenia-sopot-gdansk-gdynia-390x205.png HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Cookie: _fbp=fb.1.1679510597047.176820545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 28 Apr 2017 16:13:35 GMT
etag: "1ad65-54e3c5afba9c0"
accept-ranges: bytes
content-length: 109925
content-type: image/png
date: Wed, 22 Mar 2023 18:43:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/uploads/2017/06/PDM.jpg
200 OK 281 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/2017/06/PDM.jpg
IP
ASN #203417 LH.pl Sp. z o.o.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 13x13, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=11, manufacturer=EASTMAN KODAK COMPANY, model=KODAK EasyShare Z990 Digital Camera , orientation=upper-left, xresolution=208, yresolution=216, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2018:02:08 13:08:01], baseline, precision 8, 800x446, components 3\012- data
Size 281 kB (280920 bytes)
Hash 757529d8e2f86f52fe884f505a0ecb12
30e0b8e8b6c97345585ea984943bce0f2be6a0c7
e1b5245a25ed25dc0619d2925851639b73d52bb0442baa42da3fdc64620a10ef
GET /wp-content/uploads/2017/06/PDM.jpg HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Cookie: _fbp=fb.1.1679510597047.176820545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Feb 2018 12:08:34 GMT
etag: "44958-564b245597480"
accept-ranges: bytes
content-length: 280920
content-type: image/jpeg
date: Wed, 22 Mar 2023 18:43:12 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash c3772464eb7c6f9022ad7e0ed180d187
06fbf96cf76e1595f78f9aa56f8d686910173686
f511535ac1d366e1430c000cb33ece9a18c6efeaddddddeb1aa0d50c4af70892
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4912
Cache-Control: max-age=148902
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 18:43:13 GMT
Etag: "641adbb7-1d7"
Expires: Fri, 24 Mar 2023 12:04:54 GMT
Last-Modified: Wed, 22 Mar 2023 10:43:03 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 471
p30885.citm-test.com/img/r20.gif?rnd=1-1-11475-0-0-30885-2273071909-_CgJqMRAUGHsiBQgBENNZKKWm8bsIMMSY7aAGOL6Y7aAGQKK99s4EShAIAxCeARiXaCAAKMuMgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEQgDEJ4BGICJAyAAKMuMgKAEiAHbtKnRCZABAJgBAA
200 OK 43 B URL HTTP/1.1 p30885.citm-test.com/img/r20.gif?rnd=1-1-11475-0-0-30885-2273071909-_CgJqMRAUGHsiBQgBENNZKKWm8bsIMMSY7aAGOL6Y7aAGQKK99s4EShAIAxCeARiXaCAAKMuMgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEQgDEJ4BGICJAyAAKMuMgKAEiAHbtKnRCZABAJgBAA
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img/r20.gif?rnd=1-1-11475-0-0-30885-2273071909-_CgJqMRAUGHsiBQgBENNZKKWm8bsIMMSY7aAGOL6Y7aAGQKK99s4EShAIAxCeARiXaCAAKMuMgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEQgDEJ4BGICJAyAAKMuMgKAEiAHbtKnRCZABAJgBAA HTTP/1.1
Host: p30885.citm-test.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Date: Thu, 08 Sep 2022 03:09:17 GMT
ETag: "63186850-2b"
Last-Modified: Wed, 07 Sep 2022 09:45:52 GMT
Ali-Swift-Global-Savetime: 1662606558
Via: cache3.l2de2[0,0,200-0,H], cache26.l2de2[1,0], cache2.se1[0,0,200-0,H], cache8.se1[2,0]
Age: 16904035
X-Cache: HIT TCP_MEM_HIT dirn:3:159914652
X-Swift-SaveTime: Thu, 16 Mar 2023 03:48:40 GMT
X-Swift-CacheTime: 15204038
x-aliyun-server-ip: 47.246.44.228
Timing-Allow-Origin: *
EagleId: 2ff62c9c16795105937618188e
p30885.citm-test.com/img/iuni4.html?rnd=-1-1-11475-0-0-30885-2273071909-_CgJqMRAUGHsiBQgBENNZKKWm8bsIMMSY7aAGOL6Y7aAGQKK99s4EShAIAxCeARiXaCAAKMuMgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEQgDEJ4BGICJAyAAKMuMgKAEiAHbtKnRCZABAJgBAA
200 OK 2.0 kB URL HTTP/1.1 p30885.citm-test.com/img/iuni4.html?rnd=-1-1-11475-0-0-30885-2273071909-_CgJqMRAUGHsiBQgBENNZKKWm8bsIMMSY7aAGOL6Y7aAGQKK99s4EShAIAxCeARiXaCAAKMuMgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEQgDEJ4BGICJAyAAKMuMgKAEiAHbtKnRCZABAJgBAA
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (548)
Hash 84c4e73c98e8c3b98a45c5f4022a2c25
e4e9c39c12729268f291f68767dc97a217467be1
7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c
GET /img/iuni4.html?rnd=-1-1-11475-0-0-30885-2273071909-_CgJqMRAUGHsiBQgBENNZKKWm8bsIMMSY7aAGOL6Y7aAGQKK99s4EShAIAxCeARiXaCAAKMuMgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEQgDEJ4BGICJAyAAKMuMgKAEiAHbtKnRCZABAJgBAA HTTP/1.1
Host: p30885.citm-test.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: text/html
Content-Length: 2011
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Date: Fri, 02 Sep 2022 19:22:55 GMT
ETag: "5b7c8474-7db"
Last-Modified: Tue, 21 Aug 2018 21:30:28 GMT
Ali-Swift-Global-Savetime: 1662146575
Via: cache14.l2de2[0,0,200-0,H], cache3.l2de2[2,0], cache8.se1[0,0,200-0,H], cache8.se1[8,0]
Age: 17364018
X-Cache: HIT TCP_MEM_HIT dirn:11:387485588
X-Swift-SaveTime: Thu, 16 Mar 2023 04:13:00 GMT
X-Swift-CacheTime: 14742595
x-aliyun-server-ip: 47.246.44.228
Timing-Allow-Origin: *
EagleId: 2ff62c9c16795105937888223e
p30885.citm-test.com/img/iuni4.html?rnd=-1-1-11475-0-0-30885-2273071909-_CgJqMRAUGHsiBQgBENNZKKWm8bsIMMSY7aAGOL6Y7aAGQKK99s4EShAIAxCeARiXaCAAKMuMgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEQgDEJ4BGICJAyAAKMuMgKAEiAHbtKnRCZABAJgBAA
304 Not Modified 0 B URL HTTP/1.1 p30885.citm-test.com/img/iuni4.html?rnd=-1-1-11475-0-0-30885-2273071909-_CgJqMRAUGHsiBQgBENNZKKWm8bsIMMSY7aAGOL6Y7aAGQKK99s4EShAIAxCeARiXaCAAKMuMgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEQgDEJ4BGICJAyAAKMuMgKAEiAHbtKnRCZABAJgBAA
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/iuni4.html?rnd=-1-1-11475-0-0-30885-2273071909-_CgJqMRAUGHsiBQgBENNZKKWm8bsIMMSY7aAGOL6Y7aAGQKK99s4EShAIAxCeARiXaCAAKMuMgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEQgDEJ4BGICJAyAAKMuMgKAEiAHbtKnRCZABAJgBAA HTTP/1.1
Host: p30885.citm-test.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://p30885.citm-test.com/img/iuni4.html?rnd=-1-1-11475-0-0-30885-2273071909-_CgJqMRAUGHsiBQgBENNZKKWm8bsIMMSY7aAGOL6Y7aAGQKK99s4EShAIAxCeARiXaCAAKMuMgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEQgDEJ4BGICJAyAAKMuMgKAEiAHbtKnRCZABAJgBAA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 21 Aug 2018 21:30:28 GMT
If-None-Match: "5b7c8474-7db"
HTTP/1.1 304 Not Modified
Server: Tengine
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Date: Fri, 02 Sep 2022 19:22:55 GMT
ETag: "5b7c8474-7db"
Last-Modified: Tue, 21 Aug 2018 21:30:28 GMT
Ali-Swift-Global-Savetime: 1662146575
Via: cache14.l2de2[0,0,200-0,H], cache3.l2de2[2,0], cache8.se1[0,0,304-0,H], cache8.se1[2,0]
Age: 17364018
X-Cache: HIT TCP_IMS_HIT dirn:11:387485588
x-aliyun-server-ip: 47.246.44.228
Timing-Allow-Origin: *
EagleId: 2ff62c9c16795105938328278e
p30885.citm-test.com/img/r20.gif?rnd=0-1-11475-0-0-30885-2273071909-_CgJqMRAUGHsiBQgBENNZKKWm8bsIMMSY7aAGOL6Y7aAGQKK99s4EShAIAxCeARiXaCAAKMuMgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEQgDEJ4BGICJAyAAKMuMgKAEiAHbtKnRCZABAJgBAA
200 OK 43 B URL HTTP/1.1 p30885.citm-test.com/img/r20.gif?rnd=0-1-11475-0-0-30885-2273071909-_CgJqMRAUGHsiBQgBENNZKKWm8bsIMMSY7aAGOL6Y7aAGQKK99s4EShAIAxCeARiXaCAAKMuMgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEQgDEJ4BGICJAyAAKMuMgKAEiAHbtKnRCZABAJgBAA
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img/r20.gif?rnd=0-1-11475-0-0-30885-2273071909-_CgJqMRAUGHsiBQgBENNZKKWm8bsIMMSY7aAGOL6Y7aAGQKK99s4EShAIAxCeARiXaCAAKMuMgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEQgDEJ4BGICJAyAAKMuMgKAEiAHbtKnRCZABAJgBAA HTTP/1.1
Host: p30885.citm-test.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Date: Thu, 08 Sep 2022 03:09:17 GMT
ETag: "63186850-2b"
Last-Modified: Wed, 07 Sep 2022 09:45:52 GMT
Ali-Swift-Global-Savetime: 1662606558
Via: cache3.l2de2[0,0,200-0,H], cache26.l2de2[1,0], cache2.se1[0,0,200-0,H], cache8.se1[2,0]
Age: 16904035
X-Cache: HIT TCP_MEM_HIT dirn:3:159914652
X-Swift-SaveTime: Thu, 16 Mar 2023 03:48:40 GMT
X-Swift-CacheTime: 15204038
x-aliyun-server-ip: 47.246.44.228
Timing-Allow-Origin: *
EagleId: 2ff62c9c16795105938528320e
rpt.cedexis.com/f1/_CgJqMRAUGHsiBQgBENNZKKWm8bsIMMSY7aAGOL6Y7aAGQKK99s4EShAIAxCeARiXaCAAKMuMgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEQgDEJ4BGICJAyAAKMuMgKAEiAHbtKnRCZABAJgBAA/0/0/30885/1,2/0/12/eagleid%3A2ff62c9c16795105938328278e%40x-aliyun-server-ip%3A47.246.44.228%40via%3Acache14.l2de2%5B0%2C0%2C200-0%2CH%5D%2C%20cache3.l2de2%5B2%2C0%5D%2C%20cache8.se1%5B0%2C0%2C304-0%2CH%5D%2C%20cache8.se1%5B2%2C0%5D/0/4854/0/0/0/3/556/557/568/593/593/605/605/605/711
200 Ok 16 B URL HTTP/1.1 rpt.cedexis.com/f1/_CgJqMRAUGHsiBQgBENNZKKWm8bsIMMSY7aAGOL6Y7aAGQKK99s4EShAIAxCeARiXaCAAKMuMgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEQgDEJ4BGICJAyAAKMuMgKAEiAHbtKnRCZABAJgBAA/0/0/30885/1,2/0/12/eagleid%3A2ff62c9c16795105938328278e%40x-aliyun-server-ip%3A47.246.44.228%40via%3Acache14.l2de2%5B0%2C0%2C200-0%2CH%5D%2C%20cache3.l2de2%5B2%2C0%5D%2C%20cache8.se1%5B0%2C0%2C304-0%2CH%5D%2C%20cache8.se1%5B2%2C0%5D/0/4854/0/0/0/3/556/557/568/593/593/605/605/605/711
IP
ASN #63911 NetActuate, Inc
Hash 611d367c84d0637418b708416c28fdd6
cbe9a803e1b44d4c50b3c570afe8c5feb8dae2a0
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4
GET /f1/_CgJqMRAUGHsiBQgBENNZKKWm8bsIMMSY7aAGOL6Y7aAGQKK99s4EShAIAxCeARiXaCAAKMuMgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEQgDEJ4BGICJAyAAKMuMgKAEiAHbtKnRCZABAJgBAA/0/0/30885/1,2/0/12/eagleid%3A2ff62c9c16795105938328278e%40x-aliyun-server-ip%3A47.246.44.228%40via%3Acache14.l2de2%5B0%2C0%2C200-0%2CH%5D%2C%20cache3.l2de2%5B2%2C0%5D%2C%20cache8.se1%5B0%2C0%2C304-0%2CH%5D%2C%20cache8.se1%5B2%2C0%5D/0/4854/0/0/0/3/556/557/568/593/593/605/605/605/711 HTTP/1.1
Host: rpt.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ddcgroup.pl
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Server: nginx/1.10.3
Date: Wed, 22 Mar 2023 18:43:13 GMT
Content-Type: text/plain
Content-Length: 16
Connection: keep-alive
Keep-Alive: timeout=1
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
rpt.cedexis.com/f1/_CgJqMRAUGHsiBQgBENNZKKWm8bsIMMSY7aAGOL6Y7aAGQKK99s4EShAIAxCeARiXaCAAKMuMgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEQgDEJ4BGICJAyAAKMuMgKAEiAHbtKnRCZABAJgBAA/0/0/30885/0,2/0/10/eagleid%3A2ff62c9c16795105938328278e%40x-aliyun-server-ip%3A47.246.44.228%40via%3Acache14.l2de2%5B0%2C0%2C200-0%2CH%5D%2C%20cache3.l2de2%5B2%2C0%5D%2C%20cache8.se1%5B0%2C0%2C304-0%2CH%5D%2C%20cache8.se1%5B2%2C0%5D/0/5535/0/0/0/0/0/0/0/0/4/14/14/14/711
200 Ok 16 B URL HTTP/1.1 rpt.cedexis.com/f1/_CgJqMRAUGHsiBQgBENNZKKWm8bsIMMSY7aAGOL6Y7aAGQKK99s4EShAIAxCeARiXaCAAKMuMgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEQgDEJ4BGICJAyAAKMuMgKAEiAHbtKnRCZABAJgBAA/0/0/30885/0,2/0/10/eagleid%3A2ff62c9c16795105938328278e%40x-aliyun-server-ip%3A47.246.44.228%40via%3Acache14.l2de2%5B0%2C0%2C200-0%2CH%5D%2C%20cache3.l2de2%5B2%2C0%5D%2C%20cache8.se1%5B0%2C0%2C304-0%2CH%5D%2C%20cache8.se1%5B2%2C0%5D/0/5535/0/0/0/0/0/0/0/0/4/14/14/14/711
IP
ASN #63911 NetActuate, Inc
Hash 611d367c84d0637418b708416c28fdd6
cbe9a803e1b44d4c50b3c570afe8c5feb8dae2a0
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4
GET /f1/_CgJqMRAUGHsiBQgBENNZKKWm8bsIMMSY7aAGOL6Y7aAGQKK99s4EShAIAxCeARiXaCAAKMuMgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEQgDEJ4BGICJAyAAKMuMgKAEiAHbtKnRCZABAJgBAA/0/0/30885/0,2/0/10/eagleid%3A2ff62c9c16795105938328278e%40x-aliyun-server-ip%3A47.246.44.228%40via%3Acache14.l2de2%5B0%2C0%2C200-0%2CH%5D%2C%20cache3.l2de2%5B2%2C0%5D%2C%20cache8.se1%5B0%2C0%2C304-0%2CH%5D%2C%20cache8.se1%5B2%2C0%5D/0/5535/0/0/0/0/0/0/0/0/4/14/14/14/711 HTTP/1.1
Host: rpt.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ddcgroup.pl
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Server: nginx/1.10.3
Date: Wed, 22 Mar 2023 18:43:14 GMT
Content-Type: text/plain
Content-Length: 16
Connection: keep-alive
Keep-Alive: timeout=1
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
ddcgroup.pl/wp-content/uploads/sklepzreklamami.png
200 OK 4.5 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/sklepzreklamami.png
IP
ASN #203417 LH.pl Sp. z o.o.
File type PNG image data, 518 x 105, 8-bit colormap, non-interlaced\012- data
Hash f07f6d5e9c35fe219e15e08fd6dfd779
71ab34c6d291dd8ade1fb53dbf298db5f94a98e2
565f609157b7406eabbb35f81fb3f3d607ef459329fa4de6b409f73b69d31ba3
GET /wp-content/uploads/sklepzreklamami.png HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Cookie: _fbp=fb.1.1679510597047.176820545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/2 200 OK
last-modified: Thu, 09 Jan 2020 22:22:10 GMT
etag: "11aa-59bbc70b4c754"
accept-ranges: bytes
content-length: 4522
content-type: image/png
date: Wed, 22 Mar 2023 18:43:16 GMT
server: Apache/2
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/uploads/2017/03/Wystawa_plenerowa-800x445.jpg
200 OK 72 kB URL HTTP/2 ddcgroup.pl/wp-content/uploads/2017/03/Wystawa_plenerowa-800x445.jpg
IP
ASN #203417 LH.pl Sp. z o.o.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 800x445, components 3\012- data
Hash 87ce9a63134f3688ad61598823e4d702
ae2b83078054413522fea7752429425042800e84
d49988e337b4123fc8bfa8067215ea5855cb8923ea0fe1bf52e4a1e5f02c8d63
GET /wp-content/uploads/2017/03/Wystawa_plenerowa-800x445.jpg HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Cookie: _fbp=fb.1.1679510597047.176820545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 13 Jul 2017 10:18:59 GMT
etag: "11b61-5543042c62ac0"
accept-ranges: bytes
content-length: 72545
content-type: image/jpeg
date: Wed, 22 Mar 2023 18:43:16 GMT
server: Apache/2
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=5.3.14
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=5.3.14
IP
GET /css?family=Open+Sans%3A400%2C600&ver=5.3.14 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 22 Mar 2023 18:43:10 GMT
date: Wed, 22 Mar 2023 18:43:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ddcgroup.pl/wp-content/plugins/lazy-loading-responsive-images/js/lazysizes.min.js?ver=5.3.14
200 OK 0 B URL HTTP/2 ddcgroup.pl/wp-content/plugins/lazy-loading-responsive-images/js/lazysizes.min.js?ver=5.3.14
IP
ASN #203417 LH.pl Sp. z o.o.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/lazy-loading-responsive-images/js/lazysizes.min.js?ver=5.3.14 HTTP/1.1
Host: ddcgroup.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Jan 2020 12:07:56 GMT
etag: "1b95-59bb3dc016641-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3308
content-type: application/javascript
date: Wed, 22 Mar 2023 18:43:10 GMT
server: Apache/2
X-Firefox-Spdy: h2
netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css?ver=4.1.0
200 OK 0 B URL HTTP/2 netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css?ver=4.1.0
IP
GET /font-awesome/4.1.0/css/font-awesome.min.css?ver=4.1.0 HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ddcgroup.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 18:43:10 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 11/16/2021 10:00:11
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a563b98873b1faa8f4aeef50e1bd6f13
cdn-cache: HIT
cf-cache-status: HIT
age: 24950854
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7ac09423cf9fb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
94.154.117.247
142.250.74.35
104.225.98.129
23.33.119.27
157.240.200.14
188.114.98.234
47.246.44.228
0.0.0.0